From flashrom
Revision as of 22:21, 21 February 2016 by Stefanct (talk | contribs)
Jump to navigation Jump to search

This wiki is retired

Our website is, instructions on how to add or update documentation are here

All wiki content available in read-only mode at

General info

The flashrom project will apply for participation in GSoC 2016 under the patronage of coreboot's GSoC administration. Depending on the number and quality of applications (for both projects) and available mentors, there may be one or two slots for flashrom projects. Most of the information on the coreboot site is also valid for flashrom students, please read them.

If you want to apply, it is probably a good idea to subscribe to our mailing list and take a look at our page with easy projects. You can show us that you are able to work with our codebase and/or read datasheets by solving some of the problems noted there. It is a good idea to talk to us before you start though (list items may already be worked on/partially solved by by other prospective students).

The list below is an idea collection and not set in stone. If you're interested, please talk to us on the flashrom mailing list and/or on IRC and we can make them more concrete together depending on your skills and interests.

flashrom contact

If you are interested in becoming a GSoC student, please contact the flashrom mailing list or visit our IRC channel #flashrom on Please note that most of the developers live in Europe, so responses on IRC may be a bit slow if people are asleep.

If you need to contact someone directly, send a mail to Stefan or see coreboot's GSoC page for other contacts.

How to apply

The procedure for applying for a flashrom idea/project is identical to the coreboot application procedure. Please follow the link coreboot Summer of Code Application.

Why work on flashrom for GSoC 2016?

TL;DR: It's cool. Seriously. (Similar reasons as coreboot.)

  • flashrom offers you the opportunity to work with modern hardware “right on the iron”.
  • Hardware is fun and weird. You will learn that datasheets are just loose guidelines to the hardware and real insight is gained by systematic tinkering.
  • flashrom is the only multi-platform open source solution for flash EEPROM reading/writing for lots of different devices: on-mainboard flash (for BIOS/EFI/coreboot), graphics/network card flash (for firmware), and dozens of specialized programmer devices. If you want to update your BIOS/EFI/coreboot or update some firmware from a running Linux/*BSD/... system, flashrom is the only choice you have.
  • flashrom does hardware access (like firmware/drivers), but completely in user space and without the hassles present in firmware or OS kernels. That way you can write complex hardware access with ease.
  • flashrom has a worldwide developer and user base. Big companies like Google and individual users both use it and contribute to it.
  • We are a very passionate team – so you will interact directly with the project initiators and project leaders.
  • We have a large, helpful and friendly community. flashrom has some extremely talented and helpful experts in all things flash active in the project, and many of our friends from the coreboot project participate in flashrom as well. They are ready to assist and mentor students participating in GSoC.

Why NOT work on flashrom for GSoC 2016?

  • If you want to create content for Adobe/Macromedia Flash, this is not the right project for you. We are working with flash chips based on EEPROM technology, something completely different from Adobe Flash. (You wouldn't believe how many questions we get about this although it is getting less just like the use of Flash luckily. ;)

GSoC Student requirements

TL;DR: Pretty much the same requirements as coreboot: GSoC is a full time job, send a small patch before student application deadline, interact with the community.

What will be required of you to be a flashrom GSoC student?

Google Summer of Code is a full (day)time job. This means we expect roughly 40 hours per week on your project, during the three months of coding. Obviously we have flexibility, but if your schedule (exams, courses) does not give you this amount of spare time, then maybe you should not apply.

  1. Prior to project acceptance, you have demonstrated that you can work with the flashrom codebase.
    • You need to be able to read and write C code and know what a pointer is.
    • You need to be able to work with our source code repository (check out the code, generate a diff/patch for your changes, apply a patch from someone else). We are currently migrating from subversion to git which should be finished before any GSoC 2016 coding starts. Don't worry, you can learn everything you need from scratch in less than 30 minutes and we'll help you.
    • By the time you have submitted your application, you should have downloaded and built flashrom as well als applied some patches. Run flashrom in QEMU, on real hardware or try at least the dummy programmer driver if you're afraid of hardware problems. Please email your flashrom output and test results to the flashrom mailing list.
    • Send a patch to the mailing list for review. Check Easy projects or ask for simple tasks on the mailing list or on IRC.
  2. To pass and to be paid by Google requires that you meet certain milestones.
    • First, you must be in good standing with the community before the official start of the program. We suggest you post some design emails to the mailing list, and get feedback on them, both before applying, and during the "community bonding period" between acceptance and official start.
    • You must have made progress and committed significant code before the mid-term point and by the final.
  3. We require that accepted students to maintain a blog on (our sister project managing GSoC for us), where you will write about your project weekly. This is a way to measure progress and for the community at large to be able to help you. GSoC is not a private contract between your mentor and you.
  4. Student must be active on IRC and the mailing list. Sending massive patches for midterm and final without any communication in between is not sufficient.

We don't expect our students to be experts in our problem domain, but we don't want you to fail because some basic misunderstanding was in your way of completing the task.

Project ideas

Most of the ideas below are fleshed out, some (laptop support) are not (due to being unrealistic for GSoC unless you have strong prior expertise in our problem domain, and in that case we'll gladly expand the description if you ask).

Some ideas have a strong focus on hardware "drivers", others are almost completely focused on overall code architecture. If you have questions, just ask.

Support more chips - Implement (obscure and) unsupported features - Try to make flashrom write EEPROMs

Most unsupported chips need some architectural work in flashrom's core because they behave substantially different to most other chips. The same applies to EEPROMs. Some yet unsupported features like OTP, locking or GPIO control may have been seen too obscure and not in the scope of flashrom. It might be fun to work on them and evaluate the resulting changes to flashrom's core. The main objective here is not to produce mergeable code for upstream, but to show what changes to the existing code would have to be done. If those are sustainable without breaking anything and do not bloat flashrom too much, integrating the code is of course a subgoal.

