Libreboot 20230423 is out!

hslick-master 20230423
Leah Rowe 2023-04-23 12:37:26 +01:00
parent 0abe43312d
commit eccd0f2d9f
16 changed files with 211 additions and 38 deletions

View File

@ -57,8 +57,8 @@ Introduction
**To install Libreboot, see: [E6400 installation **To install Libreboot, see: [E6400 installation
instructions](../install/e6400.md)** instructions](../install/e6400.md)**
ROM images for Dell Latitude E6400 will be available in the next Libreboot ROM images for Dell Latitude E6400 are available for flashing in the Libreboot
release after 20230413, or you can compile a ROM image for installation via release 20230423 onwards, or you can compile a ROM image for installation via
lbmk, see: [build instructions](../build/) lbmk, see: [build instructions](../build/)
We believe all models with iGPU are GM45 and will work perfectly. We suspect We believe all models with iGPU are GM45 and will work perfectly. We suspect

View File

@ -36,7 +36,7 @@ Introduction
============ ============
Libreboot has support for this, in the Git repository and release versions Libreboot has support for this, in the Git repository and release versions
after (but *not* including) the Libreboot 20230413 release. from Libreboot 20230423 onwards.
Brief board info Brief board info
---------------- ----------------

View File

@ -7,7 +7,7 @@ Introduction
============ ============
Libreboot has support for this, in the Git repository and release versions Libreboot has support for this, in the Git repository and release versions
after (but *not* including) the Libreboot 20230413 release. from 20230423 onwards.
Brief board info Brief board info
---------------- ----------------

View File

@ -37,7 +37,7 @@ Introduction
HP EliteBook Folio 9470m is a 14" ultrabook with a backlit keyboard. HP EliteBook Folio 9470m is a 14" ultrabook with a backlit keyboard.
Libreboot has support for this, in the Git repository and release versions Libreboot has support for this, in the Git repository and release versions
after (but *not* including the Libreboot 20230413 release. from Libreboot 20230423 onwards.
Installation of Libreboot Installation of Libreboot
========================= =========================

View File

@ -6,9 +6,10 @@ x-toc-enable: true
Introduction Introduction
============ ============
Initial flashing instructions for the E6400. ROM images for this board will be Initial flashing instructions for the E6400.
available in Libreboot releases *after* Libreboot 20230413, or you can [build
ROM images from source via lbmk](../build/). **ROM images are available in the [Libreboot 20230423
release](../../news/libreboot20230423.md), and subsequent releases.**
This guide is for those who want libreboot on their Latitude E6400 while This guide is for those who want libreboot on their Latitude E6400 while
they still have the original Dell BIOS present. This guide can also be they still have the original Dell BIOS present. This guide can also be
@ -64,7 +65,7 @@ the machine apart. It can be done entirely from Linux. It will probably also
work on BSD systems, but it has only been testing on Linux thus far. work on BSD systems, but it has only been testing on Linux thus far.
Check `util/e6400-flash-unlock` in the `lbmk.git` repository, or in release Check `util/e6400-flash-unlock` in the `lbmk.git` repository, or in release
archives for Libreboot releases *after* 20230413. archives for Libreboot releases from 20230423 onwards.
Go in there: Go in there:

View File

@ -14,7 +14,7 @@ Libreboot from source, [read this page](docs/build/).
GPG signing key GPG signing key
--------------- ---------------
**The latest release is Libreboot 20230413, under the `testing` directory.** **The latest release is Libreboot 20230423, under the `testing` directory.**
### NEW KEY ### NEW KEY
@ -51,7 +51,7 @@ there is a Git repository that you can download from. Go here:
HTTPS mirrors {#https} HTTPS mirrors {#https}
------------- -------------
**The latest release is Libreboot 20230413, under the `testing` directory.** **The latest release is Libreboot 20230423, under the `testing` directory.**
These mirrors are recommended, since they use TLS (https://) encryption. These mirrors are recommended, since they use TLS (https://) encryption.
@ -142,7 +142,7 @@ crontab. This page tells you how to use crontab:
HTTP mirrors {#http} HTTP mirrors {#http}
------------ ------------
**The latest release is Libreboot 20230413, under the `testing` directory.** **The latest release is Libreboot 20230423, under the `testing` directory.**
WARNING: these mirrors are non-HTTPS which means that they are WARNING: these mirrors are non-HTTPS which means that they are
unencrypted. Your traffic could be subject to interference by unencrypted. Your traffic could be subject to interference by
@ -156,7 +156,7 @@ if using HTTPS.
FTP mirrors {#ftp} FTP mirrors {#ftp}
----------- -----------
**The latest release is Libreboot 20230413, under the `testing` directory.** **The latest release is Libreboot 20230423, under the `testing` directory.**
WARNING: FTP is also unencrypted, like HTTP. The same risks are present. WARNING: FTP is also unencrypted, like HTTP. The same risks are present.

