oreboot: 2021 Status Update
Main Stage,
oreboot is a derivative of coreboot without C. The oreboot is a fully open-source power-on-reset and romstage firmware written in Rust.
oreboot can boot the following:
- Linux on Sifive Unleashed with M-Mode kernel
- Linux on Beagle-V
- Linux on x86 QEMU with Intel FSP
- Linux on RISC-V QEMU
- Linux on arm QEMU
Currently being brought up on:
- AMD Picasso-based Chromebooks
- AMD Rome on AMD Reference Board
- UPXtreme with Intel Coffeelake FSP
There have been some slight adjustments to oreboot's firmware driver models. Each driver is distilled into basic functions including: init, pread, pwrite, ctl, and status. The ctl and status are new. This interface allows us to make convenient higher-level drivers such as a "union driver" which duplicates a single write operation to multiple drivers. This makes consoles which have multiple underlying UART drivers elegant. The oreboot driver model inspired recent changes to the coreboot console code, within the limits of what C will allow of course.
By using the Rust programming language, oreboot has a leg-up in terms of security and reliability compared to contemporary firmware written in C or assembly. Rust's borrow-checker ensures pointers are not used after freed and proves that coroutines are thread-safe at compile time. We know the stack size at compile time. There is no need for linker sets. We have the appearance of dynamically sized vectors without needing an allocator. There is no heap. Macros are safe. Rust optimizations far exceed what is possible in coreboot.