Date: Mon, 27 May 2019 11:18:55 -0400 From: Shawn Webb <shawn.webb@hardenedbsd.org> To: Eric McCorkle <eric@metricspace.net> Cc: FreeBSD Current <freebsd-current@freebsd.org>, "freebsd-hackers@freebsd.org" <freebsd-hackers@FreeBSD.org> Subject: Re: FreeBSD and Coreboot Message-ID: <20190527151855.iqbkedo7r6n5hgab@mutt-hbsd> In-Reply-To: <4a6b0f1e-64ec-6b83-b43b-f9791ec8428f@metricspace.net> References: <4a6b0f1e-64ec-6b83-b43b-f9791ec8428f@metricspace.net>
next in thread | previous in thread | raw e-mail | index | archive | help
--jo3orqfnivhqnbvw Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hey Eric, My response is inline. On Mon, May 27, 2019 at 11:13:46AM -0400, Eric McCorkle wrote: > Hello everyone, >=20 > I'm through enough of my job change that I can start working on FreeBSD > again. One thing I've had on my list to examine is using FreeBSD with > coreboot, so I wanted to put out a call for anyone who has done work on > this, or knows anything about it. >=20 > Here is what I know: >=20 > * Coreboot _can_ boot kernels directly, but this requires two things: 1) > you must flash your BIOS every time you update a kernel, 2) the kernel > must be able to work without the usual device initialization that the > BIOS does. >=20 > * Coreboot has two significant payload options beyond a kernel: Seabios > and GRUB (supposedly Tianocore EFI is an option, but it apparently > doesn't really work). >=20 > * Scrounging the coreboot wiki seems to produce some conflicting > information. One page claims that the FreeBSD kernel can boot directly > as a coreboot payload; another claims GRUB or Seabios to be the only > options. >=20 > * The PC Engines boards evidently use coreboot, and I've heard multiple > reports of them running FreeBSD systems without a problem. I don't know > whether they use GRUB or Seabios. (Aside: I'm thinking about ordering > some of these boards for my own use, so I'm generally interested in how > well they function with FreeBSD) I own several PC Engines APU boards. They definitely use Coreboot as maintained by these peeps: https://twitter.com/3mdeb_com The Coreboot for the APU boards uses Seabios. >=20 >=20 > My plan is roughly this: >=20 > * Refurbish the GRUB port, get it working again in QEMU (possibly on one > of my machines), also possibly push a patch to GRUB to use the keybufs > mechanism to pass in GELI keys. >=20 > * Get coreboot with GRUB/Seabios booting FreeBSD in QEMU >=20 > * Possibly create a coreboot port (uncertain how this would work, since > Coreboot has its own extensive config menu) >=20 > * Hold my breath and test it out on real hardware (I have a Librem 13 r1 > for this purpose) >=20 > * Possibly try getting the FreeBSD kernel to work as a coreboot payload. >=20 >=20 > Here's what I don't know/what would be useful knowledge for me: >=20 > * Anyone else who's been experimenting/working on coreboot support, and > what they found >=20 > * Any working examples of using Coreboot with FreeBSD >=20 > * Down the road, anything about adapting the FreeBSD kernel to work with > a new boot platform (ie. low level details about how to set it up in > memory on a bare-metal system and start execution) >=20 Reach out to 3mdeb (feel free to CC me, if you'd like). See what they'd like help with. There's certainly a lot more work that could be done. Thanks, --=20 Shawn Webb Cofounder / Security Engineer HardenedBSD Tor-ified Signal: +1 443-546-8752 Tor+XMPP+OTR: lattera@is.a.hacker.sx GPG Key ID: 0xFF2E67A277F8E1FA GPG Key Fingerprint: D206 BB45 15E0 9C49 0CF9 3633 C85B 0AF8 AB23 0FB2 --jo3orqfnivhqnbvw Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEA6TL67gupaZ9nzhT/y5nonf44foFAlzr/9oACgkQ/y5nonf4 4fpd6A/+Lwya5qx8dlQbXbI+4qqcT44EzRPe9llW0kmJIaktgi5cJoQcUHBpmdOQ 5ToHGHBQavTnhlj3DueIFfxiV2jru45VDPJMWcf3TYGrmair/E43a85pN2gAoCRy hjH+8QVTi6NdSu6hynXCkMwBioJb/21X8NwtYuHtdZ3KD64L7P6+k9V5BvO5ZKWS 4HrCAtep26Bi+JBfvG3v5VDFHokxmhB1VvxbH0+6EIpwOtOu13GLOPAW+sxINuHY xJZEuMVY8x9aFjAjVcFVGXMuauGW5IJ0EdDtciCTIVumksWuwYExAARMe1YgdQC/ NIMVO6hFplYFS6798pqCHx9bkeVsHoJquMAF51LKTEN+K7YgKV9OdyAc2fy4XIrz UxctKrA0ggE4wgHUtqaS+oTRqRtrZJ3XfPSyyzat7DOB6ymICnb0CQSuK0MQAY/m imA6oUHZL9OMSnNtVuB/+/u3FSEbDAPt1hfSmVRJc4H3NLS9Asfcur2nhGl38hIt dCaNlTXt3kt9kMJaD0RAbL7dpvSUY5XtuWEKyVmsvnt4LZ/9UXapHG/xYyH2b8uI GPjz+uKxQvs03N22k9H69j2o3YMOCe5f0NNc+tuoaWUmg2HmW/Vapg+q/RSHcHTe VrzlGVWNdYpTedxvewcv9dVGGOmaXl/Tr7ap07MrD5FuLy4nghM= =UF4R -----END PGP SIGNATURE----- --jo3orqfnivhqnbvw--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20190527151855.iqbkedo7r6n5hgab>