Difference between revisions of "Binary situation"

From coreboot
Jump to: navigation, search
(Created page with "While we aim for a 100% free boot process, recent developments (and general unwillingness by some hardware companies to provide specifications) make it hard to achieve. = Int...")
 
Line 3: Line 3:
 
= Intel =
 
= Intel =
 
On Intel based chipsets (since Intel 5 Series) the following binary components persist:
 
On Intel based chipsets (since Intel 5 Series) the following binary components persist:
* Management Engine firmware: The management engine is a separate CPU that does various management tasks and needs its own firmware. This firmware exists in a 1.5MB and a 5MB version, where the latter provides the "Intel AMT" functions (ie. remote access, "anti-theft", ...). Probably signed with an Intel key. It's unlikely that this is ever replaced by something open source.
+
* Management Engine firmware: The management engine is a separate CPU that does various management tasks and needs its own firmware. This firmware exists in a 1.5MB and a 5MB version, where the latter provides the "Intel AMT" functions (ie. remote access, "anti-theft", ...). Probably signed with an Intel key. It's unlikely that this is ever replaced by something open source.
* VGABIOS: Runs on the CPU. Unless you can live with staying in the dark until Linux takes over, you'll need this. Luckily there's work in progress to replace it with open source code. Until then you can at least contain it by emulation (see YABEL).
+
* VGABIOS: Runs on the CPU. Unless you can live with staying in the dark until Linux takes over, you'll need this. Luckily there's work in progress to replace it with open source code. Until then you can at least contain it by emulation (see YABEL).
* CPU microcode: Intel provides this as redistributable binary, the format is partially reverse engineered, it's covered by a 2048b RSA signature. Unlikely that it can be replaced. Depending on the CPU (incl. its stepping) it might be possible to get by without it.
+
* CPU microcode: Intel provides this as redistributable binary, the format is partially reverse engineered, it's covered by a 2048b RSA signature. Unlikely that it can be replaced. Depending on the CPU (incl. its stepping) it might be possible to get by without it.
* Gigabit Ethernet Firmware: If your board uses the on-chipset GbE, it requires a small binary (8KB) with unknown content.
+
* Gigabit Ethernet Firmware: If your board uses the on-chipset GbE, it requires a small binary (8KB) with unknown content.
* Memory Reference Code: (Sandybridge and newer). This is code that runs on the CPU and initializes RAM. Can be reverse engineered with enough persistence, but not done so far.
+
* Memory Reference Code: (Sandybridge and newer). This is code that runs on the CPU and initializes RAM. Can be reverse engineered with enough persistence, but not done so far.
  
 
= recent AMD =
 
= recent AMD =
* IMC: An embedded controller of sorts in the southbridge. 8051-based, can probably be reimplemented (partially done, but unpublished)
+
* IMC: An embedded controller of sorts in the southbridge. 8051-based, can probably be reimplemented (partially done, but unpublished)
* XHCI: Some binary with unknown content (maybe just a dataset of trace lengths, maybe firmware). If not present, USB3 (and related USB ports) won't work.
+
* XHCI: Some binary with unknown content (maybe just a dataset of trace lengths, maybe firmware). If not present, USB3 (and related USB ports) won't work.
* NIC Firmware: If your board uses the on-chip broadcom NIC, you need this firmware. Few boards do (thanks to Broadcom seemingly having some "interesting" terms and conditions on its use)
+
* NIC Firmware: If your board uses the on-chip broadcom NIC, you need this firmware. Luckily few boards do (thanks to Broadcom seemingly having some "interesting" terms and conditions on its use)
* CPU microcode: AMD provides this as redistributable binary, the format is partially reverse engineered, it's covered by a 2048b RSA signature. Unlikely that it can be replaced. Depending on the CPU (incl. its stepping) it might be possible to get by without it.
+
* CPU microcode: AMD provides this as redistributable binary, the format is partially reverse engineered, it's covered by a 2048b RSA signature. Unlikely that it can be replaced. Depending on the CPU (incl. its stepping) it might be possible to get by without it.
* SMU: Another embedded controller, this time in the northbridge.
+
* SMU: Another embedded controller, this time in the northbridge.
  
 
In theory it might be possible to successfully boot an AMD board without all these binaries, with potentially reduced capabilities (no NIC, USB3, fan control)
 
In theory it might be possible to successfully boot an AMD board without all these binaries, with potentially reduced capabilities (no NIC, USB3, fan control)

Revision as of 16:06, 22 May 2013

While we aim for a 100% free boot process, recent developments (and general unwillingness by some hardware companies to provide specifications) make it hard to achieve.

Intel

On Intel based chipsets (since Intel 5 Series) the following binary components persist:

  • Management Engine firmware: The management engine is a separate CPU that does various management tasks and needs its own firmware. This firmware exists in a 1.5MB and a 5MB version, where the latter provides the "Intel AMT" functions (ie. remote access, "anti-theft", ...). Probably signed with an Intel key. It's unlikely that this is ever replaced by something open source.
  • VGABIOS: Runs on the CPU. Unless you can live with staying in the dark until Linux takes over, you'll need this. Luckily there's work in progress to replace it with open source code. Until then you can at least contain it by emulation (see YABEL).
  • CPU microcode: Intel provides this as redistributable binary, the format is partially reverse engineered, it's covered by a 2048b RSA signature. Unlikely that it can be replaced. Depending on the CPU (incl. its stepping) it might be possible to get by without it.
  • Gigabit Ethernet Firmware: If your board uses the on-chipset GbE, it requires a small binary (8KB) with unknown content.
  • Memory Reference Code: (Sandybridge and newer). This is code that runs on the CPU and initializes RAM. Can be reverse engineered with enough persistence, but not done so far.

recent AMD

  • IMC: An embedded controller of sorts in the southbridge. 8051-based, can probably be reimplemented (partially done, but unpublished)
  • XHCI: Some binary with unknown content (maybe just a dataset of trace lengths, maybe firmware). If not present, USB3 (and related USB ports) won't work.
  • NIC Firmware: If your board uses the on-chip broadcom NIC, you need this firmware. Luckily few boards do (thanks to Broadcom seemingly having some "interesting" terms and conditions on its use)
  • CPU microcode: AMD provides this as redistributable binary, the format is partially reverse engineered, it's covered by a 2048b RSA signature. Unlikely that it can be replaced. Depending on the CPU (incl. its stepping) it might be possible to get by without it.
  • SMU: Another embedded controller, this time in the northbridge.

In theory it might be possible to successfully boot an AMD board without all these binaries, with potentially reduced capabilities (no NIC, USB3, fan control)