Helpful Knowledge/Skills

  • Reading datasheets
  • Depends heavily on exact goal

Main Mentor

libflashrom - Multiple UIs for flashrom

libflashrom is the name for the part of flashrom's code that forms its core and should eventually be independent from any user interface. This allows easy creation of user interfaces and integration to existing applications. There exists a patch set implementing this idea by Nico Huber already, as well as some patches from GSoC 2015 student Łukasz Dmitrowski. They would certainly be a good starting point for anyone looking into this project.

In general implementing this idea requires the following steps:

  • code cleanup (e.g. removal of stray exit() calls and returning proper error codes instead)
  • API design and implementation
    It is not enough to just separate the code from the existing user interface. There must also be added some glue code so that the separate parts can be developed independently. For example there has to be a generic way to query programmer modules for their available options so that UI code can present them to the user without knowing about that specific programmer before. You can find a few thoughts at libflashrom.

It is probably a good idea to work in parallel on a user interface so that you become aware of problems and missing API bits. Naturally the existing command line interface should continue to work (but be separated). This is also an easy way to evaluate your work. If we see that your UI code can work independent of the libflashrom code in the way it should while providing the interaction possibilities we deem(ed) useful, you have been definitely successful.

Some obvious UI ideas are:

  • flashrom TUI (text mode user interface) (for command line and flashrom-as-payload)
  • flashrom GUI (graphics mode user interface) (should be cross-platform, has been tried a few times and may be based on those attempts)

There have been a number of attempts to create a flashrom GUI, but Qflashrom is probably the only one of interest for you.

Helpful Knowledge/Skills

  • Abstraction/refactoring of existing code and library design
  • Knowing the flashrom code base
  • Cross-platform GUI toolkit

Main Mentor

Locking and unlocking of access protections of flash chips

Many chips support some kind of write protection. Currently flashrom just tries to disable it if needed to be able to write freely. Google's flashrom branch has some further support, which was not accepted upstream. Your task would be to design and implement acceptable data structures, APIs and user interfaces to make a generic approach to lock and unlock of flash regions possible.

Helpful Knowledge/Skills

  • Working with git
  • Reading datasheets

Main Mentor

Internal programmer improvements for complex systems

The notion of an "internal" programmer has historically implied a single physical device (i.e. mainboard "southbridge") which connects to an external flash chip. Recent systems have grown significantly more complex and often involve multiple separate microcontrollers which are accessed via the host chipset. Examples include management controllers which are integrated in the mainboard chipset but act independently and embedded controllers typically found in laptop devices.

The goal of this project is to re-factor flashrom's internal programmer:

  • Elegantly coordinate firmware update processes between components (i.e. setting devices in "update" mode, etc).
  • Enforce policies on a potentially platform-specific basis, such as non-fatal read/write failures caused by a management controller.
  • Better abstraction for host ↔ EC I/O resources.
  • Board-specific handling for non-standard ECs.

You can find a lot more detailed project description in our mailing list archive. While there exists some code and architectural ideas already, this project is rather hard and requires at least some familiarity with flashrom's code base.

Helpful Knowledge/Skills

  • Knowing the flashrom code base (esp. internal programmer flow) absolutely needed
  • Abstraction/refactoring of existing code and library design

Main Mentor

Generic flashrom infrastructure improvements

Below is a list of smaller projects to improve/refactor some core features of flashrom. A number of other things of various difficulty can be done too/instead. You should probably have some experience with the code base already to work on these effectively.

  • Automatic recovery in case something goes wrong
  • Partial reflashing
  • Bytewise flashing (similar to the point above)
  • Support for multiple read and write functions per chip
  • Sanitize (SPI) probing

Helpful Knowledge/Skills

  • Knowing the flashrom code base
  • Abstraction/refactoring of existing code and library design

Main Mentor

Laptop support - Support for ECs (Embedded Controllers)

This one is really HARD. If you're lucky and if you have datasheets, you can add support for a single laptop in maybe 1 month. If you're unlucky, it can take the whole GSoC or more. If there is interest, we'll try to find an embedded controller which won't cause you to give up in frustration. Still, it might be beneficial if you're willing to solder (to recover from a bricked board).

Helpful Knowledge/Skills

  • Previous reverse engineering experiences
  • External programmer
  • Stamina/patience

Main Mentor

FPGA-based flash chip emulator

We have a dummy programmer driver in flashrom that allows us to test the most generic parts of flashrom virtually but the majority of code that would exceptionally benefit from more testing are the programmer modules. Because they need to interface with real hardware the dummy programmer approach does not work here.

Your objective is to investigate and implement an emulator for SPI flash chips for FPGAs. The main problem for a fully functional emulator is the latency of RAM accesses, after all FPGAs do not have enough RAM blocks to mimic big flash chips with up to or even more than 16 MB. Therefore, the primary goal for the GSoC period is not a complete emulator but designing and implementing the general architecture. This includes a configuration interface that allows to inject/enable various simulated faults that allows to test the error handling of the programmer code in flashrom.

Helpful Knowledge/Skills

  • Experience with digital design and at least one HDL is required
  • An external programmer to test your design
  • A suitable FPGA platform (for the first proof-of-concept it does not need much on-board RAM)

Main Mentor

Recovery of dead boards and onboard flash updates

  • flashrom as payload
  • flashrom as UEFI application
  • flashrom remote flashing for coreboot panic room mode
  • flashrom remote flashing with modified SerialICE

This is heavily overlapping with the coreboot panic room idea. Please see there for further details.