Merge branch 'master' into master

2023-10-29 12:57:41 +00:00 · 2023-10-29 12:57:41 +00:00 · bde19f8cb7
parent 31bef18593 ce6d9da778
commit bde19f8cb7
16 changed files with 161 additions and 34 deletions
--- a/site/docs/maintain/index.md
+++ b/site/docs/maintain/index.md
@ -1000,7 +1000,7 @@ Updated each time lbmk runs, based on either `git describe` or, on release
 archives, this file is static and never changes. It says the *time* of
 whichever Libreboot revision is currently in use (time of commit).

-At least, you will now learn about the *scripts* (exclusively written as
+At last, you will now learn about the *scripts* (exclusively written as
 posix shell scripts) that constitute the entire Libreboot build system, lbmk:

 Scripts in root directory of lbmk
--- a/site/download.md
+++ b/site/download.md
@ -85,7 +85,6 @@ UK)
 * <rsync://ftp.linux.ro/libreboot/> (linux.ro, Romania)
 * <rsync://mirror.koddos.net/libreboot/> (koddos.net, Netherlands)
 * <rsync://mirror-hk.koddos.net/libreboot/> (koddos.net, Hong Kong)
-* <rsync://mirror.mangohost.net/libreboot/> (mangohost.net, Moldova)

 Are you running a mirror? Contact the libreboot project, and the link will be
 added to this page!
--- a/site/download.uk.md
+++ b/site/download.uk.md
@ -85,7 +85,6 @@ LIBREBOOT](news/safety.md).**
 * <rsync://ftp.linux.ro/libreboot/> (linux.ro, Румунія)
 * <rsync://mirror.koddos.net/libreboot/> (koddos.net, Нідерланди)
 * <rsync://mirror-hk.koddos.net/libreboot/> (koddos.net, Гонконг)
-* <rsync://mirror.mangohost.net/libreboot/> (mangohost.net, Moldova)

 Ви підтримуєте роботу дзеркала? Зв'яжіться з проектом libreboot, і посилання буде
 додано до цієї сторінки!
--- a/site/faq.md
+++ b/site/faq.md
@ -351,8 +351,7 @@ Technology* (AMT).

 Use of the `me_cleaner` utility is believed to minimize any security risk when
 using these Intel platforms, and coreboot *does* contain fully free code for
-sandybridge/ivybridge platforms. Freedom-wise, these are similar to libreboot
-compatible ThinkPads, and they are quite nice machines.
+sandybridge/ivybridge platforms.

 More information about the Management Engine can be found on various Web
 sites, including [me.bios.io](http://me.bios.io/Main_Page),
--- a/site/freedom-status.md
+++ b/site/freedom-status.md
@ -276,6 +276,11 @@ technically required, but highly recommended. To remove, do:

 	cbfstool filename.rom remove -n cpu_microcode_blob.bin

+On ASUS KFSN4-DRE, KCMA-D8 and KGPE-D16 boards, do this instead:
+
+	cbfstool filename.rom remove -n microcode_amd.bin
+	cbfstool filename.rom remove -n microcode_amd_fam15h.bin
+
 [Releases after Libreboot 20230423 will provide separate ROMs with microcode
 excluded, alongside default ones with microcode included.](news/microcode.md)

