9.9 KiB
% Canoeboot 20240510 released! % Leah Rowe in GNU Leah Mode™ % 10 May 2024
Introduction
Canoeboot is a free/libre BIOS/UEFI replacement on x86 and ARM, providing boot firmware that initialises the hardware in your computer, to then load an operating system (e.g. GNU+Linux). It is specifically a coreboot distribution, in the same way that Trisquel is a GNU+Linux distribution. It provides an automated build system to produce coreboot ROM images with a variety of payloads such as GNU GRUB or SeaBIOS, with regular well-tested releases to make coreboot as easy to use as possible for non-technical users. From a project management perspective, this works in exactly the same way as a GNU+Linux distro, providing the same type of infrastructure, but for your boot firmware instead of your operating system. It makes use of coreboot for hardware initialisation, and then a payload such as SeaBIOS or GNU GRUB to boot your operating system; on ARM(chromebooks), we provide U-Boot (as a coreboot payload).
Canoeboot provides many additional benefits such as fast boot speeds, greater security and greater customisation, but the primary benefit is software freedom. With use of GRUB in the flash, you can make use of many advanced features such as the ability to boot from an encrypted /boot partition and verify kernel GPG signature at boot time.
If you're fed up of the control that proprietary UEFI vendors have over you, then Canoeboot is for you. Although many would agree that it is a major step forward for most users, it's actually a very old idea. Old is often better. It used to be that computers were much more open for learning, and tinkering. Canoeboot implements this old idea in spirit and in practise, helping you wrest back control.
Unlike the hardware vendors, Canoeboot does not see you as a security threat; we regard the ability to use, study, modify and redistribute software freely to be a human right that everyone must have, and the same is true of hardware. Your computer is your property to use as you wish. Free Software protects you, by ensuring that you always have control of the machine.
This new release, Canoeboot 20240510, released today 10 May 2024, is a new stable release of Canoeboot. The previous release was Canoeboot 20240504, just 6 days ago. This is a minor release, with minimal changes; if you already installed Canoeboot 20240504, you probably don't need to update, but the SeaBIOS revision was updated, and has some fixes.
Changes in this release
Extensive changes have been made to the documentation and website!
Very large and sweeping changes.
ALSO:
Build system changes
The following improvements have been made, most of them not affecting the final build (the actual code that goes in-flash):
- bump seabios (payload) to the latest upstream revision as of today
- main
build
script: exit (with non-zero status) if not running it from the main cbmk work directory (the design of cbmk makes this mandatory) - merge
script/build/serprog
intoscript/build/roms
- now you run e.g../build roms serprog rp2040
instead of./build serprog rp2040
- merge
include/err.sh
intoinclude/option.sh
- build/roms: more code cleanup in general
- build/roms: split up
main()
into smaller functions - build/roms: allow status search by mismatch (e.g. list all targets that are not stable, instead of only being able to list ones that are)
- Update the
README.md
file, applying the same change as described above (adopt a neutral/concilliatory tone toward FSF/GNU, and don't tell everyone Libreboot is a superior project that everyone should use).
Regarding SeaBIOS, the following upstream changes have been merged into this Canoeboot release:
* e5f2e4c6 pciinit: don't misalign large BARs
* 731c88d5 stdvgaio: Only read/write one color palette entry at a time
* c5a361c0 stdvga: Add stdvga_set_vertical_size() helper function
* 22c91412 stdvga: Rename stdvga_get_vde() to stdvga_get_vertical_size()
* 549463db stdvga: Rename stdvga_set_scan_lines() to stdvga_set_character_height()
* c67914ac stdvga: Rename stdvga_set_text_block_specifier() to stdvga_set_font_location()
* aa94925d stdvga: Rework stdvga palette index paging interface functions
* 8de51a5a stdvga: Rename stdvga_toggle_intensity() to stdvga_set_palette_blinking()
* 96c7781f stdvga: Add comments to interface functions in stdvga.c
* 2996819f stdvga: Rename CGA palette functions
* 91368088 stdvgamodes: Improve naming of dac palette tables
* 70f43981 stdvgamodes: No need to store pelmask in vga_modes[]
* 1588fd14 vgasrc: Rename vgahw_get_linesize() to vgahw_minimum_linelength()
* d73e18bb vgasrc: Use curmode_g instead of vmode_g when mode is the current video mode
* 192e23b7 vbe: implement function 09h (get/set palette data)
* 3722c21d vgasrc: round up save/restore size
* 5d87ff25 vbe: Add VBE 2.0+ OemData field to struct vbe_info
* 163fd9f0 fix smbios blob length overflow
* 82faf1d5 Add LBA 64bit support for reads beyond 2TB.
