bootloader System Administration

Coreboot Versus UEFI

BIOS (an acronym for Basic Input/Output System), which traditionally performed hardware initialization during the booting process has been with us since the 70s, and the time to replace it has come years ago.

Today, the de facto successor to BIOS is Unified Extensible Firmware Interface (UEFI), which addresses several technical shortcomings while typically providing legacy support for BIOS services. But contrary to popular belief, UEFI isn’t the only BIOS replacement available. There’s also coreboot, which is an open source software project that aims to replace BIOS with a lightweight firmware that does only the bare minimum to load and run a modern 32-bit or 64-bit operating system.

In this article, we explain the reasons why BIOS is obsolete and compare coreboot with UEFI to see how these two BIOS replacements came into being, what they want to accomplish, and what are their advantages and disadvantages.

The End of BIOS

Computers have evolved significantly since Gary Kildall, an American computer scientist and microcomputer entrepreneur, invented the term BIOS. Nowadays, it’s common to boot from not just hard drives and optical media but also from USB flash drives and remote network devices. It’s also common to boot from hard drives larger than 2.2 TB, which is a hard limit imposed by the Master Boot Record (MBR), the standard type of boot sector of IBM PC-compatible systems with BIOS.

Besides very limited hardware support, BIOS also doesn’t meet current security requirements of computer manufacturers, who need a way to ensure that the user always boots into an operating system that hasn’t been tampered with between boots.

Finally, BIOS is also outdated in terms of its usability. Its text-only user interface is clunky and often hard to navigate. Many BIOS implementations register input only when it comes from a PS/2 keyboard, and mouse input is virtually unheard of.

Successors to BIOS

There are currently three main successors to BIOS: coreboot, libreboot, and UEFI. Out of these, libreboot is the youngest, and it is actually a distribution of coreboot without proprietary binary code. It was launched in 2013 by Leah Rowe, and it currently works with any Linux distribution that uses kernel mode setting (KMS) for the graphics. Because of libreboot’s close ties to coreboot and its limited support, we won’t discuss it further in this article.

coreboot

On its official website, coreboot is described as “an extended firmware platform that delivers a lightning fast and secure boot experience on modern computers and embedded systems.” Coreboot was initially released in 1999, with the goal to create a BIOS alternative that would start fast and handle errors intelligently.

Some of the main contributors to the project include AMD, MSI, Gigabyte, Coresystems, and also Google, who partly sponsors the coreboot project and have accepted it in seven consecutive years for the Google Summer of Code.

In 2009, coreboot founder Ron Minnich said, “There are more than 10 million computers running coreboot out there these days. Many of them are appliances and set-top boxes. Stuff that is supposed to be instant-on. But some companies also sell servers running coreboot now. The use cases are very wide-spread. Some coreboot machines were hunting mines in Afghanistan, others were making sure the data integrity and performance in large hospitals is guaranteed. Coreboot has been used in systems testing and improving the security of cars, and of course in quite a couple of super computer clusters with thousands and thousands of nodes.”

Among the more readily available devices that support coreboot are some x86-based Chromebooks, the OLPC XO, and the Libreboot X200 and T400.

Compared to BIOS, coreboot only does hardware initialization, whereas traditional BIOS also starts the operating system. After the hardware initialization, coreboot starts a separate program called payload. The payload can be any program. Besides the standard bootloaders that can start the operating system, it can actually be the operating system kernel itself, which means that it’s possible to put coreboot and the Linux kernel into the boot flash to have an always-available Linux system.

UEFI

UEFI is based on the original Extensible Firmware Interface (EFI) specification developed by Intel in 2005, after the formation of The Unified EFI Forum.

“The Unified EFI (UEFI) Specification (previously known as the EFI Specification) defines an interface between an operating system and platform firmware,” describes the specification Intel. “The interface consists of data tables that contain platform-related information, boot service calls, and runtime service calls that are available to the operating system and its loader. These provide a standard environment for booting an operating system and running pre-boot applications.”

In most new machines, UEFI has replaced BIOS as a more complex alternative, with each computer manufacturer implementing the standard in a particular way to create a front-end specific to the manufacturer’s needs.

UEFI provides a pre-boot environment with its own shell, drivers, applications, the ability to browse the Internet, create system backups, and perform remote diagnostics without an operating system, among many other things. UEFI supports booting from hard drives as large as 9.4 ZB (1 ZB = 1trilliongigabytes), which should be enough for a while considering that the entire Internet is expected to be around 8 ZB.

But despite all the advantages UEFI has over BIOS, many digital rights activists have criticized it, claiming that UEFI removes the ability of the user to truly control the computer because of a feature called Secure Boot, which makes sure that a device boots using only software that is trusted by the Original Equipment Manufacturer (OEM).

Some machines with the Secure Boot feature make it impossible to turn the feature off, so anyone who owns such machine is stuck with whatever operating system came with the machine. Considering how few laptops come with Linux preinstalled, all Linux users who purchase a laptop or a desktop computer that isn’t specifically advertised as Linux-friendly should ensure that the machine makes it possible to turn off Secure Boot.

Conclusion

Even though coreboot is much older than UEFI, most computer users barely know about its existence because it can be found mostly in highly specialized devices, not laptops and desktop computers. That said, machines with coreboot do exist; they are just much harder to find.

About the author

David Morelo

David Morelo

David Morelo is a professional content writer in the technology niche, covering everything from consumer products to emerging technologies and their cross-industry application