Canoeboot 20240612 released!

Leah Rowe

12 June 2024

Return to index

Article published by: Leah Rowe

Date of publication: 12 June 2024


Canoeboot is a free/libre BIOS/UEFI replacement on x86 and ARM, providing boot firmware that initialises the hardware in your computer, to then load an operating system (e.g. GNU+Linux). It is specifically a coreboot distribution, in the same way that Trisquel is a GNU+Linux distribution. It provides an automated build system to produce coreboot ROM images with a variety of payloads such as GNU GRUB or SeaBIOS, with regular well-tested releases to make coreboot as easy to use as possible for non-technical users. From a project management perspective, this works in exactly the same way as a GNU+Linux distro, providing the same type of infrastructure, but for your boot firmware instead of your operating system. It makes use of coreboot for hardware initialisation, and then a payload such as SeaBIOS or GNU GRUB to boot your operating system; on ARM(chromebooks), we provide U-Boot (as a coreboot payload).

This is a bugfix release, and is considered stable. It fixes a series of bugs that were discovered in the previous Canoeboot 20240504 and 20240510 releases from 4 May 2024 and 10 May 2024 respectively.

The errata on Canoeboot 20240504 meant that all ROM images had to be removed, so a new stable release had to be made ASAP to compensate - the Canoeboot 20240510 binaries were also removed for the same reason, namely that the included xHCI patches (that weren’t actually needed on any machines) could potentially be problematic. This Canoeboot release excludes xHCI GRUB patches on all boards, because xHCI is not physically available on any current Canoeboot hardware, at least not x86.

The changes of the recent 1st build system audit are included, in this release, in addition to a few minor fixes made since that date. The audit was completed on 9 June 2024 and today is 12 June 2024. The release came unstuck.

NOTE: Although Canoeboot 20240510 was released after 20240504, this release announcement for Canoeboot 20240612 is in reference to 20240504, not 20240510, so it also includes changes from the 20240510 release, with fixes made after it.

Changes since Audit 1

Audit 1 was only recent, and forms most of the changes in this release, so look further down for a list of those changes or read the audit 1 page.

Some minor changes have been made in the few days since completion of that audit, namely:

The reason for separating the NVMe patch to only those boards that need it, is precisely to avoid any potential issues if a board doesn’t need it. The NVMe patch has been extensively tested, on all of the boards that actually have it.

Audit 1 changes

Since the recent audit 1 changes are included in this release, the changelog of that audit has simply been copied for sake of efficiency. Firstly:

Modest code size reduction

There are 1054 lines of shell script in the build system, versus 1208 in the Canoeboot 20240504 release. Canoeboot’s build system is written purely in POSIX sh; not BASH, not KSH, not ZSH, jush sh!

This is a difference of 154 lines, or a 13% reduction. Despite the reduction, numerous features have been added and a large number of bugs were fixed.

Summarised list of changes

Changes are in order per category, from newest to oldest:

Feature changes

Bug fixes

Some of these changes fix actual issues that were found in testing, while others were fixed before being triggered/reported and are thus preventative bug fixes. The logic in cbmk has been very intensively audited as is customary!

The changes are, from newest to earliest:

General code cleanup

In addition to general very sweeping code cleanup, condensing code lines where possible and so on:

Revision updates

Some revisions were updated as part of standard routine, but happened to be done during this audit. Those updates are as follows:


Bump SeaBIOS to revision e5f2e4c69643bc3cd385306a9e5d29e11578148c, which has these changes relative to the old one:

* e5f2e4c6 pciinit: don't misalign large BARs
* 731c88d5 stdvgaio: Only read/write one color palette entry at a time
* c5a361c0 stdvga: Add stdvga_set_vertical_size() helper function
* 22c91412 stdvga: Rename stdvga_get_vde() to stdvga_get_vertical_size()
* 549463db stdvga: Rename stdvga_set_scan_lines() to stdvga_set_character_height()
* c67914ac stdvga: Rename stdvga_set_text_block_specifier() to stdvga_set_font_location()
* aa94925d stdvga: Rework stdvga palette index paging interface functions
* 8de51a5a stdvga: Rename stdvga_toggle_intensity() to stdvga_set_palette_blinking()
* 96c7781f stdvga: Add comments to interface functions in stdvga.c
* 2996819f stdvga: Rename CGA palette functions
* 91368088 stdvgamodes: Improve naming of dac palette tables
* 70f43981 stdvgamodes: No need to store pelmask in vga_modes[]
* 1588fd14 vgasrc: Rename vgahw_get_linesize() to vgahw_minimum_linelength()
* d73e18bb vgasrc: Use curmode_g instead of vmode_g when mode is the current video mode
* 192e23b7 vbe: implement function 09h (get/set palette data)
* 3722c21d vgasrc: round up save/restore size
* 5d87ff25 vbe: Add VBE 2.0+ OemData field to struct vbe_info
* 163fd9f0 fix smbios blob length overflow
* 82faf1d5 Add LBA 64bit support for reads beyond 2TB.
* 3f082f38 Add AHCI Power ON + ICC_ACTIVE into port setup code
* 3ae88886 esp-scsi: terminate DMA transfer when ESP data transfer completes
* a6ed6b70 limit address space used for pci devices.


Updated to revision 5b4fdd1 from 2 May 2024, rebasing the MX workaround patch.

This imports upstream changes, relative to the previous revision:

* 5b4fdd1 z60_flashprog.rules: Add udev rule for CH347
* 72c9e40 meson: Check for CPU families with known raw mem access
* 3458220 platform/meson: Port pciutils/pci.h workaround to Meson
* f279762 platform/meson: Check for libi386 on NetBSD
* 14da5f7 README: Convert to Markdown
* 8ddea57 README: Document branching and release policy
* 2522456 util/ Fix path
* cbf9c11 spi: Don't cross 16MiB boundaries with long writes
* 823a704 dediprog: Skip warning on first attempt to read device string
* e8463c8 dediprog: Revise prefix check for given programmer id
* 38af1a1 dediprog: Revise id matching
* 4661e7c amd_spi100: Use flashprog_read_chunked() for progress reporting
* cdcfda2 read_memmapped: Use flashprog_read_chunked() for progress reporting
* 7679b5c spi25: Replace spi_read_chunked() with more abstract version
* ca1c7fd spi25: Normalize parameters of spi_nbyte_read()
* e36e3dc dediprog: Use default_spi_write_256
* 522a86d linux_spi: Use default_spi_read()/_write_256()
* 806509b cli_classic: Turn progress reporting into a progress bar
* 842d678 libflashrom: Return progress state to the library user
* aa714dd flashprog.c: Let select_erase_functions() return byte count
* 2eed4cf serprog: Add SPI Mode and CS Mode commands
* 821a085 dediprog: Implement id reading for SF600 and later
* 274e655 dediprog: Read device string early
* 0057822 dediprog: Add protocol detection for SF700 & SF600Plus-G2
* fb176d2 dediprog: Use more general 4BA write mode for newer protocols
* 0ab5c3d dediprog: Split device type and version parsing
* bdef5c2 dediprog: Use unsigned conversions to parse device string
* 5262e29 dediprog: Try to request 32B device string (instead of 16B)
* e76e21f dediprog: Get rid of some unnecessary hex constants
* 5a09d1e udelay: Lower the sleep vs delay threshold
* 03ad4a4 linux_mtd: Provide no-op delay implementation
* 211c6ec serprog: Refine flushing before synchronization
* 383b7fe serprog: Test synchronicity before trying to synchronize
* d7318ea serprog: Move synchronicity test into separate function
* 9a11cbf Let the flash context directly point to the used master
* aabb3e0 writeprotect: Hook wp functions into the chip driver
* 89569d6 memory_mapped: Reduce `decode_sizes` to a single `max_rom_decode`
* 929d2e1 internal: Pass programmer context down into chipset enables
* 7c717c3 internal: Pass programmer context down into board enables
* e3a2688 Pass programmer context to programmer->init()
* 2b66ad9 Start implementing struct flashprog_programmer
* 4517e92 memory_bus: Drop stale `size == 0` workaround and FIXME
* b197402 memory_bus: Split register mapping into own function
* 0e76d99 memory_bus: Move (un)map_flash_region into par master
* 9eec407 Perform default mapping only for respective chips
* 56b53dd wbsio_spi: Request memory mapping locally
* 5596190 it87spi: Request memory mapping locally
* 46449b4 spi25: Drop stale `bus == SPI` guards
* ab6b18f spi25: Move 4BA preparations into spi_prepare_4ba() hook
* 901fb95 Add prepare/finish_access() hooks for chip drivers
* a96aaa3 dediprog: Support long writes of 16MiB and more
* 1338936 Consider 4BA support when filtering erase functions
* 8d36db6 flashprog.8: Fix up serprog example
* d2ac303 flashprog.8: document new serprog cs parameter
* d1b9153 chipset_enable.c: Add Genoa to mendocino entry

As a reminder:

Canoeboot now uses Flashprog instead of Flashrom; Flashprog is a fork of Flashrom, lead by Nico Huber after a dispute with the new leadership of Flashrom, and it was felt that Flashprog is a better choice for Canoeboot.

