Greetings
Following various recommendations on Lenovo G505s, I finally got myself a A10-5750M with dedicated GPU. At least I think it has dedicated graphics, due to the following output:
# inxi -G
Card-1: AMD Richland [Radeon HD 8650G] Card-2: AMD Sun Pro [Radeon HD 8570A/8570M]
While waiting for some AliExpress deliveries, I'd like to ask a few questions that worry me. I have never flashed anything, but I'm used to Linux, the command line and soldering.
A) According to http://dangerousprototypes.com/docs/Flashing_a_BIOS_chip_with_Bus_Pirate either a Bus Pirate or a CH341A programmer is needed for flashing CoreBoot. LibreBoot folks can just take a Raspberry Pi (or better a Beagle Bone Black) and a SOIC clip, while CoreBoot needs more equipment. Why is that? Somewhere it reads that the CH341A was faster than BusPirate. But is it faster than a Raspi or BeagleBone? Btw. Flashrom does in fact support RaspberryPi: https://www.flashrom.org/RaspberryPi
The reason for asking is because I really don't want to brick anything and/or destroy the G505s. And I don't know how to operate a CH341A and feel that I'm not really in control of this whole undertaking. Hence, I'm trying to keep things as clear and easy as possible.
B) The instructions on http://dangerousprototypes.com/docs/Flashing_a_BIOS_chip_with_Bus_Pirate#Fla... suggest the following order of operations: 1) receive a flashrom help 2) erase a flash chip 3) read from a flash chip 4) write to a flash chip 5) verify a flash chip against the file
But should't the original content of the flash chip first got read and saved before erasing it? Just in case anything goes wrong and the original BIOS would be needed for some reason? So, step 2 and 3 are to be swapped, right?
C) Which Coreboot version should I use? v4.6 or the newest v4.8.1 ? I remember @Taiidan mentioning that he used v4.6 and somewhere else it reads that there will be some major changes after v4.8. Should I avoid it?
D) About flashing KB9012: Is it advisable to flash it with Origami-EC ? Getting rid of serial numbers sounds nice. But is it save to do? Or is there a risk of bricking the KB9012? http://git.code.paulk.fr/gitweb/?p=origami-ec.git;a=summary http://dangerousprototypes.com/docs/Flashing_KB9012_with_Bus_Pirate
E) This machine is going to be a Qubes workstation. Are there any special Coreboot options for Qubes OS that one should be aware of?
Thank you! And thanks for all the work that the good folks from dangerousprototypes have done and shared!
Anac:
Greetings
Following various recommendations on Lenovo G505s, I finally got myself a A10-5750M with dedicated GPU. At least I think it has dedicated graphics, due to the following output:
# inxi -G
Card-1: AMD Richland [Radeon HD 8650G] Card-2: AMD Sun Pro [Radeon HD 8570A/8570M]
While waiting for some AliExpress deliveries, I'd like to ask a few questions that worry me. I have never flashed anything, but I'm used to Linux, the command line and soldering.
A) According to http://dangerousprototypes.com/docs/Flashing_a_BIOS_chip_with_Bus_Pirate either a Bus Pirate or a CH341A programmer is needed for flashing CoreBoot. LibreBoot folks can just take a Raspberry Pi (or better a Beagle Bone Black) and a SOIC clip, while CoreBoot needs more equipment. Why is that? Somewhere it reads that the CH341A was faster than BusPirate. But is it faster than a Raspi or BeagleBone? Btw. Flashrom does in fact support RaspberryPi: https://www.flashrom.org/RaspberryPi
The reason for asking is because I really don't want to brick anything and/or destroy the G505s. And I don't know how to operate a CH341A and feel that I'm not really in control of this whole undertaking. Hence, I'm trying to keep things as clear and easy as possible.
No special hardware requirements for Coreboot vs. Libreboot. As long as Flashrom supports it, the Raspi should work fine.
B) The instructions on http://dangerousprototypes.com/docs/Flashing_a_BIOS_chip_with_Bus_Pirate#Fla... suggest the following order of operations:
- receive a flashrom help
- erase a flash chip
- read from a flash chip
- write to a flash chip
- verify a flash chip against the file
But should't the original content of the flash chip first got read and saved before erasing it? Just in case anything goes wrong and the original BIOS would be needed for some reason? So, step 2 and 3 are to be swapped, right?