View File

@ -14,13 +14,13 @@ Libreboot із джерельного кода, [прочитайте цю ст
Код підпису GPG Код підпису GPG
--------------- ---------------
**Останнім випуском є Libreboot 20230413, в директорії `testing`.** **Останнім випуском є Libreboot 20230423, в директорії `testing`.**
### НОВИЙ КЛЮЧ ### НОВИЙ КЛЮЧ
Повний відбиток ключа: `98CC DDF8 E560 47F4 75C0 44BD D0C6 2464 FA8B 4856` Повний відбиток ключа: `98CC DDF8 E560 47F4 75C0 44BD D0C6 2464 FA8B 4856`
Вищезазначений ключ для Libreboot 20230413, та наступних випусків. Вищезазначений ключ для Libreboot 20230423, та наступних випусків.
Завантажте ключ тут: [lbkey.asc](lbkey.asc) Завантажте ключ тут: [lbkey.asc](lbkey.asc)
@ -51,7 +51,7 @@ Libreboot із джерельного кода, [прочитайте цю ст
Дзеркала HTTPS {#https} Дзеркала HTTPS {#https}
------------- -------------
**Останнім випуском є Libreboot 20230413, в директорії `testing`.** **Останнім випуском є Libreboot 20230423, в директорії `testing`.**
Дані дзеркала є рекомендованими, оскільки використовують TLS (https://) шифрування. Дані дзеркала є рекомендованими, оскільки використовують TLS (https://) шифрування.
@ -142,7 +142,7 @@ crontab. Ця сторінка розповідає вам, як викорис
Дзеркала HTTP {#http} Дзеркала HTTP {#http}
------------ ------------
**Останнім випуском є Libreboot 20230413, під директорією `testing`.** **Останнім випуском є Libreboot 20230423, під директорією `testing`.**
УВАГА: ці дзеркала є не-HTTPS, що означає, що вони УВАГА: ці дзеркала є не-HTTPS, що означає, що вони
незашифровані. Ваш трафік може бути об'єктом втручання незашифровані. Ваш трафік може бути об'єктом втручання
@ -156,7 +156,7 @@ crontab. Ця сторінка розповідає вам, як викорис
Дзеркала FTP {#ftp} Дзеркала FTP {#ftp}
----------- -----------
**Останнім випуском є Libreboot 20230413, під директорією `testing`.** **Останнім випуском є Libreboot 20230423, під директорією `testing`.**
УВАГА: FTP є також незашифрованим, подібно HTTP. Ті ж самі ризики присутні. УВАГА: FTP є також незашифрованим, подібно HTTP. Ті ж самі ризики присутні.

View File

@ -341,10 +341,9 @@ firmware is inserted into main boot flash, rather than being on a separate IC.
This is *better* because libre replacements would be more easy to install in This is *better* because libre replacements would be more easy to install in
the future, and reverse engineering is made much easier by it. Libreboot's the future, and reverse engineering is made much easier by it. Libreboot's
build system handles such firmware in `blobutil`, automatically downloading build system handles such firmware in `blobutil`, automatically downloading
it during the build process - releases after Libreboot 20230413, which lacks it during the build process. Libreboot 20230423 onwards does scrub EC firmware
such EC integration for HPs, will scrub EC firmware and provide functionality and provide functionality in `blobutil` insert, to insert them with `cbfstool`
in `blobutil` insert, to insert them with `cbfstool` at the correct offset as at the correct offset as defined by coreboot config for each board.
defined by coreboot config for each board.
As stated, Libreboot provides this in a state where the ME is no longer a As stated, Libreboot provides this in a state where the ME is no longer a
threat to security. It initialises itself, but then does nothing, so it's threat to security. It initialises itself, but then does nothing, so it's

