The Replicant project has been looking forward to support devices with free software bootloaders. While Replicant is a fully free software Android distribution, many freedom, privacy and security issues are orthogonal to the operating system. The hardware design of each computer (smartphone, tablet, laptop, etc.) people use, and the architecture of the cellular network also have their set of issues. For more information on these issues, the Replicant project has some documentation on the topic.
So far all the devices that are (or have been) supported by Replicant use a nonfree boot software (the bootloader). These devices also use hardware restrictions to deny users the freedom to replace them completely with free software, effectively forcing them to run nonfree software. This is a very serious freedom issue that prevents users from being in control of their devices.
There were several attempts to add support for devices with free software bootloaders in Replicant:
- The LG Optimus black: this smartphone doesn’t prevent users from replacing the bootloader. Paul Kocialkowsky did a lot of work to add support for this device in upstream u-boot (a free software bootloader) and added minimal support for it in the upstream Linux kernel. However support for some of its most important hardware components like the display are still missing in the Linux kernel. This device can probably still be found second hand
- The GTA04 smartphone from Golden Delicious: this smartphone has a free software bootloader which is based on u-boot. The smartphone was designed to run GNU/Linux and has almost complete support in upstream Linux. There were attempts to add support for it in Replicant 6.0, however a lot of time was spent to try to make suspend to RAM work with Android. However older Replicant 4.2 images are available. Several hardware revisions of the GTA04 have been made and shipped to customers and developers over the years. However this has stopped due to manufacturing issues. Another issue is that the revisions before A5 only have 512M of RAM and a high DPI display: This combination makes running Android 9 potentially challenging. Fortunately the A5 revision has 1G of RAM, but not a lot of working units were produced.
There is also some ongoing work to specifically add support for smartphones that are currently supported by Replicant like the Galaxy SIII (i9300), the Galaxy Note 2 (n7100) and their 4G versions (i9305 and n7105). The 4G versions could also be supported by Replicant if the work to support their modem (through QMI-RIL) is resumed.
The Replicant project will receive a mobile device, the NC_1 (formerly called Necuno Mobile) from its manufacturer (Necuno Solutions), which will have a free software bootloader
This device has the size of a smartphone, but doesn’t have a broadband modem: while users will not be able to use a built-in modem for phone calls, SMS or to access the Internet, it is still the best way to be completely sure of avoiding any freedom privacy and security issues related to broadband modems and the cellular network. It will also require less work to add support for this device in Replicant.
Even if it’s possible to disable the modem on some of the mobile devices currently supported by Replicant by not loading the modem’s code, some nonfree software still run on these mobile devices. This includes the bootloader and potentially any other nonfree software that it may load. Because of that we cannot be 100% sure that the modem is completely disabled.
The Necuno Mobile will use an I.MX6 Quad system on a chip (which is a chip that contains the main CPU, the microSD card controller, the GPU, etc.). Its free software support is better than for many other system on a chip: the only functionality of the I.MX6 Quad that requires nonfree software is the video decoding acceleration. The article on single board computers has more details on freedom issues affecting various system on a chip and by extension the single board computers that use such components.
A Replicant developer (Joonas Kylmälä) will receive a Necuno Mobile to work on it.
The Necuno Mobile should have a Linux kernel that is very close to upstream: this is a good opportunity for a new attempt to enable Replicant to use upstream kernels. This has many advantages. One of them is that in the long run, it should decrease the amount of work required to maintain the devices and potentially increase their lifetime.
This should also enable the Replicant project to more easily add support for other devices that can use an upstream kernel, like the GTA04, or devices like the Galaxy SIII (i9300) and the Galaxy Note 2 (n7100) that are starting to have good support in upstream Linux.
It is also very interesting in the long run as we could share some of the work with other smartphones projects like postmarketOS who are also trying to support mobile devices with upstream kernels. It could also enable the Replicant project to more easily support future mobile devices that will have free software bootloaders, as some of them will also use kernels that are meant to run GNU/Linux.
I got a Samsung A20e, model code: SM-A202F/DS
I would like to know if on this mobile phone is possible to install Replicant.
Awaiting your reply, as soon as possible,
Best Regards,
Paolo Del Bene
I agree with dllud. Only a fiew people in the word could pay that amount of money with such expensive device and you should leave all this porting work for Necuno Solutions themselves to do.
Beside what was said in the post, the idea was also to get at least a working device that is complete enough to be supported by Replicant, and to reuse/share most of the work for other devices as well. Most of the other devices will then need a bit more work: assuming that the GTA04 display and RAM are not an issue, it also has a modem and a GPS to support as well.
After thinking about it, the title post is misleading. It should have been something like: “The Replicant project will try again to support devices with upstream kernels”. But I’m not sure that it’s a good idea to change the title at this point.
Pingback: The Replicant project will receive a mobile device from Necuno Solutions – Yaroslav Pronin's Personal Site
In my understanding, installing u-boot replaces BL2 and disable TrustZone. At this point, boot rom and BL1 cannot be replaced because boot rom is hardware dependent and it checks BL1’s signature. But I personally don’t find boot rom or BL1 very malicious (they don’t seem to access any files I think), so I think replacing BL2 is still good enough.
Well done Necuno, a good concrete way to contribute to free software and GNU!
Yes, did you see this post:
https://blog.forkwhiletrue.me/posts/an-almost-fully-libre-galaxy-s3/ ?
(sorry if repost, I didn’t see my previous answer)
Porting Replicant to the NC_1 seems a waste of your precious time.
Necuno Solutions is taking a step in the right direction by decoupling hardware from software/firmware. And sure we are all wishing for a device with a free bootloader. But looking at it now I wonder if anybody in this community will ever buy a NC_1. The thing is neither a phone (no telephony), nor a tablet (small screen), nor a smart-thing (no accelerometer/gyroscope/magnetometer/satnav) and it has a huge price tag (1200€).
It would be interesting to know how many people here are willing to spend such an amount on this device, taken that it will have only a few use cases besides research and development.
You should leave all this porting work for Necuno Solutions themselves to do.
U-boot for the Galaxy S III (i9300), and Galaxy Note 2 could be used but as I understand the bootrom still checks for signature, so you still need some nonfree software that is signed by Samsung and that doesn’t check for signatures afterward. As I understand that software came from devboards. So using u-boot on such smartphones would still be an improvement, especially if the TrustZone OS are not loaded, however it won’t completely fix the issue. There is also the issue of redistributing the devboards first stage bootloader: The license might not allow that, and the Replicant project doesn’t want to redistribute nonfree software. A better solution would be to find a flaw in the bootrom to bypass code signature, and have a fully free software u-boot.
However I didn’t check if what I just described Is still up to date. Is there any improvement on it since the last time I looked at it?
What about using U-boot with note 2 and galaxy S3? Many projects succed with those phones.
It looks like replicant have to be recompile without arm trusted zone flag