On Thu, Mar 10, 2016 at 11:11:59AM -0600, Ben Gardner wrote:

Hi Kevin,

I plan to have the default CBFS contain only coreboot and SeabIOS and a few payloads (coreinfo, memtest86, PXE) that I don't intend to change often. That would be protected with a hash and would be kept small for performance reasons. ChromeOS appears to do something similar and take it a step further and write-protect that "read only" region of flash.

The other CBFS would contain larger images that I'm likely to change, such as Linux.

There is a chance of name conflicts and that may cause problems. In my use case, the answer is "don't do that".

From a random sampling of FMD files in the coreboot tree (google/glados/chromeos.fmd), I see that ChromeOS uses three: FW_MAIN_A, FW_MAIN_B, and the default COREBOOT. Assuming FW_MAIN_A and FW_MAIN_B contain files with similar names, that would cause confusion if they use SeaBIOS. But I think that ChromeOS is switching to use the Depthcharge bootloader.

So, maybe this wouldn't work well for everyone.

Thanks. If this may not work for everyone, then I suggest adding a build time (kconfig) or runtime (cbfs) setting to enable/disable it. Normally runtime settings are preferred, but that may not work here.

-Kevin