Not sure what step #2 is for there. I'd make a backup image of the existing flash, then write the new one.
C) Which Coreboot version should I use? v4.6 or the newest v4.8.1 ? I remember @Taiidan mentioning that he used v4.6 and somewhere else it reads that there will be some major changes after v4.8. Should I avoid it?
Try newest, go back to older if problems.
D) About flashing KB9012: Is it advisable to flash it with Origami-EC ? Getting rid of serial numbers sounds nice. But is it save to do? Or is there a risk of bricking the KB9012? http://git.code.paulk.fr/gitweb/?p=origami-ec.git;a=summary http://dangerousprototypes.com/docs/Flashing_KB9012_with_Bus_Pirate
Have not attempted. If you want to, recommend getting Coreboot working first, then work on it separately.
E) This machine is going to be a Qubes workstation. Are there any special Coreboot options for Qubes OS that one should be aware of?
See some further discussion here: http://dangerousprototypes.com/docs/Lenovo_G505S_hacking
Thank you! And thanks for all the work that the good folks from dangerousprototypes have done and shared!
Hi, I'm in basically the same situation, having just got a g505s. I'm looking at chronicling my experience on an ifixit article as I go, though I don't really have any time right now while in class. Right now the winter break looks most likely for some serious coreboot fun.
Sadly, the ebay seller sent me a G505s without discrete graphics chip when one with a chip was advertised. All things considered though, the machine is in really good condition and the discrete graphics chip afaik doesn't work in coreboot (yet) and has to be disabled to boot successfully (that and crossfire never caught on) so I'm not too broken up about it. Still if it ever is supported properly, it might make a nice machine learning accelerator even if crossfire graphics never gets good support. (and there are tempting replacement boards for 60 bucks available should I get adventurous.)
As for your questions: A) I would have thought pi would work, though I haven't looked at all into the flashing procedure yet B) I would back up the factory image SEVERAL times and compare them to make sure they're the same before doing anything C) See above answers. idk on this, haven't got there yet D) Flash with factory EC firmware. Origami is an *amazing* project, but it's still going to be a bit before even "just boots the board" is possible E) There was something a long time ago about using HVM (hardware virtualization) causing Qubes to freeze on the G505s under coreboot. I don't know if it was ever resolved or could even be reproduced. I think at the very least you want to have the most up-to-date microcode patch to fix a RANGE of issues (irq privilege escalation, IOMMU bugs, proper spectre V2 mitigation, ect.) with the stock microcode that's burned into the CPU.
Speaking of microcode, I've seen on other threads that the microcode has to be manually updated for some boards, and for the g505s this is especially complicate with many manual steps. Can anyone provide a more explicit series of steps than the below? Is this something being worked on?
Regarding a NOTE from your last message:
For microcode embedding in coreboot to work you must check both the "generate microcode update from tree" option and the "use non-free blob repo" option - doing the first but not the second will result in a silent fail.
It works for KGPE-D16 but doesn't work for G505S and maybe some other AMD boards. Currently the only working way for those "other boards" to get the latest microcodes is to " xxd -i -c 8 " a microcode binary and then put this array of hex values into their .c file containing a microcode ( path like [1] ) . Tired of doing this manually, yesterday I wrote these microcode updating scripts : https://review.coreboot.org/c/coreboot/+/28425 AMD microcodes: scripts for applying the unofficial (not-merged-yet) updates Put those 4 files to your freshly cloned coreboot directory, run ./get_ucode_patches.sh , ./check... and ./apply... , and your fresh coreboot now has the latest microcodes ;-) But thats only for those "other boards" like G505S. To get the latest microcode for your KGPE-D16, you may also need to patch its' microcode_amd_fam15h.bin with a new 2018 microcode which sadly is not merged yet neither to linux-firmware nor to coreboot [1] example of a path to .c file with microcode -
./coreboot/src/vendorcode/amd/agesa/f16kb/Proc/CPU/Family/0x16/KB/F16KbId7001MicrocodePatch.c
That's from this thread here: https://mail.coreboot.org/pipermail/coreboot/2018-August/087279.html There are also instructions in this thread, that I can't make sense of: https://mail.coreboot.org/pipermail/coreboot/2018-August/087150.html
Sincerely, -Matt
On Sun, Sep 23, 2018 at 10:09 AM awokd via coreboot coreboot@coreboot.org wrote:
Anac:
Greetings
Following various recommendations on Lenovo G505s, I finally got myself a A10-5750M with dedicated GPU. At least I think it has dedicated graphics, due to the following output:
# inxi -G
Card-1: AMD Richland [Radeon HD 8650G] Card-2: AMD Sun Pro [Radeon HD 8570A/8570M]
While waiting for some AliExpress deliveries, I'd like to ask a few questions that worry me. I have never flashed anything, but I'm used to Linux, the command line and soldering.
