Coreboot: Difference between revisions

From Wikipedia, the free encyclopedia
Jump to navigation Jump to search
← Previous edit
VisualWikitext
imported>Raync
Undid revision 1296602975 by Raync (talk) changed my mind
imported>Guy Harris
Use {{cite mailing list}} for an email message.
 
Line 20: Line 20:
}}
}}


'''coreboot''', formerly known as '''LinuxBIOS''',<ref>{{cite web
'''coreboot''' (formerly '''LinuxBIOS''')<ref>{{cite mailing list |date=12 January 2008 |title=[LinuxBIOS] Welcome to coreboot |author=Ron Minnich |mailing-list=LinuxBIOS |url=http://coreboot.org/pipermail/coreboot/2008-January/029135.html |url-status=dead |archive-url=https://web.archive.org/web/20130601003256/https://coreboot.org/pipermail/coreboot/2008-January/029135.html |archive-date=June 1, 2013 |access-date=January 12, 2008}}</ref> is an open‑source project that provides lightweight [[firmware]] to initialize hardware and then load an operating system. It is designed to replace proprietary firmware (traditional [[BIOS]] or [[UEFI]] implementations) by performing the minimal tasks required to start a modern [[32-bit]] or [[64-bit]] [[operating system]].
|url=http://coreboot.org/pipermail/coreboot/2008-January/029135.html
|title=&#91;LinuxBIOS&#93; Welcome to coreboot
|date=12 January 2008
}}</ref> is a software project aimed at replacing proprietary [[firmware]] ([[BIOS]] or [[UEFI]]) found in most computers with a lightweight firmware designed to perform only the minimum number of tasks necessary to load and run a modern [[32-bit]] or [[64-bit]] [[operating system]].


Since coreboot initializes the bare hardware, it must be ported to every [[chipset]] and [[motherboard]] that it supports. As a result, coreboot is available only for a limited number of hardware platforms and motherboard models.
Because coreboot performs low‑level hardware initialization, it must be ported to each supported [[chipset]] and [[motherboard]] model; consequently, availability is limited to platforms for which support has been implemented.


One of the coreboot variants is [[Libreboot]], a [[software distribution]] partly free of [[binary blob|proprietary blobs]], aimed at end users.
One of the well‑known variants of coreboot is [[Libreboot]], a [[software distribution]] that focuses on removing proprietary [[binary blob]]s from the firmware stack.


== History ==
== History ==
The coreboot project began with the goal of creating a BIOS that would start fast and handle errors intelligently.<ref>{{cite web |author=Anton Borisov |url=http://www.h-online.com/open/features/The-Open-Source-BIOS-is-Ten-An-interview-with-the-coreboot-developers-746525.html?view=print |title=The Open Source BIOS is Ten. An interview with the coreboot developers |website=[[The H]] |date=2009 |archive-url=https://web.archive.org/web/20120916212555/http://www.h-online.com/open/features/The-Open-Source-BIOS-is-Ten-An-interview-with-the-coreboot-developers-746525.html?view=print |archive-date=16 September 2012 |url-status=dead}}'</ref> It is licensed under the terms of the [[GNU General Public License]] version 2 (GPLv2). Main contributors include [[Los Alamos National Laboratory|LANL]], [[Silicon Integrated Systems|SiS]], [[Advanced Micro Devices|AMD]], Coresystems and Linux Networx, Inc, as well as motherboard vendors [[Micro-Star International|MSI]], [[Gigabyte Technology|Gigabyte]] and [[Tyan]], which offer coreboot alongside their standard BIOS or provide specifications of the hardware interfaces for some of their motherboards. [[Google]] partly sponsors the coreboot project.<ref>{{Cite web|url=http://google-code-updates.blogspot.com/2006/11/google-sponsors-linuxbios-project.html|title=Google Sponsors the LinuxBIOS project|access-date=29 September 2023|archive-date=6 February 2012|archive-url=https://web.archive.org/web/20120206205540/http://google-code-updates.blogspot.com/2006/11/google-sponsors-linuxbios-project.html|url-status=bot: unknown}}</ref> [[CME Group]], a financial public company, began supporting the coreboot project in 2009.<ref>{{cite web|url=http://www.wallstreetandtech.com/it-infrastructure/showArticle.jhtml?articleID=217400294|title=CME Group Dives Into Coreboot and Other Linux Open Source Projects|work=Wall Street & Technology|access-date=23 September 2015|archive-url=https://web.archive.org/web/20100812092429/http://www.wallstreetandtech.com/it-infrastructure/showArticle.jhtml?articleID=217400294|archive-date=12 August 2010|url-status=dead}}</ref>
The coreboot project began with the goal of creating a BIOS that boots quickly and handles errors intelligently.<ref>{{cite web |author=Anton Borisov |url=http://www.h-online.com/open/features/The-Open-Source-BIOS-is-Ten-An-interview-with-the-coreboot-developers-746525.html?view=print |title=The Open Source BIOS is Ten. An interview with the coreboot developers |website=[[The H]] |date=2009 |archive-url=https://web.archive.org/web/20120916212555/http://www.h-online.com/open/features/The-Open-Source-BIOS-is-Ten-An-interview-with-the-coreboot-developers-746525.html?view=print |archive-date=16 September 2012 |url-status=dead}}'</ref> It is distributed under the terms of the [[GNU General Public License]] version 2 (GPLv2).  
Main contributors include [[Los Alamos National Laboratory|LANL]], [[Silicon Integrated Systems|SiS]], [[Advanced Micro Devices|AMD]], Coresystems and Linux Networx, Inc, as well as motherboard vendors [[Micro-Star International|MSI]], [[Gigabyte Technology|Gigabyte]] and [[Tyan]], which offer coreboot alongside their standard BIOS or provide specifications of the hardware interfaces for some of their motherboards. [[Google]] partly sponsors the coreboot project.<ref>{{Cite web|url=http://google-code-updates.blogspot.com/2006/11/google-sponsors-linuxbios-project.html|title=Google Sponsors the LinuxBIOS project|access-date=29 September 2023|archive-date=6 February 2012|archive-url=https://web.archive.org/web/20120206205540/http://google-code-updates.blogspot.com/2006/11/google-sponsors-linuxbios-project.html|url-status=bot: unknown}}</ref> [[CME Group]], a financial public company, began supporting the coreboot project in 2009.<ref>{{cite web|url=http://www.wallstreetandtech.com/it-infrastructure/showArticle.jhtml?articleID=217400294|title=CME Group Dives Into Coreboot and Other Linux Open Source Projects|work=Wall Street & Technology|access-date=23 September 2015|archive-url=https://web.archive.org/web/20100812092429/http://www.wallstreetandtech.com/it-infrastructure/showArticle.jhtml?articleID=217400294|archive-date=12 August 2010|url-status=dead}}</ref>


