[coreboot] Proposal: "Freedom level" field for boards supported by coreboot

Thu Jan 19 02:06:52 CET 2017

Sounds like a good idea in general, but I think the categories might
need some more tweaking. I guess we all have different favorites that
we care about here (e.g. I'm partial to most ARM platforms), we should
have a balanced discussion about what should be weighted more than
what and why to make sure the categories end up fair to all platforms.

For example, it seems like you're trying to slot RK3288 as "bronze",
which I'd say is argueably the most free platform coreboot supports
right now. I assume your rating comes from the external board
components requiring proprietary firmware in this case. So a few
points to start discussion:

- Is it fair to make external board components weigh more heavily than
processor internals? I think at least external board components that
are not essential (e.g. anything but keyboard, pointing device,
display, network, maybe audio) or can be replaced with other
components (e.g. USB can replace almost everything) should have the
least impact on freedom level. In particular, it's not really fair to
punish a board for including an optional non-free component that other
boards don't have at all (like a laptop with a WiFi chip which
essentially always require proprietary firmware vs. a desktop board
that has nothing but empty PCIe slots).

- Anything required on the processor (e.g. microcode) should always
weigh more heavily than external components. Disabling an external
component (even something like keyboard/display) still leaves the
system somewhat functional, whereas you can never disable the
processor. Since microcode can essentially do anything I think it
should always give a harsh rating unless it's feasible to run the
board with the ROM-internal version.

- Why are you making an exception for the EC, of all things? The EC is
usually the keyboard controller which is one of the most highly
sensitive things there are. I think a proprietary keyboard controller
should definitely be counted worse than a proprietary WiFi chip, for
example (because they WiFi chip cannot sniff into your HTTPS stream,
but the keyboard controller can totally read the password you typed).

So as a quick brainstorming, I'd rather suggest a ranking roughly like
this to fairly reflect the risk the user is exposed to:

A. Everything free.
B. Non-essential component (e.g. GPS sensor) requiring proprietary firmware.
C. Network component (e.g. WiFi) requiring proprietary firmware if it
can be bypassed (e.g. USB, expansion card).
D. Input/output-sniffing component (pointing device, keyboard,
display, audio) requiring proprietary firmware if it can be bypassed,
or CPU requiring microcode if it can be bypassed (e.g. just using
factory ROM code).
E. CPU or equivalently privileged processor requiring non-resident
proprietary boot firmware.
F. Network component requiring proprietary firmware that cannot be
bypassed (e.g. no USB ports).
G. Input/output-sniffing component requiring proprietary firmware that
cannot be bypassed, or CPU requiring microcode that cannot be
bypassed.
H. CPU or equivalently privileged processor requiring resident
proprietary firmware (e.g. Intel ME, Qualcomm TrustZone).