-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 03/01/2018 01:36 PM, Daniel Kulesz via coreboot wrote:
Hi,
after plugging a rather newish 2,5 SATA SSD to my KGPE-D16, I realized that the regular SATA ports connected to the SP5100 on this board can only handle SATA2, limiting transfer speeds to max. 300 MB/s. I thought about various options what I could do now:
(1) try to get the PIKE 9230 card => but does come with a co-processor and non-free firmware like the SAS Pike cards? Seems almost impossible to get one though
Non free firmware is basically standard on SAS. I am not aware of any SAS controller that can work without firmware; the SAS protocol is complex and there has been no effort toward writing replacement firmware within the open source community.
A typical SAS controller provides an entire operating system on the card itself, with LSI devices using an ARM processor as the host and Microsemi devices apparently using a MIPS processor. You can even find the UART out pins on some cards if curious; I haven't actually hooked anything up to see what is running on the card.
(2) get the PIKE 2008 card => will SATA3 work without non-free firmware?
No.
(3) put in some PCIe SATA3 card => any recommended chips that respect freedom?
There are very few. You can try some of the Marvell devices but you will still be limited by the host side bus as these old Opterons only support PCIe v2.
(4) get a m.2 SSD instead together with some PCIe adapter => the cards don't have a co-processor, right?
Yes, they do. NVMe devices have an integrated proprietary controller to manage data storage / wear levelling.
(5) stay with SATA2 and live with the limited speed
Any recommendations for a freedom-respecting choice?
To be blunt, even your hard disks have an integrated (and hackable!) proprietary controller. I'd suggest going with m.2 and:
1.) Making sure your IOMMU is running 2.) Using full disk encryption 3.) Run a checksumming filesystem on top of the encryption, such as BTRFS
If all of those criteria are met, it's going to be next to impossible for malicious controller firmware to do any silent damage to the system; about the worst a malicious controller blob could do is corrupt data in a way that would show up on the next scrub (DoS attack).
Also, mandatory plug for Talos II here: these bottlenecks disappear on newer hardware and you don't have to accept the ME/PSP to get access to modern speeds. The KGPE-D16 is the last and most powerful owner-controllable x86 machine, but it is definitely showing its age in some areas.
Cheers, Daniel
- -- Timothy Pearson Raptor Engineering +1 (415) 727-8645 (direct line) +1 (512) 690-0200 (switchboard) https://www.raptorengineering.com