Hello folks
i sadly had to replace KGPE-d16 board for my fileserver to a Supermicro A1SRi-C2558 because of electric pill ....
investigating a bit with intelmetool and mecleaner non of them could found any sign for an ME-region in this board.. so i asking myself if there is no ME/SPS on the intel C2000 socs, what would make them a DAMN SEXY platform to port coreboot too.
Here my investigations:
root@lain:~# /speedy/foo/Downloads/coreboot/util/intelmetool/intelmetool -m -d ME PCI device is hidden RCBA addr: 0xfed1c000 MEI was hidden on PCI, now unlocked Re-hiding MEI device...done Can't find ME PCI device
./me_cleaner/me_cleaner.py -c Supermicro_Firmware/A1SAi18_118/A1SAi18.118 Full image detected The ME region in this image has already been disabled The HAP bit is NOT SET Checking the FTPR RSA signature... Traceback (most recent call last): File "./me_cleaner/me_cleaner.py", line 955, in <module> print_check_partition_signature(mef, ftpr_offset + ftpr_mn2_offset) NameError: name 'mef' is not defined
binwalk Supermicro_Firmware/A1SAi18_118/A1SAi18.118
DECIMAL HEXADECIMAL DESCRIPTION -------------------------------------------------------------------------------- 2097152 0x200000 UEFI PI Firmware Volume, volume size: 131072, header size: 0, revision: 0, EFI Firmware File System v2, GUID: 8C8CE578-8A3D-4F1C-3599-896185C32DD3 2555904 0x270000 UEFI PI Firmware Volume, volume size: 3932160, header size: 96, revision: 0, EFI Firmware File System v2, GUID: 8C8CE578-8A3D-4F1C-3599-896185C32DD3 2629664 0x282020 Microsoft executable, portable (PE) 4325602 0x4200E2 Copyright string: "Copyright (C) %04x American Megatrends, Inc. " 6488064 0x630000 UEFI PI Firmware Volume, volume size: 262144, header size: 0, revision: 0, EFI Firmware File System v2, GUID: 8C8CE578-8A3D-4F1C-3599-896185C32DD3 6946816 0x6A0000 UEFI PI Firmware Volume, volume size: 1441792, header size: 96, revision: 0, EFI Firmware File System v2, GUID: 8C8CE578-8A3D-4F1C-3599-896185C32DD3 6947360 0x6A0220 Microsoft executable, portable (PE) 6971232 0x6A5F60 Microsoft executable, portable (PE) 6981408 0x6A8720 Microsoft executable, portable (PE) 6983616 0x6A8FC0 Microsoft executable, portable (PE) 6985504 0x6A9720 Microsoft executable, portable (PE) 6986144 0x6A99A0 Microsoft executable, portable (PE) 6988896 0x6AA460 Microsoft executable, portable (PE) 6991360 0x6AAE00 Microsoft executable, portable (PE) 6995264 0x6ABD40 Microsoft executable, portable (PE) 6997056 0x6AC440 Microsoft executable, portable (PE) 6998816 0x6ACB20 Microsoft executable, portable (PE) 7000553 0x6AD1E9 gzip compressed data, ASCII, has header CRC, has original file name: "", last modified: 2104-12-22 18:41:23 (bogus date) 7001792 0x6AD6C0 Microsoft executable, portable (PE) 7004576 0x6AE1A0 Microsoft executable, portable (PE) 7152192 0x6D2240 Microsoft executable, portable (PE) 7156928 0x6D34C0 Microsoft executable, portable (PE) 7164096 0x6D50C0 Microsoft executable, portable (PE) 7171040 0x6D6BE0 Microsoft executable, portable (PE) 7175872 0x6D7EC0 Microsoft executable, portable (PE) 7177536 0x6D8540 Microsoft executable, portable (PE) 7178688 0x6D89C0 Microsoft executable, portable (PE) 7182144 0x6D9740 Microsoft executable, portable (PE) 7188576 0x6DB060 Microsoft executable, portable (PE) 7203776 0x6DEBC0 Microsoft executable, portable (PE) 7253696 0x6EAEC0 Microsoft executable, portable (PE) 7263136 0x6ED3A0 Microsoft executable, portable (PE) 7263871 0x6ED67F mcrypt 2.2 encrypted data, algorithm: blowfish-448, mode: CBC, keymode: 8bit 7270688 0x6EF120 Microsoft executable, portable (PE) 7272480 0x6EF820 Microsoft executable, portable (PE) 7279008 0x6F11A0 Microsoft executable, portable (PE) 7304768 0x6F7640 Microsoft executable, portable (PE) 7307968 0x6F82C0 Microsoft executable, portable (PE) 7313952 0x6F9A20 Microsoft executable, portable (PE) 7317152 0x6FA6A0 Microsoft executable, portable (PE) 7318048 0x6FAA20 Microsoft executable, portable (PE) 7322016 0x6FB9A0 Microsoft executable, portable (PE) 8384152 0x7FEE98 Microsoft executable, portable (PE)
investigating a bit with intelmetool and mecleaner non of them could found any sign for an ME-region in this board.. so i asking myself if there is no ME/SPS on the intel C2000 socs, what would make them a DAMN SEXY platform to port coreboot too.
