Difference between revisions of "User:GNUtoo"

From coreboot
Jump to: navigation, search
(T60)
(Work in progress documentation)
 
(178 intermediate revisions by the same user not shown)
Line 1: Line 1:
== Hardware ==
+
== Contributions ==
 +
In the [https://review.coreboot.org/gitweb?p=coreboot.git;a=blob;f=Documentation/gerrit_guidelines.md;h=1833b0a8f0dc89001547c73457d113a4a56fbd31;hb=refs/heads/master#l31 gerrit guidelines] there the follwing line: "Don't modify other people's patches without their consent."
 +
I consent to the modification of my patches by anybody. I work on specific things because no one wants to do what I want to do. Else I'd be happy to pick the next task in my huge TODO list.
 +
 
 +
I've contributed to the following ports:
 +
* M4A785T-M: I've been the main person working on it.
 +
* Lenovo X60: I've been working on the native GPU init, and various other improvements.
 +
* Lenovo T60: I've been working on some improvements.
 +
* Alix 1.C: I've been working on some improvements.
 +
 
 +
Interests:
 +
* 100% Free computers(Laptops, Desktops, Home Servers, routers).
 +
* Security
 +
** Secure boot trough GRUB with full disk encryption (no /boot in clear)
 +
** Protect against DMA and other attacks that have access to the x86 cpu's RAM.
 +
* Making it possible for end user to be able to use coreboot/libreboot:
 +
** Making it easy or scalable to install coreboot/libreboot.
 +
** Making it usable.
 +
* Making less risky to reflash, permitting users without an external programmer to easily reflash, and developers to develop anywhere without a huge setup consisting of another computer and the coreboot computer beeing worked on. I'm also interested in getting the cbmem logs written to flash to make debugging easier when no other computer is available(for instance while the developer is traveling to a conference).
 +
 
 +
== Howtos ==
 +
=== make recent intel BIOS flash writable and/or extract its pieces ===
 +
Coreboot has an uttility in util/ifdtool for that.
 +
* power off the laptop totally (remove the power, the battery etc...)
 +
* connect an external programmer to the BIOS flash chip.
 +
* dump the chip content with flashrom and that external programmer.
 +
* run ifdtool on the extracted chip content
 +
* reflash the modified content
 +
=== AMD/ATI/Nvidia GPU with SeaBIOS without running the option rom ===
 +
The idea is to keep the option rom in memory while making SeaBIOS not run it.
 +
This has the effect of permitting linux(-libre) to initalize the GPU on all AMD/ATI and Nvidia GPU I tried it with. The downside is the lack of graphics before that. That means no graphics in GRUB.
 +
 
 +
==== Patch ====
 +
From 73aae33b7e70d15b595b3f127ffe98bd76f9a646 Mon Sep 17 00:00:00 2001
 +
From: Denis 'GNUtoo' Carikli <GNUtoo@no-log.org>
 +
Date: Sat, 7 Mar 2015 15:39:52 +0100
 +
Subject: [PATCH] Kconfig: Add option not to run option roms
 +
 +
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@no-log.org>
 +
---
 +
  src/Kconfig      | 8 ++++++++
 +
  src/optionroms.c | 2 ++
 +
  2 files changed, 10 insertions(+)
 +
 +
diff --git a/src/Kconfig b/src/Kconfig
 +
index 95bf087..1988f56 100644
 +
--- a/src/Kconfig
 +
+++ b/src/Kconfig
 +
@@ -403,6 +403,14 @@ menu "BIOS interfaces"
 +
          default y
 +
          help
 +
              Support Post Memory Manager (PMM) entry point.
 +
+    config OPTIONROMS_NORUN
 +
+        depends on OPTIONROMS
 +
+        bool "Put the option roms in memory, but don't run them"
 +
+        default n
 +
+        help
 +
+            Some GPU drivers are capable of initializing the display alone,
 +
+            but they still require some data from the option rom.
 +
+
 +
      config BOOT
 +
          bool "Boot interface"
 +
          default y
 +
diff --git a/src/optionroms.c b/src/optionroms.c
 +
index c81eff2..c7c89da 100644
 +
--- a/src/optionroms.c
 +
+++ b/src/optionroms.c
 +
@@ -53,7 +53,9 @@ __callrom(struct rom_header *rom, u16 offset, u16 bdf)
 +
  void
 +
  callrom(struct rom_header *rom, u16 bdf)
 +
  {
 +
+#if (!CONFIG_OPTIONROMS_NORUN)
 +
      __callrom(rom, OPTION_ROM_INITVECTOR, bdf);
 +
+#endif
 +
  }
 +
 
 +
  // Execute a BCV option rom registered via add_bcv().
 +
--
 +
2.6.4
 +
 
 +
= X60/I945 native GPU init History =
 +
The Lenovo X60 GPU init has been merged a long time ago.
 +
Since then it has been rewriten/improved a lot by other people (See git log for more details).
 +
Thanks to all that work it's now a proper driver.
 +
 
 +
So I've moved the X60 GPU init information in [[/X60_GPU_init|a subpage]]
 +
 
 +
== Personal oppinions ==
 +
=== Microcode ===
 +
* The CPU microcodes are under a non-free license that is incompatible with coreboot's license.
 +
* They are now moved away in a separate repository.
 +
 
 +
Some people say that the microcode is the equivalent of having a more recent CPU, as a justification for using it.
 +
 
 +
However since Intel microcodes are encrypted and signed, so we cannot know what they really do.
 +
* People usually trust what the CPU vendor say about it, such as that it fixes some bugs(erratas for such bugs are published), but we don't know much more.
 +
* Speculating about what they really do or cannot do won't help much since we usually cannot verify that information.
 +
 
 +
My goal is to have a 100% free computer, and also to spread that code, so that other people can have a 100% free computer too.
 +
According to the FSF, and the FSF criteria for differentiating software from hardware, that microcode is software.
 +
So since they consider it as non-free, a coreboot image containing that microcode would not be considered free by the FSF.
 +
 
 +
On my Lenovo x60, the microcode was easy to remove, and it worked fine, beside printing a scary kernel message pointing to an Intel errata.
 +
 
 +
What the errata says is that, when resuming from suspend to ram, the temperatures reading will not be updated, and the temperature overheat will not be reported. The hardware issues you may encounter will depend on your specific CPU, not the model, but instead the date at which it was manufactured.
 +
(To know if you are affected, under GNU/Linux, you can run the "dmesg" command and  look for "coretemp: Errata AE18 not fixed, update BIOS or microcode of the CPU!" in its output. If you found it, you are affected)
 +
 
 +
Removing the microcode make it possible to have the gluglug (now minifree) Lenovo Thinkpad X60 ceritified "Respects your freedom" By the FSF.
 +
 
 +
So instead of debating trough huge flames about the fact that we should use, or not use the microcode, it was more effective to remove it and get the laptop certified.
 +
 
 +
The benefit of that is the publicity around the fact that this laptop can be made to run 100% free software. This makes users aware of it and willing to switch to it.
 +
 
 +
=== Yabel ===
 +
Yabel is great for tracing what the GPU does.
 +
 
 +
But the GPUs in the Lenovo x60 and t60 have a bar that gives access to the whole memory:
 +
Region 1: I/O ports at 50a0 [size=8]
 +
 
 +
So using Yabel to prevent the VGA option rom from doing nasty tricks is probably not safe enough.
 +
 
 +
I was told that many other GPU also have that issue.
 +
 
 +
The way to fix that is to get rid of the proprietary VGA option rom. On some boards it's possible and coreboot has a replacement for it. On some other boards, the kernel can initialize the GPU with or without tricks.
 +
 
 +
= For coreboot developers =
 +
This section is mainly usefull for finding informations for:
 +
* Asking me to test some code (that's why I listed all my hardware).
 +
* Find my work in progress code.
 +
* Find legacy code.
 +
* Find what I'm interested in working on:
 +
**  If you want to work on the same thing than me, you could contact me if you want so:
 +
*** I could help if I have time.
 +
*** I could test if I have time.
 +
*** I may have some pointers.
 +
* HOWTO that documents how to do a native VGA init for the Lenovo x60:
 +
** It probably applies to the Lenovo t60 that have an Intel GPU, with no or very minor modifications.
 +
 
 +
== My hardware ==
 
=== Mainboard/Devices running coreboot ===
 
=== Mainboard/Devices running coreboot ===
 
{| class="wikitable"  border="1"
 
{| class="wikitable"  border="1"
Line 5: Line 143:
 
