Hi friends! I have submitted a new board status update for Lenovo G505S laptop. The previous one was exactly 6 month old and I started worrying that our wonderful quad core AMD laptop without Intel ME / AMD PSP hardware backdoors - could be removed ; not because of the lack of users (in fact, there are a lot of G505S+coreboot users!) , but just because of the lack of board status updates :P Three primary obstacles I had to overcome while submitting:

1) board_status.sh is trying to tell too much information about your system :

cbfs.txt coreboot_console.txt payload_config.txt config.short.txt coreboot_timestamps.txt revision.txt config.txt kernel_log.txt rom_checksum.txt

Two of these files - coreboot_console.txt and especially kernel_log.txt - could contain some information which is very private: in my case, kernel_log.txt contained the MAC address of my Ethernet card, both coreboot_console.txt and kernel_log.txt contained the model of my USB flash drive - knowing a model helps to figure out the controller and raises the possible success of some targeted BadUSB attack against the submitter, and so on

Maybe this is why some coreboot users do not want to use this script, a very important one :P But there is an easy solution:

To pause the board_status.sh script just before it uploads the logs, so that I could personally look through them and remove the parts of information that I consider as private, I have inserted the following lines just before the "echo "Uploading results" at ~440 line:

stty -echo printf "Press_any_key_1...: " read variable1 stty echo printf "\n" sleep 1 stty -echo printf "Press_any_key_2...: " read variable2 stty echo printf "\n" sleep 1

I run a board_status.sh script, it collects the logs and puts them inside the freshly cloned board-status repository, then a script pauses, I could edit the logs until I consider them as OK, and then give a "go ahead" command by pressing the any key two times, and only then a script does the "git add" of them and commits the upload

2) board_status.sh - "Verifying that CBMEM is available" part at 380-390 lines is broken, in particular, line 381 " sudo command -v "$cbmem_cmd" >/dev/null " tells that command not found - perhaps this 'command' command is not available at some linux distros. I had to comment out this code, leaving only cbmem_cmd="sudo $cbmem_cmd" line:

echo "Verifying that CBMEM is available" # if [ $(id -u) -ne 0 ]; then # sudo command -v "$cbmem_cmd" >/dev/null # if [ $? -ne 0 ]; then # echo "Failed to run $cbmem_cmd using sudo. Check $PATH or use -c" \ # "to specify path to cbmem binary." # exit $EXIT_FAILURE # else cbmem_cmd="sudo $cbmem_cmd" # fi # else # test_cmd $LOCAL "$cbmem_cmd" # fi

and the rest of board_status.sh script is working, after I supply a path to cmbem executable file, which is obtained by going to ./util/cbmem/ directory and running "make"

3) Despite that I have not modified the coreboot source code, just the couple of changes to config all through "make menuconfig" + some floppies added AFTER the build, I still got a "-dirty" added to my version while building. Maybe some bug there? git diff does not show anything interesting, there were no local changes (except the board_status.sh but that happened much later). Did not like that "-dirty" as it was unfair, and fixed the already-submitted board status to become clean with a follow-up commit. Know thats a bit of cheating, but though it was OK to do in such a situation, as I have not modified anything at the sources that could have changed the working status of that build

Best regards, Mike Banon