Other than the first three models, all [[Chromebook]]s run coreboot.<ref>{{cite web |url=http://www.coreboot.org/Chromebooks |title=Chromebooks |publisher=coreboot |date=16 January 2014 |access-date=17 February 2014 |archive-url=https://web.archive.org/web/20160508225442/https://www.coreboot.org/Chromebooks |archive-date=8 May 2016 |url-status=dead }}</ref> Code from [[Das U-Boot]] has been assimilated to enable support for processors based on the [[ARM architecture|ARM instruction set]].<ref>{{cite web|url=http://blogs.coreboot.org/blog/2011/06/05/gsoc2011week-1-analysis-of-u-boot-arm-boot-code/ |title=GSoC2011(Week 1): Analysis of U-boot ARM boot code &#124; coreboot developer blogs|date=5 June 2011 |access-date=12 April 2014}}</ref>
Other than the first three models, all [[Chromebook]]s run coreboot.<ref>{{cite web |url=http://www.coreboot.org/Chromebooks |title=Chromebooks |publisher=coreboot |date=16 January 2014 |access-date=17 February 2014 |archive-url=https://web.archive.org/web/20160508225442/https://www.coreboot.org/Chromebooks |archive-date=8 May 2016 |url-status=dead }}</ref>  
Code from [[Das U-Boot]] has been assimilated to enable support for processors based on the [[ARM architecture|ARM instruction set]].<ref>{{cite web|url=http://blogs.coreboot.org/blog/2011/06/05/gsoc2011week-1-analysis-of-u-boot-arm-boot-code/ |title=GSoC2011(Week 1): Analysis of U-boot ARM boot code &#124; coreboot developer blogs|date=5 June 2011 |access-date=12 April 2014}}</ref>


In June 2019, coreboot began to use the [[NSA]] software [[Ghidra]] for its [[reverse engineering]] efforts on [[Firmware|firmware-specific]] problems following the release of the suite as [[free and open source software]].<ref>{{Cite web |title=Coreboot nutzt NSA-Tool zum Reverse Engineering |url=https://www.golem.de/news/ghidra-coreboot-nutzt-nsa-tool-zum-reverse-engineering-1906-141746.html |access-date=2023-05-04 |website=[[Golem.de]]}}</ref>
In June 2019, coreboot began to use the [[NSA]] software [[Ghidra]] for its [[reverse engineering]] efforts on [[Firmware|firmware-specific]] problems following the release of the suite as [[free and open source software]].<ref>{{Cite web |title=Coreboot nutzt NSA-Tool zum Reverse Engineering |url=https://www.golem.de/news/ghidra-coreboot-nutzt-nsa-tool-zum-reverse-engineering-1906-141746.html |access-date=2023-05-04 |website=[[Golem.de]]}}</ref>