! Serial/output
 
! Serial/output
 
! flash recovery mecanism
 
! flash recovery mecanism
 +
! What I worked on
 +
|-
 +
| Asrock E350M1
 +
|
 +
* cbmem -c
 +
* Serial
 +
| rowspan="3" |
 +
* External programmer
 +
* Swapping the flash chip
 +
|
 +
|-
 +
| Asus F2A85-M PRO
 +
|
 +
* cbmem -c
 +
| rowspan="2" |
 +
* I've been the main porter.
 +
* Usability improvements
 
|-
 
|-
| M4A785T-M
+
| Asus M4A785T-M
 
|
 
|
 +
* cbmem -c
 
* Serial
 
* Serial
| External programmer
 
 
|-
 
|-
 
| Lenovo X60
 
| Lenovo X60
|  
+
| rowspan="3" |
 +
* cbmem -c
 
* Serial on the dock
 
* Serial on the dock
 +
* spkmodem
 
* USB debug
 
* USB debug
* spkmodem
+
| rowspan="4" |
| External programmer with pomona clip
+
* External programmer with pomona clip
 +
| rowspan="2" |
 +
* Native GPU init
 +
* Usability improvements.
 +
|-
 +
| Lenovo X60T
 
|-
 
|-
 
| Lenovo T60
 
| Lenovo T60
 
|
 
|
* USB debug
+
* Usability improvements.
* spkmodem(untried but should work)
+
|-
| External programmer with pomona clip(untried but should work)
+
| Lenovo X200
 +
|
 +
* cbmem -c
 +
|
 
|-
 
|-
| Alix 1.C
+
| <s>PC Engines Alix 1.C</s>
 
|
 
|
 
* Serial
 
* Serial
| Hot swap with the LPC dongle
+
|  
 +
* <s>Hot swap with the LPC dongle</s> Bricked by flashing the same non-bootable image on the internal flash and on the LPC dongle.
 +
|
 +
* Usability improvements.
 
|-
 
|-
 
|}
 
|}
  
=== Mainboard/Devices not running coreboot yet ===
+
=== Mainboard/Devices not running coreboot (yet?) ===
* HP nc6320
+
If you need to have some tests done on the default boot firwmare, you should ask me as it is fast to do if I've the laptop nearby.
* Asus N71JQ
+
 
 +
{| class="wikitable"  border="1"
 +
! Device/Mainboard
 +
! Reason
 +
|-
 +
| Lenovo Thinkpad X200T
 +
| I need to find a way to be able to easily, robustly, and safely reflash it:
 +
* If a SOIC8 SPI chips is soldered instead of the WSON8 one, the solder past must not affect the stability of the SOIC8 clip. That is probably the most adapted way for me.
 +
* Wires aren't ideal if they break easily.
 +
* Internal flashing can't be trusted for freedom/privacy/security: The hardware probably permits boot firmwares to  very easily mess up with the flash content while it's being read or written: The hardware can probably be programmed to emmit SMM interrupts when the flash chip is accessed, and once in SMM, modify the data. This is the case on i945 thinkpads, however I didn't check the X200T datasheet yet, hence the "probably".
 +
|-
 +
|}
  
 
=== Debugging tools ===
 
=== Debugging tools ===
Line 46: Line 225:
 
** a bug20 (omap3530)
 
** a bug20 (omap3530)
 
** a GTA04 A3 (DM370)
 
** a GTA04 A3 (DM370)
 
== Interesting git trees ==
 
* http://www.gitorious.org/gnutoo-for-coreboot/coreboot/commits/production-x60+v2 : The code that I use on my X60, it contains(on top of master) :
 
** Native graphics init.
 
** thinkpad_acpi support.
 
  
 
==  My TODO list ==
 
==  My TODO list ==
 
See also TODO of the respectives machines on their dedicated wiki page.
 
See also TODO of the respectives machines on their dedicated wiki page.
=== All machines ===
+
* Merge or abandon my old patches.
* Add a working and easily usable normal/fallback selection.
+
* I945, GM45, GS45 thinkpads: Have all hardware features working (feature parity with the default boot firmware):
 +
** IRDA
 +
** TPM
 +
** Testing: write tests for
 +
*** suspend/resume
 +
*** power consumption
 +
*** heat
 +
* GM45: Merge ich9gen functionality in ifdtool or ifdfake
 +
* GM45: Investigate internal flashing (Look if BIOS->Modded BIOS->Coreboot works and understand why)
 +
* I945: SeaBIOS: allow booting on SD cards.
 