View File

@ -341,11 +341,10 @@ firmware is inserted into main boot flash, rather than being on a separate IC.
This is *better* because libre replacements would be more easy to install in This is *better* because libre replacements would be more easy to install in
the future, and reverse engineering is made much easier by it. Libreboot's the future, and reverse engineering is made much easier by it. Libreboot's
build system handles such firmware in `blobutil`, automatically downloading build system handles such firmware in `blobutil`, automatically downloading
it during the build process - releases after Libreboot 20230413, which lacks it during the build process - Libreboot 20230423 onwards does scrub EC firmware
such EC integration for HPs, will scrub EC firmware and provide functionality and provide functionality in `blobutil` insert, to insert them with `cbfstool`
in `blobutil` insert, to insert them with `cbfstool` at the correct offset as at the correct offset as defined by coreboot config for each board. - **TODO:
defined by coreboot config for each board. - **TODO: English paragraph that English paragraph that needs to be translated into Ukrainian.**
needs to be translated into Ukrainian.**
Як заявлено, Libreboot надає це в стані, де ME більше не є Як заявлено, Libreboot надає це в стані, де ME більше не є
загрозою для безпеки. Він ініціалізує себе, але потім нічого не робить, тому його загрозою для безпеки. Він ініціалізує себе, але потім нічого не робить, тому його

View File

@ -11,8 +11,8 @@ remplacement pour le micrologiciel UEFI/BIOS propriétaire.
Des canaux d'aide sont disponibles Des canaux d'aide sont disponibles
dans le canal [\#libreboot](https://web.libera.chat/#libreboot) sur le serveur IRC [Libera](https://libera.chat/). dans le canal [\#libreboot](https://web.libera.chat/#libreboot) sur le serveur IRC [Libera](https://libera.chat/).
**NOUVELLE VERSION: La dernière version est [Libreboot 20230413](news/libreboot20230413.md), sortie **NOUVELLE VERSION: La dernière version est [Libreboot 20230423](news/libreboot20230423.md), sortie
le 13 Avril 2023.** le 23 Avril 2023.**
Pourquoi devriez-vous utiliser Libreboot? Pourquoi devriez-vous utiliser Libreboot?
----------------------------------- -----------------------------------

View File

@ -13,9 +13,9 @@ firmware. Help is available
via [\#libreboot](https://web.libera.chat/#libreboot) via [\#libreboot](https://web.libera.chat/#libreboot)
on [Libera](https://libera.chat/) IRC. on [Libera](https://libera.chat/) IRC.
**NEW RELEASE: The latest release is Libreboot 20230413, released on **NEW RELEASE: The latest release is Libreboot 20230423, released on
14 April 2023. 23 April 2023.
See: [Libreboot 20230413 release announcement](news/libreboot20230413.md).** See: [Libreboot 20230423 release announcement](news/libreboot20230423.md).**
Why should you use *libreboot*? Why should you use *libreboot*?
---------------------------- ----------------------------

View File

@ -13,8 +13,8 @@ x-toc-enable: true
через [\#libreboot](https://web.libera.chat/#libreboot) через [\#libreboot](https://web.libera.chat/#libreboot)
на [Libera](https://libera.chat/) IRC. на [Libera](https://libera.chat/) IRC.
**НОВИЙ ВИПУСК: Останній випуск Libreboot 20230413, випущено 13 квітня 2023. **НОВИЙ ВИПУСК: Останній випуск Libreboot 20230423, випущено 23 квітня 2023.
Дивіться: [Оголошення про випуск Libreboot 20230413](news/libreboot20230413.md).** Дивіться: [Оголошення про випуск Libreboot 20230423](news/libreboot20230423.md).**
Чому вам варто використовувати *libreboot*? Чому вам варто використовувати *libreboot*?
---------------------------- ----------------------------

View File

@ -1,3 +1,4 @@
libreboot20230423.md
hp_elitebooks.md hp_elitebooks.md
e6400.md e6400.md
gm45microcode.md gm45microcode.md

View File

@ -6,7 +6,8 @@ UPDATE: This also applies to the Dell Latitute E6400 port, added on 19
April 2023 to Libreboot. See: [E6400 announcement](e6400.md) April 2023 to Libreboot. See: [E6400 announcement](e6400.md)
The change described in this article is *not* present in Libreboot 20221214, The change described in this article is *not* present in Libreboot 20221214,
20230319 or 20230413 - it will be present in the *next* Libreboot release. 20230319 or 20230413 - **UPDATE: [Libreboot 20230423 is out, and includes
this change on all GM45 targets](libreboot20230423.md)**
If you want a no-microcode setup, either [build the If you want a no-microcode setup, either [build the
latest Libreboot from source via lbmk](../docs/build/) and remove the microcode latest Libreboot from source via lbmk](../docs/build/) and remove the microcode

View File

@ -28,9 +28,6 @@ existing supported hardware; the focus is going to be on adding *more* boards
to Libreboot, to support more hardware. I've been on a spree, buying lots of to Libreboot, to support more hardware. I've been on a spree, buying lots of
mainboards that coreboot supports, that would be interesting in Libreboot. mainboards that coreboot supports, that would be interesting in Libreboot.
It is my intention that the next Libreboot release will be an *official*
stable release!
Build from source Build from source
----------------- -----------------

View File

@ -0,0 +1,175 @@
% Libreboot 20230423 released!
% Leah Rowe
% 23 April 2023
Introduction
============
Libreboot provides boot firmware for supported x86/ARM machines, starting a
bootloader that then loads your operating system. It replaces proprietary
BIOS/UEFI firmware on x86 machines, and provides an *improved* configuration
on ARM-based chromebooks supported (U-Boot bootloader, instead of Google's
depthcharge bootloader). On x86 machines, the GRUB and SeaBIOS coreboot
payloads are officially supported, provided in varying configurations per
machine. You can find the list of supported hardware in the Libreboot
documentation.
The last Libreboot release, version 20230413, was released on 13 April
in 2023. *This* new release, Libreboot 20230423, is released today on
April 23rd, 2023.
This is marked as a *testing* release, though it is *basically stable*.
We've been going at it like crazy, on a big spree adding more mainboards from
coreboot. Some fixes to the build system were also made, since the last release
only *10 days ago*.
The *priority* for Libreboot is to add as many new boards as possible, from now
to the next stable release (ETA Q3 2023), with many testing releases in
between. Release early, release often. Rigorious testing ensues.
Build from source
-----------------
*This* release was build-tested on Debian *Sid*, as of 23 April 2023. Your
mileage may vary, with other distros. Refer to Libreboot documentation.
KCMA-D8 and KGPE-D16 wanted!
----------------------------
[ASUS KGPE-D16 and KCMA-D8 needed for testing!](kgpe-d16.md)
These boards still haven't made it back to Libreboot, but I wish to re-add
them in a future release. If you can give/loan me a fully assembled workstation
with one (or both) of these, I would appreciate it. Please
[get in touch](../contact.md)!
Work done since last release
============================
This is in the last *10 days*, since the previous release was 10 days ago!
Ergo, this is a very conservative changelog. It seems Libreboot has been
releasing almost fortnightly, as of late; perhaps this could continue from
now on.
New mainboards now supported:
-----------------------------
* **Dell Latitude E6400 (laptop)** (GM45, blob-free, flashable entirely in
software, no disassembly required!) - courtesy Nicholas Chin, `nic3-14159` on
Libreboot IRC.
* HP Compaq 8200 Elite SFF (desktop), courtesy Riku Viitanen (`Riku_V` on
Libreboot IRC) - *Sandybridge* hardware generation, really nice machine,
cheap, easy to flash, supports 32GB RAM, multiple HDDs etc.
* HP EliteBook Folio 9470m (laptop), courtesy Riku Viitanen (IvyBridge gen)
* HP EliteBook 2560p (laptop), courtesy Riku Viitanen (*seriously* cool guy) -
Sandybridge hardware gen
Build system changes:
---------------------
* **GM45 no-microcode bug mitigations re-added: revert to old SMRR handling
and disable PECI (for e.g. X200/T400 users who want to [remove microcode
updates](gm45microcode.md), using `cbfstool`) - fixes broken reboot/speedstep
CPU scaling in such configuration.** - Patch:
<https://browse.libreboot.org/lbmk.git/commit/?id=bd4ea9a02845b22a09b73ebb015ce134234d100b>
(patch by Leah Rowe) - this also affects Dell Latitude E6400, and it can be
used there on that board. We recommend *keeping* microcode updates, but these
mitigations were re-added to satisfy users of older releases that excluded
them, who want to still have the option to feasibly run without them.
[This is ill advised, due to bugs that the microcode updates
fix](gm45microcode.md)
* `blobutil/inject`: Fixed bad variable expansion pattern
* `build/release/roms`: HP KBC1126 EC firmware scrubbed from release ROMs, for
re-insertion later via `./blobutil download` and `./blobutil inject` like
with ME images via `me_cleaner` - for HP laptops.
* `build/dependencies/parabola`: New script for installing build dependencies
in Parabola GNU+Linux, courtesy of Riku Viitanen (`Riku_V` on Libreboot IRC)
* `util/nvmutil`: sorted includes alphabetically; `sys/` first (puffy!)