== Supported platforms ==
== Supported platforms ==
CPU architectures supported by coreboot include [[IA-32]], [[x86-64]], [[ARM architecture family|ARM]], [[AArch64|ARM64]], [[MIPS architecture|MIPS]] and [[RISC-V]]. Supported [[system-on-a-chip]] (SOC) platforms include AMD [[Geode (processor)|Geode]], starting with the Geode GX processor developed for the [[One Laptop per Child|OLPC]]. Artec Group added Geode LX support for its [[ThinCan]] model DBE61; that code was adopted by AMD and further improved for the OLPC after it was upgraded to the Geode LX platform, and is further developed by the coreboot community to support other Geode variants. coreboot can be flashed onto a Geode platform using [[Flashrom (utility)|Flashrom]].
coreboot supports multiple CPU architectures, including [[IA-32]], [[x86-64]], [[ARM architecture family|ARM]], [[AArch64|ARM64]], [[MIPS architecture|MIPS]] and [[RISC-V]]. Support covers a variety of [[system-on-a-chip]] (SoC) platforms as well; early development focused on AMD [[Geode (processor)|Geode]] processors (notably those used in the [[One Laptop per Child|OLPC]] project).  
Artec Group added Geode LX support for its [[ThinCan]] model DBE61; that code was adopted by AMD and further improved for the OLPC after it was upgraded to the Geode LX platform, and is further developed by the coreboot community to support other Geode variants. coreboot can be flashed onto a Geode platform using [[Flashrom (utility)|Flashrom]].


From that initial development on AMD Geode based platforms, coreboot support has been extended onto many AMD processors and chipsets. The processor list includes Family 0Fh and 10h ([[AMD K8|K8]] core), and recently Family 14h ([[Bobcat (microarchitecture)|Bobcat]] core, [[AMD APU|Fusion APU]]). coreboot support also extends to AMD chipsets: [[AMD 690 chipset series|RS690]], [[AMD 700 chipset series|RS7xx]], [[AMD 580 chipset series|SB600]], and SB8xx.
From that initial development on AMD Geode based platforms, coreboot support has been extended onto many AMD processors and chipsets. The processor list includes Family 0Fh and 10h ([[AMD K8|K8]] core), and recently Family 14h ([[Bobcat (microarchitecture)|Bobcat]] core, [[AMD APU|Fusion APU]]). coreboot support also extends to AMD chipsets: [[AMD 690 chipset series|RS690]], [[AMD 700 chipset series|RS7xx]], [[AMD 580 chipset series|SB600]], and SB8xx.
Line 59: Line 58:
Coreboot typically loads a [[Linux kernel]], but it can load any other [[standalone program|stand-alone]] [[Executable and Linkable Format|ELF]] executable, such as [[iPXE]], [[gPXE]] or Etherboot that can boot a Linux kernel [[Network booting|over a network]], or [[SeaBIOS]]<ref>[http://www.coreboot.org/SeaBIOS SeaBIOS] (previously known as LegacyBIOS) is an open-source legacy BIOS implementation</ref> that can load a Linux kernel, [[Windows 2000]] and later, and BSDs; Windows 2000/[[Windows XP|XP]] and [[OpenBSD]] support was previously provided by ADLO.<ref>{{Cite web|url=http://www.coreboot.org/ADLO|archiveurl=https://web.archive.org/web/20101125130605/http://www.coreboot.org/ADLO|url-status=dead|title=coreboot Add-on Layer (ADLO)|archivedate=25 November 2010}}</ref><ref>{{cite web |url=http://www.missl.cs.umd.edu/sebos_phase2.html |title=SEBOS, Security Enhanced Bootloader for Operating Systems, Phase 2 |archive-url=https://web.archive.org/web/20070619101948/http://www.missl.cs.umd.edu/sebos_phase2.html |archive-date=19 June 2007 |url-status=dead}} - adding PC BIOS Services to coreboot via Bochs BIOS</ref> coreboot can also load a [[Kernel (operating system)|kernel]] from any supported device, such as Myrinet, Quadrics, or SCI [[Computer cluster|cluster]] interconnects. Booting other kernels directly is also possible, such as a [[Plan 9 from Bell Labs|Plan 9]] kernel. Instead of loading a kernel directly, coreboot can pass control to a dedicated boot loader, such as a coreboot-capable version of [[GNU GRUB]] 2.
Coreboot typically loads a [[Linux kernel]], but it can load any other [[standalone program|stand-alone]] [[Executable and Linkable Format|ELF]] executable, such as [[iPXE]], [[gPXE]] or Etherboot that can boot a Linux kernel [[Network booting|over a network]], or [[SeaBIOS]]<ref>[http://www.coreboot.org/SeaBIOS SeaBIOS] (previously known as LegacyBIOS) is an open-source legacy BIOS implementation</ref> that can load a Linux kernel, [[Windows 2000]] and later, and BSDs; Windows 2000/[[Windows XP|XP]] and [[OpenBSD]] support was previously provided by ADLO.<ref>{{Cite web|url=http://www.coreboot.org/ADLO|archiveurl=https://web.archive.org/web/20101125130605/http://www.coreboot.org/ADLO|url-status=dead|title=coreboot Add-on Layer (ADLO)|archivedate=25 November 2010}}</ref><ref>{{cite web |url=http://www.missl.cs.umd.edu/sebos_phase2.html |title=SEBOS, Security Enhanced Bootloader for Operating Systems, Phase 2 |archive-url=https://web.archive.org/web/20070619101948/http://www.missl.cs.umd.edu/sebos_phase2.html |archive-date=19 June 2007 |url-status=dead}} - adding PC BIOS Services to coreboot via Bochs BIOS</ref> coreboot can also load a [[Kernel (operating system)|kernel]] from any supported device, such as Myrinet, Quadrics, or SCI [[Computer cluster|cluster]] interconnects. Booting other kernels directly is also possible, such as a [[Plan 9 from Bell Labs|Plan 9]] kernel. Instead of loading a kernel directly, coreboot can pass control to a dedicated boot loader, such as a coreboot-capable version of [[GNU GRUB]] 2.


