[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Libreboot-dev] C201 Chromebook (veyron_speedy) port and Chromium OS
Re: [Libreboot-dev] C201 Chromebook (veyron_speedy) port and Chromium OS security model
Sat, 10 Oct 2015 23:55:42 +0200
Since I've been asked countless times for a status update on the
Chromebook C201 port to Libreboot, here is a summary of what is going
on and what is planned for the future.
First off, the code to rebuild coreboot, depthcharge and vboot in libreboot is
ready. This includes the scripts to download, patch, build and prepare each of
those, in the right order. The process produces a RO image of coreboot that can
be flashed to the first MiB of the SPI flash (the image won't try to jump to
any of the coreboot stages that are stored on the RW part of the SPI flash,
thus, it is completely standalone). This comes with an image containing a
string of the libreboot version (to be stored on a dedicated fmap partition on
the SPI flash). Most importantly, a script to ease the replacement of those
images in a full SPI flash image is provided, along with a description of the
While the code is ready, installation instructions are still at a draft stage.
Even though they have already been tested successfully on a brand new device,
some parts still need some more attention. Suggestions about it are welcome
(replying to this thread is just fine for this purpose).
The libreboot repo with those changes is available at my personal git
repository. Expect it to be rebased from time to time!
When installation instructions are done, it will be time to merge those changes
with the main libreboot repository, start building release images for the C201
(codename veyron_speedy) and update the documentation on the libreboot website!
However, there is still a lot more left to accomplish after that milestone. The
current state of the code only replaces part of the SPI flash. In the long run,
it would be nice to rebuild and replace each and every part of software that
lives on the SPI flash. As described in an earlier email to the list, there are
many things in there, thus a lot of work ahead.
The first challenge will be to replace the RW stages of coreboot. Those are
signed with a private key and their signatures are checked before being
executed. If we want to release full images that can be installed as-is (or
nearly), those will have to be signed with some keys. Those can either be test
keys that are publicly available, which voids the whole security model, or keys
that are kept secret by the libreboot project, which implies that users trust
the project and have a way to verify that images signed that way do in fact
originate from libreboot. Of course, we want to encourage users to generate and
use their own keys instead, which offers the best security guarantees (provided
they keep the private keys, well, private)! Writing up documentation for this
will also be greatly needed.
Another important step will be to rebuild and release the embedded controller
firmware. It is not strictly related to libreboot, since it lives outside of
the main processor. Still, it's good to have it integrated with the libreboot
build process since it is all free software as well. This will also make it
easier to modify and rebuild it, as early investigation shows that it is not
trivial to rebuild at all. The embedded controller firmware and its hash are
also stored on the SPI flash, so we need to release them too in order to
release a full flash image. This is part of a process called EC software sync,
that updates the RW firmware part of the EC internal memory with the firmware
stored on the SPI flash when the hashes of the two firmwares mismatch. The EC
also has a RO firmware that should be considered fail-safe. Of course,
libreboot will also release a rebuilt free firmware for the RO EC firmware.
With all that achieved, it'll only be a few bits and pieces to include to
produce a full image that can replace the whole SPI flash chip!
Stay tuned for more information on the port!
--Paul Kocialkowski, Replicant developer
Replicant is a fully free Android distribution running on several
devices, a free software mobile operating system putting the emphasis
on freedom and privacy/security.
Description: This is a digitally signed message part
- Re: [Libreboot-dev] C201 Chromebook (veyron_speedy) port and Chromium OS security model,
Paul Kocialkowski <=