* `util/e6400-flash-unlock`: New utility for Dell Latitude E6400 added, written
by Nicholas Chin (`nic3-14159` on Libreboot IRC). It writes EC commands to
unlock the flash, pulling `GPIO33`/`HDA_DOCK_EN` to a low logic state. This
disables IFD-based flash protections. On Dell E6400, the EC is hooked up to
GPIO33 and Dell's own BIOS offers no other protections, so the machine can
be flashed *entirely with software on the host CPU*, from Dell BIOS to
Libreboot! See:
<https://browse.libreboot.org/lbmk.git/tree/util/e6400-flash-unlock>
* GRUB payload: `grub.cfg` menu timeout now 30s, not 5s
* `blobutil/download`: support downloading KBC1126-based EC firmware for HP
laptops. (patch by Leah Rowe)
* `blobutil/download: Support extracting `me.bin` from full archives, when
running `./blobutil download` - this is done, using the `-M` option
in `me_cleaner` (some vendors put whole ROM images with IFD, GBE, ME and BIOS
regions in them, inside their BIOS update archives - we only need to get ME
from them, to run through `me_cleaner`) in `me_cleaner`. Ninja'd into lbmk by
Leah Rowe.
Hardware supported in this release
==================================
All of the following are believed to *boot*, but if you have any issues,
please contact the Libreboot project. They are:
Desktops (AMD, Intel, x86)
-----------------------
- [Gigabyte GA-G41M-ES2L motherboard](../docs/hardware/ga-g41m-es2l.md)
- [Acer G43T-AM3](../docs/hardware/acer_g43t-am3.md)
- [Intel D510MO and D410PT motherboards](../docs/hardware/d510mo.md)
- [Apple iMac 5,2](../docs/hardware/imac52.md)
- [HP Elite 8200 SFF](hp8200sff.md) (HP 6200 Pro Business probably works too)
### Laptops (Intel, x86)
- **[Dell Latitute E6400](e6400.md) (easy to flash, no disassembly, similar
hardware to X200/T400)**
- ThinkPad X60 / X60S / X60 Tablet
- ThinkPad T60 (with Intel GPU)
- [Lenovo ThinkPad X200 / X200S / X200 Tablet](../docs/hardware/x200.md)
- Lenovo ThinkPad X230
- Lenovo ThinkPad X301
- [Lenovo ThinkPad R400](../docs/hardware/r400.md)
- [Lenovo ThinkPad T400 / T400S](../docs/hardware/t400.md)
- [Lenovo ThinkPad T500](../docs/hardware/t500.md)
- [Lenovo ThinkPad T530](../docs/install/ivy_has_common.md)
- [Lenovo ThinkPad W500](../docs/hardware/t500.md)
- [Lenovo ThinkPad R500](../docs/hardware/r500.md)
- [Apple MacBook1,1 and MacBook2,1](../docs/hardware/macbook21.md)
- [Lenovo ThinkPad T440p](../docs/install/t440p_external.md)
- [Lenovo Thinkpad X220](../docs/install/ivy_has_common.md)
- [Lenovo Thinkpad X220t](../docs/install/ivy_has_common.md)
- [Lenovo Thinkpad T420](../docs/install/ivy_has_common.md)
- [Lenovo ThinkPad T420S](../docs/install/ivy_has_common.md)
- [Lenovo ThinkPad T430](../docs/install/ivy_has_common.md)
- [Lenovo Thinkpad X230](../docs/install/x230_external.md)
- [Lenovo Thinkpad X230t](../docs/install/x230_external.md)
- [Lenovo ThinkPad W541](../docs/install/ivy_has_common.md)
- [HP EliteBook 2560p](hp2560p.md)
- [HP EliteBook Folio 9470m](hp9470m.md)
### Laptops (ARM, with U-Boot payload)
- [HP Chromebook 14 G3 (nyan-blaze)](../docs/install/chromebooks.md)
- [Acer Chromebook 13 (CB5-311, C810) (nyan-big)](../docs/install/chromebooks.md)
- [ASUS Chromebook Flip C101 (gru-bob)](../docs/install/chromebooks.md)
- [Samsung Chromebook Plus (v1) (gru-kevin)](../docs/install/chromebooks.md)
More boards soon!
=================
I've purchased about ~10 HP mainboards, all of the viable sandybridge,
ivybridge and haswell ones from coreboot. I'm going to add them all.
I also have Dell Optiplex 7020 and 9020; these are on coreboot gerrit and
will also be added, in the next Libreboot release (Haswell gen).
I'm going to re-work a lot of the merged Haswell boards, so that they can
also make use of Angel's experimental libre MRC raminit and such, currently
available on ThinkPad T440p and W541 as an option in Libreboot (including in
this release!)
Downloads
=========
You can find this release on the downloads page. At the time of this
announcement, some of the rsync mirrors may not have it yet, so please check
another one if your favourite one doesn't have it.