Coreboot is written primarily in [[C (programming language)|C]], with a small amount of [[assembly code]]. Choosing C as the primary programming language enables easier [[code audit]]s when compared to contemporary PC BIOS that was generally written in assembly,<ref>{{cite web |url=https://phoenixts.com/blog/uefi-vs-legacy-bios/ |title=Comparison of UEFI and legacy BIOS}} pronouncing that same advantage for UEFI</ref> which results in improved security. There is build and runtime support to write parts of coreboot in [[Ada (programming language)|Ada]]<ref>{{cite web |url=https://review.coreboot.org/cgit/coreboot.git/commit/src/lib/gnat?id=e0ed9025cf7453212e5e5a845e34e0b7ecfa3eb9 |title=commit}} adding that support</ref> to further raise the security bar, but it is currently only sporadically used. The source code is released under the [[GPL version 2|GNU GPL version 2]] license.
Coreboot is primarily implemented in [[C (programming language)|C]], with a small amount of [[assembly code]]. Choosing C as the primary programming language facilitates [[code audit]]s when compared to contemporary PC BIOS that was generally written in assembly,<ref>{{cite web |url=https://phoenixts.com/blog/uefi-vs-legacy-bios/ |title=Comparison of UEFI and legacy BIOS}} pronouncing that same advantage for UEFI</ref> which results in improved security. There is build and runtime support to write parts of coreboot in [[Ada (programming language)|Ada]]<ref>{{cite web |url=https://review.coreboot.org/cgit/coreboot.git/commit/src/lib/gnat?id=e0ed9025cf7453212e5e5a845e34e0b7ecfa3eb9 |title=commit}} adding that support</ref> to further raise the security bar, but it is currently only sporadically used. The source code is released under the [[GPL version 2|GNU GPL version 2]] license.


Coreboot performs the absolute minimal amount of hardware initialization and then passes control to the [[operating system]]. As a result, there is no coreboot code running once the operating system has taken control. A feature of coreboot is that the [[x86]] version runs in [[32-bit]] mode after executing only ten instructions<ref>{{Cite web |url=http://lxr.linux.no/coreboot-v3+r777/arch/x86/geodelx/stage0.S |title=coreboot v3 early startup code |access-date=17 August 2008 |archive-url=https://archive.today/20120710041412/http://lxr.linux.no/coreboot-v3+r777/arch/x86/geodelx/stage0.S |archive-date=10 July 2012 |url-status=dead }}</ref> (almost all other x86 BIOSes run exclusively in [[16-bit]] mode). This is similar to the modern [[UEFI]] firmware, which is used on newer PC hardware.
Coreboot performs the absolute minimal amount of hardware initialization and then passes control to the [[operating system]]. As a result, there is no coreboot code running once the operating system has taken control. A feature of coreboot is that the [[x86]] version runs in [[32-bit]] mode after executing only ten instructions<ref>{{Cite web |url=http://lxr.linux.no/coreboot-v3+r777/arch/x86/geodelx/stage0.S |title=coreboot v3 early startup code |access-date=17 August 2008 |archive-url=https://archive.today/20120710041412/http://lxr.linux.no/coreboot-v3+r777/arch/x86/geodelx/stage0.S |archive-date=10 July 2012 |url-status=dead }}</ref> (almost all other x86 BIOSes run exclusively in [[16-bit]] mode). This is similar to the modern [[UEFI]] firmware, which is used on newer PC hardware.
Line 75: Line 74:
[[File:Hacking Coreboot.jpg|thumb|Hacking coreboot at Denver 2008 summit.]]
[[File:Hacking Coreboot.jpg|thumb|Hacking coreboot at Denver 2008 summit.]]


