[coreboot] Is Goryachy's JTAG hack a chance for free firmware ?
Denis 'GNUtoo' Carikli
GNUtoo at no-log.org
Tue Dec 12 17:32:28 CET 2017
On Wed, 29 Nov 2017 23:39:27 +0100
"Enrico Weigelt, metux IT consult" <info at metux.net> wrote:
> Hi folks,
>
> i'm curios whether Goryachy's JTAG hack is a chance for
> getting rid of all proprietary ME/UEFI firmware.
>
> If i'm correct, the ME firmware (or parts of it) is signed, and
> the CPU won't run (or switches off) if signatures don't match.
>
> Can the JTAG channel be used to get around that ?
We don't have enough information on that yet to understand if it's
possible or not.
More precisely, I don't know:
- If it's possible to halt the Management Engine (trough the JTAG)
before it starts executing code, load code for it to execute, and
make it execute that unsigned free software code that would
initialize enough hardware to make the computer start.
- Or if it's possible to halt the Management Engine and instead
initialize that hardware trough the JTAG.
- If it would be possible to use another computer and an USB3 controller
that don't depend on non-free software to initialize a recent Intel
system without depending on any non-free software.
It would be nice to be able to use A Rockchip SBC with USB3, or an
SBC with a free software bootloader and with a PCIe interface and a
PCIe USB3 card to do that.
If this is possible it would enable building a desktop or server
computer that can start with free software. The SBC could also be
used to run some tasks while the main computer is off, such as an IRC
client or server software.
However If getting JTAG trough DCI requires a skylake computer, then
there is a chicken and egg problem...
Denis.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://mail.coreboot.org/pipermail/coreboot/attachments/20171212/fe1cb246/attachment.sig>
More information about the coreboot
mailing list