Announcement

Collapse
No announcement yet.

Coreboot 4.11 Brings Many Intel Improvements, New Support For Supermicro / Lenovo Boards

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Coreboot 4.11 Brings Many Intel Improvements, New Support For Supermicro / Lenovo Boards

    Phoronix: Coreboot 4.11 Brings Many Intel Improvements, New Support For Supermicro / Lenovo Boards

    Coreboot 4.11 was released today as the tagged autumn build of Coreboot that is used as an alternative to proprietary BIOS/firmware on motherboards...

    http://www.phoronix.com/scan.php?pag...-4.11-Released

  • #2
    Feels good to be free of CIA surveillance and data mining companies and having BIOS/UEFI-less Thinkpad booting straight to GRUB that sits embedded into the flash chip with btrfs goodies precompiled like booting off encrypted partition-less btrfs disk.

    Comment


    • #3
      I wonder whether this means I'll be able to flash Libreboot to my R60e down the line. It would make this laptop somewhat more useful, even though it's basically of no value due to crappy specs.

      Comment


      • #4
        Originally posted by hax0r View Post
        Feels good to be free of CIA surveillance and data mining companies and having BIOS/UEFI-less Thinkpad booting straight to GRUB that sits embedded into the flash chip with btrfs goodies precompiled like booting off encrypted partition-less btrfs disk.
        Think again. With the ME/PSP you still have that low level backdoor access, and the FSP for Intel (AGESA for AMD) is as good a place as any to put a key extraction routine.

        Don't like it? Don't use Intel or AMD systems. coreboot doesn't (and can't) give you the security level you listed above on any x86 platform post 2013 or so.

        Comment


        • #5
          On a related note, some relatively decent AMD motherboards/platforms are losing Coreboot support: https://review.coreboot.org/c/coreboot/+/36961

          This particularly affects the ASUS KGPE-D16 board (afaik the highest-performing AMD-based Coreboot-compatible motherboard, or maybe the only one without PSP?), and it's slightly lesser variant, the KCMA-D8 (I used this motherboard for some months with Coreboot).

          Comment


          • #6
            Indeed, what is up with that? As far as I know this is their top performing fully open board, and nothing on the horizon to come even close. Shouldn't it be a priority, if nothing else then at least from a PR perspective, to continue to support it?

            (Disclaimer: I may be biased as I am typing it on the KGPE-D16)

            Comment


            • #7
              Originally posted by madscientist159 View Post

              Think again. With the ME/PSP you still have that low level backdoor access, and the FSP for Intel (AGESA for AMD) is as good a place as any to put a key extraction routine.

              Don't like it? Don't use Intel or AMD systems. coreboot doesn't (and can't) give you the security level you listed above on any x86 platform post 2013 or so.
              Common knowledge indicates that the four greatest threats to your security and privacy are, from the VERY highest AND EGREGIOUSLY THE WORST, to the nowhere-near-as-bad-a-threat--

              1) Facebook;
              2) Google;
              3) Microsoft;
              4) NSA.

              1) All these VERY bad actors are delighted and ecstatic that some--no; make that a huge number of--people think that the CIA is the enemy...which, of course, totally diverts attention away from them.

              2) Seems as though the switch to RISC-V can't be made soon enough.

              3) Got some really sensitive, secret information to send? Try sending it in a plain envelope with a plain stamp. Drop it in the mail.
              You will absolutely know when the NSA and / or CIA starts steaming open envelopes sent via the USPS; you'll have plenty of warning.

              Comment


              • #8
                Originally posted by danmcgrew View Post
                2) Seems as though the switch to RISC-V can't be made soon enough.
                Why RISC-V? POWER is an open ISA with actual useable desktop / server class silicon on the market now. Or, if you really want that RISC-V performance experience, you can always load one of the POWER soft cores on an FPGA instead...

                Comment


                • #9
                  Originally posted by fl1pm View Post
                  Indeed, what is up with that? As far as I know this is their top performing fully open board, and nothing on the horizon to come even close.
                  We didn't decide to drop boards, we're dropping old code paths for which there is a better alternative, to improve code quality. That plan gave plenty of heads up. Nobody bothered to update a bunch of chipset drivers to work according to the new way and so they're becoming non-functional, creating a ripple effect: dropping the old stuff requires dropping the chipset that rely on it requires dropping the boards that are based on these chipsets.

                  Should we keep around two of everything (which makes development harder) to keep boards in the tree that apparently nobody wants to maintain?

                  The code is still out there in the 4.11 release, tag and branch. Bring it back to current standards and it's welcome on the master branch again.

                  Originally posted by fl1pm View Post
                  Shouldn't it be a priority, if nothing else then at least from a PR perspective, to continue to support it?
                  Maybe, but nobody stepped up to support it.
                  Last edited by pgeorgi; 11-21-2019, 05:50 PM.

                  Comment


                  • #10
                    Originally posted by Espionage724 View Post
                    On a related note, some relatively decent AMD motherboards/platforms are losing Coreboot support: https://review.coreboot.org/c/coreboot/+/36961

                    This particularly affects the ASUS KGPE-D16 board (afaik the highest-performing AMD-based Coreboot-compatible motherboard, or maybe the only one without PSP?), and it's slightly lesser variant, the KCMA-D8 (I used this motherboard for some months with Coreboot).
                    Actually almost all the coreboot-supported AMD motherboards don't have a PSP, with the exception of PC Engines APU2 and maybe a few expensive developer boards.

                    Comment

                    Working...
                    X