Network gPXE and iPXE Flashrom Intel Pro 100

From richud.com
Jump to: navigation, search

Find device and get pci bus location

$ lspci -b
00:00.0 Host bridge: Intel Corporation 2nd Generation Core Processor Family DRAM Controller (rev 09)
<SNIP>
01:00.0 VGA compatible controller: nVidia Corporation GF108 [GeForce GT 430] (rev a1)
01:00.1 Audio device: nVidia Corporation GF108 High Definition Audio Controller (rev a1)
06:00.0 Ethernet controller: Intel Corporation 82557/8/9/0/1 Ethernet Pro 100 (rev 0c)

PCI bus location 06:00.0

Get Vendor and Device code / PCID

$ lspci -n
00:00.0 0600: 8086:0100 (rev 09)
<SNIP>
01:00.0 0300: 10de:0de1 (rev a1)
01:00.1 0403: 10de:0bea (rev a1)
06:00.0 0200: 8086:1229 (rev 0c)

VEN is 8086 DEV is 1229


Get some info from Flashrom

Check out its working and get some info, we need correct 'programmer', 'nicintel' is right choice for this card, man page lists various types, the pci BUSid as found above,

$ sudo flashrom -p nicintel:pci=06:00.0
flashrom v0.9.4-r1394 on Linux 3.0.0-16-generic (x86_64), built with libpci 3.1.7, GCC 4.6.1, little endian
flashrom is free software, get the source code at http://www.flashrom.org

Calibrating delay loop... OK.
Found "Intel 82557/8/9/0/1 Ethernet Pro 100" (8086:1229, BDF 06:00.0).
===
This PCI device is UNTESTED. Please report the 'flashrom -p xxxx' output 
to flashrom@flashrom.org if it works for you. Please add the name of your
PCI device to the subject. Thank you for your help!
===
Found "Intel 82557/8/9/0/1 Ethernet Pro 100" (8086:1229, BDF 06:00.0).
===
This PCI device is UNTESTED. Please report the 'flashrom -p xxxx' output 
to flashrom@flashrom.org if it works for you. Please add the name of your
PCI device to the subject. Thank you for your help!
===
Mapping Intel NIC control/status reg at 0xfb030000, unaligned size 0x10.
Found Atmel flash chip "AT49BV512" (64 kB, Parallel) on nicintel.
No operations were specified.

So the flash chip size is 64k (65536 bytes).

To verify this, it may be a good idea to read out the existing rom to a file now.

sudo flashrom -p nicintel:pci=06:00.0 -r original.rom

Look at this and it should be 65536 bytes, confirming everything seems ok!

Create a pad file the size of your .rom image

This will pad out the .rom to correct size with ending zero's, as otherwise Flashrom will fail.

$ dd if=/dev/zero of=test.rom bs=1 count=65536
65536+0 records in
65536+0 records out
65536 bytes (66 kB) copied, 0.105454 s, 621 kB/s

gPXE

Create the .rom

Visit rom-o-matic to generate it easily, or build from source a-la iPXE (below) Generate a .rom image by selecting this in 'output format', dont worry about driver, type in VEN and DEV, 'get image' and save it somewhere. Drop to a terminal where you put it.

$ ls -la gp*
-rw-rw-r-- 1 xxxx xxxx 64000 2012-02-28 14:24 gpxe-1.0.1+-80861229.rom

iPXE

Build rom

Make sure you have already installed the normal linux build tools, ( sudo apt-get install make gcc binutils git )

Enter "bin/80861229.rom" as the file to make making sure the VEN and DEV codes match your card.

$ cd /tmp
$ git clone git://git.ipxe.org/ipxe.git
$ cd ipxe/src
$ make ARCH=i386 CC="gcc -m32" CXX="g++ -m32" bin/80861229.rom
<SNIP>
  [LD] bin/80861229.rom.tmp
  [BIN] bin/80861229.rom.bin
  [ZINFO] bin/80861229.rom.zinfo
  [ZBIN] bin/80861229.rom.zbin
  [FINISH] bin/80861229.rom
rm bin/80861229.rom.zbin bin/80861229.rom.bin bin/80861229.rom.zinfo

Now you should have ipxe/src/bin/bin/80861229.rom ready to be flashed

Write real new .rom into dummy file

In this example using gPXE one, but exactly same for padded iPXE rom (80861229-padded.rom)

$ dd if=gpxe-1.0.1+-80861229.rom of=test.rom conv=notrunc
125+0 records in
125+0 records out
64000 bytes (64 kB) copied, 0.000414106 s, 155 MB/s

Flash the ROM on the card

Need to run as root.

$ sudo flashrom -p nicintel:pci=06:00.0 -w test.rom
[sudo] password for rfm6: 
flashrom v0.9.4-r1394 on Linux 3.0.0-16-generic (x86_64), built with libpci 3.1.7, GCC 4.6.1, little endian
flashrom is free software, get the source code at http://www.flashrom.org

Calibrating delay loop... OK.
Found "Intel 82557/8/9/0/1 Ethernet Pro 100" (8086:1229, BDF 06:00.0).
===
This PCI device is UNTESTED. Please report the 'flashrom -p xxxx' output 
to flashrom@flashrom.org if it works for you. Please add the name of your
PCI device to the subject. Thank you for your help!
===
Found "Intel 82557/8/9/0/1 Ethernet Pro 100" (8086:1229, BDF 06:00.0).
===
This PCI device is UNTESTED. Please report the 'flashrom -p xxxx' output 
to flashrom@flashrom.org if it works for you. Please add the name of your
PCI device to the subject. Thank you for your help!
===
Mapping Intel NIC control/status reg at 0xfb030000, unaligned size 0x10.
Found Atmel flash chip "AT49BV512" (64 kB, Parallel) on nicintel.
Reading old flash chip contents... done.
Erasing and writing flash chip... Erase/write done.
Verifying flash... VERIFIED.          

Test it!

Well in my HP Core i5 , F9 makes it appears on the boot menu, starts to boot and hangs....

Trying a trusty Intel DG965 machine was more successful.

  • Note its now on PCI bus id 07:00.0 as different machine.


This is showing it appearing on the boot menu, using gPXE is much the same, just with text saying gPXE instead :)

Ipxe-bootrom.jpg


And booting into it

Ipxe-bootrom2.jpg


No interrupt, so now PXE booting like original rom would have.

Ipxe-bootrom3.jpg

Whats the point?

Well it was quite fun and pretty straight forward, if that counts - took longer writing this than doing it from scratch :)

The rescue scenario

Adding a boot script to the rom would make it useful as a backup plan to a remote machine.

In most situations of remote failure the best you can hope for is someone to hit the reset button and hope it comes back.

So my ideas would be,

  • Set the net card you have flashed to the primary boot device.
  • Have it point to http://yoursite/config.php?MAC={mac} for a startup script
  • The script by default will return empty so making iPXE exit and next device. Or if cannot contact remote site for a config, again it will exit and boot next device.
  • In the event the server is broken but you still have ability to restart it, or you can get someone to poke reset, configure your config script to now boot your rescue kernel/initrd. This will then boot up on restart and you then have a good chance to be able to fix it :)

See here for more info about how to go about creating a system rescue