First mATX Intel Desktop added to Heads firmware

Plexus · April 12, 2023, 7:49am

Hi folks,
I have completed my port of the mATX Asus P8Z77-M Pro board to Heads firmware. I believe this is the first Intel based Desktop board with PCI-e made available as part of Heads (the other non laptops are AMD based, servers, PowerPC or not full sized eg Librem Mini)

This now offers a cost effective ‘self build’ desktop solution using attesting heads firmware, as of this commit
https://github.com/osresearch/heads/commit/e32fc91baf2e707f0ef24fed2812786a7dcdb79f

This firmware is what Nitropads, Chromebooks and Librem machines use.

The P8Z77-M Pro offers several SATA connectors (2x 6Gb, 4x 3Gb, 2x eSATA) as well as 3 full size PCI-e expansion ports. The board has a PS/2 keyboard port, as recommended for QubesOS. The board has a socketed DIP-8 ROM which allows for flashing without using SOIC clips or complex disassembly processes.

The i7-3770 is the best CPU available for the board, with VT-x & VT-d both present as recommended by QubesOS, and you can use up to 32 Gb of RAM (be careful not to use CPU variants which do not have VT-d, such as i7-3770k).

You must use a TPM v1 with this board as the ROM chip is not large enough to support the requirements for heads on a TPM v2 (just like most Lenovo systems supported by the project). If you really want to use a TPM2 there is a solution but it requires upgrading the ROM chip to W25Q128, which I an DM a procedure for if you want to try it)

You can find documentation on the board here https://osresearch.net/p8z77-m_pro-building/

This board is available in TOTP and HOTP+TOTP heads variants. Ive added a script to automatically grab the vendors ROM, extract the IFD and then apply me_cleaner to the intel ME firmware, shrink the ME region to 98k and enables HAP/AltME bit disable. With this board I also introduced to heads the option to remove the VSCC table. Intel internal documentation implies removing the VSCC table impacts the ME engines ability to write from it to the rom chips (please read the linked discussion for more info here, but basically the documentation implies this will happen, but we have no way to prove it - much like most else to do with intel ME).

I have prepared a video howto guide which I am editing, it should be ready in the coming weeks. I will be submitting a HCL later today.

Thanks to @Insurgo and rbrselow for the help in aligning the port to heads conventions and providing the reviews.

Test Platform
BOARD: Asus P8Z77-M Pro
RAM: 32Gb - 4x TimeTec DDRL3 75TT16NUL2R8-8G
CPU: Intel i7-3770
TPM: Modules tested: Asus branded TPM 1.02H & Foxconn TPM Krypton Rev 1.0

While I am a QubesOS team member, this post is my personal thoughts and does not represent and official endorsement of this platform by the QubesOS project.

KarlinQubes · April 12, 2023, 8:57am

Exciting! Fantastic work.

Do you think a desktop PC might create the opportunity to create even stronger tamper-evident mechanisms? I know Mullvad has a guide on how to use glitter & nail polish, but in a compliment to HEADS model of physical security, does this open up an even more robust avenue for custom PC tower that has strong tamper-evident qualities?

Plexus · April 12, 2023, 9:10am

Thanks Theres more to come yet!

I use tamper evident systems on mine, keep an eye out for links to my upcoming guide.wont be long, i got a sec conference to present at this weekend which is taking priority, so ill try to finish the guides during the evenings next week

renehoj · April 12, 2023, 11:41am

Good job!

Would it be possible to port heads to the Z690?

Plexus · April 12, 2023, 11:47am

You must be psychic

Its a WiP and it only boots to console for now, there is a whole heap of validation and other stuff to do yet. Graphics being a big one. And there is the whole question around just using ME in HAP disabled mode. And Ive got to figure out how to get a dTPM working, then get that added to coreboot. its a bunch of work that will get chipped away at.

