This is more a collection of notes compiled from my command history. It hasn’t been repeated…
I have a motherboard that is Coreboot compatible. Coreboot comes with a basic payload that permits booting from local disks, but requires other payloads to be added if required – such as IPXE.
Need some info first, such as the NIC PCI ID
root@blackbird:~# lspci | grep -i net
00:0a.0 Bridge: NVIDIA Corporation CK804 Ethernet Controller (rev a3)
root@blackbird:~# lspci -s 00:0a.0 -nnn
00:0a.0 Bridge [0680]: NVIDIA Corporation CK804 Ethernet Controller [10de:0057] (rev a3)
Get, configure and build IPXE.
git clone git://git.ipxe.org/ipxe.git
cd ipxe/src/
Insert this into config/local/general.h – it defines what gets included into the ROM image, such as menu support, iscsi support, etc
#undef PXE_STACK /* PXE stack in iPXE – you want this! */
#undef PXE_MENU /* PXE menu booting */
#undef DOWNLOAD_PROTO_TFTP /* Trivial File Transfer Protocol */
#undef SANBOOT_PROTO_ISCSI /* iSCSI protocol */
#undef SANBOOT_PROTO_AOE /* AoE protocol */
#undef SANBOOT_PROTO_IB_SRP /* Infiniband SCSI RDMA protocol */
#undef SANBOOT_PROTO_FCP /* Fibre Channel protocol */
#undef CRYPTO_80211_WEP /* WEP encryption (deprecated and insecure!) */
#undef CRYPTO_80211_WPA /* WPA Personal, authenticating with passphrase */
#undef CRYPTO_80211_WPA2 /* Add support for stronger WPA cryptography */
#undef IMAGE_NBI /* NBI image support */
#undef IMAGE_ELF /* ELF image support */
#undef IMAGE_MULTIBOOT /* MultiBoot image support */
#undef IMAGE_PXE /* PXE image support */
#define IMAGE_SCRIPT /* iPXE script image support */
#define IMAGE_BZIMAGE /* Linux bzImage image support */
#undef IMAGE_COMBOOT /* SYSLINUX COMBOOT image support */
#undef IMAGE_EFI /* EFI image support */
#undef IMAGE_SDI /* SDI image support */
#undef NVO_CMD /* Non-volatile option storage commands */
#define CONFIG_CMD /* Option configuration console */
#undef FCMGMT_CMD /* Fibre Channel management commands */
#undef ROUTE_CMD /* Routing table management commands */
#define IMAGE_CMD /* Image management commands */
#define SANBOOT_CMD /* SAN boot commands */
#define MENU_CMD /* Menu commands */
#undef LOGIN_CMD /* Login command */
#undef SYNC_CMD /* Sync command */
#undef NSLOOKUP_CMD /* DNS resolving command */
#undef TIME_CMD /* Time commands */
#undef DIGEST_CMD /* Image crypto digest commands */
#undef LOTEST_CMD /* Loopback testing commands */
#undef VLAN_CMD /* VLAN commands */
#undef PXE_CMD /* PXE commands */
#undef REBOOT_CMD /* Reboot command */
#undef IMAGE_TRUST_CMD /* Image trust management commands */
And the command that will be run at startup of ipxe should be inserted into shell.ipxe
#!ipxe
dhcp
chain –autofree http://core.vpn.glasgownet.com/menu.ipxe
Take the PCI ID, concatenate it as the ROM filename, and embed the script.
make -j3 bin/10de0057.rom EMBED=./shell.ipxe
Now the IPXE payload is ready.
For Coreboot,
git clone https://review.coreboot.org/coreboot
cd coreboot
git submodule update –init –checkout
make nconfig
In nconfig, select the appropriate board.
Save, exit.
Build the cross compilers
make crossgcc CPUS=4
Build the firmware
make
The coreboot firmware is saved as build/coreboot.rom, but needs the payload added.
./build/cbfstool ./build/coreboot.rom add -f ../ipxe/src/bin/10de0057.rom -n pci10de,0057.rom -t raw
./build/cbfstool ./build/coreboot.rom print
To remove the payload, in the event of wanting to add a new version
./build/cbfstool ./build/coreboot.rom remove -n pci10de,0057.rom
The coreboot.rom file is now ready to be copied to the target machine and flashed.
If a backup is required, use
flashrom -p internal -r backup.bin
To flash,
flashrom -p internal -w coreboot.rom
Recent Comments