On Sun, 03 Nov 2013 13:47:15 -0600 Alex mr.nuke.me@gmail.com wrote:
I'm sorry Ron, but you're just asking me to take your word for it. I can't do that. There's more secret code running on a Chromebook's firmware than there is free code. In fact, I would argue, most code where attack vectors could hide is secret. It's a foul's paradise.
It seem way worse with newer "FSP" blobs...
On qemu, coreboot is not necessary: some coreboot payloads (like seabios) are capable of beeing the full bootstrap firware(because qemu is really simple: most of the complex hardware already works).
Then I really wonder what's left for coreboot in the systems that uses the FSP blob.
If I understood correctly, coreboot would run as hooks, and do some mostly standard stuff that a payload (or coreboot) can do.
Then at the end coreboot would run a payload.
Denis.