Git log

This entire set of changelogs is based on the precise Git history in cbmk, relative to Canoeboot 20240504 which is from where the audit began.

The latest changes are listed first, going all the way down to earlier changes:

* 4f6fbfde81 minor code cleanup in the build system 
* 070aee6728 re-add ability to use cbfs grub.cfg as default 
* b4acd0f73c trees: exit with error if project undefined 
* fd9664c567 build: also make a lock file during release build 
* 686bad6d4e more useful lock message 
* f1caf89a28 create a lock file during builds 
* b6dc23bc67 hide e() output on for loop 
* e51eae0d25 fix regression 
* 8b1a54d19e download xtree *before*, not after 
* 14bba2d789 fix deletion path in nuke() 
* ab4c4d406f less confusing error in download() 
* 2eaaa63f58 hide stderr on download() 
* 9e2584fbd9 simplify download() 
* 79fb79d239 fix redundancy in download() 
* e8b1d45631 simplify singletree() 
* 90a8ef90b0 further simplify nuke() 
* c6b692208b simplify link_crossgcc() 
* c043e5810d simplify nuke() 
* 323a17d0c8 Add dependency scripts for Fedora 40 and Ubuntu 24.04 
* 62b2310a28 add crossgcc tarballs to config/submodules/ 
* 8a34a0d338 support downloading *files* as submodules 
* 0730513709 remove unnecessary line break 
* ad05266f8d import file download function from lbmk c202dc61 
* b8e9eab0ba shorten a string in e() 
* a29cf274bc fix submodule path 
* 7ac2264f53 simplify prep_submodules() 
* 7c8173ebd4 unified handling of git clone/reset/am 
* 573199c07d trees: simplified copy_elf() handling 
* d0d9b1204f simplify submodule handling 
* df5d7c18bf provide feedback for repository downloads 
* 591c7d28e0 download "depend" projects *before* 
* 548d1e20c1 reduced indentation in fetch_submodule 
* 12a04e8de2 reduced indentation in prep_submodules 
* 9825e97a83 *never* run git submodule update 
* 860deb3e7e rename variable for clarity 
* 8d5edd4f06 trees: don't check empty path in copy_elf() 
* c1176bbd28 trees: fix build issue caused by bad elf check 
* c88fb8c129 trees: fix listfile check in copy_elf() 
* 9168d33741 trees: don't say check elf/ if build.list missing 
* db09530905 trees: don't do elfcheck if build.list missing 
* 99418a7e82 define mdfiles/images in config/submodules/docs/ 
* 83d84797d8 libopencm3 to config/submodules/ on stm32-vserprog 
* c3cabcddf9 add tinyusb to config/submodule/ for pico-sdk 
* e4eb82e089 trees: unified coreboot makeargs 
* f7170092c8 trees: use multiple threads to build cbutils 
* 1d7a6f04c9 move handle_coreboot_utils to script/trees 
* ff16d27991 put coreboot utils in elf/, not cbutils/ 
* 3748f710c9 fix build issue building coreboot utils 
* a30bfd334f trees: skip single-tree build if a build exists 
* b682b4ddca use correct memtest86plus path in script/roms 
* 4749a5a29f put memtest86plus builds in elf/memtest86plus/ 
* 0e9d9b33b2 put flashprog builds in elf/flashprog/ 
* 7fe0106fa0 trees: also print "DONE! check elf/dir" on single 
* 74759d876a trees: handle build-test on multi-tree projects 
* 98e9cf6864 use singletree() to decide submodules 
* b3b887567a remove cbcfgsdir variable (unused) 
* cb446e7d24 move cfgsdir/datadir variables to 
* 7d99786a1a handle build.list from config/data/, not config/ 
* a61794dfca don't use build.list to detect multi-tree projects 
* 878056f37b move id check to too 
* 3900642471 move root check to (bugfix) 
* 740b1803fa bugfix: move dependencies handling to 
* 4e25e335ed bump untitled revision again 
* 44ef38b335 bump untitled revision in git config 
* 7b9431e336 bugfix: check environmental variables right 
* 2478252f67 more friendly output from e() 
* d21fd016ac badcmd: don't print "no context given" 
* 663de3bab4 badcmd: link directly to the maintenance manual 
