[coreboot] Trusting coreboot versus trusting the FSP

Mon Jan 9 20:30:48 CET 2017

On 09.01.2017 17:38, Trammell Hudson wrote:
> At 33c3 a question came up about "how can we trust and audit coreboot?"
> compared to things like the Intel Firmware Support Package (FSP).
> I'm relaying it to the list for discussion.
> 
> The FSP is a x86 binary blob that has an init function that writes magic
> values to magic registers to bring up the mainboard, the DRAM controller
> and other devices in the SOC.

It might have started as that but I believe it's becoming more like any
part of UEFI that Intel doesn't dare to push into coreboot. In other
words, it's growing faster than hardware initialization demands.

> 
> Meanwhile, many of the coreboot mainboard_init() functions write magic
> values to magic registers to bring up the mainboard, the DRAM controller
> and attached devices.  For example, x230/mainboard.c:
> 
>     static void mainboard_init(device_t dev)
>     {
>             RCBA32(0x38c8) = 0x00002005;
>             RCBA32(0x38c4) = 0x00802005;
>             RCBA32(0x38c0) = 0x00000007;
>     }
> 

Just because you see magic values in coreboot doesn't mean that it's not
documented. Is this example easier to read than disassembly? for a core-
boot developer (who knows a little about Intel chipsets), yes. It even
points me to the place in the documentation (southbridge datasheet, SPI
controller).

> Do we trust the coreboot version because the C is easier to read than
> disassembly of the FSP, even though there is about the same level of
> documentation?  What can we do to improve the auditability of coreboot
> if we don't understand the security implications of these magic values?

I guess you are right, the readability for itself doesn't provide any
better trustworthiness. And there are many cases like the example above,
where the implications really aren't publicly documented. Without pro-
per, public documentation and the promise by the vendor that this docu-
mentation is correct _and_ comprehensive, we can't tell anything about
the state of the hardware...

beside the RAM contents and the program we are executing. And this is
where coreboot does a much better job, IMO. Given that most host firm-
ware stays active during runtime of the OS, I don't see any point in
running open-source software for security reasons if there's proprie-
tary software running on the same CPU in a higher privilege level.

So what coreboot brings you is what you get from most other OSS: Some
eyes on the code that might spot it soon enough if somebody adds a soft-
software backdoor. Plus a relatively small code base that has to be
watched over.

But for the currently supported modern hardware you don't get more
than that (the Quark SoC might be an exception, I haven't checked if
its documentation is as open as its firmware). Alas, with coreboot
supported systems, it seems the better the support by open software,
the worse is the public documentation. Rockchip for example seems to
completely lack public documentation.

Nico