Yeah, there's something a bit ironic about a store with the tagline "GNU+Linux laptops with Libreboot preinstalled." putting a laptop without libreboot at the front. I understand why, but at the same time, it feels ever so slightly disingenuous, since you can install coreboot/run me_cleaner on a pretty wide range of computers (e.g. Purism's laptops), while libreboot can only run on a handful of late 2000s laptops.
Unless new progress has been made that I'm not aware of, you need at least another blob beside the ME firmware (me.bin) to build a full coreboot image on the X230: there's the "Intel flash descriptor" (ifd.bin). I'm not sure if that contains executable code or it can be generated similarly to the gbe.bin (ethernet controlled config).
yeah but that's not software. It's configuration data, in a binary format that's well-documented. There is also a tool for managing it in coreboot, called ifdtool.
There is also the GbE NVM (non-volatile memory) region, which configures the onboard ethernet chipset.
These configure the hardware, and the format is fully documented by datasheets.
Thanks for the explanation. Do you know if it would be possible to fully create an ifd.bin knowing the specs of the mainboard? Basically the opposite of `ifdtool --dump`. I'm surprised because it seems to contain some pretty secretive options like the HAP bit.
Yeah it's possible to know the format by reading the Intel datasheets (sandybridge/ivybridge ones). Certain parts are "reserved" but have been reverse engineered like you see in ifdtool.
In Libreboot there is a tool that I wrote called ich9gen, which can entirely generate ich9 ifd+gbe from scratch. This does not exist yet for sandy/ivy i think, but yes there is that --dump option in ifdtool.
By the way:
bincfg is a nice tool in coreboot, and you can write a spec file for that, based on intel datasheet, to generate gbe/ifd images. I actually have this on my todo list, as I've been studying it. The datasheets are very confusing especially for the Gbe NVM region, making it look like it's not even documented, but it is, poorly.
> I actually have this on my todo list, as I've been studying it. The datasheets are very confusing especially for the Gbe NVM region, making it look like it's not even documented, but it is, poorly.
That's very good news. I thank you for all the work you've done on this.
It's not false advertising, there are no lies or outright deception. However, it feels disingenuous to me because there are lots of laptops out there that can either have coreboot flashed or you can run me_cleaner on, possibly laptops that people already own.
The store's branding overall and presentation leans hard on being 100% totally free, and once you deviate from that "absolutely totally free of proprietary" status your market options open up dramatically.
This is still a valuable service to some people. I didn't mean to come off so negative, but I also feel people who read the page wouldn't realize they have other market options that are "just as free" as the X230. The benefit of buying from this storefront is supporting Libreboot development and Leah Rowe.
However, those other companies that advertise neutered ME are shipping newer Intel platforms where actual x86 hardware initialization is handled by binary blobs (e.g. Intel FSP).
Sandybridge and Ivybridge platforms (e.g. X220/X230) in coreboot are all free software for the x86 part, and that's the majority of it. It's only the ME that isn't. With me_cleaner used, it's very close to Libreboot.
X230 used to be worse in coreboot; for instance, it previously had non-free raminit. Nowadays, it's all GPL code.