--- a/site/news/MANIFEST
+++ b/site/news/MANIFEST
@ -1,3 +1,4 @@
+canoeboot.md
 libreboot20231021.md
 audit3.md
 audit2.md
--- a/site/news/canoeboot.md
+++ b/site/news/canoeboot.md
@ -0,0 +1,44 @@
+% Canoeboot project launched (new Libreboot fork)
+% Leah Rowe
+% 26 October 2023
+
+I've started a new sister project of Libreboot, that I will maintain in
+parallel; whenever there is a new Libreboot release, I will then use it to
+create a new release of *Canoeboot*.
+
+You can find Canoeboot here: <https://canoeboot.org/>
+
+The first release, Canoeboot 20231026, is here (created on 26 October 2023):
+<https://canoeboot.org/news/canoeboot20231026.html> - it is based on the
+recent [Libreboot 20231021 release](libreboot20231021.md).
+
+Canoeboot is a *proof of concept* that provides a technical implementation of
+Libreboot, but *without* the [Binary Blob Reduction Policy](policy.md); instead,
+Canoeboot implements the [GNU Free System Distribution
+Guidelines (GNU FSDG)](policy.md#problems-with-fsdg) as policy. GNU FSDG is the
+policy that Libreboot *previously* implemented, until 16 November 2022 when the
+new *Binary Blob Reduction Policy* was enacted.
+
+The *reduction* policy has resulted in more hardware being supported from
+coreboot, thus bringing free software to more people, and it is handled in the
+manner described by Libreboot's [Freedom Status](../freedom-status.md) page.
+
+The purpose of Canoeboot is to demonstrate the inferior state Libreboot would
+be in today, if it still adhered to the *old* GNU policy. The goal of Libreboot
+is to help as many people as possible achieve a level of [software
+freedom](https://writefreesoftware.org/learn), so that they may rid themselves
+of proprietary software. This is done, because every user deserves to have the
+freedom to study, adapt, share and use software infinitely, without restrictions.
+
+By implementing the policies that it has, Libreboot is in a position to do this
+in the most optimal way, whereas Canoeboot can only support a limited subset of
+hardware compared to Libreboot; in other words, Canoeboot's policies are a
+liability to the adoption of free software by normal people everywhere.
+
+Canoeboot is still a good option if your hardware supports it, but you should
+know: Libreboot *also* provides the very same blob-free, entirely free software
+config on all of the mainboards that Canoeboot supports. Canoeboot is a proof
+of concept, but you *can* use it, if you wish.
+
+[Patches are also welcome](https://canoeboot.org/git.html) in Canoeboot, if you
+spot something wrong that ought to be fixed or improved.
--- a/site/news/censored-libreboot20230710.md
+++ b/site/news/censored-libreboot20230710.md
@ -2,12 +2,27 @@
 % Leah Rowe
 % 10 July 2023

+**UPDATE, 27 October 2023: The Censored Libreboot and nonGeNUine Boot websites have merged
+into a new project, called Canoeboot. Canoeboot is a new Libreboot-authored
+spinoff project (official fork).**
+
+**See: [Canoeboot 20231026 release](https://canoeboot.org/news/canoeboot20231026.html) - 
+the original article below showed a desire to work with GNU Boot, but it has
+now been decided that Canoeboot will be an official project of Libreboot,
+providing releases under the old [Binary Blob Elimination
+Policy](https://web.archive.org/web/20221107235850/https://libreboot.org/news/policy.html) (instead of
+Libreboot's current [Binary Blob Reduction Policy](policy.md)).**
+
+**The situation on 27 October 2023 is not much different, in substance. Please
+see: [Canoeboot vs GNU Boot](https://canoeboot.org/gnuboot.html) - Canoeboot
+will now compete with GNU Boot, rather than try to assist it; they didn't accept
+Libreboot's help anyway.**
+
+And now, the original article is as follows:
+
 Warning
 =======

-**Update 21 October 2023: This is quite obsolete now, because
-[Libreboot 20231021](libreboot20231021.md) is out.**
-
 **This release is *not* recommended for general use. You should still use the
 recent [Libreboot 20230625](libreboot20230625.md) release, which is the
 current stable release. Please also read the [Binary Blob Reduction
--- a/site/news/gnuboot.md
+++ b/site/news/gnuboot.md
@ -2,31 +2,21 @@
 % Leah Rowe
 % 17 July 2023

-**UPDATE 21 October 2023: [Libreboot 20231021](libreboot20231021.md) is out,
-and it's vastly superior to Libreboot 20230625 or nonGeNUine Boot 20230717;
-and GNU Boot 0.1 RC is still not much different than the state GNU Boot was in
-at the time of the article below. GNU Boot 0.1 RC (the latest version of GNU
-Boot as of 21 October 2023) is essentially just Libreboot 20220710 plus patches
-I made for them enabling KGPE-D16 to build correctly on modern Linux distros.**
+**UPDATE, 27 October 2023: The Censored Libreboot and nonGeNUine Boot websites have merged
+into a new project, called Canoeboot. Canoeboot is a new Libreboot-endorsed
+spinoff project (official fork).**

