this post was submitted on 10 Nov 2024
62 points (97.0% liked)

Linux

48372 readers
1742 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago
MODERATORS
 

I am looking to build a Linux gaming machine with open source firmware and Intel ME disabled. Is this viable?

all 25 comments
sorted by: hot top controversial new old
[–] [email protected] 41 points 2 weeks ago (2 children)

The BIOS does a lot less than you'd expect, it doesn't really have an impact on gaming performance. For what it's worth, I've been gaming in a VM for years, and it uses the TianoCore/OVMF/EDK2 firmware, and no issues. Once Linux is booted, it doesn't really matter all that much. You're not even allowed to use firmware services after the OS is booted, it's only meant for bootloaders or simple applications. As long as all the hardware is initialized and configured properly it shouldn't matter.

[–] [email protected] 15 points 2 weeks ago (1 children)

I’ve been gaming in a VM for years

Tell us more about your setup! I'm assuming you have 2 GPUs and are passing one to the VM for Windows gaming? Is it even worth doing nowadays now that Kernel AC games are banning VMs anyway?

[–] [email protected] 16 points 2 weeks ago

Yes dual GPU. I set that up like 6 years ago, so its use changed over time. It used to be Windows but now it's another Linux VM.

The reason I still use it is it serves as a second seat and is very convenient at that. The GPU's output is connected to the TV, so the TV gets its own dedicated and independent OS. So my wife can use it when I'm not. When the VM isn't running I use the card as a render offload, so games get the full power of the better card as well.

I also use it for toying with macOS and Windows because both of those are basically unusable without some form of 3D acceleration. For Windows I use Looking Glass which makes it feel pretty native performance. I don't play games in it anymore but I still need to run Visual Studio to build the Windows exes for some projects.

This week I also used the second card to test out stuff on Bazzite because one if my friends finally made the switch and I need to be able to test things out in it as I have no fucking clue how uBlue works.

[–] [email protected] 3 points 2 weeks ago (1 children)

You'd think so but IIRC when Phoronix tested it, Coreboot would always significantly underperform compared to the regular firmware. It wasn't much but the effect was measurable.

[–] [email protected] 2 points 2 weeks ago

Yeah it'll depend on how good your coreboot implementation is. AFAIK it's pretty good on Chromebooks because Google whereas a corebooted ThinkPad might have some downsides to it.

The slowdowns I would attribute to likely bad power management, because ultimately the code runs on the CPU with no involvement with the BIOS unless you call into it, which should be very little.

Looking up the article seems to confirm:

The main reason it seems for the Dasharo firmware offering lower performance at times was the Core i5 12400 being tested never exceeded a maximum peak frequency of 4.0GHz while the proprietary BIOS successfully hit the 4.4GHz maximum turbo frequency of the i5-12400. Meanwhile the Dasharo firmware never led to the i5-12400 clocking down to 600MHz on all cores as a minimum frequency during idle but there was a ~974MHz.

I'd expect System76 laptops to have a smaller performance gap if any since it's a first-party implementation and it's in their interest for that stuff to work properly. But I don't have coreboot computers so I can't validate, that's all assumptions.

That said for a 5% performance loss, I'd say it counts as viable. My games VM has a similar hit vs native. I've been gaming on Linux well before Proton and Steam and have taken much larger performance hits before just to avoid closing all my work to reboot for break time games.

[–] [email protected] 19 points 2 weeks ago

BIOS doesn't matter for gaming as long as you don't use modded GPU drivers.

[–] [email protected] 11 points 2 weeks ago (3 children)

My understanding is there are few desirable motherboards that support Coreboot.

Don't like Intel Management Engine? or processors that shit themselves? go AMD.

[–] [email protected] 22 points 2 weeks ago (1 children)

AMD has the Platform Security Processor. While it supposedly doesn't have network access, it's still a block box with full access to all memory.

[–] [email protected] 5 points 2 weeks ago (1 children)

As far as I know it's also less documented. People have dug really deep into Intel ME that they even found a bit that disables most of the ME.

On the other hand AMD is planning to use coreboot compatible open firmware in the next EPYC generation. Knowing AMD, it will eventually come to the consumer market too. (We'll see if it will be available before Red Hat drops x11)

Also there was a phoronix article recently that Intel is too messing around with Coreboot on Xeon.

[–] [email protected] 1 points 2 weeks ago

i think amd said plan bring open source agesa to consumer after epyc.

[–] [email protected] 4 points 2 weeks ago

AMD has a similar technology tho

[–] [email protected] 1 points 2 weeks ago (2 children)

What would be an example of a desirable mobo and what is the benefit of the coreboot?

Any am4 options?

[–] [email protected] 4 points 2 weeks ago (1 children)

By "desirable motherboard" in this context I mean a standard ATX (or standard size variants) motherboard with a currently supported socket and chipset commonly available on the consumer market. To run Intel 13th or 14th gen, or Ryzen 7000 or 9000. I don't know if you can just buy an MSI or Asrock etc. board and expect to run Coreboot on them.

What's the advantage of coreboot? Soothes paranoia mainly. Both Intel and AMD platforms have little black boxes in them that run a separate little OS beneath Windows or Linux that has Ring 0 or similar low-level access to the hardware and could theoretically man in the middle anything done on the machine. Intel's is MINIX based, it's called the Intel Management Engine, and it genuinely is a little bit bile inducing reading what it has access to. AMD does have a simlar technology.

In terms of performance, system stability etc? Very little. Once the kernel is loaded and in control of the hardware the BIOS doesn't effect much AFAIK.

I'm not very familiar with it but I've not heard much about even AM4 boards being supported. I think of Coreboot (or it's completely binary blob free fork LibreBoot) and I think of either Purism or System76 and in both cases for their laptops.

===

This kind of thing (the "main" operating system is built atop a secret basement full of god knows what) isn't restricted to x86 either. On a Raspberry Pi, Linux running on the ARM cores is a second class citizen to ThreadX running on the VideoCore processor.

[–] [email protected] 1 points 2 weeks ago (1 children)

Thank you laying all of this out. I keep hearing about these issues but how did we get here and why is this being a concern now or am I just learning about it?

[–] [email protected] 3 points 2 weeks ago (1 children)

My understanding of things like the IME is that its reason for being is mostly benign, it lets enterprise-level IT departments do things like boot computers from across the network and stuff like that. It has no real use to home customers on their private PCs, but it's included on all systems to simplify engineering; it handles a lot of the early boot process. And it's always running. The privacy enthusiasts out there who carry a copy of TAILS on their keychains just in case aren't fond of the fact that there's a proprietary OS with unrestricted access to memory and networking just sitting there with no way of auditing or monitoring what it was doing.

This has been a thing for AWHILE now, and the whole coreboot thing...Intel, board manufacturers etc. keep their data so locked up that it's a challenge to build anything that works, so it's a miracle we have things like Coreboot at all. They largely concentrate on laptops IIRC, and it's rare to see full fat desktop motherboards that work with Coreboot.

[–] [email protected] 1 points 2 weeks ago

They largely concentrate on laptops

Main user base linux thinkpad enjoyer?

[–] [email protected] 3 points 2 weeks ago

afaik it's just the msi pro -a z690/z790 boards

[–] [email protected] 10 points 2 weeks ago* (last edited 2 weeks ago)

Yes, probably. It is possible to flash and use dasharo (a downstream fork of coreboot) onto a modern MSI Z790A motherboard, which gets you pcie gen 5, 14th gen intel, and so on. I’m not sure if the necessary code to get it running has been upstreamed into coreboot yet. https://docs.dasharo.com/unified/msi/overview/

From there, you can use corna’s me_cleaner to disable (and clean) the management engine. There are reports of it working on alder lake: https://docs.dasharo.com/unified/msi/overview/

Here’s a full tutorial on disabling your ME on modern systems: https://github.com/mostav02/Remove_IntelME_FPT?tab=readme-ov-file#neutralizing-me-and-flashing-via-fpt

To be honest, though, I wouldn’t bother unless you’re doing it for fun. I’m not sure if this entire process necessarily works on the Z790+14th gen intel anyway.

[–] [email protected] 9 points 2 weeks ago

While many comments here are correct that it would affect less than you'd expect, there are things that may not be covered.

For example:

  • there's no setting for hyperthreading
  • no way to disable SATA drives, in case you'd like to be selective
  • you'll need to reflash the BIOS if you want to change boot order permanently

Also, make sure you have the correct video BIOS.

[–] [email protected] 4 points 2 weeks ago* (last edited 2 weeks ago) (1 children)

yeah i play ksp and rainworld with coreboot+disabled ME thinkpad t430 and it's fine (coreboot has no performance penalties)

the only thing coreboot broke in my instance was the passive (cpufreq) powersave cpu scaler for my cpu, but I could just switch to the active (intel_pstate) powersave cpu scaler which is better anyway

are there modern desktop motherboards/chipsets/bioses that let you disable ME though? the z690/z790 are the only ones that I know can run coreboot (ignoring laptop motherboards), but I thought that still had to run ME?

[–] [email protected] 1 points 2 weeks ago (1 children)

How would the lack of passive CPU powersaving affect things on your end?

[–] [email protected] 1 points 2 weeks ago

passive/active are just 2 modes you can select between and active is simply better so for me there's literally 0 problems

[–] [email protected] 2 points 2 weeks ago

Is there any FOSS UEFI for MSI MPG B550 gaming edge WiFi?

[–] [email protected] 2 points 2 weeks ago* (last edited 2 weeks ago)

I'm not sure why it wouldn't be it doesn't change how Linux works at runtime does it?