github.com/linuxboot/heads

WIP - Z690 A DDR5 / Msi ms7d25 TPM2

linuxboot:master ← ThePlexus:msi_ms7d25_ddr5-tpm2

opened 09:57AM - 12 Apr 23 UTC

ThePlexus

+0 -0

This is my attempt so far to bring the Z690-A DDR5 into Heads. This is a WIP. Th…e board seems to have all regions unlocked for internal programmer. **status** It boots to serial console only and we see hello world; ![Screenshot from 2023-04-12 11-29-59](https://user-images.githubusercontent.com/31340423/231418435-bcd5a6b4-6be4-44b3-9b17-b83ce966bd93.png) **connections** - Flash chip is MX25U25635F WSON8, soldered on (though has been seen with a Winbond too, per @miczyg1 ) - External flashing is not amazingly easy, but possible [with a WSON8 clip ](https://docs.dasharo.com/variants/msi_z690/recovery) - External flashing is a bit less fiddly by using the[ SPI bus via the TPM2 header](https://docs.dasharo.com/variants/msi_z690/development/#hardware-connection) - Dasharo also show how to get [read only ttyS0 console ](https://docs.dasharo.com/variants/msi_z690/development/#hardware-connection) **Requirements** - copied [1251](https://github.com/osresearch/heads/pull/1251) to use Dasharo flashrom for MX25U25635F compatibility - Have to use coreboot 4.19 for board support, though i expect 4.20 will be a better choice given[ all the work since 4.19](https://review.coreboot.org/q/+ms7d25) - Patch made to back port a fix for some Alderlake iGPU https://review.coreboot.org/c/coreboot/+/70101/4#message-0ac2afa1c9d02452721469c837caabb01ccd86b2 **ME** - Cant me_clean and reduce ME firmware on this generation of cpu. just how it is. - We can use ME hap bit to disable ME https://github.com/6d6178667269747a/me_cleaner/commit/d6b313ad75ac4ccda3668042d0a8dacd4fef2f0f - I set HAP the bit in download_BIOS_clean.sh by flipping 0x1DE to 0x11 - validated that setting this bit on factory firmware shows ME version 0.0.0.0 in factory BIOS - as we cant shrink ME, it may be an idea to use VSCC mod by default on this board - could we make a patch and have coreboot measure the ME region for changes? **Findings/WIP stuff** - Board config not using its own kernel, i just stole the librem common as it was the same version and a reasonably nearby CPU family. WIP - No graphics working yet, console output only. Coreboot uses FSP GOP, so I assume this needs some kernel modules. - theres a worrying TPM error message in the console output that needs looking at (see below) - Coreboot VBOOT seems to use the onboard fTPM even with a dTPM attached. The above mentioned error still remains. This is going to take a bit more work - network at boot is untested and unlikely. dashro extract a binary blob to use in a UEFI payload, and currently this WIP is CSM mode https://github.com/Dasharo/coreboot/blob/msi_ms7d25/release/build.sh#L16 ** TPM error** ``` [DEBUG] TPM: CRB Interface is not active. System needs reboot in order to active TPM. [ERROR] TPM: Probe failed. [ERROR] tlcl_lib_init: tis_init returned error [ERROR] TPM: Can't initialize. ``` even though it seems coreboot creates a TPM log and TPM measurements do present. ``` [DEBUG] ACPI: * TPM2 [DEBUG] TPM2 log created at 0x7699b000 -- SNIP [INFO ] coreboot TPM log measurements: [INFO ] PCR-2 ae47351f1afcf7df124e3b547b8d2a96dc43da705e432bc1ba08942ef6822f89 SHA256 [FMAP: FMAP] [INFO ] PCR-2 ea2696180cda0ce19438a62f0a1bdc86007908e825f4dec108147aea1aa58fb5 SHA256 [CBFS: bootblock] [INFO ] PCR-2 eeca2517dbe532bab8ceb7c7612338e4e72d9bd7aaa86f518b6ee9feaae52ee9 SHA256 [CBFS: fallback/romstage] [INFO ] PCR-2 25ff8837f740d51fe99acf1cb85582df6f97c1425e58b4cd67d14bfb426deec0 SHA256 [CBFS: fspm.bin] [INFO ] PCR-2 74eba1e41dc4e310666224177fbefa9fa723952ff058c6948805e35cc7ee2ed4 SHA256 [CBFS: fallback/postcar] [INFO ] PCR-2 29de505911e6181cb2564a486fcdb77c9b62d22afb7eba7e75a1adaf20dfbca9 SHA256 [CBFS: fallback/ramstage] [INFO ] PCR-2 1dc207481a8570abc93295543da654b24eaceb1b17efaf536a0db07617ff3d15 SHA256 [CBFS: cpu_microcode_blob.bin] [INFO ] PCR-2 7ec6adf33596c9051cad0ef295675bdf0b02c78d89675d7a3bfd7e74f677d7d0 SHA256 [CBFS: fsps.bin] [INFO ] PCR-2 2502ce2ed0172d622f0eb24aaa7c173689e54719eab258a161422f5409bd3b2e SHA256 [CBFS: vbt.bin] [INFO ] PCR-2 5ae7b8ee21400362658243091c1dd30044d5392ca725db4d7837b5a4c32d2ddd SHA256 [CBFS: fallback/dsdt.aml] [INFO ] PCR-2 1e0433b680a0deba810e265b0e29680d6c67c3d47203bfeaa52bc332f4087a75 SHA256 [CBFS: fallback/payload] ```

renehoj · April 12, 2023, 12:15pm

That’s great news, being able to use heads would be a big improvement to the Z690

Sven · April 12, 2023, 3:45pm

Excellent work!

Off-topic, personal reflection

For the last three years I had the illusion I could get away with a desktop, but those times are over now. In my youth I once traveled with a desktop tower … lol

Any news on the Thinkpad W530?

Sven · April 12, 2023, 8:48pm

2 posts were split to a new topic: Desktop computers

Plexus · April 13, 2023, 3:05pm

I forgot all about that all my thinkpads have been gathering dust. I did try the 530 before i came to the airport with latest version of the build, and even doing the nvram edit for dual graphics I still couldnt get the external display working at boot

but… it has been pretty stable across the board for heads + swraid + qubes. before i put it to one side and got on with desktops again…

greenie · June 6, 2023, 12:34am

I know it’s been awhile since anyone commented on this thread, but I plan on reproducing the ASUS P8Z77-M Pro build (more of a project than anything just to learn). I can’t find any of these motherboards being sold from anywhere that looks reputable enough to check my ‘supply chain validation’ box . I’m seeing nothing that’s manufacturer refurbished… Anyone got a reputable place to purchase these from?

thanks in advance