arhabd
commented
2 weeks ago I have a significant amount more information to merge in here (it’s handwritten and printouts). I will continue to update here in html text first then add to the plain text configs once finished.
@tlaurion Is this where I am supposed to add this??
----------------DRAFT-----------[Subject to change]
KGPE-D16 Configurations
----->>>TL:DR: The purpose of these strict configurations while testing are to make everyone's life easier in the long run.
Overview: Prior testing of Heads firmware by independent users has been performed on a variety of revisions of KGPE-D16 motherboards and in combination with a wide variety of versions of CPU models, RAM, GPU, etc.. This wide variety of KGPE-D16 configurations utilized by users appears to have caused test results which are wildly inconsistent. The primary purpose of this updated configuration is to create a standardized configuration to help users, testers, and developers maintain uniformity and subsequently as a result, improve efficiency in the development and testing of Heads Firmware.
Target End User: The vast majority of ends users are expected to select the KGPE-D16 in order to be able to utilize a system that is as blobfree, open source, and Qubes capable as possible. Therefor, part numbers have been selected taking this in consideration. Other important customer requirements are: robustness, statelessness, stability, raw power, upgrade-ability, and ease-of-use.
Recommendations
CPUs Opteron 6200 series should be used exclusively while testing. Some CPUs require RAM operating at 1.5v in order to be capable of obtaining the full 1600 MT/s RAM speed. The RAM listed below will help you avoid some of the many nuisances. CPUs contain the memory controller internally, please be cognoscente of this when testing.
RAM Please use Micron MT36JSF2G72PZ-1G6 for best compatibility. There are many reasons for this; the biggest of which is the clarity of documentation, ability to run at max speed with the 6200 series CPUs, 1.5v capable, 16gb per stick, ECC RDIMM, cost effectiveness, etc..
General Part # Guide RAM-Module Part Numbering Systems.pdf
Micron MT36JSF2G72PZ-1G6 RAM Documentation RAM-MT36JSF2G72PZ-1G6.pdf
Specific Chip Documentation for RAM RAM-MT41J256M16RE-15EITD.pdf
GPUs Please use a GPU from the NVIDIA Kepler micro-architecture. These are the most recent that still allow for open source display firmware.
SPI Flash Chip Winbond W25Q128FVAIG (G version)
Hardware Write Protection This is a feature that allows a user to lock a eeprom chip as read-only, typically by shorting two of the pins together. A number of users have had issues getting this working so here are some tips.
Hardware write protection is only available on eeprom chips that explicitly support it and typically requires setting specific fuse settings appropriately to enable this function. This information is found in the manufacturer’s documentation for the specific part # of chip you intend to use.
Winbond W25Q128FVAIG The Winbond W25Q128FVAIG is a 16MB eeprom chip capable of hardware write protection and is compatible with the KGPE-D16. This chip is physically engraved with the abbreviated text 25Q128FVIG.
Fuse settings required to activate the hardware write protection feature for this specific part number of Winbond chip are as listed below:
[S18=WPS=0] [S14=CMP=0]
[S9=QE=0] [S8=SRP1=0] [S7=SRP0=1]
[S6=SEC=0] [S5=TB=0] [S4=BP2=1] [S3=BP1=1] [S2=BP0=1]
Experts can tweak these settings to fine tune the chip’s configuration however, the settings listed above have worked well for me and should work well for most users.
Connecting pin 3 (/WP) and pin 4 (GND) together with these fuse settings will enable hardware write protection. It may be required to power off the system before connecting/disconnecting these pins in order for the correct write state to be recognized.
Many users have a similar version of Winbond chip with part number W25Q128FVAIQ however, it should be noted that this alternate Q version chip is not capable of hardware write protection.
Additional Fuse Settings: Security Register Lock Bits You may also want to set S11, S12, and S13 as listed below in order to permanently lock the security register as read-only. This is where manufacturer’s info, security related information, and hard coded data for the chip is stored. This is a separate location on the chip from where your ROM image is stored. The vibe I got from reading the Winbond documentation is that this could be a good place for backdoor related shenanigans and it’s probably a good idea to set these fuses in order to lock as read-only. That being said, I’m not entirely sure. I set mine as listed below and it worked for me however, as always, use at your own risk.
[S13=LB3=1] [S12=LB2=1] [S11=LB1=1] . . .
*****More information on the way soon
you might want to contribute your information on 15h.org
tlaurion
jtf7
I have a significant amount more information to merge in here (it’s handwritten and printouts). I will continue to update here in html text first then add to the plain text configs once finished.
@tlaurion Is this where I am supposed to add this??
----------------DRAFT-----------[Subject to change]
KGPE-D16 Configurations
----->>>TL:DR: The purpose of these strict configurations while testing are to make everyone's life easier in the long run.
Overview: Prior testing of Heads firmware by independent users has been performed on a variety of revisions of KGPE-D16 motherboards and in combination with a wide variety of versions of CPU models, RAM, GPU, etc.. This wide variety of KGPE-D16 configurations utilized by users appears to have caused test results which are wildly inconsistent. The primary purpose of this updated configuration is to create a standardized configuration to help users, testers, and developers maintain uniformity and subsequently as a result, improve efficiency in the development and testing of Heads Firmware.
Target End User: The vast majority of ends users are expected to select the KGPE-D16 in order to be able to utilize a system that is as blobfree, open source, and Qubes capable as possible. Therefor, part numbers have been selected taking this in consideration. Other important customer requirements are: robustness, statelessness, stability, raw power, upgrade-ability, and ease-of-use.
Recommendations
CPUs Opteron 6200 series should be used exclusively while testing. Some CPUs require RAM operating at 1.5v in order to be capable of obtaining the full 1600 MT/s RAM speed. The RAM listed below will help you avoid some of the many nuisances. CPUs contain the memory controller internally, please be cognoscente of this when testing.
RAM Please use Micron MT36JSF2G72PZ-1G6 for best compatibility. There are many reasons for this; the biggest of which is the clarity of documentation, ability to run at max speed with the 6200 series CPUs, 1.5v capable, 16gb per stick, ECC RDIMM, cost effectiveness, etc..
General Part # Guide RAM-Module Part Numbering Systems.pdf
Micron MT36JSF2G72PZ-1G6 RAM Documentation RAM-MT36JSF2G72PZ-1G6.pdf
Specific Chip Documentation for RAM RAM-MT41J256M16RE-15EITD.pdf
GPUs Please use a GPU from the NVIDIA Kepler micro-architecture. These are the most recent that still allow for open source display firmware.
SPI Flash Chip Winbond W25Q128FVAIG (G version)
Hardware Write Protection This is a feature that allows a user to lock a eeprom chip as read-only, typically by shorting two of the pins together. A number of users have had issues getting this working so here are some tips.
Hardware write protection is only available on eeprom chips that explicitly support it and typically requires setting specific fuse settings appropriately to enable this function. This information is found in the manufacturer’s documentation for the specific part # of chip you intend to use.
Winbond W25Q128FVAIG The Winbond W25Q128FVAIG is a 16MB eeprom chip capable of hardware write protection and is compatible with the KGPE-D16. This chip is physically engraved with the abbreviated text 25Q128FVIG.
Fuse settings required to activate the hardware write protection feature for this specific part number of Winbond chip are as listed below:
[S18=WPS=0] [S14=CMP=0]
[S9=QE=0] [S8=SRP1=0] [S7=SRP0=1]
[S6=SEC=0] [S5=TB=0] [S4=BP2=1] [S3=BP1=1] [S2=BP0=1]
Experts can tweak these settings to fine tune the chip’s configuration however, the settings listed above have worked well for me and should work well for most users.
Connecting pin 3 (/WP) and pin 4 (GND) together with these fuse settings will enable hardware write protection. It may be required to power off the system before connecting/disconnecting these pins in order for the correct write state to be recognized.
Many users have a similar version of Winbond chip with part number W25Q128FVAIQ however, it should be noted that this alternate Q version chip is not capable of hardware write protection.
Additional Fuse Settings: Security Register Lock Bits You may also want to set S11, S12, and S13 as listed below in order to permanently lock the security register as read-only. This is where manufacturer’s info, security related information, and hard coded data for the chip is stored. This is a separate location on the chip from where your ROM image is stored. The vibe I got from reading the Winbond documentation is that this could be a good place for backdoor related shenanigans and it’s probably a good idea to set these fuses in order to lock as read-only. That being said, I’m not entirely sure. I set mine as listed below and it worked for me however, as always, use at your own risk.
[S13=LB3=1] [S12=LB2=1] [S11=LB1=1] . . .
*****More information on the way soon