Re: [coreboot] Rettungsboot

On Sun, Nov 27, 2016 at 07:30:07PM -0500, Charlotte Plusplus wrote:

[...] With the amount of flash we have, sharing the kernel and initrd doesn't seem like a bad idea.

The problem is if a bad kernel or initrd is flashed then there is no way to recover without hardware intervention. Having a truly minimal recovery kernel with USB and a spiflash writer makes it possible to boot into some sort of mode to reocver from that failure.

For both root of trust as well as reliability concerns, the recovery image at the top of the SPI flash should be read-only with the BP bits and the WP# pin enabled. That way hardware is required to really mess it up.