* mrnuke mr.nuke.me@gmail.com [140325 05:10]:
- For example, a hardwired boot blob which has been RE'd so that we know what
it does and how it does it, would be acceptable (see Allwinner). Even the FSF, according to RMS's own essays considers this to essentially be hardware.
- A non-ISA (a) firmware blob which controls a piece of hardware which
i) can only do one thing ii) without compromising the security of the system iii) and is non-essential for the functioning of the system is acceptable. Examples would be USB 3.0 firmware blobs. Examples of blobs which would NOT be are ME (violates all three points), MRC (violates point iii, and potentially ii).
The ME is a non-ISA firmware blob. It's more like EC firmware, a piece of software running on a completely different processor. It just happens to share the SPI flash with the main CPU.
USB3 blobs can do more than one thing and violate security, just as any other blob.
MRC is an ISA blob.
- An ISA blob which is NOT essential for the bring-up of the system, and can
reasonably be replaced by a free alternative. This basically includes VGA BIOSes.
VGA oproms can about as reasonably be replaced as MRC. (within an order of magnitude or so of effort). Both of them can be considered non-essential. You can run out of cache just as much as you can run without video. The differenciation is rather arbitrary.
[Again, feel free to skip ahead] I made some of the claims Paul is talking about. I have the git hash of the firmware which came with my chromebook, but a branch containing that hash is not available publicly.
Yes it is. Check out the chromium repository. It has a public firmware branch for each released platform.
Stefan