I believe that the Intel FSP (firmware support package) has Coreboot support for c2000 for many years, though it has never been upstreamed.
Hi Kinky,
i sadly had to replace KGPE-d16 board for my fileserver to a Supermicro A1SRi-C2558 because of electric pill ....
investigating a bit with intelmetool and mecleaner non of them could found any sign for an ME-region in this board.. so i asking myself if there is no ME/SPS on the intel C2000 socs, what would make them a DAMN SEXY platform to port coreboot too.
to answer your other question: yes the Intel Rangeley (C2000) is the last/newest SoC what does not include a ME(like) subsystem.
Unfortunately the SoC has a fatal hardware bug: https://www.extremetech.com/computing/244074-intel-atom-c2000-bug-killing-pr...
But this hardware bug has resurfaced on some of the later ATOMs aswell.
There is a Golden Master Image for coreboot from intel, but it's probably not publicaly available, OTOH if you want to work on Rangely, there should be someone on this list, that can arange for you to get this "drop".
Another pointer: https://mail.coreboot.org/pipermail/coreboot/2017-March/083712.html
Cu, Goetz.
Hallo Goetz,
thanks for that information.
I am aware of this bug, but i read that Intel released an PCB level workaround what hopefully supermicro has applied on my new bought board.
As i have only one board atm what is now in a "Production System" i am not able to activly test it but for interesst i would like to take a look on this image..
But that pure fact that eart of my storage server has still no ME inside makes me happy already.
Am 03.12.19 um 13:25 schrieb Goetz Salzmann:
Hi Kinky,
i sadly had to replace KGPE-d16 board for my fileserver to a Supermicro A1SRi-C2558 because of electric pill ....
investigating a bit with intelmetool and mecleaner non of them could found any sign for an ME-region in this board.. so i asking myself if there is no ME/SPS on the intel C2000 socs, what would make them a DAMN SEXY platform to port coreboot too.
to answer your other question: yes the Intel Rangeley (C2000) is the last/newest SoC what does not include a ME(like) subsystem.
Unfortunately the SoC has a fatal hardware bug: https://www.extremetech.com/computing/244074-intel-atom-c2000-bug-killing-pr...
But this hardware bug has resurfaced on some of the later ATOMs aswell.
There is a Golden Master Image for coreboot from intel, but it's probably not publicaly available, OTOH if you want to work on Rangely, there should be someone on this list, that can arange for you to get this "drop".
Another pointer: https://mail.coreboot.org/pipermail/coreboot/2017-March/083712.html
Cu, Goetz.
coreboot mailing list -- coreboot@coreboot.org To unsubscribe send an email to coreboot-leave@coreboot.org
Hi,
I have heard an unverified rumour that Atom substitutes the ME for an ARM microcontroller running Trustzone. If this is the case however, it's possible it's only for bringup, in which case it's not too much different from the inaccessible micrcontrollers already present in most x86 silicon. (eg superio chips with their own baked-in firmware)
It's something worth looking into, but probably not even on the same scale as the ME.
At the same time, a micro-itx board like this one would be FANTASTIC for a NAS device, as many NAS-oriented cases with built-in bays are micro-itx-only. If such a board existed in coreboot with ECC support (not available in my AM1I-A) a year ago, my own NAS build would have been quite a bit different.
Sincerely, -Matt
On Tue, Dec 3, 2019 at 10:32 AM Kinky Nekoboi kinky_nekoboi@nekoboi.moe wrote:
Hallo Goetz,
thanks for that information.
I am aware of this bug, but i read that Intel released an PCB level workaround what hopefully supermicro has applied on my new bought board.
As i have only one board atm what is now in a "Production System" i am not able to activly test it but for interesst i would like to take a look on this image..
But that pure fact that eart of my storage server has still no ME inside makes me happy already.
Am 03.12.19 um 13:25 schrieb Goetz Salzmann:
Hi Kinky,
i sadly had to replace KGPE-d16 board for my fileserver to a Supermicro A1SRi-C2558 because of electric pill ....
investigating a bit with intelmetool and mecleaner non of them could found any sign for an ME-region in this board.. so i asking myself if there is no ME/SPS on the intel C2000 socs, what would make them a DAMN SEXY platform to port coreboot too.
to answer your other question: yes the Intel Rangeley (C2000) is the last/newest SoC what does not include a ME(like) subsystem.
Unfortunately the SoC has a fatal hardware bug:
https://www.extremetech.com/computing/244074-intel-atom-c2000-bug-killing-pr...
But this hardware bug has resurfaced on some of the later ATOMs aswell.
There is a Golden Master Image for coreboot from intel, but it's probably not publicaly available, OTOH if you want to work on Rangely, there should be someone on this list, that can arange for you to get this "drop".
Another pointer: https://mail.coreboot.org/pipermail/coreboot/2017-March/083712.html
Cu, Goetz.
coreboot mailing list -- coreboot@coreboot.org To unsubscribe send an email to coreboot-leave@coreboot.org
coreboot mailing list -- coreboot@coreboot.org To unsubscribe send an email to coreboot-leave@coreboot.org
-
Andrey Korolyov -
Goetz Salzmann -
Kinky Nekoboi -
Matt B