Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Kernel Deblobbing
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Installing Gentoo
View previous topic :: View next topic  
Author Message
gspaceman
n00b
n00b


Joined: 18 Jan 2018
Posts: 3

PostPosted: Fri Jan 19, 2018 12:06 am    Post subject: Kernel Deblobbing Reply with quote

Very noob question: I want to use gentoo as a 100% free distribution but I'm not sure on how to do that. I know that i can use a deblob script but is it any different than just deseletcting "Include in-kernel firmware blobs"?
Another thing, after I've deblobbed the kernel can I merge linux-firmware, or will it still contain proprietary blobs?

Thank you in advance
Back to top
View user's profile Send private message
NeddySeagoon
Administrator
Administrator


Joined: 05 Jul 2003
Posts: 54119
Location: 56N 3W

PostPosted: Fri Jan 19, 2018 12:34 am    Post subject: Reply with quote

gspaceman,

Welcome to Gentoo.

Firmware is in general, proprietary blobs.
From the firmware on your motherboard, to the CPU microcode, the HDDs, the kernel embedded firmware, linux-firmware, ...

Its not all executable code. Some is just state machines. Some is code to run in embedded processor in an attached device.
You only get to know about the existence of firmware because the vendor saved a few pennies by not providing some permanent storage for the firmware.
_________________
Regards,

NeddySeagoon

Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail.
Back to top
View user's profile Send private message
gspaceman
n00b
n00b


Joined: 18 Jan 2018
Posts: 3

PostPosted: Fri Jan 19, 2018 12:41 am    Post subject: Reply with quote

NeddySeagoon wrote:
gspaceman,

Welcome to Gentoo.

Firmware is in general, proprietary blobs.
From the firmware on your motherboard, to the CPU microcode, the HDDs, the kernel embedded firmware, linux-firmware, ...

Its not all executable code. Some is just state machines. Some is code to run in embedded processor in an attached device.
You only get to know about the existence of firmware because the vendor saved a few pennies by not providing some permanent storage for the firmware.


Thank you, so I won't emerge linux-firmware, but I'm still confused on what to do.
Should I run the deblob script and just deselect "Include in-kernel firmware blobs", or should I do only the first or the latter?
Back to top
View user's profile Send private message
NeddySeagoon
Administrator
Administrator


Joined: 05 Jul 2003
Posts: 54119
Location: 56N 3W

PostPosted: Fri Jan 19, 2018 1:04 am    Post subject: Reply with quote

gspaceman,

It all depends on your definition of 'free'.

Free, as in everything open source, is not very practical. No HDD, no video card, no wifi, no processors after about the Pentium 2 and a motherboard that will run coreboot.
Free, as in free to distribute, is Gentoo out of the box.

Where in that range is your 'free'.
_________________
Regards,

NeddySeagoon

Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail.
Back to top
View user's profile Send private message
gspaceman
n00b
n00b


Joined: 18 Jan 2018
Posts: 3

PostPosted: Fri Jan 19, 2018 1:22 am    Post subject: Reply with quote

NeddySeagoon wrote:
gspaceman,

It all depends on your definition of 'free'.

Free, as in everything open source, is not very practical. No HDD, no video card, no wifi, no processors after about the Pentium 2 and a motherboard that will run coreboot.
Free, as in free to distribute, is Gentoo out of the box.

Where in that range is your 'free'.


I have a librebooted thinkpad t400, so my free would be your impractical everything open source.
I just want to know if i have to run the deblob script -as described at https://wiki.gentoo.org/wiki/Kernel_Deblobing - on top of deselecting "Include in-kernel firmware blobs" in menuconfig, or if i have to do just one or the other
Back to top
View user's profile Send private message
gentoo_ram
Guru
Guru


Joined: 25 Oct 2007
Posts: 474
Location: San Diego, California USA

PostPosted: Fri Jan 19, 2018 5:15 am    Post subject: Reply with quote

Well then you likely won't have Wi-Fi functionality since WiFi generally needs a firmware blob to run. You OK with that?
Back to top
View user's profile Send private message
NeddySeagoon
Administrator
Administrator


Joined: 05 Jul 2003
Posts: 54119
Location: 56N 3W

PostPosted: Fri Jan 19, 2018 11:58 am    Post subject: Reply with quote

gspaceman,

libreboot is a good start.
You can do both if you want belt and braces. After the kernel is deblobbed, there should be no firmware to include.
Also, if you don't select kernel options that need firmware, none will be included anyway. Its not obvious which options there are.
After deblobbing, when you do select kernel options that need firmware, it will be missing, so that hardware won't work.

