Hello,
i'm trying to run GRUB2 in graphic mode as coreboot payload on a
Thinkpad x220, attached are the relevant coreboot/grub config.
When on GRUB2 console i run 'videoinfo' it returns an empty list so i
guess it actually doesn't start in video mode (so it also doesn't set
the background image)
Still i can't figure out what i'm missing.
Here's the relevant grub part
set prefix=(memdisk)/boot/grub
insmod nativedisk
insmod ehci
insmod ohci
insmod uhci
insmod usb
insmod usbms
insmod chain
terminal_input --append at_keyboard
terminal_output --append cbmemc
set menu_color_normal=white/black
set menu_color_highlight=white/cyan
gfxpayload=keep
terminal_output --append gfxterm
set gfxmode=1366x768x32
load_video
insmod gfxterm
set default="0>0"
set timeout=1
set pager=1
insmod jpeg
background_image (cbfsdisk)/bg.jpg
loadfont (memdisk)/dejavusansmono.pf2
keymap usqwerty
On 03/24/2018 09:21 AM, Alberto Bursi wrote:
> I was writing within context of this mail thread.
>
> This mail "thread" is about Coreboot on server systems, and no major
> manufacturer I know of, apart from IBM and the board from Raptor
> Engineering ever used Coreboot on server systems, so yeah, on server
> boards it is nearly always retrofitted by the end user or some third
> party that resells it.
They haven't sold boards with it and I am not entirely sure if it was an
official effort but people from Supermicro and AMD worked on the
coreboot ports for the H8SCM and maybe a couple other devices.
On Sat, Mar 24, 2018 at 6:22 AM Alberto Bursi <alberto.bursi(a)outlook.it>
wrote:
> I was writing within context of this mail thread.
>
> This mail "thread" is about Coreboot on server systems, and no major
> manufacturer I know of, apart from IBM and the board from Raptor
> Engineering ever used Coreboot on server systems, so yeah,\
>
Linux NetworX shipped several hundred thousand server boards in the early
to mid 2000s with linuxbios supplied. Most were x86, mixed intel and AMD,
and some were Alpha. There were also a few others but no one on that scale.
But, it happened.
ron
Sorry for the previous mistypings. Redoing this mail properly.
On 03/24/2018 07:41 PM, Thierry Laurion wrote:
> Hi all, > > Le ven. 23 mars 2018 13:56, <tpearson(a)raptorengineering.com
<mailto:tpearson@raptorengineering.com>> a écrit : > > I am not a
lawyer, but have some understanding of the relevant liability > law.
This is not legal advice. > > If damage is cause to the hardware that
the ME would have prevented, very > likely. > Damage prevented by ME?
> > Same goes for any security holes opened by removing the ME. >
Security holes opened by removing the ME? fTPM? What else is implied here?
> > This > is not a supported option by Intel, so (practically*) they
have no further > liability for anything that goes wrong on ME scrubbed
systems. > > * You would need to prove in an airtight manner that the
same defect shows > up on fully updated ME-enabled systems. Given the
closed nature of the ME > this may be difficult in a legal environment
short of reproducing a defect > across multiple ME-enabled identical
systems. > > > Hi all, > > > > Searching legal implications of reselling
deblobbed hardware, and can't > > fight straight answers. > > > > If the
bios is replaced, and ME is disabled with its modules erased, could > >
the maker pursue the seller for having made those modifications? > > > >
Thanks, > > Thierry > > > > Le mar. 23 janv. 2018 13:56, Timothy Pearson
> > <tpearson(a)raptorengineering.com
<mailto:tpearson@raptorengineering.com>> > > a écrit : > >
> 4 cores, SMT4. There's an 8-core available for $190 more, and AFAIK
> there are plans to start offering an 18-core server chip very shortly.
>
> These are the OpenPOWER machines, so there is hardware virtualization
> support (including I/O passthrough) that works well with kvm and QEMU.
> I haven't really heard anything referred to as "LPAR" on these newer
> POWER8/POWER9 machines outside of legacy documents.
>
> On 01/23/2018 12:47 PM, ron minnich wrote:
> > how many cores is that? Does it come with LPAR?
>
> > On Mon, Jan 22, 2018 at 9:48 PM Taiidan(a)gmx.com <mailto:Taiidan@gmx.com>
> <mailto:Taiidan@gmx.com <mailto:Taiidan@gmx.com>>
> > <Taiidan(a)gmx.com <mailto:Taiidan@gmx.com> <mailto:Taiidan@gmx.com
> <mailto:Taiidan@gmx.com>>> wrote:
>
> > In case anyone wants to know the (non-coreboot) libre firmware
> TALOS
> 2
> > single CPU/board combo is now only 2.5K.
>
> > I still can't figure out how they managed to make it so
> affordable,
> this
> > is seriously great.
>
> > --
> > coreboot mailing list: coreboot(a)coreboot.org
> <mailto:coreboot@coreboot.org>
> > <mailto:coreboot@coreboot.org <mailto:coreboot@coreboot.org>>
> > https://mail.coreboot.org/mailman/listinfo/coreboot
>
>
>
> >> > >> -- > >> coreboot mailing list: coreboot(a)coreboot.org
<mailto:coreboot@coreboot.org> > >>
https://mail.coreboot.org/mailman/listinfo/coreboot > >> > > > >
I am not a lawyer, but have some understanding of the relevant liability
law. This is not legal advice.
If damage is cause to the hardware that the ME would have prevented, very
likely. Same goes for any security holes opened by removing the ME. This
is not a supported option by Intel, so (practically*) they have no further
liability for anything that goes wrong on ME scrubbed systems.
* You would need to prove in an airtight manner that the same defect shows
up on fully updated ME-enabled systems. Given the closed nature of the ME
this may be difficult in a legal environment short of reproducing a defect
across multiple ME-enabled identical systems.
> Hi all,
>
> Searching legal implications of reselling deblobbed hardware, and can't
> fight straight answers.
>
> If the bios is replaced, and ME is disabled with its modules erased, could
> the maker pursue the seller for having made those modifications?
>
> Thanks,
> Thierry
>
> Le mar. 23 janv. 2018 13:56, Timothy Pearson
> <tpearson(a)raptorengineering.com>
> a écrit :
>
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>> 4 cores, SMT4. There's an 8-core available for $190 more, and AFAIK
>> there are plans to start offering an 18-core server chip very shortly.
>>
>> These are the OpenPOWER machines, so there is hardware virtualization
>> support (including I/O passthrough) that works well with kvm and QEMU.
>> I haven't really heard anything referred to as "LPAR" on these newer
>> POWER8/POWER9 machines outside of legacy documents.
>>
>> On 01/23/2018 12:47 PM, ron minnich wrote:
>> > how many cores is that? Does it come with LPAR?
>> >
>> > On Mon, Jan 22, 2018 at 9:48 PM Taiidan(a)gmx.com
>> <mailto:Taiidan@gmx.com>
>> > <Taiidan(a)gmx.com <mailto:Taiidan@gmx.com>> wrote:
>> >
>> > In case anyone wants to know the (non-coreboot) libre firmware
>> TALOS
>> 2
>> > single CPU/board combo is now only 2.5K.
>> >
>> > I still can't figure out how they managed to make it so
>> affordable,
>> this
>> > is seriously great.
>> >
>> > --
>> > coreboot mailing list: coreboot(a)coreboot.org
>> > <mailto:coreboot@coreboot.org>
>> > https://mail.coreboot.org/mailman/listinfo/coreboot
>> >
>>
>>
>> - --
>> Timothy Pearson
>> Raptor Engineering
>> +1 (415) 727-8645 (direct line)
>> +1 (512) 690-0200 (switchboard)
>> https://www.raptorengineering.com
>> -----BEGIN PGP SIGNATURE-----
>> Version: GnuPG v1
>>
>> iQEcBAEBAgAGBQJaZ4U2AAoJEK+E3vEXDOFbBUEIAKxL6cD2L27yZh63OhM0TD8h
>> BZD2r0nYF/NLfGi50KuMZPNzb2lpzgLHc06ZHZmJBU0sFUbTdI3WrYibDPtY4lva
>> 1uG3gedN2u+sUCzTKrLILOyrstlJ2lQ4+8jxyO8PncK9Zx3LtgbSlGVGq+pvxsXI
>> Ac8Yqm+de6Is8aaAHMMzaT9UNxcjXCAs/zZm3iWcPkA2B0CVVUoKnsFuhtGG1cGd
>> j4bukGJrojkUMEFxIG93qphcurdP2AjuvOaUdZVuoC0uxdVL2az77SgRUH8Vmxdd
>> SFhAzG7j4LsqGMwiZBkubBZpSMPj6kPyRQUIxwwAk/vRLpOxoPdaEbrI/9wyIaM=
>> =PFaf
>> -----END PGP SIGNATURE-----
>>
>> --
>> coreboot mailing list: coreboot(a)coreboot.org
>> https://mail.coreboot.org/mailman/listinfo/coreboot
>>
>
Hello,
I'm currently using coreboot with GRUB2 as a primary ad only payload an
a ThinkPad X220 with Qubes OS. Everything works fairly smoothly except i
can't get the TPM to work.
From dmesg:
[ 4.997508] tpm_tis 00:06: 1.2 TPM (device-id 0x0, rev-id 78)
[ 5.029507] tpm tpm0: A TPM error (6) occurred attempting to read a
pcr value
[ 5.029514] tpm tpm0: TPM is disabled/deactivated (0x6)
Relevant coreboot build config
CONFIG_TPM_PIRQ=0x0
# CONFIG_MAINBOARD_HAS_I2C_TPM_ATMEL is not set
# CONFIG_MAINBOARD_HAS_I2C_TPM_CR50 is not set
CONFIG_LPC_TPM=y
CONFIG_TPM_TIS_BASE_ADDRESS=0xfed40000
# CONFIG_TPM_INIT_FAILURE_IS_FATAL is not set
# CONFIG_SKIP_TPM_STARTUP_ON_NORMAL_BOOT is not set
# CONFIG_TPM_DEACTIVATE is not set
# CONFIG_MAINBOARD_HAS_SPI_TPM_CR50 is not set
# CONFIG_TPM is not set
# CONFIG_MAINBOARD_HAS_TPM_CR50 is not set
CONFIG_MAINBOARD_HAS_LPC_TPM=y
# CONFIG_MAINBOARD_HAS_TPM2 is not set
I tries setting CONFIG_TPM_DEACTIVATE=n and CONFIG_TPM=y but it looks
like it has no effect. Also if using 'make menuconfig' the submenu
relative to the TPM configuration is empty.
Giulio
On 23.03.2018 22:37, Alberto Bursi wrote:
> I wanted to say what I said.
> Dell, HP, Supermicro, Tyan, and whatever other OEM making commercial
> servers I know of
> is highly unlikely to accept a RMA or provide any support on their
> hardware if you install Coreboot.
What I was trying to tell you was that they might already ship hardware
with coreboot. You make the impression that you have no idea about how
much coreboot is already used in products.
What you mean, I guess, is installing coreboot on hardware that didn't
ship with it. But you make it sound like coreboot is always something
retrofitted.
Nico
On 03/23/2018 06:33 PM, Alberto Bursi wrote:
> Yeah, getting an RMA isn't hard if you just lie. Won't work for non-RMA support requests though.
It isn't lying if OEM never stated pre-purchase that you aren't allowed
to flash your own firmware.
It is the same as how many laptop OEM's want you to have windows
installed when you RMA a laptop.
This type of issue was actually debated quite a bit back in the 70's
(and now recently again) when car manufacturers tried to prevent people
from using after-market parts or tuning their vehicle.
https://en.wikipedia.org/wiki/Magnuson%E2%80%93Moss_Warranty_Acthttps://www.sema.org/sema-enews/2011/01/ftc-validates-right-to-install-afte…http://www.dummies.com/home-garden/car-repair/keeping-your-mods-warranty-in…
"Further, under the act, aftermarket equipment that improves performance
does not automatically void a vehicle manufacturer’s original warranty,
unless the warranty clearly states the addition of aftermarket equipment
automatically voids your vehicle’s warranty, or if it can be proven that
the aftermarket device is the direct cause of the failure."
It is more relevant than ever considering how computerized a modern
vehicle is and that making basic repairs these days requires firmware
modifications on some vehicles (ex: the john deere tractor problem) and
I am sure it will eventually end up in the supreme court.
It is a damn shame now even cars have been made very complex and
computerized for no real reason.
On 03/23/2018 05:37 PM, Alberto Bursi wrote:
> I wanted to say what I said. Dell, HP, Supermicro, Tyan, and whatever other OEM making commercial servers I know of is highly unlikely to accept a RMA or provide any support on their hardware if you install Coreboot.
> Therefore any seller of such devices would have to provide such support and warranty on their own.
>
> If you just tampered the UEFI firmware is much less of an issue for RMA and support (in my experience), depending on how bad you tampered with it, anyway.
Which is why you re-flash the original factory firmware before you RMA
it >:D
On 23.03.2018 20:28, Alberto Bursi wrote:
> Of course they will have to be able to provide any warranty and support
> over the devices they sell because Intel or whoever actually made the
> server/board will not really support nor accept RMAs of stuff with
> Coreboot on it.
That's some unfortunate wording. I guess what you wanted to say is
something like "stuff with tampered firmware". coreboot isn't strange
to every manufacturer. Why would it be? it's the best firmware you can
get for your hardware.
Nico