<html>
<head>
<meta http-equiv="Content-Type" content="text/html;
charset=windows-1252">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<p>Hey Raymond,</p>
<p><br>
</p>
<p>you can now start to ship coreboot with LinuxBoot easily
<a class="moz-txt-link-freetext" href="https://review.coreboot.org/#/c/coreboot/+/23071/">https://review.coreboot.org/#/c/coreboot/+/23071/</a>.</p>
<p>Which gives you a whole Linux environment instead of TFTP. See
<a class="moz-txt-link-abbreviated" href="http://www.linuxboot.org">www.linuxboot.org</a> for more details.<br>
</p>
<p><br>
</p>
<p>Regarding my work, I have implemented measured boot support into
coreboot. You can already use Google's verified boot without</p>
<p>pulling changes from coreboot gerrit review. If you want to have
a deeper look into VBoot2, checkout:</p>
<p><br>
</p>
<p><a class="moz-txt-link-freetext" href="https://www.youtube.com/watch?v=4EvTcfcYfMY">https://www.youtube.com/watch?v=4EvTcfcYfMY</a></p>
<p><br>
</p>
<p>We covered this aspect since 2010 ;)</p>
<p>Also if you have questions or problems you can talk to us via
IRC, my IRC handle is zaolin.</p>
<p><br>
</p>
<p><br>
</p>
<p>Happy Hacking, Philipp<br>
</p>
<br>
<div class="moz-cite-prefix">On 12.04.2018 03:54, Raymond Yeung
wrote:<br>
</div>
<blockquote type="cite"
cite="mid:MWHPR19MB1183023AE9438FFA4EA48D7FC5BC0@das-labor.org">
<meta http-equiv="Content-Type" content="text/html;
charset=windows-1252">
<style type="text/css" style="display:none;"><!-- P {margin-top:0;margin-bottom:0;} --></style>
<div id="divtagdefaultwrapper"
style="font-size:12pt;color:#000000;font-family:Calibri,Helvetica,sans-serif;"
dir="ltr">
<p style="margin-top:0;margin-bottom:0">Thanks David for the
detailed response.</p>
<p style="margin-top:0;margin-bottom:0"><br>
</p>
<p style="margin-top:0;margin-bottom:0">My main motivation to go
down Coreboot/UBOOT route is to attempt to simplify the
remaining boot-up to Linux. Instead of using PXE-BOOT, we
could use tftp only. Am I correct to say that?</p>
<p style="margin-top:0;margin-bottom:0"><br>
</p>
<p style="margin-top:0;margin-bottom:0">If we're to use whatever
that is available today, instead of waiting for <span
style="font-size: 12pt;">Philipp's work to complete, d</span><span
style="font-size: 12pt;">oes coreboot/UBOOT provide secure
boot support? I'd tend to think so, but want to confirm.
UEFI seems to already have this aspect covered.</span></p>
<p style="margin-top:0;margin-bottom:0"><br>
</p>
<p style="margin-top:0;margin-bottom:0">Raymond</p>
<br>
<br>
<div style="color: rgb(0, 0, 0);">
<hr style="display:inline-block;width:98%" tabindex="-1">
<div id="divRplyFwdMsg" dir="ltr"><font style="font-size:11pt"
color="#000000" face="Calibri, sans-serif"><b>From:</b>
David Hendricks <a class="moz-txt-link-rfc2396E" href="mailto:david.hendricks@gmail.com"><david.hendricks@gmail.com></a><br>
<b>Sent:</b> Wednesday, April 11, 2018 6:03 PM<br>
<b>To:</b> Raymond Yeung<br>
<b>Cc:</b> <a class="moz-txt-link-abbreviated" href="mailto:coreboot@coreboot.org">coreboot@coreboot.org</a><br>
<b>Subject:</b> Re: [coreboot] BIOS/CoreBoot/UBOOT</font>
<div> </div>
</div>
<div>
<div dir="ltr"><br>
<div class="x_gmail_extra"><br>
<div class="x_gmail_quote">On Wed, Apr 11, 2018 at 3:39
PM, Raymond Yeung <span dir="ltr">
<<a href="mailto:rksyeung@hotmail.com"
target="_blank" id="LPlnk177131"
previewremoved="true" moz-do-not-send="true">rksyeung@hotmail.com</a>></span>
wrote:<br>
<blockquote class="x_gmail_quote" style="margin:0px
0px 0px 0.8ex; border-left:1px solid
rgb(204,204,204); padding-left:1ex">
<div dir="ltr">
<div
id="x_gmail-m_8340378164860995310divtagdefaultwrapper"
dir="ltr" style="font-size:12pt;
color:rgb(0,0,0);
font-family:Calibri,Helvetica,sans-serif">
<p style="margin-top:0px; margin-bottom:0px">I
currently have a board that uses Intel Xeon D
(previously codenamed Broadwell DE). It
boots up with BIOS/UEFI. I 'm exploring
other oot-up options here.</p>
<p style="margin-top:0px; margin-bottom:0px"><br>
</p>
<p style="margin-top:0px; margin-bottom:0px">I'm
not familiar with this early stage of system
initialization. It seems BIOS/UEFI to Linux
needs to use PXE, with the need to configure
DHCP (and possibly Proxy DHCP), TFTP
server PXELINUX, Linux initial RAM disk
(initrd) configuration file, and then Linux.
