PC Engines apu coreboot Open Source Firmware v4.11.0.4

Key changes

Mainline:

  1. Rebased with official coreboot repository commit e53f8c9.
  2. Fixed SD card boot order on apu5.
  3. Added ARM management controller interaction on apu5.
  4. The new PC Engines Open Source Firmware Release 4.10 Signing Key has been enrolled and all coreboot v4.11.0.x versions are signed by this key. See how to verify the image with a new key on asciinema.

Legacy:

  1. Fixed SD card boot order on apu5.
  2. Added ARM management controller interaction on apu5.
  3. The new PC Engines Open Source Firmware Release 4.10 Signing Key has been enrolled and coreboot v4.0.30 and later versions will be signed by this key. See how to verify the image with a new key on asciinema.

coreboot community

Patches sent for review:

Patches merged by community:

Total:

  • 51 lines added,
  • 2 lines removed,

to official coreboot repository.

Statistics

Files Changed

The chart shows the total files changed from release tag against the rebase point of given release specified in CHANGELOG (CHANGELOG.md and gitlab-ci.yml excluded from statistics). Check the statistics with:

git diff --stat e53f8c9 ':(exclude).gitlab-ci.yml' ':(exclude)CHANGELOG.md'

93 files changed, 3158 insertions(+), 366 deletions(-)

Process of mainlining

The chart represents the total line added and deleted on the PC Engines coreboot fork against the rebase point for a given release. Check the statistics with:

git diff --stat e53f8c9 ':(exclude).gitlab-ci.yml' ':(exclude)CHANGELOG.md'

93 files changed, 3158 insertions(+), 366 deletions(-)

Two files have not been included in the diff as mentioned above since they are not a part of coreboot tree.

The number of changes increased due to SD boot order fix on apu5.

Testing

Test changes in this release:

  • enabled SD cards tests on apu5

Mainline test results

  • Mainline:
    • PASSED: 433 (+4)
    • FAILED: 22 (+2)
    • PASSED [%]: 95.16% (-0.39%)

Slightly worse overall PASSED tests percentage results from the on-going random USB detection problem and TinyCore boot stability. The increased number of PASSED tests is a result of enabling SD card tests on apu5.

Legacy test results

  • Legacy:
    • PASSED: 379 (+7)
    • FAILED: 13 (+3)
    • PASSED [%]: 96.68%% (-0.7%)

Slightly worse overall PASSED tests percentage results from the on-going random USB detection problem and TinyCore boot stability. The increased number of PASSED tests is a result of enabling SD card tests on apu5.

Binaries

Mainline

See how to verify the signatures on asciinema

Legacy

See how to verify the signatures on asciinema

What we planned

  1. Improve the support of TPM2 in coreboot and SeaBIOS. Currently there is only the TCPA (TPM1.2) log support in coreboot. Additionally SeaBIOS overwrites existing entries in TPM2 log area. cbmem utility also lacks support for displaying TPM2 log area.

    WORK IN PROGRESS

  2. Reorganize runtime configuration by making it persistent across updates and accessible from user space. Also prepare a tool for offline binary modification.

    WORK IN PROGRESS

  3. Vital Product Data (VPD) support. User will have possibility to store and change VPD configuration in Read-Write section of SPI flash. Moreover, default VPD keys and values will be stored in Read-Only region to protect data against corruption. Also, sortbootorder runtime configuration will be stored in VPD Read-Write section, so access to it will be possible in OS via dedicated util.

    VERIFICATION

  4. ACPI Thermal Zones implementation. BSD systems suffer from lack of Thermal Zones and lack of temperature status on the dashboards of router distributions of BSD systems.

    PATCH SENT TO COREBOOT

Coming soon

Feature and improvements on the roadmap:

  1. Improve the support of TPM2 in coreboot and SeaBIOS. Currently there is only the TCPA (TPM1.2) log support in coreboot. Additionally SeaBIOS overwrites existing entries in TPM2 log area. cbmem utility also lacks support for displaying TPM2 log area.
  2. Reorganize runtime configuration by making it persistent across updates and accessible from user space. Also prepare a tool for offline binary modification.
  3. Vital Product Data (VPD) support. User will have possibility to store and change VPD configuration in Read-Write section of SPI flash. Moreover, default VPD keys and values will be stored in Read-Only region to protect data against corruption. Also, sortbootorder runtime configuration will be stored in VPD Read-Write section, so access to it will be possible in OS via dedicated util.