Sorry by platform I meant chipset. Very interesting that coding is seemingly less the obstacle than legal and logistical issues but I guess that makes sense in hindsight. Is there a reason modern Intel gets more coreboot attention than AMD? I would love to see an AM4 or AM5 board ported.

Currently testing with a 12600K with no dGPU. It can install Windows 11 with no issues (Secure Boot + fTPM).



The performance difference is rather simple to explain: Dasharo is using Intel specified power limits. PL1 and PL2 are 125W/150W, respectively. When using MSI stock Firmware, loading default options put it in Water Cooling mode (I don't know if with non-K like Phoronix 12400 it works the same way).

Boxed Cooler PL1 241W PL2 241W Current Limit 280A
Tower Air Cooler PL1 288W PL2 288W Current Limit 512A
Water Cooler PL1 4096W PL2 4096W Current Limit 512A

So by default, your Power Limiters are essencially unlimited. And even the lowest Boxed Cooler option would put it at 241W/241W - you would need to manually input 125W/150W to make the comparison fair. That is part of the set of tricks that is used to cheat in Motherboard performance differences, whereas Dasharo is plain, dull, stock.
TechPowerUp reviewed a 12900K with different Power Limiters and the difference between 125W/241W vs 241W/241W was around 8%, which would be around the performance deficit I see in the 12600K.

There are certain features which after confirming with 3mdeb I know that are or aren't enabled:

Resizeable Bar is theorically supported but not enabled because they don't have any compatible card in the lab to actually test it.
HPET is supposedly disabled by default, but I didn't checked this one myself.
There seems to be a featured called TME (Total Memory Encryption) that is partially enabled, but seems misconfigured. It is supposed to carry a performance penalty if actually using, and for comparison, it is disabled on MSI stock Firmware:

x86/tme: enabled by BIOS
x86/tme: Unknown policy is active: 0x2
x86/mktme: No known encryption algorithm is supported: 0x4
x86/mktme: enabled by BIOS
x86/mktme: 15 KeyIDs available

I tested DPC Latency on Dasharo with Latencymon but didn't compared it to stock Firmware. And it is rather hard to test consistently. On idle, it seems to hovers from 10-30 Microseconds.

There is something really off about certain POST/boot times. I used a USB Flash Drive made with Ventoy to have multiple ISOs on it, and there is a strange 10-15 seconds delay from loading Ventoy Boot Loader before getting Arch Linux or Ubuntu one. This is instant on MSI stock Firmware. Phoronix also reports a Systemd Total Boot Time (Test: Kernel) that is more than two times slower than MSI stock. That is literally THE only obscene bug I found, the other one is where the POST slowed down to a 5x slower crawl after a warm reset while booting W11 install ISO which I didn't tried to reproduce, but fixed after a power cycle.

Can somebody explain to me why it's seemingly so difficult to design and create a coreboot compatible motherboard? Out of all the PC motherboard vendors, not one ships a motherboard that comes with Coreboot out of the box. Not even in the enthusiast or enterprise segments. Why?

Honestly - this Dasharo is.. complicated. You are packaging open-source code into somewhere else - and not properly upstream the code back to upstream repos. This is fragmentation of the landscape, instead of supporting the project.

However it is nice to have it - I would wish you drop the whole Dasharo effort - or at least upstream it properly.

Honestly - this Dasharo is.. complicated.

You are packaging open-source code into somewhere else - and not properly upstream the code back to upstream repos.

This is fragmentation of the landscape, instead of supporting the project.

However it is nice to have it - I would wish you drop the whole Dasharo effort - or at least upstream it properly.

A couple of points here:
1. Dasharo is one of many distributions that include coreboot. coreboot itself basically just does lowlevel hardware initialization which alone is not enough to make a product to sell to customers. It's analogous to the Linux kernel being distributed as part of Fedora, Ubuntu, RHEL, SLES, etc. with varying levels of customization and support. System76, Purism, Starlabs, etc. do similar things where they package coreboot with other components which are tailored for their products and customers.

2. 3mdeb employees are quite active upstream, as you can see on the upstream review system (and git log if you're inclined to look): https://review.coreboot.org/q/author...edby:3mdeb.com

One feature that I would like to see implemented is TCG OPAL/TCG Enterprise pre-boot authentication. There are HDDs/SSDs that support hardware level encryption. For example Crucial MX300/MX500 SSDs support TCG OPAL. Implement a feature to configure groups of connected drives and then during system boot-up enter password to unlock a group of HDDs/SSDs.

First, someone needed to fund it. There hasn't really been an interest like that so far. Then people writing that firmware would need to get support from Intel/AMD so they are actually provided the necessary firmware.
pietrushnic said above said not many people could achieve that.
And third, there are a lot of legal problems doing that. So the only company that can do Coreboot needs to be experienced and have connections, and have enough funding to do all that.