What are you doing about the firmware in your HDD?

In line with your philosophy, you cannot use linux-firmware. While that is believed to be free to distribute, its almost all closed source.
_________________
Regards,

NeddySeagoon

Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail.
Back to top
View user's profile Send private message
cord
Guru
Guru


Joined: 28 Apr 2007
Posts: 344

PostPosted: Thu Apr 12, 2018 3:55 pm    Post subject: Reply with quote

2gspaceman, https://bugs.gentoo.org/537132
gentoo_ram wrote:
Well then you likely won't have Wi-Fi functionality since WiFi generally needs a firmware blob to run. You OK with that?


Qualcomm Atheros chips doesn't need proprietary firmware to work. Even for USB cards (which need firmware) there's free open source firmware on github.
As you can see at https://wiki.debian.org/WiFi there's some old Ralink and few Realtech chips which also doesn't need firmware to work. So, no problem.
Back to top
View user's profile Send private message
1clue
Advocate
Advocate


Joined: 05 Feb 2006
Posts: 2569

PostPosted: Thu Apr 12, 2018 4:17 pm    Post subject: Reply with quote

What about the motherboard BIOS? Or the ROM, or the firmware/ROM of a network card or hard disk or any other peripheral?

Personally I think you can't escape entirely from closed source, especially if you want decent hardware and expect it to perform well. For that matter the CPU microcode is baked in and can't be modified, and that is certainly closed source.
Back to top
View user's profile Send private message
steveL
Watchman
Watchman


Joined: 13 Sep 2006
Posts: 5153
Location: The Peanut Gallery

PostPosted: Sat Apr 21, 2018 12:22 pm    Post subject: Reply with quote

It's perfectly possible to run a machine with deblobbed kernel (and no other "firmware") -- I did it for several years.

No-one's really wondering about how to disable CPU microcode, since that is just infeasible.

Sure, it opens a wider discussion about trusting hardware in general, but that's off-topic, imo.
Back to top
View user's profile Send private message
khayyam
Watchman
Watchman


Joined: 07 Jun 2012
Posts: 6227
Location: Room 101

PostPosted: Sat Apr 21, 2018 1:53 pm    Post subject: Reply with quote

gspaceman wrote:
I just want to know if i have to run the deblob script -as described at https://wiki.gentoo.org/wiki/Kernel_Deblobing - on top of deselecting "Include in-kernel firmware blobs" in menuconfig, or if i have to do just one or the other

gspaceman ... here is how I understand the situation (and I may be wrong), with FIRMWARE_IN_KERNEL=y then firmware blobs (if they exist) for selected drivers will be "buil[t ...] into the kernel directly", and so is primarily about how "request_firmware()" functions (in kernel, or via a call to userspace). Then there is PREVENT_FIRMWARE_BUILD which, as the name suggests, prevents existing firmware from being built, but will not prevent shipped firmware from being used. Then there is FW_LOADER, which allows for firmware loading in userspace. None of these are for expunging firmware, or preventing it from being included or used (either in kernel, or in userspace) ... to achive that then you need to 'deblob'.

HTH & best ... khay
Back to top
View user's profile Send private message
Ant P.
Watchman
Watchman


Joined: 18 Apr 2009
Posts: 6920

PostPosted: Sat Apr 21, 2018 4:57 pm    Post subject: Reply with quote

The firmware loader mechanism is also used to load the wireless regulatory database and signatures. Those aren't proprietary code, but you'll be artificially limiting your wifi card's power and channel list without them.
Back to top
View user's profile Send private message
steveL
Watchman
Watchman


Joined: 13 Sep 2006
Posts: 5153
Location: The Peanut Gallery

PostPosted: Sun Apr 22, 2018 4:27 pm    Post subject: Reply with quote

Ant P. wrote:
The firmware loader mechanism is also used to load the wireless regulatory database and signatures. Those aren't proprietary code, but you'll be artificially limiting your wifi card's power and channel list without them.
Well, another reason to deblob is security; and some of us prefer wired-networking only.
So it ends up being a bonus, not a disadvantage.

That's one of the thing I love about building our own kernels; we get to disable everything we don't need.

Obviously, this doesn't apply to everyone, YMMV, etc.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Installing Gentoo All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum