coreboot

coreboot™: fast, flexible and reproducible Open Source firmware!

Reproducible Coreboot

Reproducible builds enable anyone to reproduce bit by bit identical binary packages from a given source, so that anyone can verify that a given binary derived from the source it was said to be derived. There is more information about reproducible builds on the Debian wiki and on https://reproducible-builds.org. These pages explain in more depth why this is useful, what common issues exist and which workarounds and solutions are known.

Reproducible Coreboot is an effort to apply this to coreboot. Thus each coreboot.rom is build twice (without payloads), with a few variations added and then those two ROMs are compared using diffoscope. Please note that the toolchain is not varied at all as the rebuild happens on exactly the same system. More variations are expected to be seen in the wild.

There is a weekly run jenkins job to test the master branch of coreboot.git. The jenkins job is running reproducible_coreboot.sh in a Debian environment and this script is solely responsible for creating this page. Feel invited to join #reproducible-builds (on irc.oftc.net) to request job runs whenever sensible. Patches and other feedback are very much appreciated - if you want to help, please start by looking at the ToDo list for coreboot, you might find something easy to contribute.
Thanks to IONOS for donating the virtual machines this is running on!

155 (100.0%) out of 155 built coreboot images were reproducible in our test setup ! These tests were last run on 2021-06-19 for version 4.14-660-gbd503978d4 using diffoscope 177.

variationfirst buildsecond build
hostname osuosl169-amd64 or osuosl170-amd64the other one
domainname is not yet varied between rebuilds of coreboot.
env CAPTURE_ENVIRONMENTnot setCAPTURE_ENVIRONMENT="I capture the environment"
env TZTZ="/usr/share/zoneinfo/Etc/GMT+12"TZ="/usr/share/zoneinfo/Etc/GMT-14"
env LANGLANG="en_GB.UTF-8"LANG="et_EE.UTF-8"
env LC_ALLnot setLC_ALL="et_EE.UTF-8"
env PATHPATH="/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:"PATH="/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/i/capture/the/path"
env USER is not yet varied between rebuilds of coreboot.
uid is not yet varied between rebuilds of coreboot.
gid is not yet varied between rebuilds of coreboot.
UTS namespace is not yet varied between rebuilds of coreboot.
kernel version, modified using /usr/bin/linux64 --uname-2.6Linux 4.19.0-17-amd64Linux 2.6.79-17-amd64
umask00220002
CPU type Intel(R) Xeon(R) CPU E5-2660 0 @ 2.20GHzsame for both builds
/bin/sh is not yet varied between rebuilds of coreboot.
year, month, datetoday (2021-06-20)same for both builds (currently, work in progress)
hour, minutehour and minute will probably vary between two builds...the future system actually runs 398 days, 6 hours and 23 minutes ahead...
Filesystemtmpfssame for both builds (currently, this could be varied using disorderfs)
everything else...is likely the same. There will be more variations in the wild.

commit bd503978d4fd57fe38cae3588748ee52b1bfdcae
Author: Aseda Aboagye 
Date:   Tue Jun 15 23:24:26 2021 -0700

    mb/google/dedede: Configure CBI EEPROM WP
    
    On dedede boards without Cr50, the CrOS Board Info (CBI) EEPROM write
    protect signal is decoupled from the hardware write protect signal.
    Instead, we'd like for it to mirror the software write protect status.
    This commit simply checks the software write protect status of the SPI
    flash and sets the CBI EEPROM write protect if it's enabled.  To prevent
    changing the WP signal at run-time, the GPIO configuration is also
    locked down after the level has been set.  If HW WP is deasserted, the
    CBI EEPROM WP will be deasserted as well.
    
    BUG=b:191189275,b:184592299
    BRANCH=None
    TEST=Build and flash lalala, disable SW WP by running `flashrom -p host
    --wp-disable` from a root shell and verify that the GPIO is asserted
    after a reboot.  Export the gpio via sysfs and verify that attempting to
    change the value of the GPIO is futile. Enable SW WP via `flashrom -p
    host --wp-enable` and reboot the DUT. Again, export the GPIO via sysfs
    and verify that attempts to change the GPIO value are futile.
    
    localhost ~ # iotools mem_read32 0xfd6e08d0
    0x44000200
    localhost ~ # cd /sys/class/gpio/
    localhost /sys/class/gpio # echo 217 > export
    localhost /sys/class/gpio # cd gpio217/
    localhost /sys/class/gpio/gpio217 # echo out > direction
    localhost /sys/class/gpio/gpio217 # cat value
    0
    localhost /sys/class/gpio/gpio217 # echo 1 > value
    localhost /sys/class/gpio/gpio217 # cat value
    1
    localhost /sys/class/gpio/gpio217 # iotools mem_read32 0xfd6e08d0
    0x44000200
    
    Signed-off-by: Aseda Aboagye 
    Change-Id: Ic103037921ec7d2f96f86178675c11a3a1357d1b
    Reviewed-on: https://review.coreboot.org/c/coreboot/+/55558
    Tested-by: build bot (Jenkins) 
    Reviewed-by: Karthik Ramasubramanian 
    Reviewed-by: Furquan Shaikh      

cross toolchain sourcesha256sum
acpica-unix2-20210331.tar.gz 3dab326c262d4f3eaf380bbbbd7aa8c2eb5f2697f7821659222cf898d8be28c1
binutils-2.35.1.tar.xz 3ced91db9bf01182b7e420eab68039f2083aed0a214c0424e257eae3ddee8607
gcc-8.3.0.tar.xz 64baadfe6cc0f4947a84cb12d7f0dfaf45bb58b7e92461639596c21e02d97d2c
gmp-6.2.1.tar.xz fd4829912cddd12f84181c3451cc752be224643e87fac497b69edddadc49b4f2
mpc-1.2.1.tar.gz 17503d2c395dfcf106b622dc142683c1199431d095367c6aacba6eec30340459
mpfr-4.1.0.tar.xz 0c98a3f1732ff6ca4ea690552079da9c597872d30e96ec28414ee23c95558a7f
Debian 10.10 package on amd64installed version
gcc 4:8.3.0-1
g++ 4:8.3.0-1
make 4.2.1-1.2
cmake 3.13.4-1
flex 2.6.4-6.2
bison 2:3.3.2.dfsg-1