A) According to http://dangerousprototypes.com/docs/Flashing_a_BIOS_chip_with_Bus_Pirate either a Bus Pirate or a CH341A programmer is needed for flashing CoreBoot. LibreBoot folks can just take a Raspberry Pi (or better a Beagle Bone Black) and a SOIC clip, while CoreBoot needs more equipment. Why is that? Somewhere it reads that the CH341A was faster than BusPirate. But is it faster than a Raspi or BeagleBone? Btw. Flashrom does in fact support RaspberryPi: https://www.flashrom.org/RaspberryPi
The reason for asking is because I really don't want to brick anything and/or destroy the G505s. And I don't know how to operate a CH341A and feel that I'm not really in control of this whole undertaking. Hence, I'm trying to keep things as clear and easy as possible.
No special hardware requirements for Coreboot vs. Libreboot. As long as Flashrom supports it, the Raspi should work fine.
B) The instructions on
http://dangerousprototypes.com/docs/Flashing_a_BIOS_chip_with_Bus_Pirate#Fla...
suggest the following order of operations:
- receive a flashrom help
- erase a flash chip
- read from a flash chip
- write to a flash chip
- verify a flash chip against the file
But should't the original content of the flash chip first got read and saved before erasing it? Just in case anything goes wrong and the original BIOS would be needed for some reason? So, step 2 and 3 are to be swapped, right?
Not sure what step #2 is for there. I'd make a backup image of the existing flash, then write the new one.
C) Which Coreboot version should I use? v4.6 or the newest v4.8.1 ? I remember @Taiidan mentioning that he used v4.6 and somewhere else it reads that there will be some major changes after v4.8. Should I avoid
it?
Try newest, go back to older if problems.
D) About flashing KB9012: Is it advisable to flash it with Origami-EC ? Getting rid of serial numbers sounds nice. But is it save to do? Or is there a risk of bricking the KB9012? http://git.code.paulk.fr/gitweb/?p=origami-ec.git;a=summary http://dangerousprototypes.com/docs/Flashing_KB9012_with_Bus_Pirate
Have not attempted. If you want to, recommend getting Coreboot working first, then work on it separately.
E) This machine is going to be a Qubes workstation. Are there any special Coreboot options for Qubes OS that one should be aware of?
See some further discussion here: http://dangerousprototypes.com/docs/Lenovo_G505S_hacking
Thank you! And thanks for all the work that the good folks from dangerousprototypes have done and shared!
-- coreboot mailing list: coreboot@coreboot.org https://mail.coreboot.org/mailman/listinfo/coreboot
awokd, Thank you very much for being the fastest G505S helper ;-)
Not sure what step #2 is for there. I'd make a backup image of the existing flash, then write the new one.
That was just a list of things a person could do, not a sequence... Also, why that "backup image" would be ever needed in this case? It contains the personal identifying info (serial numbers). If you ever need to go to the proprietary BIOS (why?), its' much better to flash a "clean" ROM we got at https://github.com/g505s-opensource-researcher/g505s-proprietary , so that original dump is no longer needed - especially since all the G505S manufacturer's warranties have expired.
Try newest, go back to older if problems.