* Port a logging mecanism from chromebooks to all devices in order to be able to retrive the log of the failed boot at the next reboot.
 
* Port a logging mecanism from chromebooks to all devices in order to be able to retrive the log of the failed boot at the next reboot.
 +
* Document flash protections and vboot.
 +
* Verify if all the microcodes were moved away from coreboot git.
 +
* (Alix 1.C: port the VSA to fasm)
 +
* (GDB improvements: allow gdb earlier than ramstage)
 +
* I945: Write a freedom/privacy/security review
 +
* GM45: Write a freedom/privacy/security review
 +
* More recent Intel with me_cleaner: Write a freedom/privacy/security review
  
=== T60 ===
+
= Work in progress documentation =
* <s>Find out why the machine hang when the power supply is removed(only does it when the linux kernel is started)</s> Fixed by ./nvramtool -w first_battery=Primary
+
* [[/Blobs-rewrite]]
* Add cmos.default(require disassembling the laptop for testing)
 
* Add native graphics init(require waiting that Peter stuge push his part for review)
 
 
 
=== X60 ===
 
* Improve native graphics init(require waiting that Peter stuge push his part for review) (see the dedicated X60 page for details)
 
* Improve the patch for SerialIce in order to get it merged.
 
 
 
=== Alix 1.C ===
 
* Add cbmem -c support
 
 
 
=== Asus N71JQ ===
 
* Find the USB debug port
 
* Find how to extract the BIOS pieces from the BIOS region
 
 
 
== scripts to help getting rid of the vbios of the x60 ==
 
=== Script 1: generate the io access for the coreboot driver ===
 
* follow "Case study: new laptop (not complete, sorry)" in https://docs.google.com/document/d/1g8FMob25VZYxbWri2iFB8YiSL8gwF9vKJH3HGxr0xQU/edit?pli=1
 
* pacman -S plan9port
 
* cp /opt/plan9/bin/ssam ./
 
* replace the following line in ./ssam:
 
#!/usr/local/plan9/bin/rc
 
by the following line:
 
#!/opt/plan9/bin/rc
 
* create the ssamfix file with:
 
  ,s/\[ *[0-9]+\..[0-9]+\]//g
 
  ,s/^ *//g
 
y/^[RWU]/s/^/M /g
 
  ,s/\nU/ ;;;UDELAY/g
 
  ,|uniq -c
 
  ,s/^ *//g
 
  ,s/(^[0-9]+) ([MRW])/\2 \1/g
 
  ,s/"/\\"/g
 
  ,s/^M ([0-9]+) *(\[.*)/{M, \1, "\2"},/g
 
  ,s/^M ([0-9]+) *(.*)/{M, \1, "\2"},/g
 
  ,s/:  */:/g
 
  ,s/...UDELAY *([0-9]+)/\1/g
 
  ,s/^([RW]) ([0-9]+) (.*):0x([0-9a-f]+)(.*)/{\1, \2, "", \3, 0x\4, \5},/g
 
* run the following commands:
 
. /etc/profile.d/plan9.sh
 
cat dmesg| ./ssam  -f ssamfix > foo.c
 
 
 
=== Script2: compare the io access that were too fast ===
 
* Replace {V,0,}, with {V,7,}, in src/mainboard/vendor/device/i915io.c
 
* cat /dev/ttyUSB0 > accesses.txt
 
* Use that script against accesses.txt to find the guilty accesses:
 
#!/usr/bin/env python2
 
import sys,re
 
 
 
def main(args):
 
try:
 
f = open(args[1],'ro')
 
except:
 
print args[0], " <file>"
 
 
for line in f:
 
if re.match("0x[0-9]*: Got .*, expect .*",line):
 
line = line.replace('\r\n','').replace(", expect ",':').replace(": Got ",':')
 
split = line.split(':')
 
#print split
 
if split[1] != split[2]:
 
print line
 
if __name__ == '__main__':
 
main(sys.argv)
 
 
 
== How to get semantic IOs ==
 
In i915tool:
 
* import your IOs in prettyregs.c
 
* compile prettyregs.c
 
* run prettyregs
 
 
 
== How to get rid of the vbios of the x60 [New Version] ==
 
WARNING: DO NOT ATTEMPT TO DO THAT WITHOUT A FLASH RECOVERY MECANISM
 
 
 
Apply the [http://review.coreboot.org/#/c/3277/ coreboot patches], and adapt them for your mainboard
 
 
 
Then configure coreboot with:
 
[*] Output verbose x86emu debug messages
 
[ ]  Trace JMP/RETF
 
[ ]  Trace all opcodes
 
[ ]  Log Plug&Play accesses
 
[ ]  Log Disk I/O
 
[ ]  Log PMM
 
[ ]  Debug VESA BIOS Extensions
 
[ ]  Redirect INT10 output to console
 
[ ]  Log intXX calls
 
[ ]  Log special memory accesses
 
[ ]  Log all memory accesses
 
[*]  Log IO accesses
 
Build and flash coreboot.
 
 
 
git clone [https://code.google.com/r/gnutoo-i915tool-x60/source/list my fork of the i915tool] until the code is merged in the [https://code.google.com/p/i915tool/ official i915tool].
 
 
 
Get the [http://www.coreboot.org/images/4/42/Dennis.tar.gz tarball] that contains the generated code, extract it.
 
 
 
Also get the [http://www.coreboot.org/images/3/39/I915_reg.h.gz i915_regs.h.gz] file, decompress it and put it in final/
 
 
 
Then go into i915tool and apply some patches for the x60 or redo them for your mainboard.
 
 
 
Run make:
 
$ cd i915tool
 
$ make
 
Then go into the x60 directory(or the directory of your device):
 
$ cd x60
 
use picocom -b 115200 /dev/ttyUSB0 or stty to set the bauds of the Serial port.
 
Then get logs:
 
$ cat /dev/ttyUSB0 | tee coreboot.log
 
Then remove the binary symbols, dos2unix will help identifying where they are:
 
$ dos2unix coreboot.log
 
dos2unix: Binary symbol found at line 136332
 
dos2unix: Skipping binary file coreboot.log
 
Then do:
 
$ dos2unix coreboot.log
 
Then remove the lines before and after the log, the log looks like that:
 
[0047229e]c000:51cb outl(0x80001014, 0x0cf8)
 
[0047325f]c000:51d4 inw(0x0cfc) = 0x50a1
 
Then run make and fix the errors:
 
$ make
 
Then copy to coreboot as it says.
 
Then if necessary try to compact the source code a bit, here for me I have a really long list of:
 
io_i915_write32(0xcffbe001,0x8001);
 
io_i915_write32(0xcffbe001,0x8005);
 
io_i915_write32(0xcffbe001,0x8009);
 
io_i915_write32(0xcffbe001,0x800d);
 
io_i915_write32(0xcffbe001,0x8011);
 
That can be replaced with:
 
int i = 0;
 
for (i=0x8001;i<0x3fffa;i+=4){
 
io_i915_write32(0xcffbe001,i);
 
}
 
  
Import the final code into the chromium fork of coreboot with my patches on top.
+
= Sandbox =
 +
[[/sandbox]]

Latest revision as of 15:23, 17 February 2017

Contributions

In the gerrit guidelines there the follwing line: "Don't modify other people's patches without their consent." I consent to the modification of my patches by anybody. I work on specific things because no one wants to do what I want to do. Else I'd be happy to pick the next task in my huge TODO list.

I've contributed to the following ports:

  • M4A785T-M: I've been the main person working on it.
  • Lenovo X60: I've been working on the native GPU init, and various other improvements.
  • Lenovo T60: I've been working on some improvements.
  • Alix 1.C: I've been working on some improvements.

Interests:

  • 100% Free computers(Laptops, Desktops, Home Servers, routers).
  • Security
    • Secure boot trough GRUB with full disk encryption (no /boot in clear)
    • Protect against DMA and other attacks that have access to the x86 cpu's RAM.
  • Making it possible for end user to be able to use coreboot/libreboot:
    • Making it easy or scalable to install coreboot/libreboot.
    • Making it usable.
  • Making less risky to reflash, permitting users without an external programmer to easily reflash, and developers to develop anywhere without a huge setup consisting of another computer and the coreboot computer beeing worked on. I'm also interested in getting the cbmem logs written to flash to make debugging easier when no other computer is available(for instance while the developer is traveling to a conference).

Howtos

make recent intel BIOS flash writable and/or extract its pieces

Coreboot has an uttility in util/ifdtool for that.

