Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Vp32xx docs #930

Open
wants to merge 3 commits into
base: master
Choose a base branch
from
Open

Vp32xx docs #930

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
b776ddc
Add VP32xx initial documentation
miczyg1 Nov 6, 2024
b06932b
docs/unified/protectli/overview.md: Fix typos in platform names
miczyg1 Nov 6, 2024
338d038
variants/protectli_vp32xx: Temporarily use vendor directory for test …
miczyg1 Nov 6, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Binary file added docs/images/VP3210.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
24 changes: 24 additions & 0 deletions docs/unified/protectli/building-manual.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -269,3 +269,27 @@ then follow the steps below:

The resulting coreboot image will be placed in the coreboot directory as
`protectli_vp2420_<version>.rom`.

=== "VP3210/VP3230"

1. Checkout the desired version, e.g. `v0.9.0`:

```bash
cd coreboot
git checkout protectli_vault_adln_v0.9.0
```

2. Checkout submodules:

```bash
git submodule update --init --checkout
```

3. Build the firmware:

```bash
./build.sh vp32xx
```

The resulting coreboot image will be placed in the coreboot directory as
`protectli_vp32xx_<version>.rom`.
10 changes: 10 additions & 0 deletions docs/unified/protectli/firmware-update.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -141,3 +141,13 @@ update.
```

This command also preserves Dasharo UEFI settings and the boot order.

=== "VP3210/VP3230"

## Updating Dasharo

```bash
flashrom -p internal -w protectli_vp32xx_v<version>.rom --fmap -i RW_SECTION_A
```

This command also preserves Dasharo UEFI settings and the boot order.
10 changes: 10 additions & 0 deletions docs/unified/protectli/initial-deployment.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -120,3 +120,13 @@ flashrom -p internal -r dump.rom
```

This command also preserves Dasharo UEFI settings and the boot order.

=== "VP3210/VP3230"

To flash Dasharo on the platform, execute the following command -
replace `[path]` with the path to the Dasharo image you want to flash,
e.g. `protectli_vp32xx_v0.9.0.rom`:

```bash
flashrom -p internal -w protectli_vp32xx_v0.9.0.rom
```
62 changes: 59 additions & 3 deletions docs/unified/protectli/overview.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -156,7 +156,7 @@ Select Model:
* [Releases](../../variants/protectli_vp2410/releases.md) - groups
information about all releases.
* [Building manual](./building-manual.md) -
describes how to build Dasharo for Protecli 2410.
describes how to build Dasharo for Protecli VP2410.
* [Initial deployment](
./initial-deployment.md) -
describes initial Dasharo deployment methods (i. e. flashing new
Expand All @@ -183,7 +183,7 @@ Select Model:
drives). The built-in 8 GB eMMC module can be used for booting a
light-weight OS for example, or for use as optional storage.

VP2410 specification:
VP2420 specification:

* Intel Celeron® J6412 Quad Core at 2 GHz (Burst up to 2.6 GHz)
* 4 Intel® 2.5 Gigabit Ethernet NIC ports
Expand Down Expand Up @@ -211,7 +211,7 @@ Select Model:
* [Releases](../../variants/protectli_vp2420/releases.md) - groups
information about all releases.
* [Building manual](./building-manual.md) -
describes how to build Dasharo for Protecli 2420.
describes how to build Dasharo for Protecli VP2420.
* [Initial deployment](
./initial-deployment.md) -
describes initial Dasharo deployment methods (i. e. flashing new
Expand All @@ -225,6 +225,62 @@ Select Model:
* [Test matrix](./test-matrix.md) - describes
validation scope used during Dasharo firmware validation procedure.

=== "VP3210/VP3230"
The Vault Pro is a small form network appliance built for use as a firewall
/ router, virtualization platform, a daily-driven personal computer,
and more. The VP3210/VP3230 is based on a 2 x 2.5 G network port
design that leverages a low power, but versatile Alder Lake-N SoCs.

![](/images/VP3210.png)

The VP3210/VP3230 can accommodate up to 48 GB DDR5 RAM and 4 TB M.2
NVMe SSD storage drive. The built-in 32 GB eMMC module can be used for
booting a light-weight OS for example, or for use as optional storage.

VP3210/VP3230 specification:

* VP3210: Intel® N100 4 Core / 4 Thread (up to 3.4Ghz)
* VP3230: Intel® i3-N305 8 Core / 8 Thread (up to 3.8Ghz)
* 2 Intel® 2.5 Gigabit Ethernet NIC ports
* 2x M.2 NVMe SSD Slot (one with x4 link and second with x1 link)
* 32 GB eMMC module on board
* Intel® AES-NI support
* Fanless and Silent
* 4x 2.5″ SSD connectors and mounts
* Included 12V/90W (VP3230) or 12V/60W (VP3210) Power Supply, Serial
Console Cable, USB-C Cable, SATA data and power cables for internal SSDs,
Quick Start Guide

> Intel ME (Management Engine) is
> [soft-disabled](../../osf-trivia-list/me.md#soft-disabling-me) by default.

