On 10/21/2017 07:22 PM, Tirumalesh wrote:
Using complete open source firmware is just one of the important advantages.
In my understanding coreboot provides lot more than that for a small team.
- No drivers in firmware(leaving some basic things like spi etc)
- A single image (firmware + Linux + rootfs)
- The above means it’s very convenient for updates (major source of
security bugs) 4. Using same firmware on x86 and bmc means, what ever infra we develop for board bring up and ops (as coreboot payload) works on both. 5. Same thing for secure booting.
Most of the time the above things are also very important.
Thanks, Tirumalesh.
Coreboot is hardware-specific, so the Coreboot that runs in the x86 system will be very different from the one running in the BMC. They will have the same interfaces to boot a payload of course.
I'm not sure what kind of firmware you plan to deploy on both the x86 system and the BMC.
The BMC has a very weak ARM processor and not much onboard flash for firmware. It is much better if you do 2 different payloads already.
Besides, on ARM systems the board bringup part (what Coreboot was born for) is done by a bootROM (read-only memory inside the ARM SoC, you can't do anything to this). Then it loads a bootloader from the device's flash memory. This bootloader then does some more initalization, and then that loads a linux kernel written on raw flash or something like that and executes it. From there the Linux kernel takes over.
For the AST2400 the bootloader is uboot, and the openbmc project has the source to compile this part too so you can have a fully open system https://github.com/openbmc/u-boot/commit/f03ebaa6c2aefc49c0fdd6bdca51c666ba5...
-Alberto