Merge branch 'master' into master

2023-10-29 12:57:41 +00:00 · 2023-10-29 12:57:41 +00:00 · bde19f8cb7
parent 31bef18593 ce6d9da778
commit bde19f8cb7
16 changed files with 161 additions and 34 deletions
--- a/site/docs/maintain/index.md
+++ b/site/docs/maintain/index.md
@ -1000,7 +1000,7 @@ Updated each time lbmk runs, based on either `git describe` or, on release
 archives, this file is static and never changes. It says the *time* of
 whichever Libreboot revision is currently in use (time of commit).
-At least, you will now learn about the *scripts* (exclusively written as
+At last, you will now learn about the *scripts* (exclusively written as
 posix shell scripts) that constitute the entire Libreboot build system, lbmk:
 Scripts in root directory of lbmk
--- a/site/download.md
+++ b/site/download.md
@ -85,7 +85,6 @@ UK)
 * <rsync://ftp.linux.ro/libreboot/> (linux.ro, Romania)
 * <rsync://mirror.koddos.net/libreboot/> (koddos.net, Netherlands)
 * <rsync://mirror-hk.koddos.net/libreboot/> (koddos.net, Hong Kong)
 * <rsync://mirror.mangohost.net/libreboot/> (mangohost.net, Moldova)
 Are you running a mirror? Contact the libreboot project, and the link will be
 added to this page!
--- a/site/download.uk.md
+++ b/site/download.uk.md
@ -85,7 +85,6 @@ LIBREBOOT](news/safety.md).**
 * <rsync://ftp.linux.ro/libreboot/> (linux.ro, Румунія)
 * <rsync://mirror.koddos.net/libreboot/> (koddos.net, Нідерланди)
 * <rsync://mirror-hk.koddos.net/libreboot/> (koddos.net, Гонконг)
 * <rsync://mirror.mangohost.net/libreboot/> (mangohost.net, Moldova)
 Ви підтримуєте роботу дзеркала? Зв'яжіться з проектом libreboot, і посилання буде
 додано до цієї сторінки!
--- a/site/faq.md
+++ b/site/faq.md
@ -351,8 +351,7 @@ Technology* (AMT).
 Use of the `me_cleaner` utility is believed to minimize any security risk when
 using these Intel platforms, and coreboot *does* contain fully free code for
-sandybridge/ivybridge platforms. Freedom-wise, these are similar to libreboot
+sandybridge/ivybridge platforms.
 compatible ThinkPads, and they are quite nice machines.
 More information about the Management Engine can be found on various Web
 sites, including [me.bios.io](http://me.bios.io/Main_Page),
--- a/site/freedom-status.md
+++ b/site/freedom-status.md
@ -276,6 +276,11 @@ technically required, but highly recommended. To remove, do:
 	cbfstool filename.rom remove -n cpu_microcode_blob.bin
 On ASUS KFSN4-DRE, KCMA-D8 and KGPE-D16 boards, do this instead:
 	cbfstool filename.rom remove -n microcode_amd.bin
 	cbfstool filename.rom remove -n microcode_amd_fam15h.bin
 [Releases after Libreboot 20230423 will provide separate ROMs with microcode
 excluded, alongside default ones with microcode included.](news/microcode.md)
--- a/site/news/MANIFEST
+++ b/site/news/MANIFEST
@ -1,3 +1,4 @@
 canoeboot.md
 libreboot20231021.md
 audit3.md
 audit2.md
--- a/site/news/canoeboot.md
+++ b/site/news/canoeboot.md
@ -0,0 +1,44 @@
 % Canoeboot project launched (new Libreboot fork)
 % Leah Rowe
 % 26 October 2023
 I've started a new sister project of Libreboot, that I will maintain in
 parallel; whenever there is a new Libreboot release, I will then use it to
 create a new release of *Canoeboot*.
 You can find Canoeboot here: <https://canoeboot.org/>
 The first release, Canoeboot 20231026, is here (created on 26 October 2023):
 <https://canoeboot.org/news/canoeboot20231026.html> - it is based on the
 recent [Libreboot 20231021 release](libreboot20231021.md).
 Canoeboot is a *proof of concept* that provides a technical implementation of
 Libreboot, but *without* the [Binary Blob Reduction Policy](policy.md); instead,
 Canoeboot implements the [GNU Free System Distribution
 Guidelines (GNU FSDG)](policy.md#problems-with-fsdg) as policy. GNU FSDG is the
 policy that Libreboot *previously* implemented, until 16 November 2022 when the
 new *Binary Blob Reduction Policy* was enacted.
