Re: [Libreboot-dev] C201 Chromebook (veyron_speedy) port and Chromium OS

libreboot-dev

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Libreboot-dev] C201 Chromebook (veyron_speedy) port and Chromium OS

From:	Paul Kocialkowski
Subject:	Re: [Libreboot-dev] C201 Chromebook (veyron_speedy) port and Chromium OS security model
Date:	Sat, 10 Oct 2015 23:57:49 +0200

Since I've been asked countless times for a status update on the
Chromebook C201 port to Libreboot, here is a summary of what is going
on and what is planned for the future.

First off, the code to rebuild coreboot, depthcharge and vboot in
libreboot is ready. This includes the scripts to download, patch, build
and prepare each of those, in the right order. The process produces a
RO image of coreboot that can be flashed to the first MiB of the SPI
flash (the image won't try to jump to any of the coreboot stages that
are stored on the RW part of the SPI flash, thus, it is completely
standalone). This comes with an image containing a string of the
libreboot version (to be stored on a dedicated fmap partition on the
SPI flash). Most importantly, a script to ease the replacement of those
images in a full SPI flash image is provided, along with a description
of the partitions .

While the code is ready, installation instructions are still at a draft
stage. Even though they have already been tested successfully on a
brand new device, some parts still need some more attention.
Suggestions about it are welcome (replying to this thread is just fine
for this purpose).

The libreboot repo[0] with those changes is available at my personal
git repository. Expect it to be rebased from time to time!

When installation instructions are done, it will be time to merge those
changes with the main libreboot repository, start building release
images for the C201 (codename veyron_speedy) and update the
documentation on the libreboot website!

However, there is still a lot more left to accomplish after that
milestone. The current state of the code only replaces part of the SPI
flash. In the long run, it would be nice to rebuild and replace each
and every part of software that lives on the SPI flash. As described in
an earlier email to the list, there are many things in there, thus a
lot of work ahead.

The first challenge will be to replace the RW stages of coreboot. Those
are signed with a private key and their signatures are checked before
being executed. If we want to release full images that can be installed
as-is (or nearly), those will have to be signed with some keys. Those
can either be test keys that are publicly available, which voids the
whole security model, or keys that are kept secret by the libreboot
project, which implies that users trust the project and have a way to
verify that images signed that way do in fact originate from libreboot.
Of course, we want to encourage users to generate and use their own
keys instead, which offers the best security guarantees (provided they
keep the private keys, well, private)! Writing up documentation for
this will also be greatly needed.

Another important step will be to rebuild and release the embedded
controller firmware. It is not strictly related to libreboot, since it
lives outside of the main processor. Still, it's good to have it
integrated with the libreboot build process since it is all free
software as well. This will also make it easier to modify and rebuild
it, as early investigation shows that it is not trivial to rebuild at
all. The embedded controller firmware and its hash are also stored on
the SPI flash, so we need to release them too in order to release a
full flash image. This is part of a process called EC software sync,
that updates the RW firmware part of the EC internal memory with the
firmware stored on the SPI flash when the hashes of the two firmwares
mismatch. The EC also has a RO firmware that should be considered fail
-safe. Of course, libreboot will also release a rebuilt free firmware
for the RO EC firmware.

With all that achieved, it'll only be a few bits and pieces to include
to produce a full image that can replace the whole SPI flash chip!

Stay tuned for more information on the port!


-- 
Paul Kocialkowski, Replicant developer

Replicant is a fully free Android distribution running on several
devices, a free software mobile operating system putting the emphasis
on freedom and privacy/security.

Website: https://www.replicant.us/
Blog: https://blog.replicant.us/
Wiki/tracker/forums: https://redmine.replicant.us/

signature.asc
Description: This is a digitally signed message part

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [Libreboot-dev] C201 Chromebook (veyron_speedy) port and Chromium OS security model, Paul Kocialkowski, 2015/10/10
- Re: [Libreboot-dev] C201 Chromebook (veyron_speedy) port and Chromium OS security model, Gammel Holte, 2015/10/15
  - Re: [Libreboot-dev] C201 Chromebook (veyron_speedy) port and Chromium OS security model, Paul Kocialkowski, 2015/10/31
- Re: [Libreboot-dev] C201 Chromebook (veyron_speedy) port and Chromium OS security model, Paul Kocialkowski <=

Prev by Date: Re: [Libreboot-dev] C201 Chromebook (veyron_speedy) port and Chromium OS security model
Next by Date: Re: [Libreboot-dev] Need some info
Previous by thread: Re: [Libreboot-dev] C201 Chromebook (veyron_speedy) port and Chromium OS security model
Next by thread: [Libreboot-dev] [PATCH] coreboot-libre: Crypto constants in vboot are not proprietary blobs
Index(es):
- Date
- Thread