I wish SeaBIOS documentation included a table comparing BIOS security features of all modern implementations, bare-metal and virtualized, to compare SeaBIOS's features with other BIOS implementations.
There is a Wikipedia article that compares SeaBIOS to other proprietary BIOS implementations. I don't have direct knowledge on the features of proprietary BIOS, so can't help with a direct comparison.
Thanks very much for this pointer, Kevin!
That table seems to be nearly the same as: https://en.wikipedia.org/wiki/BIOS#Vendors_and_products
Maybe there should be row showing SeaBIOS's TPMv1 and new TPMv2 features, with question marks next to the closed-source vendors, as well as mention in the Security section later on.
Maybe rows showing VMM usage of BIOS, where SeaBIOS has more coverage than closed-source options.
And the Alternatives section mentions coreboot, but no mention of SeaBIOS payload version.
The table shows that only SeaBIOS has on Password, the others do. Strange small security feature that SeaBIOS doesn't have.
And strange to see in table that only SeaBIOS has no Setup Screen, yet I seem to have noticed some TPM UI menu changes recent TPMv2 checkin.
And there's no columns for Intel's BIOS reference implementation, or qboot.
And back to my original query for a SeaBIOS security roadmap, I guess the Wikipedia SeaBIOS feature page is best for this, at least it mentions TPM. https://en.wikipedia.org/wiki/SeaBIOS
Thanks again.