This is more a collection of notes compiled from my command history. It hasn’t been repeated…

I have a motherboard that is Coreboot compatible. Coreboot comes with a basic payload that permits booting from local disks, but requires other payloads to be added if required – such as IPXE.

Need some info first, such as the NIC PCI ID

root@blackbird:~# lspci  | grep -i net
00:0a.0 Bridge: NVIDIA Corporation CK804 Ethernet Controller (rev a3)
root@blackbird:~# lspci -s 00:0a.0 -nnn
00:0a.0 Bridge [0680]: NVIDIA Corporation CK804 Ethernet Controller [10de:0057] (rev a3)

Get, configure and build IPXE.

git clone git://
cd ipxe/src/

Insert this into config/local/general.h – it defines what gets included into the ROM image, such as menu support, iscsi support, etc

#undef PXE_STACK               /* PXE stack in iPXE – you want this! */
#undef PXE_MENU                /* PXE menu booting */
#undef DOWNLOAD_PROTO_TFTP     /* Trivial File Transfer Protocol */
#undef SANBOOT_PROTO_ISCSI     /* iSCSI protocol */
#undef SANBOOT_PROTO_AOE       /* AoE protocol */
#undef SANBOOT_PROTO_IB_SRP    /* Infiniband SCSI RDMA protocol */
#undef SANBOOT_PROTO_FCP       /* Fibre Channel protocol */
#undef CRYPTO_80211_WEP        /* WEP encryption (deprecated and insecure!) */
#undef CRYPTO_80211_WPA        /* WPA Personal, authenticating with passphrase */
#undef CRYPTO_80211_WPA2       /* Add support for stronger WPA cryptography */
#undef IMAGE_NBI               /* NBI image support */
#undef IMAGE_ELF               /* ELF image support */
#undef IMAGE_MULTIBOOT         /* MultiBoot image support */
#undef IMAGE_PXE               /* PXE image support */
#define        IMAGE_SCRIPT            /* iPXE script image support */
#define        IMAGE_BZIMAGE           /* Linux bzImage image support */
#undef IMAGE_COMBOOT           /* SYSLINUX COMBOOT image support */
#undef IMAGE_EFI               /* EFI image support */
#undef IMAGE_SDI               /* SDI image support */
#undef NVO_CMD                 /* Non-volatile option storage commands */
#define CONFIG_CMD              /* Option configuration console */
#undef FCMGMT_CMD              /* Fibre Channel management commands */
#undef ROUTE_CMD               /* Routing table management commands */
#define IMAGE_CMD               /* Image management commands */
#define SANBOOT_CMD             /* SAN boot commands */
#define MENU_CMD                /* Menu commands */
#undef LOGIN_CMD               /* Login command */
#undef SYNC_CMD                /* Sync command */
#undef NSLOOKUP_CMD            /* DNS resolving command */
#undef TIME_CMD                /* Time commands */
#undef DIGEST_CMD              /* Image crypto digest commands */
#undef LOTEST_CMD              /* Loopback testing commands */
#undef VLAN_CMD                /* VLAN commands */
#undef PXE_CMD         /* PXE commands */
#undef REBOOT_CMD             /* Reboot command */
#undef IMAGE_TRUST_CMD /* Image trust management commands */

And the command that will be run at startup of ipxe should be inserted into shell.ipxe



chain –autofree

Take the PCI ID, concatenate it as the ROM filename, and embed the script.

make -j3 bin/10de0057.rom EMBED=./shell.ipxe

Now the IPXE payload is ready.


For Coreboot,

git clone
cd coreboot
git submodule update –init –checkout
make nconfig

In nconfig, select the appropriate board.

Save, exit.

Build the cross compilers

make crossgcc CPUS=4

Build the firmware


The coreboot firmware is saved as build/coreboot.rom, but needs the payload added.

./build/cbfstool ./build/coreboot.rom add -f ../ipxe/src/bin/10de0057.rom -n pci10de,0057.rom -t raw
./build/cbfstool ./build/coreboot.rom print

To remove the payload, in the event of wanting to add a new version

./build/cbfstool ./build/coreboot.rom remove -n pci10de,0057.rom

The coreboot.rom file is now ready to be copied to the target machine and flashed.

If a backup is required, use

flashrom -p internal -r backup.bin

To flash,

flashrom -p internal -w coreboot.rom