Good advice. Btw, dichotomy method could be used to quickly find a bad commit when it happens: if the range is 1024 commits which is 2^10, just 10 attempts are needed :) On Sun, Sep 23, 2018 at 5:09 PM awokd via coreboot coreboot@coreboot.org wrote:
Anac:
Greetings
Following various recommendations on Lenovo G505s, I finally got myself a A10-5750M with dedicated GPU. At least I think it has dedicated graphics, due to the following output:
# inxi -G
Card-1: AMD Richland [Radeon HD 8650G] Card-2: AMD Sun Pro [Radeon HD 8570A/8570M]
While waiting for some AliExpress deliveries, I'd like to ask a few questions that worry me. I have never flashed anything, but I'm used to Linux, the command line and soldering.
A) According to http://dangerousprototypes.com/docs/Flashing_a_BIOS_chip_with_Bus_Pirate either a Bus Pirate or a CH341A programmer is needed for flashing CoreBoot. LibreBoot folks can just take a Raspberry Pi (or better a Beagle Bone Black) and a SOIC clip, while CoreBoot needs more equipment. Why is that? Somewhere it reads that the CH341A was faster than BusPirate. But is it faster than a Raspi or BeagleBone? Btw. Flashrom does in fact support RaspberryPi: https://www.flashrom.org/RaspberryPi
The reason for asking is because I really don't want to brick anything and/or destroy the G505s. And I don't know how to operate a CH341A and feel that I'm not really in control of this whole undertaking. Hence, I'm trying to keep things as clear and easy as possible.
No special hardware requirements for Coreboot vs. Libreboot. As long as Flashrom supports it, the Raspi should work fine.
B) The instructions on http://dangerousprototypes.com/docs/Flashing_a_BIOS_chip_with_Bus_Pirate#Fla... suggest the following order of operations:
- receive a flashrom help
- erase a flash chip
- read from a flash chip
- write to a flash chip
- verify a flash chip against the file
But should't the original content of the flash chip first got read and saved before erasing it? Just in case anything goes wrong and the original BIOS would be needed for some reason? So, step 2 and 3 are to be swapped, right?
Not sure what step #2 is for there. I'd make a backup image of the existing flash, then write the new one.
C) Which Coreboot version should I use? v4.6 or the newest v4.8.1 ? I remember @Taiidan mentioning that he used v4.6 and somewhere else it reads that there will be some major changes after v4.8. Should I avoid it?
Try newest, go back to older if problems.
D) About flashing KB9012: Is it advisable to flash it with Origami-EC ? Getting rid of serial numbers sounds nice. But is it save to do? Or is there a risk of bricking the KB9012? http://git.code.paulk.fr/gitweb/?p=origami-ec.git;a=summary http://dangerousprototypes.com/docs/Flashing_KB9012_with_Bus_Pirate
Have not attempted. If you want to, recommend getting Coreboot working first, then work on it separately.
E) This machine is going to be a Qubes workstation. Are there any special Coreboot options for Qubes OS that one should be aware of?
See some further discussion here: http://dangerousprototypes.com/docs/Lenovo_G505S_hacking
Thank you! And thanks for all the work that the good folks from dangerousprototypes have done and shared!
-- coreboot mailing list: coreboot@coreboot.org https://mail.coreboot.org/mailman/listinfo/coreboot
Hello Anac! I am "mikeb" , wrote these BIOS / KB9012 flashing articles at DP wiki ;-)
I finally got myself a A10-5750M with dedicated GPU
Indeed your G505S has two GPUs: 1) integrated HD 8650G 2) discrete HD 8570M . Hope you understand that the main benefit of "discrete GPU" G505S version is that it has two heatpipes instead of one, so when you aren't using a discrete GPU your CPU should be running cooler. The performance of integrated and discrete GPUs is the same at this laptop - they are meant to be running together at Crossfire but Crossfire doesn't work at Linux... Also, sadly that discrete GPU doesn't work with coreboot installed (we are trying to fix it at the moment, and already have some ideas of how it could be fixed)
A) According to DP / Flashing_a_BIOS_chip_with_Bus_Pirate either a Bus Pirate or a CH341A programmer is needed for flashing CoreBoot. LibreBoot folks can just take a Raspberry Pi (or better a Beagle Bone Black) and a SOIC clip, while CoreBoot needs more equipment. Why is that?
