I think this means we will eventually see a fully open source Coreboot/Libreboot soon. Someone correct me if I am wrong please!
I’m not clear about where this API sits relative to the AMD Platform Security Processor.
found via this post: https://lemmy.world/post/134243
What exactly does this mean? Like, I’m familiar with open source software, but I’m not super familiar with the x86 bootloader stuff, so I’m not sure what benefits we get from this.
When you power on a computer, before any software (any operating system) has a chance to run, there’s “firmware” (kind of similar to software, except stored directly in the motherboard) that has to get things going (called “Platform Initialization”). Generally the two jobs of the Platform Initialization firmware: (1) to detect (and maybe initialize) some hardware; and (2) to find the operating system and boot the operating system.
We have a standard interface for #2, which is called UEFI. But for #1, it’s always been sort of a mysterious black box. It necessarily has to be different for every chipset/every motherboard. Manufacturers never really saw much reason to open source it. The major community-driven open source project at doing #1 is called “coreboot”. Due to the fact that it requires a new implementation for every chipset/motherboard and they are generally not documented (and may require some reverse-engineering of the hardware), coreboot has very very limited support.
So what AMD is open sourcing here is a collection of 3 C libraries which they will be using in all of their firmware, going forward. These libraries are not chipset/motherboard-specific (you still need custom code for each motherboard) and do not implement UEFI (you would still need to implement UEFI/bootloader on top of it), but they’re helper functions that do a lot of what’s needed to implement firmware. I just took a cursory look through the source code, but I saw a lot of code in there for detecting RAM DIMMs (how much RAM, what kind of RAM, etc.), which is useful code. (Edit: I just read through the Wikipedia article on coreboot and it says “The most difficult hardware that coreboot initializes is the DRAM controllers and DRAM. In some cases, technical documentation on this subject is NDA restricted or unavailable.”. So if they can make use of AMD openSIL’s DRAM code, that could be a very big win!!)
The fact that AMD is going to use this in their own firmware, and also make it available for coreboot under an MIT licence, means that coreboot may* have a much easier time in the future supporting AMD motherboards.
* we will see
But wouldn’t opening up such an important (from what I understand) part of a computer to everyone mean that malicious actors have a much easier time doing malicious stuff? I understand (and support) that enthusiasts will have many more options when presented with the actual code to a program. Nonetheless, I can’t help but feel like if you give everyone a tour and show them how their super secure door locks work, including how to break them open, then those that want to break in, will be very happy about it and the security system quickly becomes useless.
Please feel free to correct me on wherever I am wrong. I tried reading through the article, but I only understand a fraction of it.
I’m only have a vauge understanding but I’ll give it a shot.
x86 is a CPU architecture. ARM, PowerPC, RISC are other types A CPU architecture is like a standardized set of instructions.
Here’s a horrible attempt an analogy based on buildings. Let’s say there’s only 2 types of buildings on earth:
Type A buildings are very tall and use an elevator to go up many floors. Each floor has just one room.
Type B buildings have a very very long hallway branching off into many rooms but just one floor.
If you wanted to tell someone how to retrieve an item from a Type A building you’d say something like “Take the elevator to floor 3. Grab box 01. Take the elevator to floor 4 and leave it there.”
Obviously this wouldn’t work in a type B building since there is no elevator. You’d tell the person to walk down the hallway until they reached room 03, grab box 01 and walk to room 04 and drop it off.
That’s a very very very very simplified version of how different CPU architectures work. They each have their own “instruction set” based on how they’re set up. The x86 architecture is used in most laptop and desktop computers. The new Apple Macs use ARM, as do most smartphones.
Now, a bootloader is the thing that handles everything from when you see your laptop’s (or desktop motherboard manufacturer’s) logo on your screen to when you see the spinny circle of Windows 10. It handles loading the operating system from a location on disk into the correct place on the computer. So far this step has been secret and proprietary.
The libreboot project is a project to make an open source version but it mostly only works on pre-2008 laptops. This is because post 2008 Intel started asking for a password from the bootloader that only Intel had, making it impossible to put your own bootloader in. Coreboot is a much more limited version of this, whose main focus is to remove a part of the Intel bootloader called Intel Management Engine. The Intel ME has access to your computers hardware unrestricted by the operating system.
I’m not sure what open sourcing their bootloader means for us as a community. If we can finally have libreboot working on AMD x86 computers or if there are many more hurdles along the way.
I’m surprised that chipmakers waited this long. I have the feeling they all treat their firmware divisions as a necessary evil.
Has there ever been positive news associated with the lowest levels of firmware, or is it at best begrudging “AGESA 4.2.0.0 finally fixed the issue where the memory is clocked down to 250MHz when there are two runners on base” fix notices.
If they can toss the problem on a bunch of enthusiasts and people willing to finance open-source developers, they get it our of their hair and earn some public praise.
Realistically, it might be interesting for long-term platform support-- if someone wants to keep tweaking and optimizing a 10-year-old platform, they’ll have more tools at their disposal to do so.
I guess at some point the actual hardware initialization was still something to set yourself they could use to set themselves apart from others. Then it would involve patents and what not. But yes, I can’t imagine that there is a lot of magic left for the established platforms. It might be different for entirely new beasts like Apple’s “new” machines with a lot of custom chips.
AMD Is awesome.
So awesome, back when their slogan was “AMD ME” i had that shit on my license plate.
i’ll see myself out.
Certified dad right here.
Oh wow, this is great news. I expect there will still be uncomfortably many dubious black boxes left there. But it’s certainly a step in the right direction. For me the sticking point with AMD was always shoddy SW/FW/drivers shipped with superior (compared to their biggest competitor anyway) hardware design. It’s good to see them conceding that and outsourcing to open source community rather than some dubious third party.
Though for the time being if you want truly open firmware get a POWER chip instead. If you can afford it.
Might as well risk and arm processors are in the news all the time as they get better. Apple m2 showed us that these other architectures could be better.
ARM isn’t open source, though
Sure, one of the two mentioned isn’t, but RISC-V is and that’s almost certainly going to be the ISA that finally displaces x86 if anything currently available can.
This is great news!
What’s the significance of this? I’m curious
so, the writing is literally on the wall?
Seriously guess ARM won
This is from April, so not exactly breaking news. It is promising but I haven’t seen anything usable come out of the announcement yet.