* 1d866d17d8 better help text on invalid commands 
* 1204bc3c96 build: print the project website address on help 
* ca0e9354f6 add projectsite file: point to 
* eb4ac3c334 make GRUB multi-tree and re-add xhci patches 
* 347a104ae6 u-boot on qemu: remove currently unused x86 target 
* 23e66c113d grub.cfg: scan /boot/grub.cfg last 
* 6151316b91 grub.cfg: scan grub2/ last 
* 36b3be95cf grub.cfg: search a reduced list of devs/partitions 
* 71a17efc06 grub.cfg: scan grub.cfg from ESP 
* 8bc7e3a539 grub.cfg: split up try_user_config 
* cb4bacc9d9 grub.cfg: don't search for *_grub.cfg 
* ea7e6e1659 grub.cfg: remove unnecessary path for isolinux 
* 1beca3b781 grub.cfg: don't scan EFI on btrfs subvols 
* 0662519cca Fix building vboot on i686 
* 224dce632b do not remove .submodules 
* a36504aa31 delete u-boot test/lib/strlcat.c using nuke() 
* cdce8ba70b make nuke function more generic 
* 2c1f6f5e7a do not allow dashes in coreboot target names 
* 7dc5d35929 roms: allow user override of grub_scan_disk 
* bcb65846d3 grub.cfg: actually support setting boot order 
* 2887b77ae4 trees: use CPUS=x on regular coreboot make 
* a056583762 update gitignore 
* 1ac4f7409e roms: fix bad eval when comparing options 
* 724dbfe0ce grub.cfg: add spdx header 
* 66f5faac73 re-configure grub_scan_disk on various targets 
* bb92776943 remove grub_scan_disk in all target.cfg files 
* 935447b035 grub.cfg: use grub_scan_disk to set boot order 
* 75b6fbf302 GRUB: remove XHCI patches for now (will re-add) 
* 07340d9711 minor correction 
* 9f489b43d5 roms: make grubfirst if seabios_withgrub=y 
* fca9b19e18 coreboot: only run GRUB as a secondary payload 
* b75490f8fc flashprog: bump to 5b4fdd1 from 2 May 2024 
* d147c5d915 rename include/ to include/ 
* f534b0e973 merge nuke() back into 
* a02b152f44 rename nukeblobs to a more generic name 
* cb1918c5d7 roms: remove errant reference 
* 4cff3c7d33 roms: rename bstr variable 
* dc487df12f remove errant whitespace 
* cbb2f4f8a9 general code cleanup in the build system 
* 583135e548 build: simplify git_init() 
* aaff90f5a5 build: do root check before git check 
* 687fdacc78 build: simplify git checks 
* 84ee6a1ed8 fix bad check for version/versiondate 
* 3554593fd8 trees: reset makeargs per target/project 
* b09261a901 trees: also use UPDATED_SUBMODULES=1 on crossgcc 
* 698548ac59 trees: add UPDATED_SUBMODULES to coreboot make 
* c8c516703f trees: write -C on the make command first not last 
* aa15eef32f config: add backup coreboot submodule repositories 
* 9e88ef2449 coreboot/default: remove chromeec from module.list 
* 27f21c32d3 break if a submodule clone succeeds 
* 38fca598fb coreboot: only download the necessary submodules 
* b5aa8b2d35 allow finer control of git submodules 
* 9339c6f3fd build: hide git-init output 
* 31e089aff3 generate version file if .git not found 
* 7ec023907b update/trees: remove unused variable 
* 2b0e71412e move repo copying to a new function 
* d71c4d326e move link_crossgcc to end of file 
* 0d7c249c9b move deblob function to new file "" 
* 1300f09e67 move xgcc linking to a new function 
* 24934e6569 don't include --checkout in submodules 
* 5e0129eb0f skip submodules if .gitmodules missing 
* 7f82622caf merge patch_submodules in prep_submodules 
* 9c0a7f14fc split submodule handling to new function 
* b593127795 remove errant line break 
* 19f694bf2a remove another meaningless check 
* 71a9fcced8 shorter variable names 
* 6693588857 remove meaningless check 
* 5c459ad4ac remove variable not meaningfully used 
* 7be7bb8edb add CHANGELOG to .gitignore 
* 3b2ebda890 Fix E6400 display reference clock patches 
* 995f052bb0 fix building coreboot images on i686 hosts 
* 31d2c818eb Also try unlocking encrypted volume on NVMe 
