Roadmap To A Completely Free BIOS

Purism is committed to users’ rights to privacy, security, and freedom. This post identifies the steps needed to achieve the standard set by the Free Software Foundation’s Respects Your Freedom endorsement.

On our status page, Road to FSF Endorsement… And Beyond, we are currently developing the coreboot BIOS for the Librem 13.

The Intel FSP Blob

Demand Freedom. Unlock Your Memory Init.Intel publishes a Firmware Support Package (FSP) so that silicon initialization (like memory init) can be integrated into any bootloader. The FSP is a binary blob provided by Intel.

Using the Free Software in coreboot but an FSP blob does not meet the FSF RYF endorsement requirements. Purism’s goal is to publish a Free Software implementation of the pieces handled by the FSP as soon as an implementation is available.

The Management Engine (ME) Blob

ME BlobBecause Purism ships Librem CPUs fused to allow unsigned software, we have set our sights on publishing a Free Software implementation of the Management Engine firmware. No other company currently offers CPUs with this configuration, though it is our hope that our success will prompt more and more companies to fuse their CPUs for freedom.

If you would like to help create a Free ME Firmware notwithstanding my cheesy ME-DRM logo, please contact us.

The Embedded Controller (EC)

ene KB3930The Librem 13 uses an ene KB3930QF-A1 with an external SPI 64KB firmware. Purism is grateful for the KB3930 datasheet that was made available as part of the One Laptop Per Child project. Good documentation is a critical step toward achieving a fully Free Software laptop.

The EC:

  • Powers the laptop on and off. The KB3930 is what recognizes the user pressed the power button and sends the “power on” signal to the laptop.
  • Talks SMBus to the battery.
  • Keeps the date & time while off.
  • Controls the fan speed.
  • Reports the keyboard and trackpad to the CPU (via the normal PS/2 interface, routed over the LPC bus).
  • Directly drives the power, sleep, and wifi LEDs.

SSD Firmware

Some really talented hackers at srlabs.de used a USB Flash Drive’s firmware to gain complete control over a Windows PC.

While Purism can offer best-in-class kernel security (the Linux kernel) and Free Software (PureOS), our goal is to free the firmware in the SSD as well. Purism wants to shine a light on all the dark corners of a high-end laptop.

Why free the functionality of such a small part of a laptop? Because it represents a not-insignificant level of user freedom. When the user can run, copy, distribute, study, change and improve the firmware on their SSD, it has the ability to produce as impressive results as what the srlabs.de team did.

Without that freedom, we are all poorer.