diff options
Diffstat (limited to 'coreboot-talk.tex')
-rw-r--r-- | coreboot-talk.tex | 334 |
1 files changed, 280 insertions, 54 deletions
diff --git a/coreboot-talk.tex b/coreboot-talk.tex index 31bd900..353f418 100644 --- a/coreboot-talk.tex +++ b/coreboot-talk.tex @@ -9,9 +9,9 @@ \usepackage{verbatim} \title{coreboot - the free firmware} -\author[Iru Cai]{Iru Cai \texttt{<mytbk920423@gmail.com>}} -\institute[LCPU]{Linux Club of Peking University} -\date{April 9th, 2016} +\author[vimacs]{vimacs \texttt{<https://vimacs.lcpu.club>}} +\institute[BLUG]{Beijing GNU/Linux User Group} +\date{June 13th, 2017} \begin{document} \begin{frame} @@ -29,7 +29,23 @@ \end{frame} \part{1} -\section{History} + +\section{What is coreboot?} + +\frame{\tableofcontents[currentsection]} + +\begin{frame}[fragile]{What is coreboot?} + coreboot is an extended firmware platform that delivers a lightning + fast and secure boot experience on modern computers and embedded + systems. As an Open Source project it provides auditability and + maximum control over technology. + + \emph{The word 'coreboot' should always be written in lowercase, + even at the start of a sentence. } +\end{frame} + +\subsection{History} + \begin{frame}{History: from LinuxBIOS to coreboot} coreboot has a very long history, stretching back more than 15 years to when it was known as LinuxBIOS. While the project has gone @@ -133,13 +149,33 @@ \end{itemize} \end{frame} -\section{Why use coreboot} +\begin{frame}{About libreboot} + Some firmware components are non-free: + \begin{itemize} + \item Intel ME firmware/AMD PSP + \item Intel FSP/closed source AGESA + \item Option ROMs (including VGA BIOS) + \item CPU microcode + \item EC firmware + \end{itemize} + + Libreboot is a coreboot distribution that removes proprietary + components, including Intel ME, FSP, VGA BIOS, etc. On some laptops, + the EC firmware is also free(Chromium EC in Chromebooks). +\end{frame} + +\subsection{Why use coreboot} \begin{frame}[fragile]{Why use coreboot} + + You can see the advantages of coreboot at: + \url{https://www.coreboot.org/users.html} + \begin{itemize} - \item coreboot is free software: + \item coreboot is free software (see \href{https://www.fsf.org/campaigns/priority-projects/priority-projects/highpriorityprojects#Coreboot}{FSF - Free BIOS Campaign} + Free BIOS Campaign}) \item fast boot times + \item it's flexible \end{itemize} \end{frame} @@ -149,31 +185,22 @@ \end{itemize} \end{frame} -\begin{frame}{1802 Error} - \begin{figure}[htbp] - \centering - \includegraphics[scale=0.12]{images/Network_card_bios.jpg} - \end{figure} -\end{frame} +\section{How coreboot works} -\begin{frame}{removing efivars bricks your mainboard} - Ron Minnich, ML discussion, March 14, 2014: In other words, you can - design a special case that makes doing a good design of the general - case almost impossible. That's been done too; see UEFI. +\frame{\tableofcontents[currentsection]} - \begin{figure}[htbp] - \centering - \includegraphics[scale=0.25]{images/efivars.png} - \end{figure} -\end{frame} - -\section{How coreboot works} \begin{frame}{How coreboot works} %On Intel x86 architecture, the first instruction is at 0xFFFFFFF0. %src/cpu/x86/16bit/reset16.inc %_start16bit(entry16.inc): enter protected mode %__protected_start(entry32.inc) -%src/arch/x86/bootblock_romcc.S + %src/arch/x86/bootblock_romcc.S + + We'll take lenovo/x230 as example to see how a machine boots with + coreboot. + + We can build coreboot with ``\texttt{make V=1 > build.log}`` to see which + files are used to build coreboot for this mainboard. \end{frame} \begin{frame}{coreboot stages} @@ -188,6 +215,47 @@ \end{itemize} \end{frame} +\begin{frame}{bootblock} + When the machine starts, PC poionts at reset vector (f000:fff0), the + CPU runs the bootblock code. + + The bootblock code is in src/arch/x86/bootblock\_romcc.S, which + includes: + \begin{itemize} + \item src/cpu/x86/16bit/reset16.inc: the code at reset vector + \item src/cpu/x86/16bit/entry16.inc: the 16-bit code that sets CPU to protected mode + \item src/cpu/x86/32bit/entry32.inc: sets segment registers + \item generated/bootblock.inc: generated from src/arch/x86/bootblock\_simple.c with ROMCC + \end{itemize} + + bootblock\_simple.c then runs romstage. +\end{frame} + +\begin{frame}{romstage} + romstage starts at src/arch/x86/assembly\_entry.S, which includes: + \begin{itemize} + \item src/cpu/x86/32bit/entry32.inc: loads GDT and sets segment registers + \item generated/assembly.inc: generated from + src/cpu/intel/model\_206ax/cache\_as\_ram.inc, which sets up CAR + and runs the init code in romstage by calling ramstage\_main(), + then runs ramstage by calling romstage\_after\_car() which calls + run\_ramstage(). + \end{itemize} + + ramstage\_main() is in src/cpu/intel/car/romstage.c, it calls + mainboard\_romstage\_entry() in + src/northbridge/intel/sandybridge/romstage.c, which does the DRAM + initialization. +\end{frame} + +\begin{frame}{ramstage} + ramstage starts at src/arch/x86/c\_start.S, it calls the ``main`` + function in src/lib/hardwaremain.c. + + There are 12 boot states defined in source code. Functions for each + state are run in ramstage. At last payload is loaded and run. +\end{frame} + \begin{frame}{Payloads} There are many coreboot payloads: \begin{itemize} @@ -217,30 +285,37 @@ libreboot. See \href{https://lists.nongnu.org/archive/html/libreboot/2016-04/msg00010.html}{libreboot mailing list}. - \item Windows: boots via SeaBIOS with VGA option ROM. Windows 8 - should be able to boot with Tianocore without VGA BIOS. + \item Windows: boots via SeaBIOS and Tianocore \end{itemize} \end{frame} \section{Building and using coreboot} -\begin{frame}[fragile]{Building coreboot} - \begin{itemize} - \item First, you need a toolchain for building: \verb|make crossgcc| or - \verb|make crossgcc-<arch>| - \item Generate a configuration with \verb|make nconfig| - \item make it - \end{itemize} -\end{frame} -\begin{frame}[fragile]{Running coreboot on QEMU} - For beginners, I recommend using QEMU to test coreboot. First build - a coreboot ROM for QEMU, then run: - \verb|qemu-system-i386 -bios build/coreboot.rom| +\frame{\tableofcontents[currentsection]} +\subsection{Building} + +\begin{frame}[fragile]{Building coreboot and run on QEMU} + + \url{https://www.coreboot.org/Lesson1} is a good place to start. + + \begin{block}{Build a cross toolchain for building coreboot} + make crossgcc or \verb|make crossgcc-<arch>| + \end{block} + + \begin{block}{Generate a configuration} + make nconfig + \end{block} + + At last do a ``make`` to build it, the built firmware is at + build/coreboot.rom. + + \begin{block}{Run coreboot on QEMU} + qemu-system-i386 -bios build/coreboot.rom + \end{block} \end{frame} -\section{Flashing} -% \subsection{Hardware flashing} +\subsection{Flashing} \begin{frame}{Hardware flashing} To use coreboot on real machines, we need to know how to flash externally with a hardware flash programmer. @@ -284,7 +359,6 @@ \end{frame} -% \subsection{Internal flashing with flashrom} \begin{frame}[fragile]{Internal flashing with flashrom} Many boards can be flashed internally with coreboot flashed. @@ -302,6 +376,9 @@ flashrom -p <prog> --layout layout.txt \ \end{frame} \section{Utilities and Debugging} + +\frame{\tableofcontents[currentsection]} + \begin{frame}{Utilities and Debugging} To work with coreboot, we have many tools to use: \begin{itemize} @@ -324,7 +401,33 @@ flashrom -p <prog> --layout layout.txt \ it. \end{frame} -\section{Contribute to coreboot} +\section{Join the community} + +\frame{\tableofcontents[currentsection]} + +\begin{frame}{The coreboot community} + You can visit ``Community and infrastructure`` section of + \url{https://www.coreboot.org/developers.html} to get an overview of + coreboot community. + + Some advice: + \begin{itemize} + \item Learn to use mailing list and IRC. + \item \href{http://catb.org/~esr/faqs/smart-questions.html}{Ask + Questions The Smart Way} + \end{itemize} +\end{frame} + +\begin{frame}{Community resources} + \begin{itemize} + \item Homepage: \url{https://www.coreboot.org} + \item Mailing list: coreboot@coreboot.org + \item IRC: \#coreboot at irc.freenode.net + \item Mattermost (bridged to IRC): \url{https://chat.coreboot.org} + \item twitter: @coreboot\_org + \end{itemize} +\end{frame} + \begin{frame}{Reporting bugs and Writing documents} \begin{itemize} \item To join the community, learn to use mailing list and IRC. @@ -349,20 +452,141 @@ flashrom -p <prog> --layout layout.txt \ I recommend working in a new git branch instead of master. \end{frame} -\section{Proprietary Components} -\begin{frame}{Proprietary (non-free) Components} - Some firmware components are non-free: +\begin{frame}{Google Summer of Code} + + coreboot has been a GSoC mentoring organization for many years. We + can read