From: bernie Date: Tue, 30 Jun 2020 12:14:37 +0000 (-0400) Subject: Edit page CorebootX230 X-Git-Url: https://codewiz.org/gitweb?a=commitdiff_plain;h=3bd82e4db5cbee2d699817c1421a518e74496e8c;p=wiki.git Edit page CorebootX230 --- diff --git a/CorebootX230 b/CorebootX230 new file mode 100644 index 0000000..7750d73 --- /dev/null +++ b/CorebootX230 @@ -0,0 +1,92 @@ +By Bernie Innocenti, 23 March 2014 (re-published with minor edits on 30 June 2020) + +== Flashing Coreboot on the Thinkpad X230 == + +
{{pictures/misc/x230-flashing.jpg | maxwidth=640}}
+ +Coreboot, the free PC BIOS that powers all Google Chromebooks, was recently ported to the Thinkpad X230 +by the long time GRUB hacker Vladimir 'φ-coder' Serbinenko. So this week-end, just while Libre Planet was +taking place at the nearby MIT Stata Center, I decided to give a shot at it. Building a custom Coreboot +image for the X230 was relatively easy: + +{{{ +git clone http://review.coreboot.org/p/coreboot    cd coreboot +git submodule update --init --checkout +make crosstools-i386 +# install the .config file provided by phcoder on the Coreboot wiki +make oldconfig +make +}}} + +The build process generates a 12MB image containing all the board-specific code to initialize the hardware +and a "payload" program to continue the boot process. I chose SeaBIOS, a legacy PC BIOS which can boot off +hard-drives and other media. + +Things get interesting at this point: until someone figures out a way to workaround for Lenovo's BIOS +write protection, flashing Coreboot requires a SPI programmer.  So I borrowed a Pirate Bus with a Pomona 5250 +SOIC test clip from some friends at the [[https://www.fsf.org/ | Free Software Foundation]]. +The +3.3V pin of the SOIC chip is connected to several other components on the motherboard and pulls a +lot of current while flashing (>400mA), so I had to hook it up to a beefy external power supply, being +careful not to fry the entire motherboard. + +The X230 BIOS resides in two SPI flash chips of 8 and 4 megabytes that contain several things +(for the details, check the X230 flashing instructions in the Coreboot wiki). Because my Coreboot image +was small enough to fit into the top 4MB, I only had to flash one chip. From a separate machine, I used +the 'flashrom' tool to backup the original BIOS, so I could easily restore it in case I couldn't get +Coreboot to work. + +{{{ +sudo flashrom -p buspirate_spi:dev=/dev/ttyUSB0,spispeed=8M -c MX25L3206E -r x230-orig-4M.rom +}}} + +Next, I crossed fingers and wrote my Coreboot image: + +{{{ +sudo flashrom -p buspirate_spi:dev=/dev/ttyUSB0,spispeed=8M -c MX25L3206E -w x230-bernie-4M.rom +}}} + +The entire operation takes about 15 minutes. The Pirate Bus isn't the fastest SPI programmer on +the planet, but it costs only $30 and it's pretty reliable. Ok, now let's disconnect the clip and +power on the laptop. The leds blink a little. The machine seems alive, but the LCD panel doesn't +turn on. From the hard drive led it's evident that the system is booting, so I hook up an external +VGA monitor and see a familiar password prompt. + +I already knew I was missing the VGA BIOS blob that initialize the video ports, but I wanted to see +if Linux was able to do it after boot. So I cried for help in the #coreboot IRC channel, and phcoder +pointed me at [[http://review.coreboot.org/#/c/5396/ | a patch]] floating around in Gerrit which +contains 8KB of magical numbers to initialize the flat panel. + +The title photo shows the colorful result I got while trying phcoder's off-tree patch with SeaBIOS. +Phcoder hinted that a recent snapshot of GRUB2 should initialize the display properly, and then went to sleep. +Other Coreboot developers on IRC helped me debug my configuration until, finally, I powered on the laptop and +in a couple of seconds a familiar GRUB2 prompt appeared on the panel. +From there, I could easily load the OS bootmenu: + +{{{ +set root=(ahci,msdos1) +source /grub/grub.cfg +normal +}}} + +Of course, it's also possible to build a custom grub.cfg into the Coreboot image and let the machine boot +automatically. There's also [[http://www.coreboot.org/pipermail/seabios/2014-February/007651.html | a set of SeaBIOS patches]] +which enable native VGA initialization. I got these patches to apply to my tree, but the resulting display is still messed up. +The author, Kevin O'Connor, is away from the keyboard at the moment. + +Another open problem is that the S3 mode (aka sleep mode) is totally broken: instead of resuming, the machine simply reboots. +This is annoying enough to prevent me from using Coreboot on my main machine. Before I can even attempt debugging this I need +to figure out a way to get a debug console, because there are no usable serial ports on the X230. One of the Coreboot devs +on IRC said that Android phones can serve as usbdebug dongles; I guess I'll try it next week if I have time. + +Note that the resulting machine is still running plenty of scary proprietary code: there's the firmware for the Embedded Controller, +a separate processor which manages power and keyboard input, and the Intel Management Engine (ME), +which runs even while the machine is sleeping, and for which interesting persistent rootkits have been demonstrated by clever +security researchers years ago. + +There are no alternatives for the ME firmware at this time, but free  implementations of the EC firmware exist for various +Chromebooks and for the OLPC XO laptops. The codebase is quite board-specific, and porting it to the Thinkpad without +documentation from Lenovo isn't a trivial project. + +Nevertheless, Coreboot seems to be improving rapidly in terms of usability and hardware support. There's a lively developer +community and some business participation. It's not yet something I'd recommend to casual users, but if you're a nerd with a +spare laptop and a fetish for hardware hacking, you might want to give Coreboot a try while it's still l33t 😉 \ No newline at end of file