[coreboot] Porting Kabylake laptop
rminnich at gmail.com
Wed Jun 27 18:41:29 CEST 2018
On Wed, Jun 27, 2018 at 9:15 AM <chrisglowaki at tutanota.com> wrote:
> Please correct me if I'm wrong, but I think LinuxBoot doesn't give the
> same security as coreboot+FSP because it leaves the firmware vendor and
> board manufacturer in the trust equation. With the FSP we only have to
> trust Intel.
you're right for some boards, but not all boards.
Our goal for some platforms is to have just the SEC and PEI as delivered
from the chipset vendor, and then DXEs compiled from source, then
linuxboot. We'd like to remove the firmware vendor and board manufacturer
from the trust equation -- and, interestingly, many board vendors we talk
to also want that very same thing.
We're not there yet, but getting closer all the time. And it's moving fast.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the coreboot