the project reports at \url{https://blogs.coreboot.org}. + \begin{itemize} - \item Intel ME firmware/AMD PSP - \item Intel FSP/closed source AGESA - \item Option ROMs (including VGA BIOS) - \item CPU microcode - \item EC firmware + \item GSoC 2016 projects: + \begin{itemize} + \item better RISC-V support + \item serialICE + \item flashrom + \end{itemize} + + \item GSoC 2015 projects: + \begin{itemize} + \item H8S Embedded Controller + \item coreboot for AArch64 QEMU + \item end user flash tool + \end{itemize} \end{itemize} +\end{frame} - Libreboot is a coreboot distribution that removes proprietary - components, including Intel ME, FSP, VGA BIOS, etc. On some laptops, - the EC firmware is also free(Chromium EC in Chromebooks). +\begin{frame}{The status of coreboot} + + The current development of coreboot focuses on: + \begin{itemize} + \item improvement on old platforms + \item utilities and payloads + \item Google Chromebooks and related chips + \item new architectures: RISC-V, POWER8, etc. + \end{itemize} + +\end{frame} + +\section{How to port coreboot} + +\frame{\tableofcontents[currentsection]} + +\begin{frame}{Chips on a mainboard} + coreboot needs to initialize these chips. + + \begin{itemize} + \item CPU + \item northbridge: RAM init and graphics init + \item southbridge: PCI, USB, SATA, LPC, GPIO + \item \href{https://en.wikipedia.org/wiki/Super_I/O}{super I/O} + \item \href{https://www.coreboot.org/Embedded_controller}{embedded controller} + \end{itemize} +\end{frame} + +\begin{frame}[fragile]{Code for a mainboard} + You can see what is needed for a mainboard in the directory for this + mainboard. + + \begin{itemize} + \item Kconfig: specifies what chips and drivers are used + \item romstage.c: romstage code, including early southbridge init + and reading DRAM SPD data + \item devicetree.cb, mainboard.c: mainboard specific data + \item gpio.c: GPIO config + \item acpi/, dsdt.asl, acpi\_tables.c, smihandler.c: ACPI and SMM + code, some of the code is EC related + \item cmos.layout, cmos.default + \end{itemize} +\end{frame} + +\begin{frame}{Using autoport} + autoport is a tool to generate coreboot code for Sandy/Ivy Bridge + boards. + + It uses inteltool to read the northbridge and southbridge registers. + + Manual fixes (see util/autoport/readme.md): + \begin{itemize} + \item where to read SPD data + \item what is the EHCI debug port + \item flash chip size + \item EC and super I/O support! + \end{itemize} +\end{frame} + +\subsection{Example} + +\begin{frame}{Example} + I made coreboot boot on HP Elitebook 2760p + (\url{https://review.coreboot.org/c/18241/}) half a year ago. + \begin{itemize} + \item The flash chip is \textbf{socketed}, and is very easy to swap! + \item Sandy Bridge platform, so use autoport + \end{itemize} + + First, we need to make it boot, but not so easy: + \begin{itemize} + \item It needs two blobs, otherwise the EC will not function! + \item see util/kbc1126/README.md + \end{itemize} +\end{frame} + +\begin{frame}{Fixes (keyboard)} + After adding the blobs, the laptop boots! + + Keyboard doesn't work. + \begin{itemize} + \item KBC not initialized + \item It uses SMSC KBC1126 which provides EC, super I/O, and KBC + \item I found an SMSC KBC1122 datasheet + \item Also I found src/superio/smsc/kbc1100/, so the keyboard works + finally + \end{itemize} + + How to use existing drivers: + \begin{itemize} + \item Add it to Kconfig + \item Check other boards that use this driver and learn from it + \end{itemize} +\end{frame} + +\begin{frame}{Fixes (fan control)} + The laptop fan always runs on full speed, that's because EC is not + initialized properly. + + Reverse engineering it! + \begin{itemize} + \item Use UEFITool to extract the UEFI driver + \item Check UEFI specification and related documents (e.g. EFI CPU + I/O Protocol Specification) to identify the UEFI protocols + \end{itemize} +\end{frame} + +\begin{frame}{A lot of things to be done...} + \begin{itemize} + \item ACPI support + \item GRUB payload doesn't work + \item ... + \end{itemize} \end{frame} \section{References} @@ -374,6 +598,7 @@ flashrom -p <prog> --layout layout.txt \ \end{itemize} \end{frame} +\begin{comment} \part{2} \section{[OT] Choosing hardware friendly to free software} \begin{frame}{Hardware choosing(Machines)} @@ -418,5 +643,6 @@ flashrom -p <prog> --layout layout.txt \ \end{itemize} \end{block} \end{frame} +\end{comment} \end{document} |