For more information please refer to the references below.

## References

* [Protectli knowledge base](https://kb.protectli.com/)
* [Buy VP3210 in Protectli shop](https://eu.protectli.com/product/vp3210/)
* [Buy VP3230 in Protectli shop](https://eu.protectli.com/product/vp3230/)

## Documentation sections

* [Releases](../../variants/protectli_vp32xx/releases.md) - groups
information about all releases.
* [Building manual](./building-manual.md) -
describes how to build Dasharo for Protecli VP3210/VP3230.
* [Initial deployment](
./initial-deployment.md) -
describes initial Dasharo deployment methods (i. e. flashing new
firmware) for Protectli VP3210/VP3230.
* [Recovery](./recovery.md) - gathers
information on how to recover the platform from potential failure.
* [Hardware configuration matrix](
../../variants/protectli_vp32xx/hardware-matrix.md) -
describes the platform's hardware configuration used during the Dasharo
firmware validation procedure.
* [Test matrix](./test-matrix.md) - describes
validation scope used during Dasharo firmware validation procedure.

=== "VP6630/VP6650/VP6670"
The Vault is a small form network appliance built for use as a firewall /
router, virtualization platform, a daily-driven personal computer, and more.
Expand Down
71 changes: 71 additions & 0 deletions docs/unified/protectli/recovery.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -256,3 +256,74 @@ and Dasharo open-source firmware.
```bash
flashrom -p linux_spi:dev=/dev/spidev1.0,spispeed=16000 -c "MX25L12835F/MX25L12845E/MX25L12865E" -w [path_to_binary]
```

=== "VP3210/VP3230"

## Prerequisites

* [Prepared RTE](../../transparent-validation/rte/v1.1.0/quick-start-guide.md)
* 6x female-female wire cables

## Connections

To prepare the stand for flashing follow the steps described below:

1. Open the platform cover.
2. Connect the J1 and J2 flash headers to the [SPI
header](../../transparent-validation/rte/v1.1.0/specification.md) on RTE.

| SPI header | VP32XX J1 |
|:----------:|:------------:|
| Vcc | pin 1 (Vcc) |
| SCLK | pin 3 (CLK) |
| MOSI | pin 4 (MOSI) |

| SPI header | VP32XX J2 |
|:----------:|:------------:|
| GND | pin 4 (GND) |
| CS | pin 1 (CS) |
| MISO | pin 2 (MISO) |

## Firmware flashing

To flash firmware follow the steps described below:

3. Login to RTE via `ssh` or `minicom`.
4. Turn on the platform by connecting the power supply.
5. Wait at least 5 seconds.
6. Turn off the platform by using the power button.
7. Wait at least 3 seconds.
8. Set the proper state of the SPI by using the following commands on RTE:

```bash
# set SPI Vcc to 3.3V
echo 1 > /sys/class/gpio/gpio405/value
# SPI Vcc on
echo 1 > /sys/class/gpio/gpio406/value
# SPI lines ON
echo 1 > /sys/class/gpio/gpio404/value
```

9. Wait at least 2 seconds.
10. Disconnect the power supply from the platform.
11. Wait at least 2 seconds.
12. Flash the platform by using the following command:

```bash
flashrom -p linux_spi:dev=/dev/spidev1.0,spispeed=16000 -w [path_to_binary]
```

> Flashing with flashrom takes about 1 minute.

13. Change back the state of the SPI by using the following commands:

```bash
echo 0 > /sys/class/gpio/gpio404/value
echo 0 > /sys/class/gpio/gpio406/value
```

14. Reset the CMOS battery (short JCMOS header for a couple of seconds).
15. Turn on the platform by connecting the power supply.

The first boot of the platform after proceeding with the above procedure can
take much longer than standard.
112 changes: 112 additions & 0 deletions docs/unified/protectli/test-matrix.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -547,3 +547,115 @@ subjected from before the release of the new binary.
[BOV]: ../../unified-test-documentation/dasharo-performance/413-opnsense-vga-booting-performance-test.md
[BPS]: ../../unified-test-documentation/dasharo-performance/414-pfsense-serial-booting-performance-test.md
[BPV]: ../../unified-test-documentation/dasharo-performance/415-pfsense-vga-booting-performance-test.md

=== "VP3210/VP3230"

