Re-upstreaming and maintainership of the KGPE-D16 - Cost: 30 000E and counting #719
Comments
|
Traces: This board works as a QubesOS server while work is still needed. A followup on #717 (comment) |
|
@tlaurion did 3mdeb decide not to take it on? It would be good to have as it's the only completely blob free board I can think of that's qubes compatible. Provided a 6200 series is used. |
|
@Tonux599 3mbeb is absolutely willing to do the work. |
|
@tlaurion sorry, for not replying, recently we have quite a lot on my plate. Definitely, we would like to publish here documents that we sent to NLNet while applying for a grant. There is also a slightly modified version that we provided to Insurgo on Slack. Both documents rely on coreboot state in December 2019. @miczyg I think you can push grant content to 3mdeb GitHub repo as PR and link here for review. |
|
This Pull Request contains the application 3mdeb sent to NLNet to obtain the grant: |
|
@pietrushnic @miczyg1 When should we expect an outcome? Also could you briefly outline any ways that members of the community could support you if or if not you get funding? |
|
@Tonux599 there is no timeline since there is no official commitment from anyone to fully found the effort. We get some good words from various individuals and organizations, but that's all. @tlaurion mentioned that he can sponsor part of the effort, but we are not sure anyone would be happy with half-finished stuff. Vikings Gmbh sent us hardware so we have something to work on. NLNet did not approve of this grant, so I would not expect it will change in the future - I may be the wrong here. To sum the status of this project is "not founded" so we even do not put that on schedule and worry more about founded effort e.g. TrenchBoot and fwupd for Qubes OS. How the community can help? We are very open here, whatever works for the community.
We would like to help, but without funding, we will do the best effort and it may take very long to bring back this platform. Please note our goal is not just to bring back the platform to mainline, but create a structure in which long term maintenance would not cost a lot. We did that for PC Engines routers for over 4 years. |
|
@Tonux599 : For the moment, step would be to get people interested in the port. Let's remember that the KGPE-D16:
So the point here would be first to get enough attention so that the story doesn't repeat itself. Some history: Putting a bounty tag for this. |
|
Something really interesting was proposed on this QubesOS ticket: @pietrushnic, I would love to hear on your reception. We are currently experimenting with OpenCollective, while the fees are really high, which makes the move less interesting (a lot of money being lost in translation). Other options might be more interesting, like Whonix did. So the question here being mainly:
See this ticket to see how chicken/egg problems can last for a year even when money is available without a clear plan. This is the inverse problem here, just like funded work normally work. |
tlaurion
changed the title
tlaurion
changed the title
|
@tlaurion XVilka suggestion looks interesting, but definitely key problem is orchestration. We would like to avoid the situation when 3 or more teams work on a given feature in parallel and then post results claiming the founds. There should be serious commitment based on proven reputation and trust, otherwise, we have public bidding problem where lower price wins with quality. Whonix stuff is even better, but we would have to research how it looks from the taxation and administration perspective. |
|
@pietrushnic I'm not sure there is conflict between the two ideas with XVilka avenue. But you are better placed then I am to see if this would work or not for 3mdeb. |
tlaurion
changed the title
|
@tlaurion and @pietrushnic : Have you contacted a Free Software Foundation? Since they have a lot of interest in RYF devices and are probably using these KGPE-D16 servers by themselves, if they'd learn about this critical situation - maybe they'll decide to co-fund? P.S. also, some notes at #717 may be relevant. |
|
@mikebdp2 we (as 3mdeb) never contacted FSF. I'm not sure if the situation is critical but it will get worst over time. From experience longer platform lays unmaintained bigger would be effort to bring it back. Do you know anyone who we should reach? @tlaurion I believe you are in a better position to talk with FSF, then 3mdeb. |
|
22000E isn't that much different from what Raptor wanted for OpenBMC port (at https://www.raptorengineering.com/coreboot/kgpe-d16-bmc-port-offer.php). Maybe you should set up similar crowdfounding? Currently you only say "we are ready to work" etc. Raptor did the same and received no money, but when they officially started crowdfounding, it turned out there were enough people interested in it to gather the money. |
|
@pkubaj very good point. It looks like Martin was intermediary gating the process. In case of difference in pricing, please note this was a different time and they are in the US not in PL, their costs are way higher than ours. More to that we are Yocto Participants and have Embedded Linux people on board, OpenBMC uses Yocto/OE build system, so this also simplifies the situation for 3mdeb. |
@pietrushnic writing to them. |
Hi is there a list of the bugs/linux crash that Michal talk about in his fosdem talk ? Do they only happen when iommu is enabled ? Btw i have a kgpe-d16 with jtag header soldered and an olimex. So if you are starting any group for dev , put me in, free time is limited but i can always help a bit and test. |
|
@alexmaloteaux asked:
|
Something else to mention.