There are also CPU [[emulator]]s that either replace the [[Central processing unit|CPU]] or connect via a [[JTAG]] port, with the Sage SmartProbe<ref>{{Cite web|url=http://www.se-eng.com/|archiveurl=https://web.archive.org/web/20110315080000/http://www.se-eng.com/|url-status=usurped|title=Sage Electronic Engineering - SmartProbe JTAG debugger, Sage EDK, coreboot and Embedded Systems and Software Engineering|archivedate=15 March 2011|website=www.se-eng.com}}</ref><ref>{{cite web | url=http://www.loper-os.org/?p=1887 | title=Sage SmartProbe FAQ | publisher=S.Datskovskiy | access-date=30 April 2021}}</ref> being an example. Code can be built on, or downloaded to, BIOS emulators rather than flashing the BIOS device.
Developers use a variety of hardware and software debugging tools when working on coreboot. These include in‑circuit [[emulator]]s, [[JTAG]] probes (for example the Sage SmartProbe), and BIOS/firmware emulators. Code may be tested on emulators or downloaded to target hardware rather than being immediately flashed to a BIOS device.<ref>{{Cite web|url=http://www.se-eng.com/|archiveurl=https://web.archive.org/web/20110315080000/http://www.se-eng.com/|url-status=usurped|title=Sage Electronic Engineering - SmartProbe JTAG debugger, Sage EDK, coreboot and Embedded Systems and Software Engineering|archivedate=15 March 2011|website=www.se-eng.com}}</ref><ref>{{cite web | url=http://www.loper-os.org/?p=1887 | title=Sage SmartProbe FAQ | publisher=S.Datskovskiy | access-date=30 April 2021}}</ref> being an example. Code can be built on, or downloaded to, BIOS emulators rather than flashing the BIOS device.


== Payloads ==
== Payloads ==
[[File:Coreboot+seaBIOS+on-x60.JPG|thumb|upright|SeaBIOS payload running on a Lenovo [[ThinkPad]] X60]]
[[File:Coreboot+seaBIOS+on-x60.JPG|thumb|upright|[[SeaBIOS]] payload running on a Lenovo [[ThinkPad]] X60]]


coreboot can load a payload, which may be written using the {{Mono|libpayload}} helper library. Existing payloads include the following:
coreboot loads a payload after hardware initialization. Payloads may be written with the {{Mono|libpayload}} helper library or be independent projects. Notable payloads include the following:
* [[SeaBIOS]] provides a "legacy BIOS" interface
* [[TianoCore EDK II]], the de-facto standard generic UEFI services implementation
* [[GNU GRUB|GRUB 2]], most commonly used as an on-disk bootloader, can also be compiled as a coreboot payload
* A [[Linux]] kernel can also be used as payload, typically in the form of [[LinuxBoot]]
* Depthcharge is used by Google for [[ChromeOS]]<ref>{{cite web
* Depthcharge is used by Google for [[ChromeOS]]<ref>{{cite web
  | url = https://docs.google.com/presentation/d/1pH8ltQ3cGKy9dRaTxHtZbA50QLZCw6HE8LDoi1y_gcs/pub?start=false&loop=false&delayms=3000#slide=id.p
  | url = https://docs.google.com/presentation/d/1pH8ltQ3cGKy9dRaTxHtZbA50QLZCw6HE8LDoi1y_gcs/pub?start=false&loop=false&delayms=3000#slide=id.p
Line 112: Line 115:
* GNU Boot - A variant with a primary focus to remove all binary blobs.<ref>{{Cite web |date=2023-10-30 |title=GNU Boot Summary |url=https://savannah.gnu.org/projects/gnuboot |access-date=2023-10-30 |archive-url=https://web.archive.org/web/20231030210812/https://savannah.gnu.org/projects/gnuboot/ |archive-date=30 October 2023 }}</ref>
* GNU Boot - A variant with a primary focus to remove all binary blobs.<ref>{{Cite web |date=2023-10-30 |title=GNU Boot Summary |url=https://savannah.gnu.org/projects/gnuboot |access-date=2023-10-30 |archive-url=https://web.archive.org/web/20231030210812/https://savannah.gnu.org/projects/gnuboot/ |archive-date=30 October 2023 }}</ref>
* Canoeboot<ref>{{Cite web |date=16 November 2023 |title=Canoeboot project |url=https://canoeboot.org/ |access-date=16 November 2023 |archive-url=https://web.archive.org/web/20231116233556/https://canoeboot.org/ |archive-date=16 November 2023 }}</ref>
* Canoeboot<ref>{{Cite web |date=16 November 2023 |title=Canoeboot project |url=https://canoeboot.org/ |access-date=16 November 2023 |archive-url=https://web.archive.org/web/20231116233556/https://canoeboot.org/ |archive-date=16 November 2023 }}</ref>
* Dasharo - A distribution based on coreboot developed by 3mdeb.<ref>{{Cite web | date=2024-01-29 | title=3mdeb Sp. z o.o. — Embedded Firmware development consultancy | url=https://3mdeb.com | access-date=2024-02-16 | archive-url=https://web.archive.org/web/20240216093245/https://3mdeb.com | archive-date=2024-02-16 }}</ref> They aim to make it easy for manufacturers to ship products with coreboot.<ref>{{Cite web | date=2023-10-22 | title=Dasharo • GitHub | url=https://github.com/Dasharo | access-date=2024-02-16 | archive-url=https://web.archive.org/web/20240216085150/https://github.com/Dasharo | archive-date=2024-02-16 }}</ref><ref>{{Cite web | date=2024-02-09 | title=About Dasharo - Dasharo Universe | url=https://docs.dasharo.com | access-date=2024-02-16 | archive-url=https://web.archive.org/web/20240216090043/https://docs.dasharo.com/ | archive-date=2024-02-16 }}</ref>
* Dasharo - A distribution based on coreboot developed by 3mdeb, intended to simplify manufacturers shipping coreboot on products.<ref>{{Cite web | date=2024-01-29 | title=3mdeb Sp. z o.o. — Embedded Firmware development consultancy | url=https://3mdeb.com | access-date=2024-02-16 | archive-url=https://web.archive.org/web/20240216093245/https://3mdeb.com | archive-date=2024-02-16 }}</ref> They aim to make it easy for manufacturers to ship products with coreboot.<ref>{{Cite web | date=2023-10-22 | title=Dasharo • GitHub | url=https://github.com/Dasharo | access-date=2024-02-16 | archive-url=https://web.archive.org/web/20240216085150/https://github.com/Dasharo | archive-date=2024-02-16 }}</ref><ref>{{Cite web | date=2024-02-09 | title=About Dasharo - Dasharo Universe | url=https://docs.dasharo.com | access-date=2024-02-16 | archive-url=https://web.archive.org/web/20240216090043/https://docs.dasharo.com/ | archive-date=2024-02-16 }}</ref>
* Skulls - A variant aimed at ease of installation.<ref>{{Citation |last=Kepplinger-Novakovic |first=Martin |title=merge/skulls |date=2024-05-28 |url=https://github.com/merge/skulls |access-date=2024-05-29}}</ref>
* Skulls - A variant aimed at ease of installation.<ref>{{Citation |last=Kepplinger-Novakovic |first=Martin |title=merge/skulls |date=2024-05-28 |url=https://github.com/merge/skulls |access-date=2024-05-29}}</ref>
* Heads - A variant aimed at physical security and usage of free software, recommended for use with [[QubesOS]].<ref>{{Cite web |title=About Heads |url=https://osresearch.net/ |access-date=2024-05-29 |website=Heads |language=en-US}}</ref><ref>{{Citation |title=linuxboot/heads |date=2024-05-28 |url=https://github.com/linuxboot/heads |access-date=2024-05-29 |publisher=LinuxBoot}}</ref>{{Citation needed|date=July 2024|reason=The documentation and sources linked dont say that it is recommended for use with qubesOS}}
* Heads - A variant aimed at physical security and usage of free software, recommended for use with [[QubesOS]].<ref>{{Cite web |title=About Heads |url=https://osresearch.net/ |access-date=2024-05-29 |website=Heads |language=en-US}}</ref><ref>{{Citation |title=linuxboot/heads |date=2024-05-28 |url=https://github.com/linuxboot/heads |access-date=2024-05-29 |publisher=LinuxBoot}}</ref>{{Citation needed|date=July 2024|reason=The documentation and sources linked dont say that it is recommended for use with qubesOS}}

