-----BEGIN PGP SIGNED MESSAGE-----
Hi @ all,
is there a Coroboot for the Lenovo T410 Laptop?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
-----END PGP SIGNATURE-----
A Hardware Enablement devroom will be taking place at FOSDEM this year,
on Sunday 10 December 2017. This newly-created devroom is the result of
3 proposals that were merged together. It is co-organized by several
The devroom covers all aspects related to hardware enablement and
support with free software, including aspects related to boot software,
firmwares, drivers and userspace tools and adaptation.
Proposals for talks related to these topics are welcome and can be
submitted until Sunday 26 November 2017 via the pentabarf interface.
Short talks are encouraged over longer ones in order to cover a wide
range of topics.
The announcement for the devroom, that contains all the useful
information, was published at:
Cheers and see you at FOSDEM!
Paul Kocialkowski, developer of free digital technology and hardware
Coding blog: https://code.paulk.fr/
Git repositories: https://git.paulk.fr/https://git.code.paulk.fr/
i'm curios whether Goryachy's JTAG hack is a chance for
getting rid of all proprietary ME/UEFI firmware.
If i'm correct, the ME firmware (or parts of it) is signed, and
the CPU won't run (or switches off) if signatures don't match.
Can the JTAG channel be used to get around that ?
Enrico Weigelt, metux IT consult
Free software and Linux embedded engineering
info(a)metux.net -- +49-151-27565287
On 30.11.2017 07:40, Zoran Stojsavljevic wrote:
> You can fully use UEFI BIOS without any signatures. With so-called slim
> TXE engine.
Can we completely replace UEFI w/o any signatures ?
And what about ME ? I've read that the cpu itself verifies the
signature of ME firmware, so we cant completely replace it.
If it would be possible to read out the privkey or burn in another
one, that blockade would be fallen.
Enrico Weigelt, metux IT consult
Free software and Linux embedded engineering
info(a)metux.net -- +49-151-27565287
This is kind of off topic but I don't know of any other ML with such a
level of hardware knowledge.
I am looking for dual port gigabit and 10 gigabit PCI-e NIC's that
aren't made by intel but don't require silly binary drivers or what not
(ie: the closest thing to free) What would be my best option?
I know raptor/tim uses broadcom netxtreme's on the TALOS 2, has anyone
gotten a pci-e card version of these? and if so do they work well? (ie:
high performance, low interrupts, at least 100MB/s)
I don't want to support futher intel anti-feature development and I am
tired of ending up stuck with counterfeit intel NIC's which have even
made it in to the non-grey market supply chain.
I have enabled CSM in the vendor BIOS and booted a "combined" (UEFI+MBR)
live Linux in MBR mode which actually helped to get the PIRQ table. So far
so good. :)
Seems like this board has 9 IRQ slots and a somewhat different PIRQ table
compared to the one your board has.
Thanks a lot for your assistance, I'm going to try building Coreboot with
verbose debugging enabled and flash it to see how well it performs.
Hopefully the on-board serial port will work with the current SIO code.
Looks like the internals of the serial interface are quite similar
(identical?) for all ITE chips so maybe I can make it work without the
On 29 November 2017 at 16:05, Sergej Ivanov <getinaks(a)gmail.com> wrote:
> Try to boot linux in legacy mode(enable CSM and set all boot options to
> legacy mode), and run getpir, i've made my table this way. I also recommend
> to enable AGESA debug output to serial port, it can help you with ddr
> training problems.
> 29 нояб. 2017 г. 12:40 пользователь "Gergely Kiss" <mail.gery(a)gmail.com>
> Hi Sergej,
>> thanks a lot for your feedback, it's much appreciated.
>> As far as I can tell, my board only has 8 IRQ slots while the one you
>> ported has 10. I believe this is (partially) due to the number of PCI-e
>> slots does not match (the Biostar board has one extra PCI-e x16 slot) so
>> there definitely is a difference regardless of sharing the same chipset.
>> Can you please share some information on how you fetched the PIRQ table
>> from the vendor firmware? I have tried the (now deprecated) getpir utility
>> but it could not find a PIRQ table neither in the vendor firmware nor in
>> the memory.
>> Is there some other tool I could use?
>> On 28 November 2017 at 19:59, Sergej Ivanov <getinaks(a)gmail.com> wrote:
>>> Almost everyone socket AM1 boards have same PIRQ tables. While porting
>>> Biostar AM1ML i've dumped this table from vendor UEFI (using old method,
>>> that was depricated long time ago). BTW don't forget to remove additional
>>> SIO config code from romstage.
>>> 28 нояб. 2017 г. 19:16 пользователь "Gergely Kiss" <mail.gery(a)gmail.com>
>>>> Hi All,
>>>> my name is Gergely Kiss and I'm currently working on porting Coreboot
>>>> to the ASUS AM1I-A board.
>>>> I'm a great fan of open source software, I've contributed a few times
>>>> to some well-known projects like Squid, Monodevelop and Openwrt, just to
>>>> name a few.
>>>> I would need a little bit of help from the devs about how to create the
>>>> PCI IRQ routing table for my board (the easiest way possible).
>>>> I'm using the Biostar AM1ML board as a template as it looks to be a
>>>> very similar board as the one I have. The only differences I can see is the
>>>> SuperIO (ITE 8623E) & the audio chip (Realtek ALC887-VD) and also some
>>>> minor things with the board layout so I'm not expecting to have too much
>>>> Looking at the file https://review.coreboot.org/cg
>>>> it/coreboot.git/tree/src/mainboard/biostar/am1ml/irq_tables.c, the
>>>> following questions came to my mind:
>>>> * Do I really have to follow the "long way" as outlined in the Wiki
>>>> page at https://www.coreboot.org/Creating_Valid_IRQ_Tables? Couldn't I
>>>> just fetch the routing table from the OEM BIOS somehow and implement it in
>>>> the source?
>>>> * What's the meaning of the fields "link" & "bitmap"? Are these common
>>>> for all boards with the same chipset? Where should I look up this
>>>> * I believe I have to create as many entries within the struct as many
>>>> IRQ slots exist for the board. Am I right?
>>>> I found a table in the board's manual (attached) which looks useful but
>>>> I'm afraid it might not contain all the information I need to construct a
>>>> valid routing table.
>>>> As for the SuperIO chip, I think I won't have too much issues getting
>>>> it to work as it looks like ITE SIO chips are quite similar from the
>>>> developer's perspective but I still miss having a datasheet available. I'll
>>>> try to reach out to the vendor to see if they are willing to share a
>>>> datasheet with me.
>>>> Any help from you guys is much appreciated.
>>>> Thanks & Regards,
>>>> coreboot mailing list: coreboot(a)coreboot.org
On Wed, November 29, 2017 16:35, Ivan Ivanov wrote:
> Hi awokd,
Hi and thanks for your reply!
> are you sure that your HVM is correctly installed / has a
> correct config ?
> Because: you may have heard about Qubes OS - excellent OS which is based
> on Xen,
> has the same and even stronger security than Xen in some cases, and it
> is working perfectly
> at Lenovo G505S laptop with coreboot installed
Qubes 4.0 is actually my end target usage scenario, however it defaults to
using HVMs (vs. 3.2 which defaulted to PV) so I was unable to run it at
all until I managed to switch everything to PV. I ruled the freezes out as
a Qubes issue by performing a fresh install of Fedora 26, and installing
Xen 4.8.2 from repository on it. Creating and starting PVs worked but I
was able to recreate the lock up by creating a HVM on Xen and trying to
> Please go to Qubes HCL hardware compatibility list page -
> https://www.qubes-os.org/hcl/ ,
> and look at G505S report for Qubes R3.2 version - both HVM and IOMMU
> and even SLAT :
> all these hardware virtualization functions are working perfectly.
Mine reports they are enabled as well, it's just when I attempt to use an
HVM I'm experiencing the freeze! Thus my plea for help to the list to see
if anyone has actually tried to use an HVM on this Corebooted hardware.
