[coreboot] desktop build w/ coreboot

Just curious if anybody could put me in touch with someone in the USA who would be willing to build me a desktop pc with coreboot, upon which I could install my own Linux OS? Thanks, Sean -- coreboot mailing list: coreboot@coreboot.org http://www.coreboot.org/mailman/listinfo/coreboot

[coreboot] desktop debacle

Shot in the dark, but interesting questions nonetheless: Are there any commercially built desktops/workstations available (age not a factor) that will accept and run coreboot/linux bios without any alteration other than flasing the bios to coreboot ? I cannot use any Google product, although I wis

[coreboot] Re: What should we do about freenode IRC services?

On Thursday, May 27, 2021 10:14 AM, Angel Pons wrote: > Hi, > > On Thu, May 27, 2021 at 10:05 AM Patrick Georgi patr...@georgi-clan.de wrote: > > > For that reason I created https://review.coreboot.org/c/coreboot/+/55010 > > and https://review.coreboot.org/c/coreboot/+/55011 that retarget IRC

[coreboot] Re: how intel ME is connected to the internet ?

On Sunday, October 3rd, 2021 at 12:23 PM, Sam Kuper wrote: > > Someone (a PhD student, maybe?) should make these questions the subject > > of a research project. Perhaps it has already been done. As I say, I'm > > a bit out of the loop just now. > I'm highly recommend this thesis abou

[coreboot] Re: Security notice: SMM can be hijacked by the OS on APs

Nice hunt, Arthur! The attack surface in coreboot is lesser than UEFI but the misconfig during the setup will lead to serious issue. This one is neat and worth a CVE. Please use CVE-2022-29264 as record: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29264 regards Shawn --- Origi

[coreboot] Re: Servers?

We manufactured small amount of servers based on x11sch-f which the coreboot support done by 9elements. It's currently support the features that most ppl need including TPMv2. CBnT had some issues still though. It's not that hard if any organization try to assemble their own Common Building Bloc

[coreboot] Re: Servers?

ng for something with a higher core density > and overall availability. I know supply issues is a problem for everyone. > > Any more info on the hosts you manufactured? > > Thanks! > > > > > > On Tuesday, Jul 12, 2022 at 10:17 PM, Shawn C > > wrote: > &g

[coreboot] Does CHIPSET_LOCKDOWN_COREBOOT still work?

Hi guys, We've been using SMM only for security chipset lockdown enablement via coreboot payload (VaultBoot) and have tested it on x11ssh-tf (KabyLake) back in 2019 and it works well: ✓ https://github.com/hardenedlinux/Debian-GNU-Linux-Profiles/blob/master/scripts/harbian_fw/hardenedboot_skylak

[coreboot] Asan/Ubsan for further testing

Hi, coreboot have two types of sanitizers already: Ubsan and Asan. This is good starting point. I found a few catches by simply enabling CONFIG_COVERAGE, CONFIG_UBSAN and CONFIG_ASAN: https://ticket.coreboot.org/issues/288 The developer seems haven't enable them in the testing process yet. It w

[coreboot] Re: Asan/Ubsan for further testing

Hi Harshit, I really appreciate your work on ASan. It's very helpful for killing bugs. Deferenceing the shadow_addr is supposed to return either 0 or unsigned random number and it's basically what you'll expect if you compile an userspace program with GCC-v7.3/v8.3/v9.3 as I mentioned in the pr