Latest revision as of 11:20, 27 December 2025

Template:Short description Template:Use dmy dates

Script error: No such module "Infobox".Template:Template other Script error: No such module "Check for unknown parameters".Script error: No such module "Check for conflicting parameters".

coreboot (formerly LinuxBIOS)[1] is an open‑source project that provides lightweight firmware to initialize hardware and then load an operating system. It is designed to replace proprietary firmware (traditional BIOS or UEFI implementations) by performing the minimal tasks required to start a modern 32-bit or 64-bit operating system.

Because coreboot performs low‑level hardware initialization, it must be ported to each supported chipset and motherboard model; consequently, availability is limited to platforms for which support has been implemented.

One of the well‑known variants of coreboot is Libreboot, a software distribution that focuses on removing proprietary binary blobs from the firmware stack.

History

The coreboot project began with the goal of creating a BIOS that boots quickly and handles errors intelligently.[2] It is distributed under the terms of the GNU General Public License version 2 (GPLv2). Main contributors include LANL, SiS, AMD, Coresystems and Linux Networx, Inc, as well as motherboard vendors MSI, Gigabyte and Tyan, which offer coreboot alongside their standard BIOS or provide specifications of the hardware interfaces for some of their motherboards. Google partly sponsors the coreboot project.[3] CME Group, a financial public company, began supporting the coreboot project in 2009.[4]

Other than the first three models, all Chromebooks run coreboot.[5] Code from Das U-Boot has been assimilated to enable support for processors based on the ARM instruction set.[6]

In June 2019, coreboot began to use the NSA software Ghidra for its reverse engineering efforts on firmware-specific problems following the release of the suite as free and open source software.[7]

Supported platforms

coreboot supports multiple CPU architectures, including IA-32, x86-64, ARM, ARM64, MIPS and RISC-V. Support covers a variety of system-on-a-chip (SoC) platforms as well; early development focused on AMD Geode processors (notably those used in the OLPC project). Artec Group added Geode LX support for its ThinCan model DBE61; that code was adopted by AMD and further improved for the OLPC after it was upgraded to the Geode LX platform, and is further developed by the coreboot community to support other Geode variants. coreboot can be flashed onto a Geode platform using Flashrom.