-**It's likely that another FSDG-compatible variant of Libreboot will be made,
-again for fun, based on Libreboot 20231021. Watch this space! tl;dr Libreboot
-is vastly superior in the October 2023 revision compared to June 2023, and
-the June 2023 revision is still superior to GNU Boot (still uses newer coreboot
-revisions, has better error handling in the build system, builds more efficiently
-and is generally just better, because it's literally about 8 months ahead in
-development, and supports more hardware such as gru chromebooks with u-boot or
-the Dell Latitude E6400 - which GNU Boot still doesn't support. Libreboot today
-is now lightyears ahead, and the recent October 2023 release has coreboot
-revisions 2 years ahead of the ones used in GNU Boot's default coreboot tree (in Libreboot 20230625 and nonGeNUine Boot 20230717, it's still about 18 months ahead).**
+**See: [Canoeboot 20231026 release](https://canoeboot.org/news/canoeboot20231026.html) - 
+the original article below showed a desire to work with GNU Boot, but it has
+now been decided that Canoeboot will be an official project of Libreboot,
+providing releases under the old [Binary Blob Elimination
+Policy](https://web.archive.org/web/20221107235850/https://libreboot.org/news/policy.html) (instead of
+Libreboot's current [Binary Blob Reduction Policy](policy.md)).**

-**Two years. Anyway, the original article is as follows (prior to the above):**
-
-The purpose of the original article below was to promote my own FSDG-compliant
-fork of Libreboot 20230625, which I released as Censored-Libreboot 20230710 and
-then nonGeNUine Boot 20230717, with the intent that *GNU Boot* re-use the work,
-but they never re-used any of it except for my D16 build fixes, and one or two
-minor things.
+**The situation on 27 October 2023 is not much different, in substance. Please
+see: [Canoeboot vs GNU Boot](https://canoeboot.org/gnuboot.html) - Canoeboot
+will now compete with GNU Boot, rather than try to assist it; they didn't accept
+Libreboot's help anyway.**

 Original article as it was written, 17 July 2023:
 =================================================
--- a/site/news/libreboot20231021.md
+++ b/site/news/libreboot20231021.md
@ -1136,6 +1136,9 @@ so the relevant acpica tarball was mirrored to Libreboot rsync at last minute.
 Post-release errata
 ===================

+Insertion of PIKE2008 ROMs, i945 bootblock copy
+-----------------------------------------------
+
 Empty PIKE2008 ROMs not inserted in KCMA-D8 and KGPE-D16 ROMs.

 The 64KB bootblock isn't copied on ThinkPad X60 and T60 ROM images. This has
@ -1165,3 +1168,53 @@ Without the empty PIKE2008 ROM, SeaBIOS will hang on those AMD boards.
 And without the bootblock copied on X60/T60 ROMs, flashing will result in a brick
 under these conditions: bucts not reset and ROM flashed successfully, and/or
 flashing the ROM from LenovoBIOS to Libreboot.
+
+Fam15h microcode wrongly not detected as inserted
+-------------------------------------------------
+
+On those boards, `target.cfg` files specified `microcode_required="n"`, and
+the logic in the release script renames ROM images according to this rule:
+
+* If `cpu_microcode_blob.bin` exists in CBFS, copy the ROM to provide one
+  with this file removed.
+* If the file doesn't exist in the first place, *move* (rename) the file
+  accordingly under the new name.
+* In either of the above cases, `.rom` is replaced at the end
+  with `_nomicrocode.rom`, in any image that either has the microcode removed,
+  or if it wasn't there to begin with.
+
+On these AMD boards (fam10 and fam15h), namely KCMA-D8, KFSN4-DRE and KGPE-D16,
+the microcode is inserted into CBFS as two files,
+namely `microcode_amd.bin` and `microcode_amd_fam15h.bin` - and the bug is
+precisely that lbmk detected (based on only checking `cpu_microcode_blob.bin`)
+no microcode, and thus *moved* (renamed) to names ending
+in `_nomicrocode.rom`.
+
+In other words, the Libreboot 20231021 ROM images for those boards *all*
+contain microcode updates in them, but they all have `nomicrocode` in the ROM
+file names. This was previously assumed to actually be the case, until an audit
+revealed otherwise (as of 28 October 2023).
+
+This isn't really a problem, it's not a "bug" per se, just a naming error.
+The fix has been implemented with *this* patch:
+<https://browse.libreboot.org/lbmk.git/commit/?id=83bf23766040d5e1642b8c80d975953c1c34f876>
+
+To put it simply: this will not be fixed. Instead, the above patch
+unsets `microcode_required`, so it defaults to `y`. Therefore, the ROM images
+in next release will contain microcode (as they all do, now) and they will
+not contain `nomicrocode` in the ROM image file names.
+
+On ASUS KFSN4-DRE, KCMA-D8 and KGPE-D16 boards, do this to remove microcode:
+
+	cbfstool filename.rom remove -n microcode_amd.bin
+	cbfstool filename.rom remove -n microcode_amd_fam15h.bin
+
+We recommend *keeping* microcode updates, for reasons written in the [Binary
+Blob Reduction Policy](policy.md).
+
+There is also the recent launch of the [Canoeboot project](https://canoeboot.org/),
+an official sister project of Libreboot, maintained by Leah Rowe who also leads
+the Libreboot project; Canoeboot release images do not ever contain microcode
+updates in them. This is precisely why it will not be fixed in lbmk to fix
+the naming issue. The behaviour is simply disabled instead, becasue there's no
+point adding further complexity to the build system.
--- a/site/news/policy.md
+++ b/site/news/policy.md
@ -2,9 +2,21 @@
 % Leah Rowe
 % 4 January 2022 (updated 15 November 2022)