  • power off the laptop totally (remove the power, the battery etc...)
  • connect an external programmer to the BIOS flash chip.
  • dump the chip content with flashrom and that external programmer.
  • run ifdtool on the extracted chip content
  • reflash the modified content

AMD/ATI/Nvidia GPU with SeaBIOS without running the option rom

The idea is to keep the option rom in memory while making SeaBIOS not run it. This has the effect of permitting linux(-libre) to initalize the GPU on all AMD/ATI and Nvidia GPU I tried it with. The downside is the lack of graphics before that. That means no graphics in GRUB.

Patch

From 73aae33b7e70d15b595b3f127ffe98bd76f9a646 Mon Sep 17 00:00:00 2001
From: Denis 'GNUtoo' Carikli <GNUtoo@no-log.org>
Date: Sat, 7 Mar 2015 15:39:52 +0100
Subject: [PATCH] Kconfig: Add option not to run option roms

Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@no-log.org>
---
 src/Kconfig      | 8 ++++++++
 src/optionroms.c | 2 ++
 2 files changed, 10 insertions(+)

diff --git a/src/Kconfig b/src/Kconfig
index 95bf087..1988f56 100644
--- a/src/Kconfig
+++ b/src/Kconfig
@@ -403,6 +403,14 @@ menu "BIOS interfaces"
         default y
         help
             Support Post Memory Manager (PMM) entry point.
+    config OPTIONROMS_NORUN
+        depends on OPTIONROMS
+        bool "Put the option roms in memory, but don't run them"
+        default n
+        help
+            Some GPU drivers are capable of initializing the display alone,
+            but they still require some data from the option rom.
+
     config BOOT
         bool "Boot interface"
         default y
diff --git a/src/optionroms.c b/src/optionroms.c
index c81eff2..c7c89da 100644
--- a/src/optionroms.c
+++ b/src/optionroms.c
@@ -53,7 +53,9 @@ __callrom(struct rom_header *rom, u16 offset, u16 bdf)
 void
 callrom(struct rom_header *rom, u16 bdf)
 {
+#if (!CONFIG_OPTIONROMS_NORUN)
     __callrom(rom, OPTION_ROM_INITVECTOR, bdf);
+#endif
 }
 
 // Execute a BCV option rom registered via add_bcv().
-- 
2.6.4

X60/I945 native GPU init History

The Lenovo X60 GPU init has been merged a long time ago. Since then it has been rewriten/improved a lot by other people (See git log for more details). Thanks to all that work it's now a proper driver.

So I've moved the X60 GPU init information in a subpage

Personal oppinions

Microcode

  • The CPU microcodes are under a non-free license that is incompatible with coreboot's license.
  • They are now moved away in a separate repository.

Some people say that the microcode is the equivalent of having a more recent CPU, as a justification for using it.

However since Intel microcodes are encrypted and signed, so we cannot know what they really do.

  • People usually trust what the CPU vendor say about it, such as that it fixes some bugs(erratas for such bugs are published), but we don't know much more.
  • Speculating about what they really do or cannot do won't help much since we usually cannot verify that information.

My goal is to have a 100% free computer, and also to spread that code, so that other people can have a 100% free computer too. According to the FSF, and the FSF criteria for differentiating software from hardware, that microcode is software. So since they consider it as non-free, a coreboot image containing that microcode would not be considered free by the FSF.

On my Lenovo x60, the microcode was easy to remove, and it worked fine, beside printing a scary kernel message pointing to an Intel errata.

What the errata says is that, when resuming from suspend to ram, the temperatures reading will not be updated, and the temperature overheat will not be reported. The hardware issues you may encounter will depend on your specific CPU, not the model, but instead the date at which it was manufactured. (To know if you are affected, under GNU/Linux, you can run the "dmesg" command and look for "coretemp: Errata AE18 not fixed, update BIOS or microcode of the CPU!" in its output. If you found it, you are affected)

Removing the microcode make it possible to have the gluglug (now minifree) Lenovo Thinkpad X60 ceritified "Respects your freedom" By the FSF.

So instead of debating trough huge flames about the fact that we should use, or not use the microcode, it was more effective to remove it and get the laptop certified.

The benefit of that is the publicity around the fact that this laptop can be made to run 100% free software. This makes users aware of it and willing to switch to it.