 The *reduction* policy has resulted in more hardware being supported from
 coreboot, thus bringing free software to more people, and it is handled in the
 manner described by Libreboot's [Freedom Status](../freedom-status.md) page.
 The purpose of Canoeboot is to demonstrate the inferior state Libreboot would
 be in today, if it still adhered to the *old* GNU policy. The goal of Libreboot
 is to help as many people as possible achieve a level of [software
 freedom](https://writefreesoftware.org/learn), so that they may rid themselves
 of proprietary software. This is done, because every user deserves to have the
 freedom to study, adapt, share and use software infinitely, without restrictions.
 By implementing the policies that it has, Libreboot is in a position to do this
 in the most optimal way, whereas Canoeboot can only support a limited subset of
 hardware compared to Libreboot; in other words, Canoeboot's policies are a
 liability to the adoption of free software by normal people everywhere.
 Canoeboot is still a good option if your hardware supports it, but you should
 know: Libreboot *also* provides the very same blob-free, entirely free software
 config on all of the mainboards that Canoeboot supports. Canoeboot is a proof
 of concept, but you *can* use it, if you wish.
 [Patches are also welcome](https://canoeboot.org/git.html) in Canoeboot, if you
 spot something wrong that ought to be fixed or improved.
--- a/site/news/censored-libreboot20230710.md
+++ b/site/news/censored-libreboot20230710.md
@ -2,12 +2,27 @@
 % Leah Rowe
 % 10 July 2023
 **UPDATE, 27 October 2023: The Censored Libreboot and nonGeNUine Boot websites have merged
 into a new project, called Canoeboot. Canoeboot is a new Libreboot-authored
 spinoff project (official fork).**
 **See: [Canoeboot 20231026 release](https://canoeboot.org/news/canoeboot20231026.html) - 
 the original article below showed a desire to work with GNU Boot, but it has
 now been decided that Canoeboot will be an official project of Libreboot,
 providing releases under the old [Binary Blob Elimination
 Policy](https://web.archive.org/web/20221107235850/https://libreboot.org/news/policy.html) (instead of
 Libreboot's current [Binary Blob Reduction Policy](policy.md)).**
 **The situation on 27 October 2023 is not much different, in substance. Please
 see: [Canoeboot vs GNU Boot](https://canoeboot.org/gnuboot.html) - Canoeboot
 will now compete with GNU Boot, rather than try to assist it; they didn't accept
 Libreboot's help anyway.**
 And now, the original article is as follows:
 Warning
 =======
 **Update 21 October 2023: This is quite obsolete now, because
 [Libreboot 20231021](libreboot20231021.md) is out.**
 **This release is *not* recommended for general use. You should still use the
 recent [Libreboot 20230625](libreboot20230625.md) release, which is the
 current stable release. Please also read the [Binary Blob Reduction
--- a/site/news/gnuboot.md
+++ b/site/news/gnuboot.md
@ -2,31 +2,21 @@
 % Leah Rowe
 % 17 July 2023
-**UPDATE 21 October 2023: [Libreboot 20231021](libreboot20231021.md) is out,
+**UPDATE, 27 October 2023: The Censored Libreboot and nonGeNUine Boot websites have merged
-and it's vastly superior to Libreboot 20230625 or nonGeNUine Boot 20230717;
+into a new project, called Canoeboot. Canoeboot is a new Libreboot-endorsed
-and GNU Boot 0.1 RC is still not much different than the state GNU Boot was in
+spinoff project (official fork).**
 at the time of the article below. GNU Boot 0.1 RC (the latest version of GNU
 Boot as of 21 October 2023) is essentially just Libreboot 20220710 plus patches
 I made for them enabling KGPE-D16 to build correctly on modern Linux distros.**
-**It's likely that another FSDG-compatible variant of Libreboot will be made,
+**See: [Canoeboot 20231026 release](https://canoeboot.org/news/canoeboot20231026.html) - 
-again for fun, based on Libreboot 20231021. Watch this space! tl;dr Libreboot
+the original article below showed a desire to work with GNU Boot, but it has
-is vastly superior in the October 2023 revision compared to June 2023, and
+now been decided that Canoeboot will be an official project of Libreboot,
-the June 2023 revision is still superior to GNU Boot (still uses newer coreboot
+providing releases under the old [Binary Blob Elimination
-revisions, has better error handling in the build system, builds more efficiently
+Policy](https://web.archive.org/web/20221107235850/https://libreboot.org/news/policy.html) (instead of
-and is generally just better, because it's literally about 8 months ahead in
+Libreboot's current [Binary Blob Reduction Policy](policy.md)).**
 development, and supports more hardware such as gru chromebooks with u-boot or
 the Dell Latitude E6400 - which GNU Boot still doesn't support. Libreboot today
 is now lightyears ahead, and the recent October 2023 release has coreboot
 revisions 2 years ahead of the ones used in GNU Boot's default coreboot tree (in Libreboot 20230625 and nonGeNUine Boot 20230717, it's still about 18 months ahead).**
-**Two years. Anyway, the original article is as follows (prior to the above):**
+**The situation on 27 October 2023 is not much different, in substance. Please
-
+see: [Canoeboot vs GNU Boot](https://canoeboot.org/gnuboot.html) - Canoeboot
-The purpose of the original article below was to promote my own FSDG-compliant
+will now compete with GNU Boot, rather than try to assist it; they didn't accept
-fork of Libreboot 20230625, which I released as Censored-Libreboot 20230710 and
+Libreboot's help anyway.**
 then nonGeNUine Boot 20230717, with the intent that *GNU Boot* re-use the work,
 but they never re-used any of it except for my D16 build fixes, and one or two
 minor things.
 Original article as it was written, 17 July 2023:
 =================================================
--- a/site/news/libreboot20231021.md
+++ b/site/news/libreboot20231021.md
@ -1136,6 +1136,9 @@ so the relevant acpica tarball was mirrored to Libreboot rsync at last minute.
 Post-release errata
 ===================
 Insertion of PIKE2008 ROMs, i945 bootblock copy
 -----------------------------------------------
 Empty PIKE2008 ROMs not inserted in KCMA-D8 and KGPE-D16 ROMs.
 The 64KB bootblock isn't copied on ThinkPad X60 and T60 ROM images. This has
@ -1165,3 +1168,53 @@ Without the empty PIKE2008 ROM, SeaBIOS will hang on those AMD boards.
 And without the bootblock copied on X60/T60 ROMs, flashing will result in a brick
 under these conditions: bucts not reset and ROM flashed successfully, and/or
 flashing the ROM from LenovoBIOS to Libreboot.
 Fam15h microcode wrongly not detected as inserted
 -------------------------------------------------
 On those boards, `target.cfg` files specified `microcode_required="n"`, and
 the logic in the release script renames ROM images according to this rule:
 * If `cpu_microcode_blob.bin` exists in CBFS, copy the ROM to provide one
  with this file removed.
 * If the file doesn't exist in the first place, *move* (rename) the file
  accordingly under the new name.
 * In either of the above cases, `.rom` is replaced at the end
  with `_nomicrocode.rom`, in any image that either has the microcode removed,
  or if it wasn't there to begin with.
 On these AMD boards (fam10 and fam15h), namely KCMA-D8, KFSN4-DRE and KGPE-D16,
 the microcode is inserted into CBFS as two files,
 namely `microcode_amd.bin` and `microcode_amd_fam15h.bin` - and the bug is
 precisely that lbmk detected (based on only checking `cpu_microcode_blob.bin`)
 no microcode, and thus *moved* (renamed) to names ending
 in `_nomicrocode.rom`.
 In other words, the Libreboot 20231021 ROM images for those boards *all*
 contain microcode updates in them, but they all have `nomicrocode` in the ROM
 file names. This was previously assumed to actually be the case, until an audit
 revealed otherwise (as of 28 October 2023).
 This isn't really a problem, it's not a "bug" per se, just a naming error.
 The fix has been implemented with *this* patch:
 <https://browse.libreboot.org/lbmk.git/commit/?id=83bf23766040d5e1642b8c80d975953c1c34f876>
 To put it simply: this will not be fixed. Instead, the above patch
 unsets `microcode_required`, so it defaults to `y`. Therefore, the ROM images
 in next release will contain microcode (as they all do, now) and they will
 not contain `nomicrocode` in the ROM image file names.
 On ASUS KFSN4-DRE, KCMA-D8 and KGPE-D16 boards, do this to remove microcode:
 	cbfstool filename.rom remove -n microcode_amd.bin
 	cbfstool filename.rom remove -n microcode_amd_fam15h.bin
 We recommend *keeping* microcode updates, for reasons written in the [Binary
 Blob Reduction Policy](policy.md).
