I've confirmed that GrapheneOS boots on the HiKey 960 and provides a working adb shell and serial console. However, there's a serious issue with the graphics driver causing it to cycle the screen to black and back repeatedly. I expect it's yet another upstream use-after-free bug.
Conversation
I'm not currently interested in working on HiKey / HiKey 960 support, but it's set up with the basics working already if anyone wants to work on this. The next step would be disabling zero-on-free and the other use-after-free mitigations, or just testing with jemalloc instead.
This Tweet was deleted by the Tweet author. Learn more
Enabling support for verified boot within the OS wouldn't be enough since secure boot would also need to be enabled for the firmware, and chained from early firmware to late stage firmware and the OS. I don't know if the SoC is left in a factory state where this could be enabled.
1
Show replies