u-boot
hush
Our great sponsors
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
u-boot
-
Just about every Windows/Linux device vulnerable to new LogoFAIL firmware attack
coreboot just initializes the hardware, the logo is something that the payload displays: https://www.coreboot.org/Payloads
The most typically used payload is u-boot: https://docs.u-boot.org/en/latest/
u-boot supports specifying splash screens via "splashfile", but it seems only bmp and maybe some raw image format are supported: https://github.com/u-boot/u-boot/blob/2f0282922b2c458eea7f85...
In other words, no support for png, which this exploit uses :). That doesn't mean that coreboot/u-boot aren't written in C though which is a language known for its vulnerabilities.
-
Welcome Debian riscv64
Probably a better example than WiFi would be the on-chip SDRAM controller. It's always somebody's IP and there's a blob in the boot firmware that's just binary register settings. Like so:
https://github.com/u-boot/u-boot/blob/master/arch/riscv/dts/...
-
GPL Code in Atgames Products
Hello, It's my understanding that the following OSS software is used in the AtGames Legends family of products. Specifically: "Das U-Boot" https://github.com/u-boot/u-boot GPL-2.0+ Linux Kernel https://github.com/torvalds/linux GPL-2.0 The AtGames website at https://www.atgames.us/pages/credits does not contain the source code used in these products. Specifically, the GPL requires that if any modifications are made to GPL code, you must make the source code available to the users of the program as described in the GPL, and they must be allowed to redistribute and modify it as described in the GPL. Any modification to u-boot or the Linux Kernel adding the ability to boot a device must be made available to users of the program. Please see the following links regarding acceptable use of GPL software: https://www.gnu.org/licenses/gpl-faq.en.html#GPLRequireSourcePostedPublic https://www.gnu.org/licenses/gpl-faq.en.html#WhyDoesTheGPLPermitUsersToPublishTheirModifiedVersions https://www.gnu.org/licenses/gpl-faq.en.html#GPLCommercially https://www.gnu.org/licenses/gpl-faq.en.html#GPLInProprietarySystem https://www.gnu.org/licenses/gpl-faq.en.html#DistributingSourceIsInconvenient Please let this request serve as written notice of a request for source code for the OSS software used in the following products: HA2810, HA2811, HA2812 AtGames Legends Core Puck HA2819 AtGames Legends Core Max HA8800, HA8801, HA8802 AtGames Legends Ultimate HA8810, HA8812 AtGames Legends Ultimate Mini HA8819, HA8819C AtGames Legends Pinball (Model unknown) AtGames Legends Pinball Micro At this point in time, AtGames is in violation of the GPL and should work to return to compliance by publishing the requested source code and making it available to users of the products.
-
How does ARM support for Linux work? Why do they use custom kernels, OS instead of mainline and the typical distros?
Upstream u-boot also supports quite a lot of boards: https://github.com/u-boot/u-boot/tree/master/arch/arm/dts
-
How to build a newer version of u-boot for the board smdk5250 (exynos 5250 of the google-samsung ARM chromebook.
git clone https://github.com/u-boot/u-boot make smdk5250_defconfig Makefile:40: *** missing operator. Stop.
-
FreeBSD/riscv64 on QEMU with Arch
Hey everyone, if this question is off-topic I apologize in advance and if you can redirect me into correct channel or any other source where I can ask question I would happily do, for now I think this is the best place to ask. I daily drive arch and wanted to run freeBSD/riscv64 image on qemu following this https://wiki.freebsd.org/riscv#QEMU_Emulator and u-boot guide: https://github.com/u-boot/u-boot/blob/master/doc/board/emulation/qemu-riscv.rst However it seems I'm doing something wrong and compilation results in error here is all additional info: https://pastebin.com/72shccGa
- Guide: Hush Shell-Scripting Language
- Meine "4 Std." Arbeitswoche. Eine Beschreibung über mein Arbeitsalltag im Homeoffice
-
Intel completely disables AVX-512 on Alder Lake after all
The normal way this is done is the DDR training blob is just embedded into the bootloader like any other data, and the bootloader loads it into the PMU. Same exact end result, minus involving a Cortex-M4 core for no reason and minus sticking the blob in external flash for no reason. Here, this is how U-Boot does it on every other platform:
https://github.com/u-boot/u-boot/blob/master/drivers/ddr/imx...
Same code, just running on the main CPU because it is absolutely pointless running it on another core, unless you're trying to obfuscate things to appease the FSF. And then the blob gets appended to the U-Boot image post-build:
https://github.com/u-boot/u-boot/blob/master/tools/imx8m_ima...
Purism went out of their way and wasted a ton of engineering hours just to create a more convoluted process with precisely the same end result, because somehow all these extra layers of obfuscation made the blob not a blob any more in the FSF's eyes.
-
PinePhone Pro was announced last week. AMA.
The RK3399 LPDDR4 training code is open-source (albeit rather impenetrable to read) - implementations exist in coreboot, u-boot, and levinboot, so closed source firmware isn't required. I'm afraid I don't know answers to the other questions.
hush
-
Why should I care wether my shell is POSIX compliant?
If we're detaching from POSIX, why not get more wild? Why not xonsh or something? Also I found this lua inspired shell which could be cool: https://github.com/hush-shell/hush
-
Working with JSON in traditional and next-gen shells like Elvish, NGS, Nushell, Oil, PowerShell and even old-school Bash and Windows Command Prompt
Maybe hush (https://github.com/hush-shell/hush) should be included in this list.
- Hush – Unix shell based on the Lua programming language
- Hush - unix shell based on the Lua programming language
-
Guide: Hush Shell-Scripting Language
While being extremely small is a worthy goal, I suppose the aim of Hush is to make writing larger shell scripts easier and less error-prone. It's more for the niche of Perl of old than of minimal shells like ash.
For a very limited device, a very limited shell like that in Busybox is sufficient, because it likely does not need large shell scripts, or a lot of interactive work.
Looking at [1], current Hush is under 700k, which is still way smaller than Python or Perl, with much of its expressiveness.
[1]: https://github.com/hush-shell/hush/releases
-
Announcing Hush, a modern shell scripting language
Official guide: https://hush-shell.github.io/ Repository: https://github.com/hush-shell/hush
-
If you're not using a lexer generator for your compiler, why?
Yes, you can check the code here: https://github.com/gahag/hush
What are some alternatives?
coreboot - Mirror of https://review.coreboot.org/coreboot.git. We don't handle Pull Requests.
busybox - BusyBox mirror
barebox - The barebox bootloader - Mirror of ssh://[email protected]/barebox
busybox - Docker Official Image packaging for Busybox
hush - hush (a Bourne-style shell) for the GNO multitasking environment on the Apple IIgs
levinboot
logos - Create ridiculously fast Lexers
waydroid - Waydroid uses a container-based approach to boot a full Android system on a regular GNU/Linux system like Ubuntu.
parsegen - An LR parser generator, implemented as a proc macro
beaglebone-ai - BeagleBone AI - the fast track for embedded machine learning
ngs - Next Generation Shell (NGS)