> also please read this message:
> it contains a link to a forum post with attachments, not just .config
> but also the coreboot G505S binaries
> which have been tested with Qubes OS
> (yes they have been done almost 1 year ago, outdated, but they contain
> some nice extra stuff)
I did see that post, thank you. It was one of the ones that convinced me
to buy this particular laptop for Qubes usage. I followed the guide in the
forum link to build Coreboot. I've tried it with and without Yabel and
multiple other settings but they've all resulted in the freeze.
> about 0 bytes cpu_microcode_blob.bin - if you look at the memory map
> of 1 year old coreboot G505S build,
> (provided below), there is no microcode. My guess is that no microcode
> is needed for A10-5750M APU,
> it is Richland architecture which is pretty refined, not even sure if
> the microcode updates exist for this one -
> please tell me if I'm wrong here
Maybe there isn't one at all. The processor isn't that old but it's
already hard to find vendor documentation on it.
If I can't find anyone who can verify success with HVMs, my next step will
be to try KVM and ESXi on it to see if I can recreate the issue. Last
resort is to flash back the OEM image but I'm hoping to avoid that.
Jay Goldfrapp wrote:
> Chipset Mobile Intel PM965
No. If you can do chipset development there exists a started 965
work-in-progress, which hasn't progressed in a couple of years.
> It has Intel AMT which I would like disabled. I heard that with older AMT
> implementations like this the flash can be slightly modified to disable.
This is not one of those. AFAIK there's no flash for the 965 AMT, but
I'm not completely sure on that. You'll have to study hard-to-find
documentation for the 965 chipset as well as the particular companion
LAN PCI chip on the mainboard.
> So using Coreboot seems a relatively safe way.
Don't ask what coreboot can do for you, ask what you can do for coreboot. ;)
Have been struggling for the past couple months to get Xen hardware
virtualization working on this Corebooted laptop. Paravirtualized VMs
work, but whenever I start a fully virtualized VM (HVM) it hard freezes
the entire system- no keyboard or mouse response. No related output is
showing in any logs, maybe because it's freezing too fast.
I'm not entirely sure if this is a Coreboot or Xen issue so I'm trying to
rule out Coreboot. Would anyone on the list be able to provide a known
good G505s Coreboot .config that is working with fully hardware
virtualized VMs, preferably under Xen 4.8.2 or another recent version? KVM
or ESXi might be OK too; should also let me narrow down the problem
One odd thing found from boot logs is:
[ 6.744165] microcode: CPU0: patch_level=0x00000000
[ 6.744205] microcode: CPU1: patch_level=0x00000000
[ 6.744220] microcode: CPU2: patch_level=0x00000000
[ 6.744227] microcode: CPU3: patch_level=0x00000000
[ 6.744290] microcode: Microcode Update Driver: v2.01
and the cpu_microcode_blob is 0 bytes even though I set the menuconfig
Name Offset Type Size Comp
cbfs master header 0x0 cbfs header 32 none
cpu_microcode_blob.bin 0x80 microcode 0 none
fallback/ramstage 0x100 stage 129898 none
payload_revision 0x1fcc0 raw 239 none
(empty) 0x1fe00 null 152 none
apu/amdfw 0x1fec0 raw 131072 none
fallback/romstage 0x3ff00 stage 320844 none
config 0x8e4c0 raw 528 none
revision 0x8e740 raw 568 none
cmos_layout.bin 0x8e9c0 cmos_layout 1164 none
pci1002,990b.rom 0x8eec0 optionrom 61952 none
fallback/postcar 0x9e140 stage 13268 none
fallback/dsdt.aml 0xa1580 raw 9435 none
img/coreinfo 0xa3ac0 payload 102264 none
img/nvramcui 0xbca80 payload 141596 none
fallback/payload 0xdf400 payload 63860 none
payload_config 0xeedc0 raw 1563 none
img/memtest 0xef440 payload 180268 none
(empty) 0x11b4c0 null 2968024 none
s3nv 0x3efec0 raw 32768 none
(empty) 0x3f7f00 null 31192 none
bootblock 0x3ff900 bootblock 1424 none
Is that normal for an A10-5750M APU? This is the first machine I've
attempted to Coreboot so maybe I'm missing something obvious.