On Tue, Oct 31, 2017 at 01:56:06PM +0100, Martin Steigerwald wrote: > I agree that such a feature if done like in > > > The ROM code executes (at least partially) in the secure world, and may or > > may not let the bootloader replace it with your own code (typically you > > compile ATF, with or without modifications, instead of writing everything > > from scratch). On free machines like Pine64 or Pinebook, you can do this. > > On most others, you can't, with obvious freedom consequences. Insert the > > usual lecture about hardware you don't truly own. > can be useful. > > As my next music playback machine I may even use such a Pine64. As anything > from ThinkPad X240 and upwards appears to be "protected" by Intel Boot Guard > Verified Boot crap, instead of just offering the Measured Boot feature for > those who want it. Or I go with a ThinkPad X230 where it appears that Intel > ME > cleaner can do its work. May still be better the Pine64 appears to be a tad > bit limited especially by memory, although for music playback it would be > enough if expanded with a large MicroSD card. And it would have the advantage > that I would not have to mess with removing crap as it does not appear to > have > crap inside. And cheaper too. > > Other alternative may be a Chromebook if I can rid it easily enough of Chrome > OS and install my distro of choice on it.
Note that both Pine64 and Pinebook share the same weaknesses: * kernel drivers are not fully upstreamed, nor even fully working for near-mainline yet. The SoC (A64) manufacturer provides no real support, board vendors ship just BSP, thus it all hinges on individuals such as Icenowy Zheng, Corentin Labbe, Jernej Skrabec, Maxime Ripard, etc. For now, parts needed for headless operation are mostly all in vanilla, display uses SimpleFB with proper DRM[1] being only in the process of upstreaming. Noteworthy, audio support is missing -- although I've overheard someone on #linux-sunxi saying he got it working. Let's see how fast audio patches hit the usual pre-linus place (ie, https://github.com/Icenowy/linux). * there _is_ a fully working kernel, based on BSP (vendor) sources, with display, audio and the stuff. This kernel is quite old linux-wise (3.10) which means you can't run current systemd (what a pity...) but even Debian unstable is otherwise ok. Alas, while the kernel is fully free, BSP requires a small blob to initialize stuff before loading u-boot. Unlike x86 stuff, you can at least disassemble and read it (~30KB of code) thus you know there are no backdoors, but it still leaves a bad taste. (Note: I'm using exclusively Icenowy's near-mainline, thus I have no experiences with BSP.) * the SoC is pretty slow, one of slowest ARM64 boards around (although it still beats RPi3 handily). Thus, it doesn't fulfill some needs you may have. It's a nearly[2] fully open, very cheap board that gets things done, but it's good for tinkering, not for "consumer" type usage. Meow! [1]. The good DRM (kernel-based rendering), not MAFIAA restrictions. [2]. There's no documentation for Mali400 GPU acceleration: ie, don't expect fast OpenGL anytime soon. Unlike x86 GPUs, though, display and acceleration are separate chips, thus you don't need Mali for anything 2D. -- ⢀⣴⠾⠻⢶⣦⠀ Laws we want back: Poland, Dz.U. 1921 nr.30 poz.177 (also Dz.U. ⣾⠁⢰⠒⠀⣿⡁ 1920 nr.11 poz.61): Art.2: An official, guilty of accepting a gift ⢿⡄⠘⠷⠚⠋⠀ or another material benefit, or a promise thereof, [in matters ⠈⠳⣄⠀⠀⠀⠀ relevant to duties], shall be punished by death by shooting. _______________________________________________ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
