Wow, this is so friggin' cool! This is going to heavily influence my future motherboard purchase decisions.

I am very happy with my MSI Z690-A with Dasharo. I have boards that use Libreboot; u-Boot as well as Dasharo and Dasharo is hands down the most user friendly. Also shout out to Stanisław who gave me awesome customer service when I had questions.

I'd love to have one that supports ECC memory, and has an Intel iGPU for transcoding.

I have been suggesting to port a W680 board as there are interesing targets available and should be able to reuse the work done on Alder Lake for the MSI, but doing that would require a sponsor or crowdfunding a 5 digit number to start over with hardware adquisition and labour to maintain a separate port. Replacing propietary BMC Firmware/OS with OpenBMC may also be possible if BMC is ASpeed AST2500/AST2600 based.

I have Gigabyte z690m motherboard so I won't be able to run it but I wanted to say - great effort and very good job.
I like the fact that each release is supposed to be validated with test results attached. Really professional.

PineBeast would be very hard, but you can try looking at those components using the UEFITool. On the other side, why extract anything? coreboot has a submodule with Intel FSP binaries, which are used automatically while building.

It's not that easy unless, by your compiler/linker, you mean one from coreboot code. coreboot toolchain reproducibility is an extensive topic that we have discussed many times during DUG and vPub meetings. We even started to write something about issues, but this didn't materialize into anything. We know about the effort of compiling the coreboot toolchain under Nix, which brings some hope. You should explore those areas before you face very weird compilation errors using a not patched toolchain.

We love your attitude. It is very close to our hearts since our vision is to deliver a product that can improve the trustworthiness of every computing device. It could be realized through a software bill of materials, which can be used to fetch all components and rebuild everything automatically, then a fully transparent and trustworthy software stack with transparency logs a la rekor could be used to attest what we build and what we are running.

No, because of the many issues explained above.

Yes, we will support you, but there is no guarantee of success. A platform for support is explained in terms of service, and it is an invite-only channel on Matrix.

Of course, we have a lot of enthusiasm for the above approach, but after 15 years of my personal experience with the firmware, I can say that delivering such a level of proof for BIOS/firmware/open-source firmware ecosystem requires a lot of patience, time, and if not that, at least a pile of money to pay someone who can resolve all the issues. Also, such a level of assurance means protection of particular value. Otherwise, there is a problem with the threat model. All stuff around Executive Order 14028 and at least part of the money that follows that legislation are essentially after fixing what you will face here.

DanaG not only you zir_blazer yell at us all the time, he even selected target ASUS Pro WS W680-ACE IPMI. Project just need funding.

Of course the ideal would be to compile those myself also, but since that isn't possible, I figure the best I can do is at least verify they match between MSI and coreboot.

As long as I can compile the coreboot toolchain myself, that'd be fine.

Unfortunately, while Nix/Guix try hard to be reproducible, I think they in practice work in the opposite direction: instead of just needing equivalent build tools and instructions, now you need to have bit-for-bit identical build tools/instructions that hash to the same thing too - which just makes it all harder (it has a bootstrapping problem of its own; you can't workaround issues that come up later; etc)

pietrushnic Any chance for supporting any of the now-announced TRX50 motherboards for Threadripper 7000 series? As far as funding, well I'm just an end-user, but could donate a few $100s for what little that's worth.

sharpjs , sorry for the late reply, but we would need at least a couple hundred donations like yours to try something. Meanwhile, we discussed how to approach AMD, and during recent DUG#4, we made some decisions with hanetzer, so hopefully, during 2024, we will make some progress. Feel free to contribute through our OpenCollective, but please note we can't make any promise at this point: https://opencollective.com/3mdeb_com