* 3f082f38 Add AHCI Power ON + ICC_ACTIVE into port setup code
* 3ae88886 esp-scsi: terminate DMA transfer when ESP data transfer completes
* a6ed6b70 limit address space used for pci devices.
And that's all. If you installed Canoeboot 20240504, you probably don't need to update to today's release. If you didn't install 20240504, then you may aswell update to today's release (Canoeboot 20240510).
Hardware supported in this release
This release supports the following hardware:
Servers (AMD, x86)
Desktops (AMD, Intel, x86)
- Acer G43T-AM3
- Apple iMac 5,2
- ASUS KCMA-D8 motherboard
- Gigabyte GA-G41M-ES2L motherboard
- Intel D510MO and D410PT motherboards
- Intel D945GCLF
Laptops (Intel, x86)
- Apple MacBook1,1 and MacBook2,1
- Dell Latitude E6400, E6400 XFR and E6400 ATG, with Intel GPU
- Lenovo ThinkPad R400
- Lenovo ThinkPad R500
- Lenovo ThinkPad T400 / T400S
- Lenovo ThinkPad T500
- Lenovo ThinkPad W500
- Lenovo ThinkPad X200 / X200S / X200 Tablet
- Lenovo ThinkPad X301
- Lenovo ThinkPad X60 / X60S / X60 Tablet
Laptops (ARM, with U-Boot payload)
Again, very minor release. I wasn't fully happy with the last one, specifically the last Canoeboot release, so I decided to another quick one.
That is all.
Errata
See: https://codeberg.org/libreboot/lbmk/issues/216
This bug has been fixed in lbmk.git, and the fix will be included in the next release, but it wasn't caught in the 20240504 release. The same fix has been applied to Canoeboot's build system, cbmk.
It is almost certainly guaranteed that no Canoeboot users were ever affected by this, but extreme measures have been taken to ensure that it is entirely guaranteed from now on. Read on to know more:
The bug is quite serious, and it was previously decided that documentation should be written warning about it (in docs/install/). The bug was only triggered on Intel Sandybridge hardware (e.g. ThinkPad X220) and was never reported on other boards, but there's no way to fully know; what is known is that the offending patch that caused the bug has been removed; namely, xHCI GRUB patches, which are now only provided on Haswell and Broadwell hardware (where the bug has not occured) in Libreboot; in Canoeboot, the GRUB tree with xHCI support is provided, but not currently used on any mainboards in Canoeboot. Therefore, we know that the bug will no longer occur.
The next release will exclude xHCI support on machines that don't need it, which is every machine that Canoeboot supports (as of Canoeboot 20240504/20240510), and a mitigation is in place that makes SeaBIOS the primary payload, to prevent effective bricks in the future; the bug was in GRUB, but if SeaBIOS is the first payload then the machine remains bootable even if a similar bug occurs.
It is now the default behaviour, in the next release, that certain images contain a bootorder file in CBFS, making SeaBIOS try GRUB first, but you can still press ESC to access the SeaBIOS boot menu if you want to directly boot an OS from that. This, and the other change mentioned above, will guarantee stability. GRUB is no longer the primary payload, on any mainboard.
However, it was later decided to put this release in the testing
directory instead; it was initially designated as a stable release.
All ROM images for the 20240504/20240510 releases have been removed from rsync, but the source tarball remains in place.
For now, you are advised to use the November 2023 release, or build from
cbmk.git at revision 4f6fbfde81f5176e5892d1c00627f8f680fd3780
(which is known
to be reliable and is the current revision as of this time of writing) - or,
alternatively, you are advised to use the next release after 20240510.
A new audit has been conducted, marked complete as of 9 June 2024, fixing this and many issues; a new true stable release will be made available some time in June 2024.