-The [Censored Libreboot c20230710 release](censored-libreboot20230710.md)
-release provides a clear example as to the merits of this policy, by showing
-what Libreboot would be if it *didn't* adopt this policy.
+The *[Canoeboot project](https://canoeboot.org/)* is an official sister project
+of Libreboot, that implements the GNU Free System Distribution Guidelines
+or *GNU FSDG* as policy, instead of the policy below. Canoeboot is maintained by
+Leah Rowe, the same person who founded the Libreboot project, and who maintains
+Libreboot releases to this day. Criticism of GNU FSDG is provided, in the
+article below.
+
+Canoeboot provides a clear example as to the merits of the policy seen below, by
+showing what Libreboot would be if it *didn't* adopt that policy; it is vastly
+inferior to Libreboot, due to weaker hardware support and less freedom of choice
+for users. Canoeboot is engineered to a high standard, basing off of each
+Libreboot release, but you should still use *Libreboot*. Canoeboot is only
+a *proof of concept*.
+
+And now, without further ado,

 Introduction
 ============
--- a/site/template.de.include
+++ b/site/template.de.include
@ -79,6 +79,8 @@ $endif$
 <li><strong><a href="https://www.patreon.com/libreleah">Spenden</a></strong></li>
 <li><a href="/contact.de.html">Kontakt</a></li>
 <li><strong><a href="https://minifree.org/">Vorinstalliertes Gerät kaufen</a></strong></li>
+<li>-</li>
+<li><strong><a href="https://canoeboot.org/">Canoeboot?</a></strong></li>
 </ul>
 <hr/>
 </header>
--- a/site/template.include
+++ b/site/template.include
@ -79,6 +79,8 @@ $endif$
 <li><strong><a href="https://www.patreon.com/libreleah">Donate</a></strong></li>
 <li><a href="/contact.html">Contact</a></li>
 <li><strong><a href="https://minifree.org/">Buy preinstalled</a></strong></li>
+<li>-</li>
+<li><strong><a href="https://canoeboot.org/">Canoeboot?</a></strong></li>
 </ul>
 <hr/>
 </header>
--- a/site/template.it.include
+++ b/site/template.it.include
@ -79,6 +79,8 @@ $endif$
 <li><strong><a href="https://www.patreon.com/libreleah">Donazioni</a></strong></li>
 <li><a href="/contact.html">Contatti</a></li>
 <li><strong><a href="https://minifree.org/">Compra un PC con libreboot gia' installato</a></strong></li>
+<li>-</li>
+<li><strong><a href="https://canoeboot.org/">Canoeboot?</a></strong></li>
 </ul>
 <hr/>
 </header>
--- a/site/template.uk.include
+++ b/site/template.uk.include
@ -79,6 +79,8 @@ $endif$
 <li><strong><a href="https://www.patreon.com/libreleah">Пожертвувати</a></strong></li>
 <li><a href="/contact.uk.html">Зв'язок</a></li>
 <li><strong><a href="https://minifree.org/">Придбати передвстановленим</a></strong></li>
+<li>-</li>
+<li><strong><a href="https://canoeboot.org/">Canoeboot?</a></strong></li>
 </ul>
 <hr/>
 </header>
--- a/site/template.zh-cn.include
+++ b/site/template.zh-cn.include
@ -79,6 +79,8 @@ $endif$
 <li><strong><a href="https://www.patreon.com/libreleah">捐赠</a></strong></li>
 <li><a href="/contact.html">联系</a></li>
 <li><strong><a href="https://minifree.org/">购买预装品</a></strong></li>
+<li>-</li>
+<li><strong><a href="https://canoeboot.org/">Canoeboot?</a></strong></li>
 </ul>
 <hr/>
 </header>