libreboot is a version of coreboot for some computers which could run without any blobs (for G505S a few blobs are still needed). And its possible to use RPi for coreboot flashing, like any other flashrom-supported programmer. But there are three main reasons why you should prefer CH341A flashing over RPi : 1) CH341A is much cheaper than RPi: just $2-$3 with free shipping instead of RPi $40 price. SOIC8 test clip is about $4-$7 (depending on a type), together with CH341A it all costs less than $10. That is the minimal set of hardware required for flashing, and as you see it is super cheap, although for KB9012 flashing you also need a flex cable and solder some wires to it - so the soldering equipment is required (btw its' convenient to have at least two CH341A if you're flashing both BIOS and KB9012, to avoid reconnecting the wires with a chance of mistake) 2) Being a dedicated tool, CH341A is more reliable: I've seen many people having troubles with their RPi, some of which are caused by RPi software ; while CH341A always "just works". Bus Pirate is reliable too, although only after you'd upgrade its' firmware to the latest version. 3) Like the rest of single board computers (except EOMA68 but it hasn't been released yet), RPi uses some non-free blobs which theoretically could contain the backdoors. If everyone is using RPi to flash their BIOSes, would it make sense for ***someone*** to try to implement the backdoors there? Meanwhile, CH341A doesn't have any firmware at all, just a few config registers. And for Bus Pirate, both bootloader and firmware are 100% open source and you could rebuild them by yourself and flash to your Bus Pirate.
Somewhere it reads that the CH341A was faster than BusPirate. But is it faster than a Raspi or BeagleBone?
While I've been comparing them earlier, CH341A was indeed significantly faster. But after that there have been some BusPirate-related fixes committed to flashrom, and now if there's still any speed difference it's probably small enough. And speed doesn't matter much, any chip flashing usually takes just a couple of minutes - unless we're talking about KB9012 flashing which is slow with any programmer (15 - 45 minutes if I remember correctly), but you don't need to do it often.
CH341A could be faster than RPi / BeagleBone just because you need to spend some time setting up their OS / software and also have to copy your coreboot.rom from your build PC/server to that programmer, while it should be much faster to just plug in CH341A / Bus Pirate into your build PC USB and flash without any transmission of the files.
The reason for asking is because I really don't want to brick anything and/or destroy the G505s. And I don't know how to operate a CH341A
Operating CH341A is very easy: I wrote the instructions for Bus Pirate because of its' confusing pinout, and thought CH341A pretty is obvious. But, seeing there are requests like yours from time to time, finally I've expanded that flashing article with two extra photos, they should explain everything - http://dangerousprototypes.com/docs/Flashing_a_BIOS_chip_with_Bus_Pirate#CH3... You just need to make sure that the pins of your programmer and chip are matching each other, e.g. CS - chip select. Also, remember to disconnect all the power sources from your laptop (both battery and power adapter) and before plugging the programmer into USB you need to connect its' SOIC8 clip, and after the flashing you disconnect USB first and SOIC8 clip second.
B) The instructions on http://dangerousprototypes.com/docs/Flashing_a_BIOS_chip_with_Bus_Pirate#Fla... suggest the following order of operations:
Sorry but that's not the order of operations, just a list of things you can do; quoting: " After that, you could do any operation listed below and some others: 1) ... 2) ... 3) ... 4) ... 5) ... "
But should't the original content of the flash chip first got read and saved before erasing it? Just in case anything goes wrong and the original BIOS would be needed for some reason? So, step 2 and 3 are to be swapped, right?
Don't worry, if you ever need the proprietary crappy UEFI/BIOS we got its' ROM ( 83CN53WW_v3.00_clean_BIOS.bin ) at this repository https://github.com/g505s-opensource-researcher/g505s-proprietary Actually this ROM is much better than what you could dump, because your dump would contain the personally identifying info such as serial numbers, while that "clean" ROM doesn't have any.
C) Which Coreboot version should I use? v4.6 or the newest v4.8.1 ? I remember @Taiidan mentioning that he used v4.6 and somewhere else it reads that there will be some major changes after v4.8. Should I avoid it?
Always try using the latest master revision ( git clone https://review.coreboot.org/coreboot ), so that when G505S coreboot support breaks down because of some bad commit we will notice it quickly. And, despite these major changes, the latest coreboot G505S version is quite stable. Also its' a good idea to choose the latest SeaBIOS version (master) at coreboot's menuconfig
D) About flashing KB9012: Is it advisable to flash it with Origami-EC ?
