From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org
X-Spam-Level: 
X-Spam-Status: No, score=-0.8 required=5.0 tests=DKIM_ADSP_CUSTOM_MED,
	DKIM_INVALID,DKIM_SIGNED,FREEMAIL_FROM,MAILING_LIST_MULTI,
	T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.4
Received: (qmail 26387 invoked from network); 3 Jan 2024 15:57:09 -0000
Received: from minnie.tuhs.org (2600:3c01:e000:146::1)
  by inbox.vuxu.org with ESMTPUTF8; 3 Jan 2024 15:57:09 -0000
Received: from minnie.tuhs.org (localhost [IPv6:::1])
	by minnie.tuhs.org (Postfix) with ESMTP id 4B80743DCD;
	Thu,  4 Jan 2024 01:57:04 +1000 (AEST)
Received: from mail-lj1-x236.google.com (mail-lj1-x236.google.com [IPv6:2a00:1450:4864:20::236])
	by minnie.tuhs.org (Postfix) with ESMTPS id C004943D6A
	for <tuhs@tuhs.org>; Thu,  4 Jan 2024 01:56:57 +1000 (AEST)
Received: by mail-lj1-x236.google.com with SMTP id 38308e7fff4ca-2ccbc328744so87528711fa.3
        for <tuhs@tuhs.org>; Wed, 03 Jan 2024 07:56:57 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20230601; t=1704297416; x=1704902216; darn=tuhs.org;
        h=content-transfer-encoding:cc:to:subject:message-id:date:from
         :in-reply-to:references:mime-version:from:to:cc:subject:date
         :message-id:reply-to;
        bh=uURC4cvsH5JDcOUX2UtFK2n11hEPXqi3rrvXWYkfZcU=;
        b=YqIOnGoeqqDNdNT2ggebRVPQf2QOMP/avAiL3cqK42fsBc6973YHM4AvF7rUI/+mWw
         YdNJog03R/qAy9C2R9+Vz1yxKiC+9UN4GrlLEtJePu/GkCAv3gKOXH9ZvgoGoLNwEKOy
         QrJhpfVCCPScVGlwIZc+9zTvZ9lLOKDYl+Np7C4D/+WL2AFTfpYkcwGb2ukfC+uQGnvw
         iNm2RFR0vs0N+GZVdoxy6KIqu9tT7/CGpRxfd4fuVbIIPNbI11dC2R01S1skrM62E948
         D9WicwH/xjYBw51Qj2/EYatNanHCpVswwGy3rgKIwwfLjiNHGwmAX50Aqrt9novZ32AX
         37IA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1704297416; x=1704902216;
        h=content-transfer-encoding:cc:to:subject:message-id:date:from
         :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=uURC4cvsH5JDcOUX2UtFK2n11hEPXqi3rrvXWYkfZcU=;
        b=eT2XEZ2LnAWsmo/Vy0XWVGkUIwbwBed0Oa4iAES5YWijuirMIP0ZJvgmZB/IsKGPvm
         tCyw5RgPpBtHtzXTxmf2rPs3C37U5yc6WTyHKhZIhcQ+jdpVc+ALsvqXLKz7qgrNzs28
         jhYSHsS8GCX8MKB+JKIG9nll0JyFwVSyXkbuGBz2m0SlLWNDTtXFDMrqSPRjZAbN8WB4
         3LcK49KZeuNZPW4XKJU4k4Nq/IB7CDvPf60+vZzYiOh+U+/fNH+laDc7W7Qhcs56xVg0
         kGRP1uKIqTCtk22z6n48HWP/L5fhcPY5jvv35UBK4NOoqJoFcBJNkdEKkZWUf6Fsk65O
         xGGQ==
X-Gm-Message-State: AOJu0YxBfSB3ooS9UwDC01J0KWbrrR+Qra3IAnySoUv6Fn8cWOjWkt4l
	yDItLWqMERrwlLqZ7QJf++f5uQj4xB2v5SjwYro=
X-Google-Smtp-Source: AGHT+IF7NU7A/onn/ZXCLAsWJQMQcbohg/ORQZGsIbTNWQ+M0Fd4wEOnnH/9umt7etwH1ViXSPeNgOVwwBGMPKC8XSY=
X-Received: by 2002:a05:651c:550:b0:2cc:d555:bc6b with SMTP id
 q16-20020a05651c055000b002ccd555bc6bmr6146097ljp.97.1704297415630; Wed, 03
 Jan 2024 07:56:55 -0800 (PST)
MIME-Version: 1.0
References: <6470c59f-a1e5-418f-803d-76bcd761f530@tnetconsulting.net>
 <CAC20D2My_R8mmuV3kgApdW2WZOBBuHzmOpzKDxKx=ZaNgmmVZw@mail.gmail.com>
 <20231231224649.h45pogxycgkgs673@illithid> <20231231230615.GE19322@mcvoy.com>
 <CAEoi9W7VAsQaXGc5YCFQ8m=WcYPyNvsL0dnDdt-fjp8EgLxygw@mail.gmail.com>
 <20240103033345.GA108362@mit.edu> <CANCZdfr7Z=dhW2i9izv4hi69Sigh=6tB05_gksmcZcvf3RDDcA@mail.gmail.com>
 <20240103043036.GB108362@mit.edu> <CANCZdfq8Z3tqmnBZVc=VrohhOrBy3Am2aurGTb6xNuwSyCNvpw@mail.gmail.com>
In-Reply-To: <CANCZdfq8Z3tqmnBZVc=VrohhOrBy3Am2aurGTb6xNuwSyCNvpw@mail.gmail.com>
From: Dan Cross <crossd@gmail.com>
Date: Wed, 3 Jan 2024 10:56:14 -0500
Message-ID: <CAEoi9W4033qf7krHEvdBV1ZasLdp2DiLO8CX6x_kYZuw=041dQ@mail.gmail.com>
To: Warner Losh <imp@bsdimp.com>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Message-ID-Hash: VBB6ILINXFYIBSPVIXYID6WGOPORNTHA
X-Message-ID-Hash: VBB6ILINXFYIBSPVIXYID6WGOPORNTHA
X-MailFrom: crossd@gmail.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: The Unix Heritage Society <tuhs@tuhs.org>
X-Mailman-Version: 3.3.6b1
Precedence: list
Subject: [TUHS] Re: Question about BSD disklabel history
List-Id: The Unix Heritage Society mailing list <tuhs.tuhs.org>
Archived-At: <https://www.tuhs.org/mailman3/hyperkitty/list/tuhs@tuhs.org/message/VBB6ILINXFYIBSPVIXYID6WGOPORNTHA/>
List-Archive: <https://www.tuhs.org/mailman3/hyperkitty/list/tuhs@tuhs.org/>
List-Help: <mailto:tuhs-request@tuhs.org?subject=help>
List-Owner: <mailto:tuhs-owner@tuhs.org>
List-Post: <mailto:tuhs@tuhs.org>
List-Subscribe: <mailto:tuhs-join@tuhs.org>
List-Unsubscribe: <mailto:tuhs-leave@tuhs.org>