From that initial development on AMD Geode based platforms, coreboot support has been extended onto many AMD processors and chipsets. The processor list includes Family 0Fh and 10h (K8 core), and recently Family 14h (Bobcat core, Fusion APU). coreboot support also extends to AMD chipsets: RS690, RS7xx, SB600, and SB8xx.

In AMD Generic Encapsulated Software Architecture (AGESA)Template:Mdashba bootstrap protocol by which system devices on AMD64 mainboards are initializedTemplate:Mdashbwas open sourced in early 2011, aiming to provide required functionality for coreboot system initialization on AMD64 hardware.[8] However, as of 2014 such releases never became the basis for future development by AMD, and were subsequently halted.[9]

Devices that could be preloaded with coreboot or one of its derivatives include:

Lenovo/IBM
The Libreboot T400 and X200 (rebranded ThinkPad T400 and X200, respectively, available from Minifree, previously known as Gluglug).[10][11]
Artec Group
ThinCan models DBE61, DBE62 and DBE63, and fanless server/router hardware manufactured by PC Engines.[12]
Purism
Librem laptops come with coreboot.[13][14]
Others
Some System76 PCs use coreboot TianoCore firmware, including open source Embedded Controller firmware.
Dasharo offers an alternative coreboot-based firmware distribution for computers from MSI, NovaCustom and Nitrokey, among others.[15][16][17]
StarLabs Systems use coreboot firmware, as an alternative.[18]
Some Tesla Model 3 cars have adopted Ryzen Embedded or Intel Atom processor on the car computer, and adopted coreboot as the bootloader.Script error: No such module "Unsubst".

Design

Coreboot typically loads a Linux kernel, but it can load any other stand-alone ELF executable, such as iPXE, gPXE or Etherboot that can boot a Linux kernel over a network, or SeaBIOS[19] that can load a Linux kernel, Windows 2000 and later, and BSDs; Windows 2000/XP and OpenBSD support was previously provided by ADLO.[20][21] coreboot can also load a kernel from any supported device, such as Myrinet, Quadrics, or SCI cluster interconnects. Booting other kernels directly is also possible, such as a Plan 9 kernel. Instead of loading a kernel directly, coreboot can pass control to a dedicated boot loader, such as a coreboot-capable version of GNU GRUB 2.

Coreboot is primarily implemented in C, with a small amount of assembly code. Choosing C as the primary programming language facilitates code audits when compared to contemporary PC BIOS that was generally written in assembly,[22] which results in improved security. There is build and runtime support to write parts of coreboot in Ada[23] to further raise the security bar, but it is currently only sporadically used. The source code is released under the GNU GPL version 2 license.

Coreboot performs the absolute minimal amount of hardware initialization and then passes control to the operating system. As a result, there is no coreboot code running once the operating system has taken control. A feature of coreboot is that the x86 version runs in 32-bit mode after executing only ten instructions[24] (almost all other x86 BIOSes run exclusively in 16-bit mode). This is similar to the modern UEFI firmware, which is used on newer PC hardware.

Initializing DRAM

The most difficult hardware that coreboot initializes is the DRAM controllers and DRAM. In some cases, technical documentation on this subject is NDA restricted or unavailable. RAM initialization is particularly difficult because before the RAM is initialized it cannot be used. Therefore, to initialize DRAM controllers and DRAM, the initialization code may have only the CPU's general purpose registers or Cache-as-RAM as temporary storage.

romcc, a C compiler that uses registers instead of RAM, eases the task. Using romcc, it is relatively easy to make SMBus accesses to the SPD ROMs of the DRAM DIMMs, that allows the RAM to be used.

With newer x86 processors, the processor cache can be used as RAM until DRAM is initialized. The processor cache has to be initialized into Cache-as-RAM[25][26] mode as well, but this needs fewer instructions than initializing DRAM. Also, the Cache-as-RAM mode initialization is specific to CPU architectures, thus more generic than DRAM initialization, which is specific to each chipset and mainboard.

For most modern x86 platforms, closed source binary-only components provided by the vendor are used for DRAM setup. For Intel systems, FSP-M is required, while AMD has no current support. Binary AGESA is currently used for proprietary UEFI firmware on AMD systems, and this model is expected to carry over to any future AMD-related coreboot support.[27]

Developing and debugging coreboot

File:Hacking Coreboot.jpg
Hacking coreboot at Denver 2008 summit.

Developers use a variety of hardware and software debugging tools when working on coreboot. These include in‑circuit emulators, JTAG probes (for example the Sage SmartProbe), and BIOS/firmware emulators. Code may be tested on emulators or downloaded to target hardware rather than being immediately flashed to a BIOS device.[28][29] being an example. Code can be built on, or downloaded to, BIOS emulators rather than flashing the BIOS device.

