Hector Martin

Of course, you still want to be firewalled from devices using proprietary firmware wherever possible (in the form of interfaces that are secure, e.g. no free memory read/write from the blob), but that has nothing to do with not allowing the free side to send the blob over.

But RYF instead says you must hide and bury any firmware you end up having to have. And so @Puri_sm end up having to do utter nonsense, like using a secondary CPU core to load the DDR4 controller firmware into the hardware, just so they can claim the binary blob is elsewhere.

They store the blob on write-protected SPI flash (because users must not have the freedom to modify any firmware they do wind up running), and write some code for the secondary CPU just so that the main CPU doesn't get digital cooties from (eeeeeew) touching the DDR4 code.

Keep in mind this isn't even about the secondary (or main) CPU *running* the firmware. The firmware is always run by an embedded processor in the DDR4 PHY anyway. This is just about having the main CPU never even *see* the firmware. See no evil, hear no evil, speak no evil.

So it doesn't matter that the DDR4 controller firmware has access to all RAM and obviously can pwn the main CPU at will. As long as you bury it in read-only memory, and make sure it never is accessed by the main CPU, the FSF will give your product their meaningless rubber stamp.

What if the firmware is backdoored? Who knows! You're not supposed to touch it from the main CPU, lest you get digital cooties (eeeeeeeew). Just don't think about it. Move on. Everything's Libre™ (except the parts you can't see). It'll be fine.

So yeah, screw you, FSF. I want that blob compiled into the main CPU's u-boot, from a freely downloadable blobs repo, where I can do whatever I damn well want with it. Which is the sane engineering approach, and the most user-freedom-respecting thing to do.