I don't know about your use case though, and I'm not really sure about the status of USB. For me it definitely was problematic. |
Yes, this is fair point. I believe @miczyg1 can say more about his approach to selecting correct code base that will be bring up upstream. There is some limit to number of memory configurations we can test, but we will get to call for beta testers at some point I believe. |
@pkubaj petitiboot is able to kexec FreeBSD so why not Heads :) |
|
petitboot is able to kexec FreeBSD kernel, but this still has some issues.
|
|
@pietrushnic |
|
@pkubaj thank you, we will look into sponsorship of FreeBSD Foundation. |
|
Request for anyone interested in using KGPE-D16 with write-protection of flash chip: if your chip is not already listed in flashrom/flashrom#185, please post a comment there stating chip's model. |
|
In terms of the October deliverables:
We plan the Phase 2 + Phase 3 release for this week. |
|
@macpijan do you think it make sense to ask Libreboot community for testing? |
|
hi. leah here. i'm currently in the process of building myself a d16 again, precisely because of your efforts. i will be available for testing. Tashtari in libreboot IRC also has D16 hardware and is quite enthusiastic about your work. When your work is ready, I wish to integrate it in lbmk, which is libreboot's build system. It can download coreboot, applying any number of custom patches desired. lbmk currently uses standard coreboot 4.11 edit: iirc Bardon also has D16 hardware. also, the FSF has a testing station. also: FSF deploys all their hosting on a D16, but has a special D16 test stand. An entire spare D16 just for testing configurations on. Contact the sysadmin team at the FSF. Ian Kelling (iank on #fsfsys IRC) is very interested in your work, and is a current sysadmin at the FSF. |
|
Will buy a tpm2 module and can test myself Heads for tpm1 and tpm2 measured boot configuration support, for both workstation board with AMD graphics and BMC for server board. I will also try my best to bring a u-root + Heads board under Heads (being coreboot based as opposed to linuxboot based), encompassing the cpu toolset (@rminnich: amazing work!!! https://github.com/linuxboot/book/blob/master/cpu/README.md#the-u-root-cpu-command ), since I intend to use that board as my local build system and use those 32 cores and 64gb of ram collecting dust.... And generate heat in the cold weather here while doing so. The kgpe-d16 in current state works already as a Qubes 4.1 platform, while some pushing would be needed to have network-server project cascade forwarding of external traffic to specific qubes(@Rudd-O) coming from hidden services down to their actual offered service provided in services qubes, as well as being able to provide some yunohost or equivalent services locally. That's where I was in the past, and where I personally want this to go forward. I will reenable that machine that sleeps for way too long. |
It makes perfect sense, but maybe more after a fourth phase (somewhere early December) when we can actually boot something.