On Wed, Jan 3, 2024 at 12:10=E2=80=AFAM Warner Losh <imp@bsdimp.com> wrote:
> On Tue, Jan 2, 2024 at 9:30=E2=80=AFPM Theodore Ts'o <tytso@mit.edu> wrot=
e:
>> [snip]
>> I was confusing LinuxBoot with coreboot, which is
>> used on all ChromeOS devices after 2012, and which completely doesn't
>> use any magic binary blobs supplied by the mainbord vendor.  The
>> tradeoff is that coreboot only supports a very restricted set of
>> hardware, since it has to do all of the things that are "normally"
>> done by the vendor's binary blobs to initialize the hardware devices,
>> etc.  This only works if you have very tight control over hardware,
>> and you have enough influence that you can lean on the mainboard
>> vendors to allow the low-level programming details of their devices to
>> be released in open source code which that can be independently
>> verified and digitally signed by the OS vendor (such as Google in the
>> case of ChromeOS).
>
> I think that some of the open laptops might have a binary blob or two
> buried deep in their coreboot implementation. But it is far more open
> system than EDK2 is... Most of the open parts of EDK2 are what are nerfed
> by LinuxBoot. The private hidden ones are all that remain, alas.

Sadly the situation is even more complex than this.

Consider AMD's EPYC processors: before the x86 cores start up, the PSP
(Platform Security Processor) starts up and does a lot of
pre-pre-initialization: it does DRAM timing training, for instance.
It's also responsible for loading the x86 payload out of the local
flash and setting up the x86 environment so that when those cores come
out of reset, they're running whatever was loaded (for instance, they
can load %cs on the BSC so that it starts somewhere other than the
architecturally-defined segment right below 4GiB). While cool in some
ways ("I don't have to train DRAM? Score!") the PSP is embedded in the
SoC and the firmware is a signed blob you get from AMD. I know there's
an ARM Cortex-A5 in there, but don't know much more about it and even
if I did, I have no way to generate signed images for it. :-/

The point is, even if you've got a completely open stack running on
x86 from the reset vector, there's almost certainly something else
somewhere that's not open (yet).

> So if you are large enough, you can get all the sources. If not, then you
> have to put up with the binary blob, or not run on some computers. :(.

Yup. :-(

        - Dan C.