Description
Coreboot specs
Intel
xxx0: gm45 bridge, Montevina: no FSP, no ME: X200, T400, T500, R500, X300 : no QubesOS support there (no proper vt-d2)
xx20: Sandy bridge, no FSP. ME<10: BUP module required only: X220/T420/T520
xx30: Ivy bridge, no FSP. ME<10: ROMP and BUP required: X230/T430/W530 Z220 CMT and others
Additional required Intel blobs:
FSP is present in all Broadwell+ platforms
MRC: Memory Reference Code blob required in Broadwell+ (T440p/w541) : follow ongoing coreboot Native Ram Initialization (NRI effort)
ME status on different boards models
Removed in ME <=6 (xxx0)
Deactivated+Neutered ME in ME 6 <= 10 (xx20 BUP/xx30 BUP+ROMP)
Deactivate+Partially Neutered (BUP, RBE, Kernel and syslibs modules REQUIRED in ME > 11)
Soft disable/HAP disable bit possible on ME 12+ (PoC BE CAUTIOUS)
xx30, xx20: ME 6 <= 10
Skylake, Kabylake, Whiskeylake and newer: ME >= 11
Intel ME then changed its name to Converged Security Management Engine (CSME), where HAP bit can be flipped, but modules cannot be removed anymore.
AMD
AMD fam15h (eg: kgpe-d16)
PSP in all models after fam15h
Power9
Blobless.
Board testers
https://github.com/linuxboot/heads/blob/master/BOARD_TESTERS.md
Integration/Test
Reproducibility expertise: @osresearch @flammit @JonathonHall-Purism @tlaurion
Integration expertise: @tlaurion @JonathonHall-Purism
qemu: @JonathonHall-Purism @tlaurion
Continuous Integration environments: @SergiiDmytruk @tlaurion @Tonux599 ?
Please add where you can help so that you are comfortable being tagged in issues.