I haven't really used u-bmc, but if it also needs U-Boot and Linux for AST2050 (which I assume it does) then most of the work between OpenBMC and u-bmc would be common. We have presented our view on that in this presentation: #719 (comment) (starting with slide 13). I guess you could also try to use the existing kernel, but you would be stuck with the 12 years old kernel running on your BMC then. |
|
FYI v0.1.0 was released: https://docs.dasharo.com/variants/asus_kgpe_d16/releases/ Please note you can join newsletter to get notifications. Please let us know what we can improve. |
|
Are there plans to push this work to upstream or will it be maintained as a fork? |
|
@pkubaj please take a look at mileston 7. In short we definitely plan to upstream all code that would be accepted by upstream, but let's be honest timeline of that is unknown. |
|
A heads up: Over in the mainline they're looking at possibly dropping quite a large number of AMD platforms (fam 14h, 15h, 16h?) if they can't move over to the newer resource allocater (though for 15h there may be some early PoC?). It looks like this work will need to support the new resource allocator in order to be merged. |
|
The allocator v4 was in scope of this project and is being worked on already. There are still a couple of more features required in this last deprecation call (like the PARALLEL_MP) which were not part of the initial plan. We will do our best to implement it as part of the upstream effort, though. |
|
Is there a separate issue somewhere for LEGACY_SMP_INIT removal/PARALLEL_MP? I've been looking into it a bit as it relates to fam14-16 deprecation. |
|
@awokd we all have to be professional in light of what is going on mailing list 1 2. We tried to present 3mdeb position at coreboot leadership. We will work closely with community to avoid what was proposed. We also consider various backup plans, if you are intrested in discussing those please join Dasharo Matrix workspace |
I believe Qubes network server is already available for r4.1 and I know I tested it on my throwaway laptop before releasing it on Github: |
|
@Rudd-O I just saw new commits since last time I checked. Didn't know cascading was implemented, will test and sorry for the noise if it was implemented ! |
|
Cascading is not explicitly implemented in Qubes 4.1, although the current implementation may just support it. Please feel free to try! |
|
neox on irc reported raminit issues on their board; works in coreboot
4.6 but not coreboot 4.11. i'm having that person do a git bisect to
find when coreboot broke, between 4.6 and 4.11, and will report this to
you all when it is found
…On Thu, 16 Dec 2021 06:40:48 -0800 tlaurion ***@***.***> wrote:
Some trails on 4.11 problems :
- gathering from miczyg
#719 (comment)
- Paul Menzel:
#719 (comment)
"Random boot failures, all of memory not supported, higher energy
usage compared to vendor firmware, problems loading latest microcode"
- Recap on current status by myself on 4.11:
#719 (comment),
when TPM and coreboot patches were added to Heads by tonux :
#719 (comment)
- Ram init issues:
#719 (comment)
- Maximum memory support being theoretically 256GB, but tested?
https://www.raptorengineering.com/coreboot/kgpe-d16-status.php
https://libreboot.org/docs/hardware/kgpe-d16.html#memory-compatibility-with-libreboot
That is what I could grab from skimming both my own memory and traces.
Anyone has other problems still current on 4.11 to report, or other
places we might have missed at this point? @pietrushnic @Th3Fanbus
@githubisnonfree ?
--
Reply to this email directly or view it on GitHub:
#719 (comment)
You are receiving this because you were mentioned.
Message ID: ***@***.***>
--
Leah Rowe ***@***.***>
Company Director & Libreboot developer
Do you know you have rights?
The right to privacy, free speech, the right to read
and the right to learn.
Defend freedom. Use free (free as in freedom) software.
Spread freedom. Tell everyone you know about it!
https://www.gnu.org/philosophy/free-sw.html
Minifree Ltd, trading as Ministry of Freedom.
Registered in England, registration No. 9361826
VAT Registration No. GB202190462
Minifree Ltd, 19 Hilton Road, Canvey Island
Essex SS8 9QA, United Kingdom
United Kingdom
|
|
by the way i'm not sure if this is addressed but: is the re-upstreaming work also being done on kcma-d8? the d8/d16 codebases are very similar in coreboot, and i think it would be worthwhile. edit: |
It is not part of this effort. But once KGPE-D16 code is refreshed, it would be much easier. |
and others
There was a proposition to do required work under refused grant application. If there is interest from third party to fund conjointly needed work, board could be maintained and reupstreamed, under u-bmc, coreboot and under Heads.
Edit:
Proposition from 3mdeb here
History here
Possible funding path hereTrail of 4.11 reported problems: Re-upstreaming and maintainership of the KGPE-D16 - Cost: 30 000E and counting #719 (comment)
Last updates, newsletter, code source drop : #719 (comment)
The text was updated successfully, but these errors were encountered: