-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 01/18/2017 07:06 PM, Julius Werner wrote: > Sounds like a good idea in general, but I think the categories might > need some more tweaking. I guess we all have different favorites that > we care about here (e.g. I'm partial to most ARM platforms), we should > have a balanced discussion about what should be weighted more than > what and why to make sure the categories end up fair to all platforms. > > For example, it seems like you're trying to slot RK3288 as "bronze", > which I'd say is argueably the most free platform coreboot supports > right now. I assume your rating comes from the external board > components requiring proprietary firmware in this case. So a few > points to start discussion:
The only reason for the Bronze classification is the GPU firmware / driver. I'll admit I'm not as familiar with the RK3822 GPU as I'd like, so if I made an error and it operates without binary blobs then the C201 would be reclassified Platinum. You can't exactly stick a third-party GPU on that SoC to get around the built-in GPU, so if it's not free it's a major problem. > - Is it fair to make external board components weigh more heavily than > processor internals? I think at least external board components that > are not essential (e.g. anything but keyboard, pointing device, > display, network, maybe audio) or can be replaced with other > components (e.g. USB can replace almost everything) should have the > least impact on freedom level. In particular, it's not really fair to > punish a board for including an optional non-free component that other > boards don't have at all (like a laptop with a WiFi chip which > essentially always require proprietary firmware vs. a desktop board > that has nothing but empty PCIe slots). I am trying to head off the easiest thing possible for the manufacturer - -- that is, produce a board that has one feature set for Windows, and another very limited feature set for libre software. I don't think the rankings should be able to be gamed in that manner; when a consumer buys a board they expect that the advertised features of that board work, and without proprietary software so if we've listed it as Gold or Platinum. > - Anything required on the processor (e.g. microcode) should always > weigh more heavily than external components. Disabling an external > component (even something like keyboard/display) still leaves the > system somewhat functional, whereas you can never disable the > processor. Since microcode can essentially do anything I think it > should always give a harsh rating unless it's feasible to run the > board with the ROM-internal version. Why are you assuming the internal ROM microcode is safe? I certainly wouldn't go there; in fact, the errata sheets for most processors show the exact opposite. > - Why are you making an exception for the EC, of all things? The EC is > usually the keyboard controller which is one of the most highly > sensitive things there are. I think a proprietary keyboard controller > should definitely be counted worse than a proprietary WiFi chip, for > example (because they WiFi chip cannot sniff into your HTTPS stream, > but the keyboard controller can totally read the password you typed). I make a very limited exception for an EC that is only an EC; that is, it has no ability to transmit any information it gleans to a third party. I'd like to see that exception disappear ASAP, but I think we should wait until the free EC implementation for the Lenovo machines is finished so that we at least have some examples of true Silver class machines. > So as a quick brainstorming, I'd rather suggest a ranking roughly like > this to fairly reflect the risk the user is exposed to: > > A. Everything free. > B. Non-essential component (e.g. GPS sensor) requiring proprietary firmware. > C. Network component (e.g. WiFi) requiring proprietary firmware if it > can be bypassed (e.g. USB, expansion card). > D. Input/output-sniffing component (pointing device, keyboard, > display, audio) requiring proprietary firmware if it can be bypassed, > or CPU requiring microcode if it can be bypassed (e.g. just using > factory ROM code). > E. CPU or equivalently privileged processor requiring non-resident > proprietary boot firmware. > F. Network component requiring proprietary firmware that cannot be > bypassed (e.g. no USB ports). > G. Input/output-sniffing component requiring proprietary firmware that > cannot be bypassed, or CPU requiring microcode that cannot be > bypassed. > H. CPU or equivalently privileged processor requiring resident > proprietary firmware (e.g. Intel ME, Qualcomm TrustZone). My concern is mainly the number of levels. If we make this too much of a smooth gradient type thing people won't really understand just how bad G and H really are. - -- Timothy Pearson Raptor Engineering +1 (415) 727-8645 (direct line) +1 (512) 690-0200 (switchboard) https://www.raptorengineering.com -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBAgAGBQJYgBKnAAoJEK+E3vEXDOFba1kIALeBwN+Mx14WB3feh7f0PUzd 33hz3OgDtGnXeU+pzbTmM0m5Qsjl1EHUTiHDoAAdPvYA26TYWxcEMRHO0ntqfpF3 E87UJ7S5LJdwsF+qyVfUE43MD5l5UT17noGnFZYDq0tuPuto26RTQ+T7J07bcEfq zYx7oHy+0ljHLaBqCTHn4bt5EhZDN0SRjjI+Kc09SBWe+Xaf8A/XCMT2RrU/nX5G braFykJFvDljAjdne0ugJV5rVxzF5Dca8w981wGlmAyWENphVaDsFDX3BrRJ2iI9 A72H9cmYWrfCGM8lO7ktPz6+zali2b2tCrFQgZymVwi1PwGD9ewWkzVXA5ThMYg= =T9uo -----END PGP SIGNATURE----- -- coreboot mailing list: [email protected] https://www.coreboot.org/mailman/listinfo/coreboot