* 58f6741fb4 fix invalid command in git_prep() 
* f58b01c300 Add NVMe support to GRUB2 payload 
* b892036edf Fix E6400 display issue with 1440 x 900 panel 
* f81c7ed8e9 Add pt qwerty keymap to lbmk 
* 849466c0ac allow patching submodules 
* 8d4d063ace don't delete .git if src/project/project 
* 0ecb062df0 build/roms: skip target if config/ dir missing 
* 4783c5b90e more minor cleanup in the build system 
* 10ecf41ee0 remove fetch_from_upstream() 
* ddcb793bd2 don't return 1 in mkrom_tarball 
* ae8637b620 mktar_release to mkrom_tarball 
* 309c3b1f33 build/roms: rename moverom to copyrom 
* a39c95cfac minor code cleanup in the build system 
* f102e21ab6 build/roms: simplify serprog list command 
* 7a565c9f43 build/roms: simplified config payload checks 
* a243dc2308 err if config directory is missing 
* c28166ff9e print the config filename being checked 
* 9fd504e24a Remove .git if XBMK_RELEASE=y 
* e4956478db build: remove initcmd() and simplify main() 
* f2b3bb142d build: initialise git first (before commands) 
* 571932d33e build: remove excmd() and simplify main() 
* 525f5525d3 build: don't make script_path a global variable 
* fbac2d8fe6 Implemented failsafe options at boot and inside menus for enabling/disabling serial, spkmodem and gfxterm 
* 3e5db248dd cbmk: allow easier sync with lbmk 
* e71189420f remove help commands (user should read docs) 
* 23854de888 delete check_git() 
* 2c5f52ce29 build: define "xp" in the global variables 
* 48c5c57cff build: simplify for loop in fetch_trees() 
* c2baebc79a build: simplified downloads in fetch_trees() 
* 18d0e53480 ./build release: don't do u-boot-only archives 
* d8a923f766 build: use utc+0 when initialising git repo dates 
* 0794127986 remove check_project() (always set variables) 
* c8bc797f31 build: simplify deletions in fetch_trees() 
* 363ec7512c build: delete mkversion() (just print relname) 
* ae44676727 build/roms: clean up tarball handling 
* 3469836f18 rm src/u-boot/*/test/lib/strlcat.c in u-boot 
* c57dfefe91 build: remove mkrom_images 
* 6ab8c2c446 build: use same tarball name on uboot-only release 
* 21436c6a8f build/roms: create full release tarball name 
* 90c528032b don't bother checking for GNU tar 
* 422d36a07c remove insert_version_files() 
* ca1806f20e cleanup: remove mkvdir 
* a0ea7f7a92 unified sha512sum creation for tarballs 
* 09fcc343a3 move rom tarball creation to script/roms 
* 5c888669c6 disable x301 for next release (for now) 
* 91c90d763f print two line breaks before confirming release 
* d423421995 remove all status checks. only handle release. 
* 4826364afb remove errant comment 
* 541430016f move script/*/* to script/ 
* 9084ab15ab build: print usage for special commands 
* f12c2f284f merge script/update/release into build 
* 41f4ee3c2d Canoeboot 20240510 release 
* 0580373ff9 bump seabios to e5f2e4c69643bc3cd385306a9e5d29e11578148c 
* 17b5cb2749 further modify the README (stragglers) 
* 628e91a3b9 build: further prevent non-cbmk-work-directory 
* e761a494c8 build: exit if not running from cbmk directory 
* eb8a02e808 build/roms: print serprog help 
* a398011180 merge script/build/serprog with script/build/roms 
* cd5c2573ac build/roms: remove unnecessary command 
* da748de455 merge include/ with include/ 
* 3acac46536 correct copyright info 
* 6bdbb70dbc build/roms: don't rely on x in handle_target 
* 1c84d0fc9d build/roms: don't use exit status from skip_board 
* 0ada63b629 build/roms: split up main() 
* 5cecd9e394 build/roms: allow searching status by mismatch 
* 97d502ccc8 tone the README way, way down 

This is 206 changes, since Canoeboot 20240504.

Markdown file for this page:

Subscribe to RSS for this site

Site map

This HTML page was generated by the Untitled Static Site Generator.