82 lines
3.5 KiB
Markdown
82 lines
3.5 KiB
Markdown
# Distributions
|
||
|
||
coreboot doesn't provide binaries but provides a toolbox that others can use
|
||
to build boot firmware for all kinds of purposes. These third-parties can be
|
||
broadly separated in two groups: Those shipping coreboot on their hardware,
|
||
and those providing after-market firmware to extend the usefulness of devices.
|
||
|
||
|
||
## Hardware shipping with coreboot
|
||
|
||
### Purism
|
||
|
||
[Purism](https://www.puri.sm) sells laptops with a focus on user privacy and
|
||
security; part of that effort is to minimize the amount of proprietary and/or
|
||
binary code. Their laptops ship with a blob-free OS and coreboot firmware
|
||
with a neutralized Intel Management Engine (ME) and SeaBIOS as the payload.
|
||
|
||
### ChromeOS Devices
|
||
|
||
All ChromeOS devices ([Chromebooks](https://chromebookdb.com/), Chromeboxes,
|
||
Chromebit, etc) released from 2012 onward use coreboot for their main system
|
||
firmware. Additionally, starting with the 2013 Chromebook Pixel, the firmware
|
||
running on the Embedded Controller (EC - a small microcontroller which provides
|
||
functions like battery management, keyboard support, and sensor interfacing)
|
||
is open source as well.
|
||
|
||
### Libretrend
|
||
|
||
[Libretrend](https://libretrend.com) sells the Librebox, a NUC-like PC which
|
||
ships with coreboot firmware.
|
||
|
||
|
||
### PC Engines APUs
|
||
|
||
[PC Engines](https://pcengines.ch) designs and sells embedded PC hardware that
|
||
ships with coreboot and support upstream maintenance for the devices through a
|
||
third party, [3mdeb](https://3mdeb.com). They provide current and tested
|
||
firmware binaries on [GitHub](https://pcengines.github.io).
|
||
|
||
## After-market firmware
|
||
|
||
### Libreboot
|
||
|
||
[Libreboot](https://libreboot.org) is a downstream coreboot distribution that
|
||
provides ready-made firmware images for supported devices: those which can be
|
||
built entirely from source code. Their copy of the coreboot repository is
|
||
therefore stripped of all devices that require binary components to boot.
|
||
|
||
### MrChromebox
|
||
|
||
[MrChromebox](https://mrchromebox.tech/) provides upstream coreboot firmware
|
||
images for the vast majority of x86-based Chromebooks and Chromeboxes, using
|
||
Tianocore as the payload to provide a modern UEFI bootloader. Why replace
|
||
coreboot with coreboot? Mr Chromebox's images are built using upstream
|
||
coreboot (vs Google's older, static tree/branch), include many features and
|
||
fixes not found in the stock firmware, and offer much broader OS compatibility
|
||
(i.e., they run Windows as well as Linux). They also offer updated CPU
|
||
microcode, as well as firmware updates for the device's embedded controller
|
||
(EC). This firmware "takes the training wheels off" your ChromeOS device :)
|
||
|
||
### Heads
|
||
|
||
[Heads](http://osresearch.net) is an open source custom firmware and OS
|
||
configuration for laptops and servers that aims to provide slightly better
|
||
physical security and protection for data on the system. Unlike
|
||
[Tails](https://tails.boum.org/), which aims to be a stateless OS that leaves
|
||
no trace on the computer of its presence, Heads is intended for the case where
|
||
you need to store data and state on the computer.
|
||
|
||
Heads is not just another Linux distribution – it combines physical hardening
|
||
of specific hardware platforms and flash security features with custom coreboot
|
||
firmware and a Linux boot loader in ROM.
|
||
|
||
### Skulls
|
||
|
||
[Skulls](https://github.com/merge/skulls) provides firmware images for
|
||
laptops like the Lenovo Thinkpad X230. It uses upstream coreboot, an easy
|
||
to use payload like SeaBIOS and Intel's latest microcode update.
|
||
|
||
It simplifies installation and includes compact documentation. Skulls also
|
||
enables easy switching to [Heads](#heads) and back.
|