Announcement

Collapse
No announcement yet.

Mark Shuttleworth Calls For An End To ACPI

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • #16
    Utopia - To A Certain Extent

    Originally posted by entropy View Post
    I agree, but let's face it - Utopia.

    Please, correct me if I'm wrong.

    Many hardware suppliers use closed firmware to diversify their products, based on the same chipset.
    They even tell you that this is one crucial pillar of the business.
    It's not hard to see that they simply won't change this - unfortunately.
    I agree with the "utopia" reference to a certain extent, but that isn't everything.

    I think the manufacturers that deploy products that use ACPI have to share the bulk of the blame for the insecurity issues. Very few ACPI implementations that I have seen do not kick out errors in "dmesg" during the boot of even very very recent kernels (=> 3.12). I have seen cases where ACPI instructions point to non-existent portions of code, where ACPI instructions point to variables outside the range, etc. Basically the manufacturers are sloppy; it's the "gee wiz it compiles and boots up so ship it out before XYZ gets their feature out there" mentality.

    Please notice that I haven't poked at low paid programmers. Low pay does not always equate to poor quality; poor quality control equates to poor quality code.

    And for those curious about ACPI code, try out the "iasl" disassembler on Linux. Copy over the ACPI tables as found in "/sys/firmware/acpi/tables" to a safe "working" directory, then start disassembling them using "iasl". Granted the output of most of those tables is virtually incomprehensible to another other than an ACPI programmer with a well documented ACPI programming reference guide, but you can look at the resulting code.
    Last edited by NotMine999; 03-17-2014, 03:20 PM.

    Comment


    • #17
      Originally posted by chithanh View Post
      @GraysonPeddie
      Maybe you want to read the article again. I think that is the part where Mark Shuttleworth calls for an end to ACPI (italics in original):
      Arguing for ACPI on your next-generation device is arguing for a trojan horse of monumental proportions to be installed in your living room and in your data centre. Iíve been to Troy, there is not much left.
      On the topic, I think Mark Shuttleworth is completely right. I would go even further and say that UEFI (a horribly complex specification, whose implementations clock in at dozens of MB of code) should be placed right next to ACPI on the list of things to be abolished.
      UEFI is a useless but glamous GUI interface to the system BIOS for the "point & click" crowd.

      For the "point & click" crowd: Geez people. Try using a keyboard...quick, easy, works every time unless you have one with billions of added buttons for doing who knows what.

      Comment


      • #18
        Originally posted by GraysonPeddie View Post
        I want proof or I can include a video card which also contains executable firmware that needs to be banned as well. How do you know Mark is right? How do you know that?
        Yes, that needs to be banned as well. I highly recommend Peter Stuge's (of CoreBoot fame) talk at 30C3 "Hardening hardware and choosing a #goodBIOS". An IOMMU can mitigate the threat from malicious PCI devices in theory, but not always in practice.

        Comment


        • #19
          Why does he say this now? 2014? Not in 2004 when Ubuntu began. Not in 2008 when he had four years to think about it. What changed?

          Comment


          • #20
            What about an open firmware?

            Comment


            • #21
              Unless someone makes a linux pc (ie something like apple for linux to get what i mean) none of the big MFGs will give a fuck about what Mark, Alan or any other linux user thinks about ACPI.

              Comment


              • #22
                Originally posted by 89c51 View Post
                Unless someone makes a linux pc (ie something like apple for linux to get what i mean) none of the big MFGs will give a fuck about what Mark, Alan or any other linux user thinks about ACPI.
                Chromebook?

                Comment


                • #23
                  Originally posted by 89c51 View Post
                  Unless someone makes a linux pc (ie something like apple for linux to get what i mean) none of the big MFGs will give a fuck about what Mark, Alan or any other linux user thinks about ACPI.
                  This ^ is exactly the problem

                  Comment


                  • #24
                    Originally posted by jeffgus View Post
                    Chromebook?
                    chromebooks are using coreboot,how does it compare with acpi,uefi?
                    Last edited by hooluupog; 03-17-2014, 09:44 PM.

                    Comment


                    • #25
                      Ironically, Mark made his millions in security.

                      So yeah, doubly so, why the long-arse wait to call out what most of us already knew?

                      Maybe has some investment somewhere that he wants to push and will be ACPI-free.

                      Comment


                      • #26
                        Originally posted by hooluupog View Post
                        chromebooks are using coreboot,how does it compare with acpi,uefi?
                        coreboot is just an open source bios.This bios is both acpi and uefi.

                        Comment


                        • #27
                          Originally posted by sireangelus View Post
                          coreboot is just an open source bios.This bios is both acpi and uefi.
                          BIOS is a type of firmware. Coreboot is not BIOS, and UEFI is not BIOS either. They are both different kinds of firmware. Coreboot can optionally provide ACPI, yes, and that's needed to run current hardware with power management. Coreboot can also chainload BIOS or UEFI for OSs that need those things (mostly Windows), but again that's optional.

                          Comment


                          • #28
                            How stuff works..

                            Oh, if only we had good articles which explain how stuff works (to non-idiots).

                            * http://en.wikipedia.org/wiki/Linux_startup_process
                            * http://en.wikipedia.org/wiki/Coreboot
                            * http://en.wikipedia.org/wiki/Das_U-Boot
                            * http://en.wikipedia.org/wiki/GNU_GRUB
                            * http://en.wikipedia.org/wiki/Bootloader

                            And oh, look, isn't that a funny screenshot:
                            http://commons.wikimedia.org/wiki/Fi...d_HTC_Pico.JPG

                            Sue, if only we also had some schemes, that visualize processes...

                            Comment


                            • #29
                              Originally posted by NotMine999 View Post
                              UEFI is a useless but glamous GUI interface to the system BIOS for the "point & click" crowd.
                              Originally posted by 89c51 View Post
                              Unless someone makes a linux pc (ie something like apple for linux to get what i mean) none of the big MFGs will give a fuck about what Mark, Alan or any other linux user thinks about ACPI.
                              There are actually PCs who are Linux-only and which do sell in the millions. One is the Chromebook which was already mentioned and uses Coreboot. Coreboot can directly load a Linux kernel as payload, no need for BIOS or UEFI. However, some kind of VGA BIOS may be needed under certain circumstances still.

                              The other is the OLPC XO series (x86 and ARM), which uses Open Firmware, and does power management without ACPI. The implementation in the OLPC is quite compact, and the IEEE 1275 Open Firmware specification is around 266 pages. Compare this to 1084 pages for Intel EFI 1.10, which has grown to 1437 pages for UEFI 2.0 (I don't know the current count for UEFI 2.4, but I believe it is above 2000 pages now).

                              So it should be clear to anybody who values small and easy to verify boot code that UEFI is totally contrary to this goal.
                              Last edited by chithanh; 03-18-2014, 07:55 AM.

                              Comment


                              • #30
                                Originally posted by chithanh View Post
                                So it should be clear to anybody who values small and easy to verify boot code that UEFI is totally contrary to this goal.
                                UEFI is quite complex, that's a given, but amount of documentation is hardly the best measure for software complexity in the general case. Then again, without reading either spec, I wonder if Open Firmware wouldn't need to be just a bit more complex to cover the whole scope of UEFI. Not that all the functionality UEFI provides is necessary or even desirable from a user's standpoint.

                                Comment

                                Working...
                                X