Yabel

Yabel is great for tracing what the GPU does.

But the GPUs in the Lenovo x60 and t60 have a bar that gives access to the whole memory:

Region 1: I/O ports at 50a0 [size=8]

So using Yabel to prevent the VGA option rom from doing nasty tricks is probably not safe enough.

I was told that many other GPU also have that issue.

The way to fix that is to get rid of the proprietary VGA option rom. On some boards it's possible and coreboot has a replacement for it. On some other boards, the kernel can initialize the GPU with or without tricks.

For coreboot developers

This section is mainly usefull for finding informations for:

  • Asking me to test some code (that's why I listed all my hardware).
  • Find my work in progress code.
  • Find legacy code.
  • Find what I'm interested in working on:
    • If you want to work on the same thing than me, you could contact me if you want so:
      • I could help if I have time.
      • I could test if I have time.
      • I may have some pointers.
  • HOWTO that documents how to do a native VGA init for the Lenovo x60:
    • It probably applies to the Lenovo t60 that have an Intel GPU, with no or very minor modifications.

My hardware

Mainboard/Devices running coreboot

Device/Mainboard Serial/output flash recovery mecanism What I worked on
Asrock E350M1
  • cbmem -c
  • Serial
  • External programmer
  • Swapping the flash chip
Asus F2A85-M PRO
  • cbmem -c
  • I've been the main porter.
  • Usability improvements
Asus M4A785T-M
  • cbmem -c
  • Serial
Lenovo X60
  • cbmem -c
  • Serial on the dock
  • spkmodem
  • USB debug
  • External programmer with pomona clip
  • Native GPU init
  • Usability improvements.
Lenovo X60T
Lenovo T60
  • Usability improvements.
Lenovo X200
  • cbmem -c
PC Engines Alix 1.C
  • Serial
  • Hot swap with the LPC dongle Bricked by flashing the same non-bootable image on the internal flash and on the LPC dongle.
  • Usability improvements.

Mainboard/Devices not running coreboot (yet?)

If you need to have some tests done on the default boot firwmare, you should ask me as it is fast to do if I've the laptop nearby.

Device/Mainboard Reason
Lenovo Thinkpad X200T I need to find a way to be able to easily, robustly, and safely reflash it:
  • If a SOIC8 SPI chips is soldered instead of the WSON8 one, the solder past must not affect the stability of the SOIC8 clip. That is probably the most adapted way for me.
  • Wires aren't ideal if they break easily.
  • Internal flashing can't be trusted for freedom/privacy/security: The hardware probably permits boot firmwares to very easily mess up with the flash content while it's being read or written: The hardware can probably be programmed to emmit SMM interrupts when the flash chip is accessed, and once in SMM, modify the data. This is the case on i945 thinkpads, however I didn't check the X200T datasheet yet, hence the "probably".

Debugging tools

  • External programmers :
    • Arduino duemillanove (serprog based)
    • Arduino uno (serprog based)
    • openmoko debug board (FTDI based)
    • bug20 (linux_spi)
  • A pomona clip
  • a null-modem serial cable and 2 USB<->Serial adapters
  • USB debug compatible devices:
    • a bug20 (omap3530)
    • a GTA04 A3 (DM370)

My TODO list

See also TODO of the respectives machines on their dedicated wiki page.

  • Merge or abandon my old patches.
  • I945, GM45, GS45 thinkpads: Have all hardware features working (feature parity with the default boot firmware):
    • IRDA
    • TPM
    • Testing: write tests for
      • suspend/resume
      • power consumption
      • heat
  • GM45: Merge ich9gen functionality in ifdtool or ifdfake
  • GM45: Investigate internal flashing (Look if BIOS->Modded BIOS->Coreboot works and understand why)
  • I945: SeaBIOS: allow booting on SD cards.
  • Port a logging mecanism from chromebooks to all devices in order to be able to retrive the log of the failed boot at the next reboot.
  • Document flash protections and vboot.
  • Verify if all the microcodes were moved away from coreboot git.
  • (Alix 1.C: port the VSA to fasm)
  • (GDB improvements: allow gdb earlier than ramstage)
  • I945: Write a freedom/privacy/security review
  • GM45: Write a freedom/privacy/security review
  • More recent Intel with me_cleaner: Write a freedom/privacy/security review

Work in progress documentation

Sandbox

/sandbox