Payloads

File:Coreboot+seaBIOS+on-x60.JPG
SeaBIOS payload running on a Lenovo ThinkPad X60

coreboot loads a payload after hardware initialization. Payloads may be written with the <templatestyles src="Mono/styles.css" />libpayload helper library or be independent projects. Notable payloads include the following:

  • SeaBIOS provides a "legacy BIOS" interface
  • TianoCore EDK II, the de-facto standard generic UEFI services implementation
  • GRUB 2, most commonly used as an on-disk bootloader, can also be compiled as a coreboot payload
  • A Linux kernel can also be used as payload, typically in the form of LinuxBoot
  • Depthcharge is used by Google for ChromeOS[30]
  • A branch of Das U-Boot was used by Google for ChromiumOS in the past[31]

Script error: No such module "anchor". European Coreboot Conference

One physical meeting is the European Coreboot Conference which was organized in October 2017 and lasted for three days.

Conference history

Event and year Date Host city Venue Resources Themes
ECC2017 26.10. – 29.10 Bochum, Germany RUB Convention Center https://ecc2017.com

Script error: No such module "anchor".Variants

coreboot has a number of variants from its original code base each with slightly different objectives:.

  • Libreboot - A variant with a primary focus to remove some[32] binary blobs.
  • osboot - A variant similar to Libreboot that scrapped its only some blobs policy to increase hardware support and stability.[33] Merged with libreboot as of November 2022.[34]
  • MrChromebox has developed a modified version of coreboot for ChromeOS based devices.[35]
  • GNU Boot - A variant with a primary focus to remove all binary blobs.[36]
  • Canoeboot[37]
  • Dasharo - A distribution based on coreboot developed by 3mdeb, intended to simplify manufacturers shipping coreboot on products.[38] They aim to make it easy for manufacturers to ship products with coreboot.[39][40]
  • Skulls - A variant aimed at ease of installation.[41]
  • Heads - A variant aimed at physical security and usage of free software, recommended for use with QubesOS.[42][43]Script error: No such module "Unsubst".
  • oreboot - a fork rewritten in Rust[44]

See also

Script error: No such module "Portal".

References

<templatestyles src="Reflist/styles.css" />

  1. Script error: No such module "citation/CS1".
  2. Script error: No such module "citation/CS1".'
  3. Script error: No such module "citation/CS1".
  4. Script error: No such module "citation/CS1".
  5. Script error: No such module "citation/CS1".
  6. Script error: No such module "citation/CS1".
  7. Script error: No such module "citation/CS1".
  8. Script error: No such module "citation/CS1".
  9. Script error: No such module "citation/CS1".
  10. Script error: No such module "citation/CS1".
  11. Script error: No such module "citation/CS1".
  12. Script error: No such module "citation/CS1".
  13. Script error: No such module "citation/CS1".
  14. Script error: No such module "citation/CS1".
  15. Script error: No such module "citation/CS1".
  16. Script error: No such module "citation/CS1".
  17. Script error: No such module "citation/CS1".
  18. Starbook mk v review - fossbytes
  19. SeaBIOS (previously known as LegacyBIOS) is an open-source legacy BIOS implementation
  20. Script error: No such module "citation/CS1".
  21. Script error: No such module "citation/CS1". - adding PC BIOS Services to coreboot via Bochs BIOS
  22. Script error: No such module "citation/CS1". pronouncing that same advantage for UEFI
  23. Script error: No such module "citation/CS1". adding that support
  24. Script error: No such module "citation/CS1".
  25. Script error: No such module "citation/CS1".
  26. Script error: No such module "citation/CS1".
  27. Script error: No such module "citation/CS1".
  28. Script error: No such module "citation/CS1".
  29. Script error: No such module "citation/CS1".
  30. Script error: No such module "citation/CS1".
  31. Script error: No such module "citation/CS1".
  32. Script error: No such module "citation/CS1".
  33. Script error: No such module "citation/CS1".
  34. Script error: No such module "citation/CS1".
  35. Script error: No such module "citation/CS1".
  36. Script error: No such module "citation/CS1".
  37. Script error: No such module "citation/CS1".
  38. Script error: No such module "citation/CS1".
  39. Script error: No such module "citation/CS1".
  40. Script error: No such module "citation/CS1".
  41. Script error: No such module "citation/CS1".
  42. Script error: No such module "citation/CS1".
  43. Script error: No such module "citation/CS1".
  44. Script error: No such module "citation/CS1".

Script error: No such module "Check for unknown parameters".

Further reading

External links

  • Template:Commonscatinline
  • Script error: No such module "Official website".Script error: No such module "Check for unknown parameters".

Template:Firmware and booting

Retrieved from "http://debianws.lexgopc.com/wiki143/index.php?title=Coreboot&oldid=6176952"