[coreboot] [flashrom] flashrom problem: will not flash on compaq/deskpro Deskpro EN SFF P600. "E

a a todthgie at hotmail.com
Mon Jun 2 14:31:18 CEST 2008

Ludwig Jaffe wrote:
> a a schrieb:
>> ps.
>> also note that the board will not take> 256KByte chips because pin 1
>> (#reset on the 29F002BT A18 for>256KByte parts) of the plcc it wired
>> to P34 (other end of P34 is wired to 12V) and it might even destroy
>> other chips if P34 is placed !!
> Uh! Thats evil.
>> hotflashing on this board is very hard because the powersupply is over
>> the rom socket i made myself a extension cable from some compatible
>> 14Pin molex minifit-jr connectors to allow access to the chip while the
>> powersupply is nect to the box
> where do I get the connectors? Do you have a Digi-key / other distri 
> order#?

housing for male pins 14 way (to put on the psu):
molex 0039012141 (or harder to find 0039012146)
male pin to insert into this housing:
molex 5558 (or high current 44478) (there are many variations in plating 
and packaging)

housing for female pins 14 way (to put on the mobo):
molex 0039012140  or harder to find 0039012145)
female pin to insert into this housing:
molex 5556 (or high current 44476) (there are many variations in plating 
and packaging)

maybe you can order some samples from molex ?

where are you from btw? (im from the Netherlands)

>> i think we should give flashrom a couple of special commands ..
>> LOCK and UNLOCK (i used some letters but forgot them)
>> to unlock this kind of chip locks
> flashrom:
> Yes, It would be nice to rewrite flashrom accordingly because others 
> (openbios.org) also
> like to use it. Lets make it a pretty cool tool also for upgrading 
> normal pc-bios from remote with linux.
> I like the function-pointer arcutecture very much. So we could enhance 
> it by adding a function-pointer
> for unprotect(*bios) and protect(*bios).
> Then an *universal* algorithm will call according to the commandline-params
> read(*bios) for backup, unprotect(), is_unprotected(), erase(), 
> is_empty() [if not, try to write backup. verify()], write(), verify().
> The function-pointers for write() read() and the like point to the 
> implementation dependend on the detected flash.
> Also function calls within the write or erase have to use the 
> function-fointers, so that by servicing the function-pointer table and the
> specialized routines, fine granular support for any flash can be writen.
> So the ST-Way of unprotecting can be used for all st devices of the 
> family. So we save code and become very flexible.
> The Problem with the actual code is that some routines simply write some 
> data out to issue jedec-erase instaed of calling the erase-method pointed
> to by the function-pointer erase().
> So flashrom has to be rewritten accordingly (not so much effort) and 
> tested by people having the flash-roms in their machines.
>> the original bios has a recovery option btw ... keek esc pressed
>> powering up it will 'talk' to you over the keyboard leds / pc speaker
>> ahd should be able to restore the bios from a diskette iirc
> Thanks for the tip.
> Have you ever thought of reverse-engineering the bios-flaser of compaq 
> using a debugger (does the effort make sense?)

i did just that but it seams the switch will overrule software/ASIC.
iirc the password is stored (encripted?) in cmos.
im dont remember if the asic remembers it on its own or that the bios 
loads it at boot ...
but i dont have the details in my head atm and no time to look it up

> Do you have a service-manual? there are some more not assembled 
> connectors. E.G.  P115 between Super-IO and ATI-Graphics
> whicht seems to be interessting (maybe gpios of super io or I2C/SMBUS)...

i think i saw somewhere that P115 is SCSI but im not shure..
i am shure that that are loads of missing resistor 'bank' parts around 
P108 seams to be gameport(maybe also midi)

service manual i have is pdf_27556.pdf
i got it from
see also

> Thanks for your tips.
> LuJa
>> a a wrote:
>>> Hi all,
>>> Ludwig Jaffe wrote:
>>>> Hi all,
>>>> i fiddled around with the flashrom util, and I managed to rewrite the
>>>> original compaq-bios, which I saved before.
>>>> I modified the flashrom-utily to enable writing the flashrom. The
>>>> 29F002BT works with 29f002-funktions and *not* with jedec....
>>>> The only problem that remains, is that it is not possible to 
>> unprotect
>>>> the 20f002bt (ST). with the flashrom utily. So I can not upgrade the
>>> flash!
>>>> I will go and code some improvement to that.
>>> i worked with Uwe to create the support for the Compaq deskpro EN SFF
>>> 600N i have here
>>> i needed 3 hardware mods:
>>> - socket for the flash chip (with loads of luck you can skip this but
>>> please let me test the current tree before you flash coreboot into your
>>> unit)
>>> - set SW1 to ON to disable the write protection on the'normal' (non
>>> bootblock ) part of the bios (if you dont do this the ASIC will disable
>>> ANY writes even probes to the flash iirc
>>> -if you have the original chip onboard: short (not installed) jumper 
>> P34
>>> that is next to the flashpart (shorting this will temp. unlock the
>>> bootblock and allow (un)programming of the lockbits note that you 
>> should
>>> first protected the whole chip before unproetcting.
>>> i also needed a couple of software hacks that are not yet in the tree:
>>> -disable some parts of the southbrigde (KBC ectect) so the superio can
>>> handle them
>>> -stuff some values to the ASIC so networking works (otherwise eth0 will
>>> not show on the pci bus)
>>> -i had some trouble with onboard audio but i dont remember the 
>> details now
>>> -i dont have onboard vga working yet and was planning on maybe using /
>>> writing free support for it so i dont need a vga bios
>>> i dont have time today/tomorrow to look at it in more detail .. will do
>>> that later this week ...
>>> greetings,
>>> todthgie
>>>> A suggestion regarding architecture:
>>>> We should add a function-pointer for protect and unprotect, 
>> because this
>>>> is sometimes special. e.g. 29f002bt (st).
>>>> We should provide an extra funktion to protect/unprotect the bios 
>> to the
>>>> user, so that reweiting the eeprom will be
>>>> read() -> save old
>>>> unprotect()
>>>> test_if_unprotected()
>>>> if not die
>>>> erase()
>>>> test_if_empty()
>>>> if not, try to rewrite saved_old!
>>>> else die.
>>>> write
>>>> verify
>>>> So the methods protect/unprotect have to be seperate and not be 
>> hidden
>>>> in erase or write functions.
>>>> And they should be accessible via the punction-pointer-table.
>>>> My patch contains my little modifications and da doxygen file to ease
>>>> understanding the code.
>>>> Please help me to improve the architecture of flashrom.
>>>> Greetings
>>>> LuJa
>> ------------------------------------------------------------------------
>>> Express yourself instantly with MSN Messenger! MSN Messenger
>> ------------------------------------------------------------------------
>> Express yourself instantly with MSN Messenger! MSN Messenger 

Express yourself instantly with MSN Messenger! Download today it's FREE!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.coreboot.org/pipermail/coreboot/attachments/20080602/055a96e6/attachment.html>

More information about the coreboot mailing list