Canoeboot Build System Audit 2 completed on 19 July 2024. New release soon. Many bugs fixed, new safety and reliability feature.
Hi everyone,
https://canoeboot.org/news/audit2.html
I've completed a massive new audit of the Canoeboot build system, as of today. I am the founder, and lead developer of Canoeboot. It is a coreboot distribution that aims for FSF/GNU compliance (blob-free distro, as per GNU Free System Distribution Guidelines).
Canoeboot is a free/opensource boot firmware project. It replaces your proprietary BIOS/UEFI firmware, on supported x86 and ARM computers. It does this by providing an automated build system to download, patch and compile the various upstream sources (e.g. coreboot, GRUB, SeaBIOS). Coreboot is used for hardware initialisation, configuring everything from your CPU, memory controller all way to peripherals, readying the hardware so that it can run software, e.g. GNU+Linux and BSD systems. You can essentially think of cbmk, which is Canoeboot’s build system, as a source-based package manager. It is what the Canoeboot releases are built with. The cbmk build system essentially implements a coreboot distro, the same way you might think of a GNU+Linux distribution; it systematically downloads, resets (to specific revisions) and patches various upstream project sources such as coreboot, U-Boot and GRUB, automatically building entire coreboot images. This build system is what creates Canoeboot release images and source tarballs.
The audit page goes into great detail, but the gist of it is this:
New safety features e.g. automatic checks of project configs/revisions, automatically re-download and re-building if they change (this used to be done manually).
Better error handling in general.
More aggressive caching of Git repositories and files downloaded as modules, to avoid bandwidth waste when running multiple builds from cbmk.
Also the U-Boot revision was updated to v2024.07.
The audit has focused only on code cleanup and bugfixes, in addition to the new reliability features.
A focus now will be on testing new revisions, and there are a few more mainboards (for Canoeboot specifically) that I wish to add in the next release, ETA August 2024.