[coreboot] Official builds for EoL Chromebooks

Thu Oct 13 21:22:16 CEST 2016

Just listing SHA hashes of the recommended ROMs for a given Chromebook
would be an improvement.

The hash is sufficient to verify a build / download. But it has to come
from Coreboot.

Actually, this would be a nice project for someone from Google.

I can only volunteer testing a build on my Acer C710 (which is probably the
only Chromebook with upgradeable RAM and disk).

--emi

On Thu, Oct 13, 2016 at 6:49 PM, Matt DeVillier <matt.devillier at gmail.com>
wrote:

> well, in order for that to happen, someone would have to take ownership of
> that - are you volunteering?  =)
>
> There's also the issue of blobs that can't be redistributed, which is AIUI
> one of the reasons why coreboot doesn't offer compiled firmware.
> Additionally, some models (ie, Chomeboxes) require persistence of parts of
> the stock firmware in order to maintain their unique ethernet MAC address,
> so having users simply download and manually flash a compiled firmware
> manually is highly suboptimal.  This is why I implemented the flashing
> script (well that, and to provide some basic sanity checks that users
> weren't flashing the wrong firmware, had write-protect disabled, etc)
>
> On Thu, Oct 13, 2016 at 10:14 AM, Emilian Bold <emilian.bold at gmail.com>
> wrote:
>
>> I think EoL Chromebooks are a good opportunity for Coreboot to present
>> itself to end users.
>>
>> Right now Chromebooks use Coreboot but nobody knows that.
>>
>> But once a Chromebook reaches EoL people will either throw it away or use
>> it with the insecure and outdated browser version they have until it breaks.
>>
>> People would appreciate that it's possible to keep the device and use a
>> modern Linux with up-to-date browser by only installing a dedicated
>> Coreboot ROM.
>>
>> A per-device wiki page would be great! Something to show how to install
>> it, etc.
>>
>> A ROM sha-256 (and a link) is also essential to know what to grab (or if
>> your build was good).
>>
>> I'm actually the one that started the reproducible builds thread last
>> time precisely because I could not get the same ROM image as the ones
>> posted online and I was wondering what I did wrong and if I would brick my
>> laptop or not.
>>
>>
>>
>> --emi
>>
>> On Thu, Oct 13, 2016 at 5:53 PM, Matt DeVillier <matt.devillier at gmail.com
>> > wrote:
>>
>>> Emi,
>>>
>>> I think this is what you're looking for: https://www.coreboot.org/
>>> Supported_Motherboards
>>> It contains the commit hash, build config, and a few other logs for each
>>> device/commit.  It is user submitted though, since there doesn't exist a
>>> test setup for every supported device.
>>>
>>> Right now, I'm the main builder/distributor of upstream coreboot
>>> firmware for ChromeOS devices; I support all Haswell, Broadwell, and some
>>> Baytrail devices, the former with both UEFI and Legacy Boot variants. When
>>> time permits, I'll expand that to cover the rest of the Baytrail devices,
>>> then move on to adding support for Skylake.  No plans for Braswell support
>>> unless I acquire a device on which to test.
>>>
>>> John Lewis has some upstream firmware for the older
>>> SandyBridge/IvyBridge models, but his Haswell firmware is build from
>>> Google's tree/branches not upstream.  He also has no plans for any future
>>> upstream firmware.
>>>
>>> cheers,
>>> Matt
>>>
>>> On Thu, Oct 13, 2016 at 6:49 AM, Emilian Bold <emilian.bold at gmail.com>
>>> wrote:
>>>
>>>> Hello,
>>>>
>>>> Now that Coreboot has reproducible builds, could you provide a list of
>>>> build hashes for Chromebooks that are or will soon reach End of Life?
>>>>
>>>> I see on https://support.google.com/chrome/a/answer/6220366?hl=en that
>>>> 2 Chromebooks will reach End of Life in 2016 and 3 more in 2017 then 7 in
>>>> 2018. I assume the number will increase each year.
>>>>
>>>> I know that Coreboot does not distribute builds, but the little Custom
>>>> roms section on https://www.coreboot.org/users.html seems insufficient.
>>>>
>>>> It's easy making a build, you just need to have the certainty you did
>>>> it well. Or that the one you are downloading is correct.
>>>>
>>>> Posting an official SHA-256 hash for a ROM would solve this.
>>>>
>>>> --emi
>>>>
>>>> --
>>>> coreboot mailing list: coreboot at coreboot.org
>>>> https://www.coreboot.org/mailman/listinfo/coreboot
>>>>
>>>
>>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.coreboot.org/pipermail/coreboot/attachments/20161013/400b3bf5/attachment.html>