Libreboot

Libreboot

Two ThinkPad X60 laptops modified to use Libreboot as their firmware
Original author(s)	Leah Rowe[1]
Initial release	12 December 2013; 10 years ago (2013-12-12)
Preview release	20241008 (October 8, 2024; 11 days ago (2024-10-08)) [±][2]
Repository	codeberg.org/libreboot/lbmk
Platform	IA-32, x86-64, ARMv7[3]
Type	Firmware
License	GPL version 3[4]
Website	libreboot.org

Libreboot (formerly known as GNU Libreboot^[5]) is a free software project aimed at replacing the proprietary BIOS firmware found in most computers with a libre, lightweight system designed to perform only the minimum number of tasks necessary to load and run a modern 32-bit or 64-bit operating system.

Characteristics

Libreboot is established as a distribution of coreboot without proprietary binary blobs.^[6][7] Libreboot is not a straight fork of coreboot; instead, it is a parallel effort that works closely with and re-bases every so often on the latest coreboot as the upstream supplier, with patches merged upstream whenever possible. In addition to removing proprietary software, libreboot also attempts to make coreboot easy to use by automating the build and installation processes.^[8][9]

The Libreboot project made possible the required modifications for completely libre variants of some ThinkPad, Chromebook, and MacBook laptops as well as desktop and server and workstation motherboards.^[10][11] According to its own documentation, it can work with any Linux distribution that uses kernel mode setting (KMS) for the graphics, while Windows is not supported and its use is discouraged by Libreboot. Support for BSD is largely untested, with some successful reports while booting OpenBSD and NetBSD.^[12]

History

The Free Software Foundation (FSF) endorses Libreboot,^[13] and it officially became part of the GNU Project on 14 May 2016.^[14] However, on 16 September 2016, Libreboot's head developer Leah Rowe announced a boycott of the FSF and the removal of Libreboot from the GNU Project, in response to allegations that the organization had fired a transgender employee because the employee reported gender harassment.^[15] The FSF publicly denied these allegations on 16 September 2016.^[16] Rowe further objected to the FSF not 'letting Libreboot go' on 23 September 2016.^[17] Libreboot contributor Damien Zammit issued a statement alleging that Leah Rowe decided to separate from GNU unilaterally, and advertises her personal views as the views of the Libreboot community without consulting other contributors.^[18] In January 2017, Richard Stallman announced that Libreboot was released from the GNU project.^[19]

On 2 April 2017, the criticism of GNU was removed and sysadmin Alyssa Rosenzweig announced that the Libreboot website would no longer be under the control of one person. Responding to whether the rumour about the discriminatory firing was true, she said "Perhaps. Perhaps not." In the letter, Leah Rowe apologized for "hurting a lot of people, most of whom were uninvolved with any of the relevant events."^[20] Three weeks later, in a post on Reddit, Rowe clarified that she was remaining involved with Libreboot but stepping down as the project lead. She also expressed regret over leaving GNU and stated that the majority of Libreboot developers were in favour of re-joining.^[21]

Security concerns

On May 1, 2017, Intel has confirmed and patched a remote elevation of privilege bug (CVE-2017-5689) in its Management Engine firmware,^[22] a bug long suspected by members of the Coreboot and Libreboot communities.^[23][24] Every Intel platform with either Intel Standard Manageability, Active Management Technology, or Small Business Technology, from Nehalem in 2008 to Kaby Lake in 2017 has a remotely exploitable security hole in the IME (Intel Management Engine).^[25][26] Another security risk alleged to be inside the IME is the Intel vPro cellular radio,^[27] through which hardware components can be accessed remotely, or the computer can even be killed, however there is no evidence such capability exists withis the chip itself (vPro is designed to use external radio devices for the services that have provoked this rumour).^[28]

Supported systems

Libreboot system support includes the following systems:^[11][29][30]

• Server boards: Asus KFSN4-DRE and Asus KGPE-D16
• Desktop boards: Asus KCMA-D8, Intel D510MO, Gigabyte GA-G41M-ES2L, and Apple iMac 5,2
• Laptops: Asus Chromebook C201, Lenovo ThinkPad X60/X60s, Lenovo ThinkPad X60 Tablet, Lenovo ThinkPad T60 (some exceptions), Lenovo ThinkPad X200, Lenovo ThinkPad R400, Lenovo ThinkPad T400, Lenovo ThinkPad T500, Apple MacBook 1.1, and Apple MacBook 2.1

References

1. "Libreboot project contributors". libreboot.org. Retrieved 14 May 2016.
2. "Libreboot - Libreboot news". Libreboot. Retrieved 29 April 2024.
3. "Coreboot ARM". coreboot. 15 October 2013. Retrieved 1 February 2014.
4. "libreboot's COPYING file". notabug.org. Retrieved 16 September 2016.
5. "GNU Libreboot". Retrieved 24 May 2016.
6. "Libreboot". Free Software Foundation. Retrieved 31 July 2014.
7. "Libreboot". Libreboot. Retrieved 31 July 2014.
8. "About the libreboot project". Libreboot. Retrieved 25 April 2015.
9. "Replace your proprietary BIOS with Libreboot". Free Software Foundation. 4 August 2014.
10. Gay, Joshua (9 October 2012). "Respects Your Freedom hardware product certification". Free Software Foundation. Retrieved 25 February 2015.
11. "Hardware compatibility list". Libreboot. Retrieved 19 May 2016.
12. "Answers to Frequently Asked Questions about libreboot". Libreboot.org.
13. "Campaign for Free BIOS — Free Software Foundation — working together for free software". fsf.org. Retrieved 15 October 2015.
14. "Libreboot, Coreboot Downstream, Becomes A GNU Project". Phoronix. 19 May 2016. Retrieved 19 May 2016.
15. "Libreboot opposes the Free Software Foundation and GNU project". Libreboot. Archived from the original on 8 December 2016. Retrieved 22 September 2016.
16. "Free Software Foundation statement on 2016-09-16 — Free Software Foundation — working together for free software". www.fsf.org. Retrieved 24 September 2016.
17. "Richard Stallman and GNU refused to let libreboot go, despite stating its intention to leave". Libreboot.org. Archived from the original on 8 December 2016. Retrieved 24 September 2016.
18. Zammit, Damien (18 September 2016). "Libreboot Screwup". zammit.org. Retrieved 31 October 2016. [the contributors] are not consulted about any of the views expressed on the libreboot.org website when they are hastily published by Leah.
19. Stallman, Richard (5 January 2017). "Goodbye to GNU Libreboot". Retrieved 5 January 2017.
20. Rosenzweig, Alyssa; Rowe, Leah (2 April 2017). "Open Letter to the Free Software Community". Retrieved 24 April 2017.
21. Larabel, Michael (22 April 2017). "Libreboot Is Now Considering Whether To RE-Join The GNU". Phoronix. Retrieved 24 April 2017.
22. Intel Active Management Technology, Intel Small Business Technology, and Intel Standard Manageability Escalation of Privilege -Intel Security Center
23. ‘Active Management Technology’ is Quite Likely a BackDoor, Along With Intel’s UEFI
24. "Why is the latest Intel hardware unsupported in libreboot?". Libreboot. Retrieved 2 May 2017.
25. Remote security exploit in all 2008+ Intel platforms
26. Red alert! Intel patches remote execution hole that's been hidden in biz, server chips since 2008
27. Intel vPro 3G Digital signage
28. 'Occupy' affiliate claims Intel bakes SECRET 3G radio into vPro CPUs
29. Larabel, Michael (28 June 2015). "Libreboot Now Supports An AMD/ASUS Motherboard". Phoronix. Retrieved 14 July 2015.
30. Brad Linder. "Libreboot ported to Asus Chromebook C201 (free software bootloader)". Liliputing. Retrieved 15 October 2015.

External links

• Official website