Previously, I'd been using Coreboot/UBOOT
environment (as a user, not developer).
Prerequisite seemed much simpler.</p>
<p style="margin-top:0px; margin-bottom:0px"><br>
</p>
<p style="margin-top:0px; margin-bottom:0px">A
few questions -</p>
<p style="margin-top:0px; margin-bottom:0px"><br>
</p>
<ol style="margin-bottom:0px; margin-top:0px">
<li>Is there even a coreboot support for this
CPU already available and stable that I
could download and reflash? Or are we
talking about some serious re-development?</li>
</ol>
</div>
</div>
</blockquote>
<div><br>
</div>
<div>Yes -
See src/mainboard/intel/camelbackmountain_fsp/ for
the reference platform.</div>
<div><br>
</div>
<div>You'll need the Intel FSP blob from <a
href="https://github.com/IntelFsp/FSP/tree/Broadwell-DE"
id="LPlnk518762" previewremoved="true"
moz-do-not-send="true">
https://github.com/IntelFsp/FSP/tree/Broadwell-DE</a>.
You'll also need microcode which you can download
from
<a href="http://developer.intel.com"
id="LPlnk107113" previewremoved="true"
moz-do-not-send="true">developer.intel.com</a>.</div>
<div> <br>
</div>
<blockquote class="x_gmail_quote" style="margin:0px
0px 0px 0.8ex; border-left:1px solid
rgb(204,204,204); padding-left:1ex">
<div dir="ltr">
<div
id="x_gmail-m_8340378164860995310divtagdefaultwrapper"
dir="ltr" style="font-size:12pt;
color:rgb(0,0,0);
font-family:Calibri,Helvetica,sans-serif">
<ol style="margin-bottom:0px; margin-top:0px">
<li>Is it possible to go from BIOS/UEFI to
UBOOT (on-board)? How?</li>
</ol>
</div>
</div>
</blockquote>
<div><br>
</div>
<div>I haven't tried uboot as a payload, but yes, it
is possible. There are other options available to
consider depending on your use case.</div>
<div> </div>
<blockquote class="x_gmail_quote" style="margin:0px
0px 0px 0.8ex; border-left:1px solid
rgb(204,204,204); padding-left:1ex">
<div dir="ltr">
<div
id="x_gmail-m_8340378164860995310divtagdefaultwrapper"
dir="ltr" style="font-size:12pt;
color:rgb(0,0,0);
font-family:Calibri,Helvetica,sans-serif">
<ol style="margin-bottom:0px; margin-top:0px">
<li>Support for Secure Boot - would one
approach be simpler than another?</li>
</ol>
</div>
</div>
</blockquote>
<div><br>
</div>
<div>It depends on what you want/need. Philipp
Deppenwiese is working on "vboot" (Google's verified
boot implementation) integration with upstream: <a
href="https://review.coreboot.org/#/c/coreboot/+/24993/"
id="LPlnk109492" previewremoved="true"
moz-do-not-send="true">https://review.coreboot.org/#/c/coreboot/+/24993/</a></div>
<div><br>
</div>
<div>More about that approach here: <a
href="https://www.chromium.org/chromium-os/chromiumos-design-docs/verified-boot"
id="LPlnk977153" previewremoved="true"
moz-do-not-send="true">https://www.chromium.org/chromium-os/chromiumos-design-docs/verified-boot</a></div>
<div> <br>
</div>
<blockquote class="x_gmail_quote" style="margin:0px
0px 0px 0.8ex; border-left:1px solid
rgb(204,204,204); padding-left:1ex">
<div dir="ltr">
<div
id="x_gmail-m_8340378164860995310divtagdefaultwrapper"
dir="ltr" style="font-size:12pt;
color:rgb(0,0,0);
font-family:Calibri,Helvetica,sans-serif">
<ol style="margin-bottom:0px; margin-top:0px">
<li>Am I even on the right track thinking this
way?</li>
</ol>
</div>
</div>
</blockquote>
<div><br>
</div>
<div>You seem to be off to a good start :-)</div>
</div>
</div>
</div>
</div>
</div>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
</blockquote>
<br>
</body>
</html>