As far as I know Origami-EC still can't " launch " this laptop, last time I tried it - it could only blink some LEDs (please fix me if I'm wrong here)
Getting rid of serial numbers sounds nice.
That is achieved by flashing the "clean" version of proprietary KB9012 firmware, we got this ROM also.
But is it save to do? Or is there a risk of bricking the KB9012?
What kind of bricking? You can't software brick it because you could always recover it with flashrom. And its hard to hardware brick unless you'd do something really stupid: like connecting 3.3V to its' ground (always recheck all the wires before connecting), or short circuiting it with the bottom of programmer (put some insulation tape at the bottom of programmer)
http://git.code.paulk.fr/gitweb/?p=origami-ec.git;a=summary http://dangerousprototypes.com/docs/Flashing_KB9012_with_Bus_Pirate
E) This machine is going to be a Qubes workstation. Are there any special Coreboot options for Qubes OS that one should be aware of?
Before building your freshly cloned coreboot you need to upgrade the AMD microcode to its' latest version (this update couldn't be merged to coreboot until the AMD releases it "officially") to avoid the freezing problems with low level hardware virtualization that Qubes is using. Luckily now the microcode upgrades could be quickly done in a semi-automatic mode, please look at this article - http://dangerousprototypes.com/docs/Lenovo_G505S_hacking
Best regards, Mike Banon
On Sun, Sep 23, 2018 at 8:32 AM Anac anac@rbox.co wrote:
Greetings
Following various recommendations on Lenovo G505s, I finally got myself a A10-5750M with dedicated GPU. At least I think it has dedicated graphics, due to the following output:
# inxi -G
Card-1: AMD Richland [Radeon HD 8650G] Card-2: AMD Sun Pro [Radeon HD 8570A/8570M]
While waiting for some AliExpress deliveries, I'd like to ask a few questions that worry me. I have never flashed anything, but I'm used to Linux, the command line and soldering.
A) According to http://dangerousprototypes.com/docs/Flashing_a_BIOS_chip_with_Bus_Pirate either a Bus Pirate or a CH341A programmer is needed for flashing CoreBoot. LibreBoot folks can just take a Raspberry Pi (or better a Beagle Bone Black) and a SOIC clip, while CoreBoot needs more equipment. Why is that? Somewhere it reads that the CH341A was faster than BusPirate. But is it faster than a Raspi or BeagleBone? Btw. Flashrom does in fact support RaspberryPi: https://www.flashrom.org/RaspberryPi
The reason for asking is because I really don't want to brick anything and/or destroy the G505s. And I don't know how to operate a CH341A and feel that I'm not really in control of this whole undertaking. Hence, I'm trying to keep things as clear and easy as possible.
B) The instructions on http://dangerousprototypes.com/docs/Flashing_a_BIOS_chip_with_Bus_Pirate#Fla... suggest the following order of operations:
- receive a flashrom help
- erase a flash chip
- read from a flash chip
- write to a flash chip
- verify a flash chip against the file
But should't the original content of the flash chip first got read and saved before erasing it? Just in case anything goes wrong and the original BIOS would be needed for some reason? So, step 2 and 3 are to be swapped, right?
C) Which Coreboot version should I use? v4.6 or the newest v4.8.1 ? I remember @Taiidan mentioning that he used v4.6 and somewhere else it reads that there will be some major changes after v4.8. Should I avoid it?
D) About flashing KB9012: Is it advisable to flash it with Origami-EC ? Getting rid of serial numbers sounds nice. But is it save to do? Or is there a risk of bricking the KB9012? http://git.code.paulk.fr/gitweb/?p=origami-ec.git;a=summary http://dangerousprototypes.com/docs/Flashing_KB9012_with_Bus_Pirate
E) This machine is going to be a Qubes workstation. Are there any special Coreboot options for Qubes OS that one should be aware of?
Thank you! And thanks for all the work that the good folks from dangerousprototypes have done and shared!
-- coreboot mailing list: coreboot@coreboot.org https://mail.coreboot.org/mailman/listinfo/coreboot
-
Anac -
awokd -
Matt B -
Mike Banon