[coreboot] BadBIOS Thoughts

Denis 'GNUtoo' Carikli GNUtoo at no-log.org
Sat Nov 9 00:19:33 CET 2013

On Sun, 03 Nov 2013 13:47:15 -0600
Alex <mr.nuke.me at gmail.com> wrote:
> I'm sorry Ron, but you're just asking me to take your word for it. I 
> can't do that. There's more secret code running on a Chromebook's 
> firmware than there is free code. In fact, I would argue, most code 
> where attack vectors could hide is secret. It's a foul's paradise.
It seem way worse with newer "FSP" blobs...

On qemu, coreboot is not necessary: some coreboot payloads (like
seabios) are capable of beeing the full bootstrap firware(because
qemu is really simple: most of the complex hardware already works).

Then I really wonder what's left for coreboot in the systems that uses
the FSP blob.

If I understood correctly, coreboot would run as hooks, and do some
mostly standard stuff that a payload (or coreboot) can do.

Then at the end coreboot would run a payload.


More information about the coreboot mailing list