On Mon, Jun 24, 2019 at 7:20 AM Hubert Ruch ruch@runbox.com wrote:
Thanks for the info. Didn't know that. Now, one has to wonder how many skilled developers actually do read and understand their code. IIRC Leah Rowe paid someone $90.000 for adding some code to LibreBoot. I'm mentioning this because it leads to the assumption that boot coding must be a pretty difficult task.
Speculation preceded by IIRC is not helpful. Lots of people read this list and you can now expect to see your IIRC bounce around the world as fact, and we have no idea if it's true or not.
As Stefan points out, the project started at LANL in 1999 and ran there for over five years, so USG involvement is hardly new. DOE Labs spent well over $10M on systems running LinuxBIOS over a 6 year period, and if we count the full cost of the DOE Lab FTEs contributing to LinuxBIOS, the total commitment from 1999-2006 edges up to about $20M. I know this because I oversaw the purchase of most of those systems, and the funding of those FTEs (including me).
It's probably not well remembered at this point but the NSA also contributed a lot to early Linux. Go back far enough, look at some of Don Becker's ethernet drivers, and you will find National Security Agency copyrights. This is because at the time Don wrote those drivers he worked at the Supercomputing Research Center in Bowie, MD, USA. I know this because I was there at that time too. Don was very active in the creation of the early Linux networking stack, not just drivers. NSA contributions to open source code goes back almost 30 years.
We're reviewing the STM code, of course. If you're going to worry about something, worry about FSP 2.0 still being closed source. FSP is not optional and we have no idea of all the things it does/can do.
Finally, boot coding is a pretty difficult task. You don't see how hard it is on x86 any more because x86 now depends on binary blobs to work (I'm still very sad about that) and the really hard parts are in the blobs. But it is intricate, difficult code, even on simple ARM SOCs. That has not changed.
ron