 There is also the recent launch of the [Canoeboot project](https://canoeboot.org/),
 an official sister project of Libreboot, maintained by Leah Rowe who also leads
 the Libreboot project; Canoeboot release images do not ever contain microcode
 updates in them. This is precisely why it will not be fixed in lbmk to fix
 the naming issue. The behaviour is simply disabled instead, becasue there's no
 point adding further complexity to the build system.
--- a/site/news/policy.md
+++ b/site/news/policy.md
@ -2,9 +2,21 @@
 % Leah Rowe
 % 4 January 2022 (updated 15 November 2022)
-The [Censored Libreboot c20230710 release](censored-libreboot20230710.md)
+The *[Canoeboot project](https://canoeboot.org/)* is an official sister project
-release provides a clear example as to the merits of this policy, by showing
+of Libreboot, that implements the GNU Free System Distribution Guidelines
-what Libreboot would be if it *didn't* adopt this policy.
+or *GNU FSDG* as policy, instead of the policy below. Canoeboot is maintained by
 Leah Rowe, the same person who founded the Libreboot project, and who maintains
 Libreboot releases to this day. Criticism of GNU FSDG is provided, in the
 article below.
 Canoeboot provides a clear example as to the merits of the policy seen below, by
 showing what Libreboot would be if it *didn't* adopt that policy; it is vastly
 inferior to Libreboot, due to weaker hardware support and less freedom of choice
 for users. Canoeboot is engineered to a high standard, basing off of each
 Libreboot release, but you should still use *Libreboot*. Canoeboot is only
 a *proof of concept*.
 And now, without further ado,
 Introduction
 ============
--- a/site/template.de.include
+++ b/site/template.de.include
@ -79,6 +79,8 @@ $endif$
 <li><strong><a href="https://www.patreon.com/libreleah">Spenden</a></strong></li>
 <li><a href="/contact.de.html">Kontakt</a></li>
 <li><strong><a href="https://minifree.org/">Vorinstalliertes Gerät kaufen</a></strong></li>
 <li>-</li>
 <li><strong><a href="https://canoeboot.org/">Canoeboot?</a></strong></li>
 </ul>
 <hr/>
 </header>
--- a/site/template.include
+++ b/site/template.include
@ -79,6 +79,8 @@ $endif$
 <li><strong><a href="https://www.patreon.com/libreleah">Donate</a></strong></li>
 <li><a href="/contact.html">Contact</a></li>
 <li><strong><a href="https://minifree.org/">Buy preinstalled</a></strong></li>
 <li>-</li>
 <li><strong><a href="https://canoeboot.org/">Canoeboot?</a></strong></li>
 </ul>
 <hr/>
 </header>
--- a/site/template.it.include
+++ b/site/template.it.include
@ -79,6 +79,8 @@ $endif$
 <li><strong><a href="https://www.patreon.com/libreleah">Donazioni</a></strong></li>
 <li><a href="/contact.html">Contatti</a></li>
 <li><strong><a href="https://minifree.org/">Compra un PC con libreboot gia' installato</a></strong></li>
 <li>-</li>
 <li><strong><a href="https://canoeboot.org/">Canoeboot?</a></strong></li>
 </ul>
 <hr/>
 </header>
--- a/site/template.uk.include
+++ b/site/template.uk.include
@ -79,6 +79,8 @@ $endif$
 <li><strong><a href="https://www.patreon.com/libreleah">Пожертвувати</a></strong></li>
 <li><a href="/contact.uk.html">Зв'язок</a></li>
 <li><strong><a href="https://minifree.org/">Придбати передвстановленим</a></strong></li>
 <li>-</li>
 <li><strong><a href="https://canoeboot.org/">Canoeboot?</a></strong></li>
 </ul>
 <hr/>
 </header>
--- a/site/template.zh-cn.include
+++ b/site/template.zh-cn.include
@ -79,6 +79,8 @@ $endif$
 <li><strong><a href="https://www.patreon.com/libreleah">捐赠</a></strong></li>
 <li><a href="/contact.html">联系</a></li>
 <li><strong><a href="https://minifree.org/">购买预装品</a></strong></li>
 <li>-</li>
 <li><strong><a href="https://canoeboot.org/">Canoeboot?</a></strong></li>
 </ul>
 <hr/>
 </header>