From Wikipedia, the free encyclopedia
Jump to navigation Jump to search

Graphic of a running hare in black and white above text "coreboot" in lowercase sans-serif font
Original author(s)Ronald G. Minnich, Eric Biederman, Li-Ta (Ollie) Lo, Stefan Reinauer, and the coreboot community
Initial release1999; 19 years ago (1999)
Stable release
4.8.1 / 16 May 2018; 5 months ago (2018-05-16)[1]
Repository Edit this at Wikidata
Written inMostly C, and about 1% in assembly. Optionally Ada
PlatformIA-32, x86-64, ARMv7,[2] ARMv8, MIPS, RISC-V, POWER8

coreboot, formerly known as LinuxBIOS,[4] is a software project aimed at replacing proprietary firmware (BIOS or UEFI) found in most computers with a lightweight firmware designed to perform only the minimum number of tasks necessary to load and run a modern 32-bit or 64-bit operating system.

Since coreboot initializes the bare hardware, it must be ported to every chipset and motherboard that it supports. As a result, coreboot is available only for a limited number of hardware platforms and motherboard models.

One of the coreboot variants is Libreboot, a variant of coreboot aiming to be fully free of proprietary blobs.


The coreboot project began in the winter of 1999 in the Advanced Computing Laboratory at Los Alamos National Laboratory (LANL),[5] with the goal of creating a BIOS that would start fast and handle errors intelligently.[6] It is licensed under the terms of the GNU General Public License (GPL). Main contributors include LANL, SiS, AMD, Coresystems and Linux Networx, Inc, as well as motherboard vendors MSI, Gigabyte and Tyan, which offer coreboot alongside their standard BIOS or provide specifications of the hardware interfaces for some of their motherboards. Google partly sponsors the coreboot project.[7] CME Group, a cluster of futures exchanges, began supporting the coreboot project in 2009.[8]

coreboot has been accepted in seven consecutive years (2007–2014) for the Google Summer of Code.[9][10] Other than the first three models, all Chromebooks run coreboot.[11][12] Code from Das U-Boot has been assimilated to enable support for processors based on the ARM instruction set.[13]

On 1 May 2017, Intel has confirmed and patched a Remote Elevation of Privilege bug (CVE-2017-5689) in its Management firmware,[14] a bug long suspected by coreboot and Libreboot users.[15] Every Intel platform with either Intel Standard Manageability, Active Management Technology, or Small Business Technology, from Nehalem in 2008 to Kaby Lake in 2017 has a remotely exploitable security hole in the IME (Intel Management Engine).[16][17] Another security risk inside the IME, is the Intel vPro cellular radio,[18] through which hardware components can be accessed remotely, or the computer can even be killed.[19][20]

Supported platforms[edit]

CPU architectures supported by coreboot include IA-32, x86-64, ARM, ARM64, MIPS and RISC-V. Supported system-on-a-chip (SOC) platforms include AMD Geode, starting with the Geode GX processor developed for the OLPC. Artec Group added Geode LX support for its ThinCan model DBE61; that code was adopted by AMD and further improved for the OLPC after it was upgraded to the Geode LX platform, and is further developed by the coreboot community to support other Geode variants. Coreboot can be flashed onto a Geode platform using Flashrom.

From that initial development on AMD Geode based platforms, coreboot support has been extended onto many AMD processors and chipsets. The processor list includes Family 0Fh and 10h (K8 core), and recently Family 14h (Bobcat core, Fusion APU). coreboot support also extends to AMD chipsets: RS690, RS7xx, SB600, and SB8xx.

AMD Generic Encapsulated Software Architecture (AGESA)‍—‌a bootstrap protocol by which system devices on AMD64 mainboards are initialized‍—‌was open sourced in early 2011, aiming to provide required functionality for coreboot system initialization on AMD64 hardware.[21] However, such releases never became the basis for future development by AMD, and were subsequently halted.[22]

Devices that can be preloaded with coreboot or one of its derivatives include some x86-based Chromebooks,[23][24] the Libreboot X200 and T400 (rebranded ThinkPad X200 and T400, respectively, available from Minifree, previously known as Gluglug),[25][26] OLPC XO from the One Laptop per Child initiative, and ThinCan models DBE61, DBE62 and DBE63. An initial port of the Librem 13 has begun and is underway as of 2017.[27]


coreboot typically loads a Linux kernel, but it can load any other stand-alone ELF executable, such as iPXE, gPXE or Etherboot that can boot a Linux kernel over a network, or SeaBIOS[28] that can load a Linux kernel, Microsoft Windows 2000 and later, and BSDs (previously, Windows 2000/XP and OpenBSD support was provided by ADLO[29][30]). coreboot can also load a kernel from any supported device, such as Myrinet, Quadrics, or SCI cluster interconnects. Booting other kernels directly is also possible, such as a Plan 9 kernel. Instead of loading a kernel directly, coreboot can pass control to a dedicated boot loader, such as a coreboot-capable version of GNU GRUB 2.

coreboot is written primarily in C, with a small amount of assembly code. Choosing C as the primary programming language enables easier code audits when compared to contemporary PC BIOS that was generally written in assembly[31], which results in improved security. There's build and runtime support to write parts of coreboot in Ada[32] to further raise the security bar, but it's currently only sporadically used. The source code is released under the GNU GPL version 2 license.

coreboot performs the absolute minimal amount of hardware initialization and then passes control to the operating system. As a result, there is no coreboot code running once the operating system has taken control. A feature of coreboot is that the x86 version runs in 32-bit mode after executing only ten instructions[33] (almost all other x86 BIOSes run exclusively in 16-bit mode). This is similar to the modern UEFI firmware, which is used on newer PC hardware.

By itself, coreboot does not provide BIOS call services. The SeaBIOS payload can be used to provide BIOS calls and thus allow coreboot to load operating systems that require those services, such as Windows 2000/XP/Vista/7 and BSDs. However, most modern operating systems access hardware in another manner and only use BIOS calls during early initialization and as a fallback mechanism.

coreboot stages[edit]

  1. Bootblock stage: prepare to obtain Flash access and look up the ROM stage to use
  2. ROM stage: memory and early chipset init (a bit like PEI in EFI)
  3. RAM stage: device enumeration and resource assignment, ACPI table creation, SMM handler (a bit like DXE stage in EFI)
  4. Payload.

Initializing DRAM[edit]

The most difficult hardware that coreboot initializes is the DRAM controllers and DRAM. In some cases, technical documentation on this subject is NDA restricted or unavailable. RAM initialization is particularly difficult because before the RAM is initialized it cannot be used. Therefore, to initialize DRAM controllers and DRAM, the initialization code may have only the CPU's general purpose registers or Cache-as-RAM as temporary storage.

romcc, a C compiler that uses registers instead of RAM, eases the task. Using romcc, it is relatively easy to make SMBus accesses to the SPD ROMs of the DRAM DIMMs, that allows the RAM to be used.

With newer x86 processors, the processor cache can be used as RAM until DRAM is initialized. The processor cache has to be initialized into Cache-as-RAM[34][35] mode as well, but this needs fewer instructions than initializing DRAM. Also, the Cache-as-RAM mode initialization is specific to CPU architectures, thus more generic than DRAM initialization, which is specific to each chipset and mainboard.

Developing and debugging coreboot[edit]

Hacking coreboot at Denver 2008 summit.

Since coreboot must initialize the bare hardware, it must be ported to every chipset and motherboard that it supports. Before initializing RAM, coreboot initializes the serial port (addressing cache and registers only), so it can send out debug text to a connected terminal. It can also send byte codes to port 0x80 that are displayed on a two-hex-digit display of a connected POST card.

Another porting aid was the commercial "RD1 BIOS Savior" product from, (not to be confused with US Interagency OPSEC Support Staff at which was a combination of two boot memory devices that plugs into the boot memory socket and has a manual switch to select between the two devices. The computer could boot from one device, and then the switch can be toggled to allow the computer to reprogram or "flash" the second device. A more expensive alternative is an external EPROM/flash programmer.

There are also CPU emulators that either replace the CPU or connect via a JTAG port, with the Sage SmartProbe[36] being an example. Code can be built on, or downloaded to, BIOS emulators rather than flashing the BIOS device.


SeaBIOS payload running on a Lenovo ThinkPad X60

coreboot can load a payload, which may be written using the libpayload helper library. Existing payloads include the following:

European Coreboot Conference[edit]

One physical meeting is the European Coreboot Conference which was organized in October 2017 and lasted for 3 days.

Conference history[edit]

Event and year Date Host city Venue Resources Themes
ECC2017 26.10. – 29.10 Bochum, Germany RUB Convention Center


coreboot has a number of variants from its original code base each with slightly different objectives;

  • librecore - A variant with more focus on freedom, non-x86 and firmware development frameworks.
  • libreboot - A variant with a primary focus to remove all binary blobs.

Libreboot has been established as a distribution of coreboot without proprietary binary blobs.[40][41] Libreboot is not a straight fork of coreboot; instead, it is a parallel effort that works closely with and re-bases every so often on the latest coreboot as the upstream supplier, with patches merged upstream whenever possible. In addition to removing proprietary software, libreboot also attempts to make coreboot easy to use by automating the build and installation processes.[42]

The Libreboot project made possible the required modifications for completely libre variants of some ThinkPad, MacBook and ARM Chromebook laptops.[43][44][45]

See also[edit]


  1. ^ "Releases". coreboot. n.d.
  2. ^ "ARM". coreboot. 15 October 2013. Retrieved 1 February 2014.
  3. ^ "coreboot's licence". 1991. Retrieved 2018-10-13.
  4. ^ "[LinuxBIOS] Welcome to coreboot". 12 January 2008.
  5. ^ coreboot FAQ: Who is working on coreboot?
  6. ^ Anton Borisov: The Open Source BIOS is Ten. An interview with the coreboot developers. The H, 2009.
  7. ^ Google Sponsors the LinuxBIOS project
  8. ^ "CME Group Dives Into Coreboot and Other Linux Open Source Projects". Wall Street & Technology. Retrieved 23 September 2015.
  9. ^ "GSoC". Retrieved 1 February 2014.
  10. ^ "Previous GSoC Projects". Retrieved 1 February 2014.
  11. ^ Larabel, Michael (22 April 2012). "Many FSF Priority Projects Still Not Progressing". Phoronix. Retrieved 29 December 2014. The success out of Coreboot recently is Google providing Sandy/Ivy Bridge support for Coreboot. Google's planning to begin shipping new Intel "Chromebooks" that will use Coreboot. Google likes Coreboot for the faster start-up time, among other benefits.
  12. ^ "Chromebooks". coreboot. 16 January 2014. Retrieved 17 February 2014.
  13. ^ "GSoC2011(Week 1): Analysis of U-boot ARM boot code | coreboot developer blogs". Retrieved 12 April 2014.
  14. ^ Intel Active Management Technology, Intel Small Business Technology, and Intel Standard Manageability Escalation of Privilege -Intel Security Center
  15. ^ ‘Active Management Technology’ is Quite Likely a BackDoor, Along With Intel’s UEFI
  16. ^ Remote security exploit in all 2008+ Intel platforms
  17. ^ Red alert! Intel patches remote execution hole that's been hidden in biz, server chips since 2008
  18. ^ Intel vPro 3G Digital signage
  19. ^ 'Occupy' affiliate claims Intel bakes SECRET 3G radio into vPro CPUs
  20. ^ Intel's "smart" 3G chip allows snoopers to access computers
  21. ^ "Technical details on AMD's coreboot source code release". AMD. 28 February 2011. Archived from the original on 25 March 2014. Retrieved 1 February 2016.
  22. ^ Griffith, Bruce (2014-11-05). "AMD's binary-only AGESA libraries". Retrieved 2017-05-08.
  23. ^ "Supported Motherboards - coreboot". Retrieved 2017-04-03.
  24. ^ "Many FSF Priority Projects Still Not Progressing". Phoronix. 22 April 2012. Retrieved 22 September 2015.
  25. ^ "Minifree". Retrieved 24 September 2015.
  26. ^ "The Gluglug". Retrieved 23 September 2015.
  27. ^ Alaoui, Youness (2017-01-12). "Librem 13 coreboot report – January 12, 2017". Retrieved 2017-01-12.
  28. ^ SeaBIOS (previously known as LegacyBIOS) is an open-source legacy BIOS implementation
  29. ^ coreboot Add-on Layer (ADLO) Archived 25 November 2010 at the Wayback Machine.
  30. ^ SEBOS, Security Enhanced Bootloader for Operating Systems, Phase 2 Archived 19 June 2007 at the Wayback Machine., adding PC BIOS Services to coreboot via Bochs BIOS (Link noted to be defunct on 18 July 2008. See )
  31. ^ Comparison of UEFI and legacy BIOS, pronouncing that same advantage for UEFI
  32. ^ commit adding that support
  33. ^ coreboot v3 early startup code
  34. ^ Yinghai Lu; Li-Ta Lo; Gregory R. Watson; Ronald G. Minnich (15 January 2009). "CAR: Using Cache as RAM in Linux BIOS" (PDF). Retrieved 25 February 2014.
  35. ^ A Framework for Using Processor Cache as RAM (CAR)
  36. ^ Sage Engineering Archived 15 March 2011 at the Wayback Machine.
  37. ^ "Google Pushes "Project PIANO" Into Coreboot - Phoronix". Retrieved 23 September 2015.
  38. ^ "Depthcharge: The ChromeOS bootloader". Retrieved 26 October 2015.
  39. ^ "Modify u-boot code to allow building coreboot payload. [chromiumos/third_party/u-boot-next : chromeos-v2011.03]". 24 July 2011.
  40. ^ "Libreboot". Free Software Foundation. Retrieved 31 July 2014.
  41. ^ "Libreboot". Retrieved 31 July 2014.
  42. ^ "About the libreboot project". Retrieved 25 April 2015.
  43. ^ Gay, Joshua (9 October 2012). "Respects Your Freedom hardware product certification". Free Software Foundation. Retrieved 25 February 2015.
  44. ^ "Hardware compatibility list". Retrieved 25 February 2015.
  45. ^ "Libreboot ported to Asus Chromebook C201 (free software bootloader)". Retrieved 24 October 2015.

Further reading[edit]

External links[edit]