libreboot / lbwww (public) (License: Unspecified) (since 2023-04-11) (hash sha1)
libreboot website (markdown files). https://libreboot.org/
Clone URLs: https://rocketgit.com/user/libreboot/lbwww ssh://rocketgit@ssh.rocketgit.com/user/libreboot/lbwww git://git.rocketgit.com/user/libreboot/lbwww
25.04 master
List of commits:
Subject Hash Author Date (UTC)
update 89868f9fa969cae2420581d45e5294b0444b4f6c Leah Rowe 2024-05-27 23:46:58
update ec4e4007fa874a7377005b171cf6a8b1a0c40c3c Leah Rowe 2024-05-27 23:07:53
don't demote the other safety warning 1930325800b0d457867e4b31d3716f1b6480a944 Leah Rowe 2024-05-27 11:09:06
grub payload warning 040249ca742becbbbf9f3cd4cf4e6e7a0ac1ff9e Leah Rowe 2024-05-27 11:02:37
put cc0 on site.cfg 1ea2893e03bb863485bdd3edb39f01af5de589cc Leah Rowe 2024-05-27 07:42:55
update docs/maintain/ b2b2b7a95698b1591b3fa945a27aefdca60f82eb Leah Rowe 2024-05-26 14:39:50
add missing parenthese 91e4e3974aece4a24d142c1300b3d43cceacb60e sertonix 2024-05-23 18:30:45
docs/install/e6400.md: Make note of 1440x900 panel errata 222db52b57487cf1ae0503c814132c9314f091d3 Nicholas Chin 2024-05-20 17:13:07
follow-up c1c9a60e67c73d56986c40c9e0af3ce0769d3b11 Leah Rowe 2024-05-13 17:04:02
docs/hardware/dell9029: Internal Flashing is possible with original BIOS 10b6ca1f638f1d131a8c286a64fe5850b2a34a74 Ben Westover 2024-05-13 03:55:53
reddit 0a66ed0e2222040985ef0e842b6caf0c46435631 Leah Rowe 2024-05-12 19:27:23
further context 6520f681fa9e0c3db689dd53f992fbad2b275a42 Leah Rowe 2024-05-12 18:54:14
sex it up a bit 8c407d05c99a28dc3de78e4cb579fba76cf6f0fd Leah Rowe 2024-05-12 18:23:50
purists 0fb8d5d75719d4197368370942b2bac7693e6b7f Leah Rowe 2024-05-12 18:14:49
intent 061f47fd3a22b290b6f34c049938669b1bcd357f Leah Rowe 2024-05-12 18:08:52
context 8451f94036815c7ac023e5aa04a3c27b5c429b06 Leah Rowe 2024-05-12 18:07:36
actually add the canoegnu page a02fe843e6197324a316fde694a7792f65e50edc Leah Rowe 2024-05-12 18:04:40
canoegnu f671d8929475c0cce6a869e4cdff578d7b5f1a66 Leah Rowe 2024-05-12 18:02:58
updates 5d5ed3b930ef76310683b95ec7f26f9a5d48bc13 Leah Rowe 2024-05-10 04:04:10
purge remaining stragglers cb8dbd0f386b5b0a892ff05fdc03481708160e3c Leah Rowe 2024-05-07 18:44:53
Commit 89868f9fa969cae2420581d45e5294b0444b4f6c - update
Signed-off-by: Leah Rowe <info@minifree.org>
Author: Leah Rowe
Author date (UTC): 2024-05-27 23:46
Committer name: Leah Rowe
Committer date (UTC): 2024-05-27 23:46
Parent(s): ec4e4007fa874a7377005b171cf6a8b1a0c40c3c
Signer:
Signing key:
Signing status: N
Tree: eee33aadd8b3b7aa426c175fd17b6041ffc31718
File Lines added Lines deleted
site/docs/linux/grub_hardening.md 45 0
File site/docs/linux/grub_hardening.md changed (mode: 100644) (index 2711d79..2b0f69a)
... ... of user-friendliness.
221 221
222 222 That just about covers it, where password setup is concerned! That just about covers it, where password setup is concerned!
223 223
224 SeaBIOS first?
225 ==============
226
227 In releases after Libreboot 20240504, SeaBIOS is the primary payload on
228 all images, but GRUB is available in the boot menu. Select a ROM image
229 with `grubfirst` at the end, and do this to the ROM image:
230
231 cbfstool libreboot.rom add-int -i 0 -n etc/show-boot-menu
232
233 This disables the SeaBIOS menu, so that it only loads GRUB. The `grubfirst`
234 image had this done to it by lbmk (Libreboot build system) during build:
235
236 cbfstool libreboot.rom add -f config/grub/bootorder -n bootorder -t raw
237
238 This `bootorder` file has the following contents:
239
240 ```
241 /rom@img/grub2
242 ```
243
244 You can add it yourself if your image doesn't have it. With this, SeaBIOS
245 only loads GRUB first.
246
247 NOTE: Before disabling the boot menu, make sure GRUB works. Access it using
248 the `bootorder` file and/or press ESC in the SeaBIOS menu. Then disable the
249 SeaBIOS menu.
250
251 Alternative: GRUB as primary
252 ----------------------------
253
254 The *SeaBIOS first* policy is now law, in Libreboot releases. The only
255 exception is the x86 QEMU target. You can do this if building from source:
256
257 ./build roms -p grub targetname
258
259 Where `targetname` is e.g. `x200_8mb` (use the correct one for your board).
260
261 Again: make sure GRUB works. Also: don't do this if you're using a non-Intel
262 graphics card because only the Intel graphics have native video initialisation
263 in Libreboot, and we rely on SeaBIOS to execute the VGA ROM for others.
264
265 (it is assumed that you know to add the VGA ROM in CBFS if needed, if using
266 a dGPU, or that you're using a graphics card on a desktop so SeaBIOS will use
267 that automatically)
268
224 269 GPG keys GPG keys
225 270 ======== ========
226 271
Hints:
Before first commit, do not forget to setup your git environment:
git config --global user.name "your_name_here"
git config --global user.email "your@email_here"

Clone this repository using HTTP(S):
git clone https://rocketgit.com/user/libreboot/lbwww

Clone this repository using ssh (do not forget to upload a key first):
git clone ssh://rocketgit@ssh.rocketgit.com/user/libreboot/lbwww

Clone this repository using git:
git clone git://git.rocketgit.com/user/libreboot/lbwww

You are allowed to anonymously push to this repository.
This means that your pushed commits will automatically be transformed into a merge request:
... clone the repository ...
... make some changes and some commits ...
git push origin main