Coreboot Explained
coreboot |
Logo Alt: | Graphic of a running hare in black and white above text "coreboot" in lowercase sans-serif font |
Logo Size: | 150px |
Author: | Ronald G. Minnich, Eric Biederman, Li-Ta (Ollie) Lo, Stefan Reinauer, and the coreboot community |
Latest Release Date: | [1] |
Programming Language: | Mostly C, about 1% in assembly and optionally SPARK |
Platform: | IA-32, x86-64, ARMv7,[2] ARMv8, MIPS, RISC-V, POWER8 |
Genre: | Firmware |
License: | GPLv2[3] |
coreboot, formerly known as LinuxBIOS,[4] is a software project aimed at replacing proprietary firmware (BIOS or UEFI) found in most computers with a lightweight firmware designed to perform only the minimum number of tasks necessary to load and run a modern 32-bit or 64-bit operating system.
Since coreboot initializes the bare hardware, it must be ported to every chipset and motherboard that it supports. As a result, coreboot is available only for a limited number of hardware platforms and motherboard models.
One of the coreboot variants is Libreboot, a software distribution partly free of proprietary blobs, aimed at end users.
History
The coreboot project began with the goal of creating a BIOS that would start fast and handle errors intelligently.[5] It is licensed under the terms of the GNU General Public License version 2 (GPLv2). Main contributors include LANL, SiS, AMD, Coresystems and Linux Networx, Inc, as well as motherboard vendors MSI, Gigabyte and Tyan, which offer coreboot alongside their standard BIOS or provide specifications of the hardware interfaces for some of their motherboards. Google partly sponsors the coreboot project.[6] CME Group, a cluster of futures exchanges, began supporting the coreboot project in 2009.[7]
Other than the first three models, all Chromebooks run coreboot.[8] Code from Das U-Boot has been assimilated to enable support for processors based on the ARM instruction set.[9]
In June 2019, coreboot began to use the NSA software Ghidra for its reverse engineering efforts on firmware-specific problems following the release of the suite as free and open source software.[10]
Supported platforms
CPU architectures supported by coreboot include IA-32, x86-64, ARM, ARM64, MIPS and RISC-V. Supported system-on-a-chip (SOC) platforms include AMD Geode, starting with the Geode GX processor developed for the OLPC. Artec Group added Geode LX support for its ThinCan model DBE61; that code was adopted by AMD and further improved for the OLPC after it was upgraded to the Geode LX platform, and is further developed by the coreboot community to support other Geode variants. coreboot can be flashed onto a Geode platform using Flashrom.
From that initial development on AMD Geode based platforms, coreboot support has been extended onto many AMD processors and chipsets. The processor list includes Family 0Fh and 10h (K8 core), and recently Family 14h (Bobcat core, Fusion APU). coreboot support also extends to AMD chipsets: RS690, RS7xx, SB600, and SB8xx.
In AMD Generic Encapsulated Software Architecture (AGESA)a bootstrap protocol by which system devices on AMD64 mainboards are initializedwas open sourced in early 2011, aiming to provide required functionality for coreboot system initialization on AMD64 hardware.[11] However, as of 2014 such releases never became the basis for future development by AMD, and were subsequently halted.[12]
Devices that could be preloaded with coreboot or one of its derivatives include:
- Lenovo/IBM:The Libreboot T400 and X200 (rebranded ThinkPad T400 and X200, respectively, available from Minifree, previously known as Gluglug).[13] [14]
- Artec Group: ThinCan models DBE61, DBE62 and DBE63, and fanless server/router hardware manufactured by PC Engines.[15]
Purism: Librem laptops come with coreboot.[16] [17]
Others
Some System76 PCs use coreboot TianoCore firmware, including open source Embedded Controller firmware.
Dasharo offers an alternative coreboot-based firmware distribution for computers from MSI, NovaCustom and Nitrokey, among others.[18] [19] [20]
StarLabs Systems use coreboot firmware, as an alternative.[21] Design
coreboot typically loads a Linux kernel, but it can load any other stand-alone ELF executable, such as iPXE, gPXE or Etherboot that can boot a Linux kernel over a network, or SeaBIOS[22] that can load a Linux kernel, Windows 2000 and later, and BSDs; Windows 2000/XP and OpenBSD support was previously provided by ADLO.[23] [24] coreboot can also load a kernel from any supported device, such as Myrinet, Quadrics, or SCI cluster interconnects. Booting other kernels directly is also possible, such as a Plan 9 kernel. Instead of loading a kernel directly, coreboot can pass control to a dedicated boot loader, such as a coreboot-capable version of GNU GRUB 2.
coreboot is written primarily in C, with a small amount of assembly code. Choosing C as the primary programming language enables easier code audits when compared to contemporary PC BIOS that was generally written in assembly,[25] which results in improved security. There is build and runtime support to write parts of coreboot in Ada[26] to further raise the security bar, but it is currently only sporadically used. The source code is released under the GNU GPL version 2 license.
coreboot performs the absolute minimal amount of hardware initialization and then passes control to the operating system. As a result, there is no coreboot code running once the operating system has taken control. A feature of coreboot is that the x86 version runs in 32-bit mode after executing only ten instructions[27] (almost all other x86 BIOSes run exclusively in 16-bit mode). This is similar to the modern UEFI firmware, which is used on newer PC hardware.
Initializing DRAM
The most difficult hardware that coreboot initializes is the DRAM controllers and DRAM. In some cases, technical documentation on this subject is NDA restricted or unavailable. RAM initialization is particularly difficult because before the RAM is initialized it cannot be used. Therefore, to initialize DRAM controllers and DRAM, the initialization code may have only the CPU's general purpose registers or Cache-as-RAM as temporary storage.
romcc, a C compiler that uses registers instead of RAM, eases the task. Using romcc, it is relatively easy to make SMBus accesses to the SPD ROMs of the DRAM DIMMs, that allows the RAM to be used.
With newer x86 processors, the processor cache can be used as RAM until DRAM is initialized. The processor cache has to be initialized into Cache-as-RAM[28] [29] mode as well, but this needs fewer instructions than initializing DRAM. Also, the Cache-as-RAM mode initialization is specific to CPU architectures, thus more generic than DRAM initialization, which is specific to each chipset and mainboard.
For most modern x86 platforms, closed source binary-only components provided by the vendor are used for DRAM setup. For Intel systems, FSP-M is required, while AMD has no current support. Binary AGESA is currently used for proprietary UEFI firmware on AMD systems, and this model is expected to carry over to any future AMD-related coreboot support.[30]
Developing and debugging coreboot
There are also CPU emulators that either replace the CPU or connect via a JTAG port, with the Sage SmartProbe[31] [32] being an example. Code can be built on, or downloaded to, BIOS emulators rather than flashing the BIOS device.
Payloads
coreboot can load a payload, which may be written using the helper library. Existing payloads include the following:
European Coreboot Conference
One physical meeting is the European Coreboot Conference which was organized in October 2017 and lasted for three days.
Conference history
Variants
coreboot has a number of variants from its original code base each with slightly different objectives:.
- Libreboot - A variant with a primary focus to remove some[35] binary blobs.
- osboot - A variant similar to Libreboot that scrapped its only some blobs policy to increase hardware support and stability.[36] As of November 2022 merged with libreboot.[37]
- MrChromebox has developed a modified version of coreboot for ChromeOS based devices.[38]
- GNU Boot - A variant with a primary focus to remove all binary blobs.[39]
- Canoeboot[40]
- Dasharo - A distribution based on coreboot developed by 3mdeb.[41] They aim to make it easy for manufacturers to ship products with coreboot.[42] [43]
- Skulls - A variant aimed at ease of installation.
- Heads - A variant aimed at physical security and usage of free software, recommended for use with QubesOS.[44]
See also
Further reading
Notes and References
- Web site: Releases . n.d. . coreboot.
- Web site: ARM . coreboot . 15 October 2013 . 1 February 2014.
- Web site: coreboot's licence. 1991. github.com. 2018-10-13.
- Web site: [LinuxBIOS] Welcome to coreboot. 12 January 2008.
- Anton Borisov: The Open Source BIOS is Ten. An interview with the coreboot developers . The H, 2009.
- Web site: Google Sponsors the LinuxBIOS project. 29 September 2023. 6 February 2012. https://web.archive.org/web/20120206205540/http://google-code-updates.blogspot.com/2006/11/google-sponsors-linuxbios-project.html. bot: unknown.
- Web site: CME Group Dives Into Coreboot and Other Linux Open Source Projects. Wall Street & Technology. 23 September 2015. https://web.archive.org/web/20100812092429/http://www.wallstreetandtech.com/it-infrastructure/showArticle.jhtml?articleID=217400294. 12 August 2010. dead.
- Web site: Chromebooks . coreboot . 16 January 2014 . 17 February 2014 . https://web.archive.org/web/20160508225442/https://www.coreboot.org/Chromebooks . 8 May 2016 . dead .
- Web site: GSoC2011(Week 1): Analysis of U-boot ARM boot code | coreboot developer blogs. 5 June 2011 . 12 April 2014.
- Web site: Coreboot nutzt NSA-Tool zum Reverse Engineering . 2023-05-04 . Golem.de.
- Web site: Technical details on AMD's coreboot source code release . . 28 February 2011 . https://web.archive.org/web/20140325040416/http://community.amd.com/community/amd-blogs/amd-business/blog/2011/02/28/technical-details-on-amd-s-coreboot-source-code-release . 25 March 2014 . 1 February 2016 . dead .
- Web site: AMD's binary-only AGESA libraries . Bruce . Griffith . 2014-11-05 . 2017-05-08 .
- Web site: Minifree . 25 September 2015 . 24 September 2015 . Ministry of Freedom - Products. https://web.archive.org/web/20150925120409/http://minifree.org/ .
- Web site: The Gluglug. fsf.org. 23 September 2015. https://web.archive.org/web/20150923124716/https://www.fsf.org/resources/hw/endorsement/gluglug. 23 September 2015. dead.
- Web site: pcengines/coreboot. . 16 September 2019.
- Web site: coreboot Firmware on Purism Librem devices . 19 June 2020.
- Web site: Purism Laptops To Use 'Heads' Firmware To Protect Against Rootkits, Tampering (Updated) . 27 February 2018 . 19 June 2020.
- Web site: New Dasharo v1.1 Firmware For The MSI Z690 Board - Phoronix . 22 November 2022 . 27 October 2023.
- Web site: NovaCustom-Dasharo October-2023 Firmware Update (ADL v1.7.0 & TGL v1.5.0) - NovaCustom. 19 September 2023 . 27 October 2023.
- Web site: The NitroPC Pro is Qubes-Certified! - Nitrokey . 24 September 2023 . 27 October 2023.
- https://fossbytes.com/starbook-mk-v-from-star-labs-review/ Starbook mk v review
- http://www.coreboot.org/SeaBIOS SeaBIOS
- Web site: coreboot Add-on Layer (ADLO). https://web.archive.org/web/20101125130605/http://www.coreboot.org/ADLO. dead. 25 November 2010.
- http://www.missl.cs.umd.edu/sebos_phase2.html SEBOS, Security Enhanced Bootloader for Operating Systems, Phase 2
- https://phoenixts.com/blog/uefi-vs-legacy-bios/ Comparison of UEFI and legacy BIOS
- https://review.coreboot.org/cgit/coreboot.git/commit/src/lib/gnat?id=e0ed9025cf7453212e5e5a845e34e0b7ecfa3eb9 commit
- Web site: coreboot v3 early startup code . 17 August 2008 . https://archive.today/20120710041412/http://lxr.linux.no/coreboot-v3+r777/arch/x86/geodelx/stage0.S . 10 July 2012 . dead .
- Web site: CAR: Using Cache as RAM in Linux BIOS . 15 January 2009 . 25 February 2014 . Yinghai Lu . Li-Ta Lo . Gregory R. Watson . Ronald G. Minnich . qmqm.pl . https://web.archive.org/web/20160303223305/http://rere.qmqm.pl/~mirq/cache_as_ram_lb_09142006.pdf . 3 March 2016 . dead .
- Web site: A Framework for Using Processor Cache as RAM (CAR).
- Web site: [coreboot] AMD's binary-only AGESA libraries]. Griffith. Bruce. 5 November 2014. 2019-09-08.
- Web site: Sage Electronic Engineering - SmartProbe JTAG debugger, Sage EDK, coreboot and Embedded Systems and Software Engineering. https://web.archive.org/web/20110315080000/http://www.se-eng.com/. usurped. 15 March 2011. www.se-eng.com.
- Web site: Sage SmartProbe FAQ . S.Datskovskiy . 30 April 2021.
- Web site: Depthcharge: The ChromeOS bootloader . 26 October 2015 . docs.google.com.
- Web site: Modify u-boot code to allow building coreboot payload. [chromiumos/third_party/u-boot-next : chromeos-v2011.03]. 24 July 2011.
- Web site: 2023-11-01 . Binary Blob Reduction Policy . 2023-11-01 . https://web.archive.org/web/20231101164256/https://libreboot.org/news/policy.html . 1 November 2023 .
- Web site: 2021-03-15 . osboot project . 2023-05-26 . https://web.archive.org/web/20210315131008/https://osboot.org/ . 15 March 2021 .
- Web site: 2022-12-19 . Libreboot – Osboot is now part of Libreboot . 2023-05-26 . https://web.archive.org/web/20221219054437/https://libreboot.org/news/merge.html . 19 December 2022 .
- Web site: 2022-04-17 . How to install ChromeOS Flex on a Chromebook . 2023-05-30 . Android Police . en.
- Web site: 2023-10-30 . GNU Boot Summary . 2023-10-30 . https://web.archive.org/web/20231030210812/https://savannah.gnu.org/projects/gnuboot/ . 30 October 2023 .
- Web site: 16 November 2023 . Canoeboot project . 16 November 2023 . https://web.archive.org/web/20231116233556/https://canoeboot.org/ . 16 November 2023 .
- Web site: 2024-01-29 . 3mdeb Sp. z o.o. — Embedded Firmware development consultancy . 2024-02-16 . https://web.archive.org/web/20240216093245/https://3mdeb.com . 2024-02-16 .
- Web site: 2023-10-22 . Dasharo • GitHub . 2024-02-16 . https://web.archive.org/web/20240216085150/https://github.com/Dasharo . 2024-02-16 .
- Web site: 2024-02-09 . About Dasharo - Dasharo Universe . 2024-02-16 . https://web.archive.org/web/20240216090043/https://docs.dasharo.com/ . 2024-02-16 .
- Web site: About Heads . 2024-05-29 . Heads . en-US.