Announcement

Collapse
No announcement yet.

Yabits: A New UEFI Coreboot Payload Alternative To TianoCore & Closed-Source Blobs

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Yabits: A New UEFI Coreboot Payload Alternative To TianoCore & Closed-Source Blobs

    Phoronix: Yabits: A New UEFI Coreboot Payload Alternative To TianoCore & Closed-Source Blobs

    Yabits was announced last month at the OSFC 2018 conference in Erlangen, Germany. Yabits is a lighter-weight alternative to the open-source TianoCore UEFI implementation and other commonly used proprietary UEFI implementations by motherboard vendors...

    http://www.phoronix.com/scan.php?pag...s-UEFI-Payload

  • #2
    Yabits, like Tianocore, is pointless. SeaBIOS - the default coreboot payload - is good enough, and also its' better than UEFI regarding the security (thanks to UEFI extensible nature its' relatively easy to extend it with a malicious module)

    Comment


    • #3
      But the issue is it is still an UEFI implementation. Better use LinuxBoot directly.

      Comment


      • #4
        Originally posted by R41N3R View Post
        But the issue is it is still an UEFI implementation. Better use LinuxBoot directly.
        And reflash your BIOS every time there's important Linux kernel update? Not only that wastes time, also it's wearing out the SPI flash. Why not use SeaBIOS to boot to your favorite Linux?

        Comment


        • #5
          Awesome, I like KISS, Keep It Stupid Simple!

          Comment


          • #6
            Originally posted by rene View Post
            Keep It Stupid Simple!
            That would be not using UEFI in the first place.

            Comment


            • #7
              Originally posted by chithanh View Post
              That would be not using UEFI in the first place.
              yep, and neither ACPI. But if you got to use it one can also at least make it more simple, ..! ;-)

              Comment


              • #8
                Originally posted by michaelb1 View Post
                Yabits, like Tianocore, is pointless. SeaBIOS - the default coreboot payload - is good enough, and also its' better than UEFI regarding the security (thanks to UEFI extensible nature its' relatively easy to extend it with a malicious module)
                But with SeaBIOS can you boot from eMMC, NVM Express? Can you boot M.2 devices?
                Does it support TPM 2.0?
                Network booting over TLS?
                Trusted chains? Signed boot loader? Signed kernel? Verified boot? Trusted boot?

                Comment


                • #9
                  Originally posted by michaelb1 View Post
                  And reflash your BIOS every time there's important Linux kernel update?
                  The kernel in the bios won't be affected by most vulns as most features will be disabled, and it is just doing a bootloader job.

                  Why not use SeaBIOS to boot to your favorite Linux?
                  Because Coreboot can't be ported on modern boards if you don't pay a ton of cash and sign an NDA, for starters.

                  Comment


                  • #10
                    This is currently able to boot 32-bit x86 UEFI images (unverified, 32-bit OSes that have UEFI on install media are magical unicorns and very difficult to find). The big problem with BIOS boot is the MBR that is embedded in the boot sector, and the fact that the boot sector has to be 512 bytes. This limits the allowable disk size to 2TiB. Meaning that if you get a 3TB disk, you can't BIOS boot it without doing some nasty fake protective MBR stuff, then using whatever actual partitioning scheme you want to use.

                    On the ARM side of things, while it's not supported yet with this, the u-boot scene is out of control, with each standard becoming its own thing, maybe this can restore some sanity. Also, ARM64 tends to be UEFI boot media, so if this can simplify that for boards like RPi3 (currently shimming TianoCore) I'm all for that too.

                    Comment

                    Working...
                    X