## Module: Dasharo compatibility

| No. | Supported test suite | Test suite ID | Supported test cases |
|:----:|:--------------------------------------|:-------------:|:-------------------------------------|
| 1. | [Memory HCL][HCL] | HCL | All |
| 2. | [UEFI compatible interface][EFI] | EFI | All |
| 3. | [Display ports][DSP] | DSP | DSP002.001, DSP002.002, DSP002.003, DSP003.001, DSP003.002, DSP003.003 |
| 4. | [Network boot utilities][NBT] | NBT | All |
| 5. | [NVMe support][NVM] | NVM | All |
| 6. | [Custom logo][CLG] | CLG | All |
| 7. | [Custom boot menu key][CBK] | CBK | All |
| 8. | [USB HID and MSC Support][USB] | USB | USB001.XXX and USB002.XXX |
| 9. | [FreeBSD support][BSD] | BSD | All |
| 10. | [Debian Stable and Ubuntu LTS support][LBT] | LBT | LBT003.001, LBT003.002, LBT004.001, LBT004.002|
| 11. | [USB-C support][UTC] | UTC | UTC004.001, UTC004.002 |
| 12. | [M.2 WiFi/Bluetooth][WLE] | WLE | ALL |
| 14. | [SMBIOS][DMI] | DMI | DMI002.001, DMI003.001, DMI004.001, DMI005.001, DMI006.001 |
| 15. | [Custom network boot entries][CNB] | CNB | CNB001.002 |
| 17. | [Windows booting][WBT] | WBT | WBT001.001 |
| 18. | [Audio subsystem][AUD] | AUD | AUD001.001, AUD001.002, AUD002.001, AUD002.002, AUD003.001, AUD003.002, AUD004.001, AUD004.002, AUD005.001, AUD005.002, AUD006.001, AUD006.002 |
| 19. | [UEFI Shell][USH] | USH | All |
| 20. | [USB detection][UDT] | UDT | All |
| 21. | [USB booting][UBT] | UBT | All |
| 22. | [pfSense support][PFS] | PFS | All |
| 23. | [OPNsense support][OPN] | OPN | All |
| 24. | [Proxmox support][PVE] | PVE | All |
| 25. | [Ubuntu Server support][USS] | USS | All |

[HCL]: ../../unified-test-documentation/dasharo-compatibility/301-memory-hcl.md
[EFI]: ../../unified-test-documentation/dasharo-compatibility/30M-uefi-compatible-interface.md
[DSP]: ../../unified-test-documentation/dasharo-compatibility/31E-display-ports-and-lcd.md
[NBT]: ../../unified-test-documentation/dasharo-compatibility/315b-netboot-utilities.md
[NVM]: ../../unified-test-documentation/dasharo-compatibility/312-nvme-support.md
[CLG]: ../../unified-test-documentation/dasharo-compatibility/304-custom-logo.md
[CBK]: ../../unified-test-documentation/dasharo-compatibility/303-custom-boot-menu-key.md
[USB]: ../../unified-test-documentation/dasharo-compatibility/306-usb-hid-and-msc-support.md
[BSD]: ../../unified-test-documentation/dasharo-compatibility/307-freebsd-support.md
[LBT]: ../../unified-test-documentation/dasharo-compatibility/308-debian-stable-and-ubuntu-lts-support.md
[UTC]: ../../unified-test-documentation/dasharo-compatibility/31H-usb-type-c.md
[WLE]: ../../unified-test-documentation/dasharo-compatibility/318-m2-wifi-bluetooth.md
[MWL]: ../../unified-test-documentation/dasharo-compatibility/31K-minipcie-verification.md
[DMI]: ../../unified-test-documentation/dasharo-compatibility/31L-smbios.md
[CNB]: ../../unified-test-documentation/dasharo-compatibility/30A-custom-network-boot-entries.md
[WBT]: ../../unified-test-documentation/dasharo-compatibility/31A-windows-booting.md
[AUD]: ../../unified-test-documentation/dasharo-compatibility/31F-audio-subsystem.md
[USH]: ../../unified-test-documentation/dasharo-compatibility/30P-uefi-shell.md
[UDT]: ../../unified-test-documentation/dasharo-compatibility/31O-usb-detect.md
[UBT]: ../../unified-test-documentation/dasharo-compatibility/31N-usb-boot.md
[PFS]: ../../unified-test-documentation/dasharo-compatibility/341-pfSense-support.md
[OPN]: ../../unified-test-documentation/dasharo-compatibility/342-OPNsense-support.md
[PVE]: ../../unified-test-documentation/dasharo-compatibility/348-proxmox-support.md
[USS]: ../../unified-test-documentation/dasharo-compatibility/349-ubuntu-server-support.md

## Module: Dasharo security

| No. | Supported test suite | Test suite ID | Supported test cases |
|:-----|:--------------------------------------|:-------------:|:-------------------------------------|
| 1. | [TPM Support][TPM] | TPM | Without TPM001.001,TPM002.001 and TPM003.001 |
| 2. | [Verified Boot support][VBO] | VBO | Without VBO006.001 and VBO007.001 |
| 3. | [Measured Boot support][MBO] | MBO | All |
| 4. | [Secure Boot support][SBO] | SBO | All |
| 5. | [ME disable/neuter support][MNE] | MNE | MNE004.001 |
| 6. | [BIOS lock support][BLS] | BLS | All |
| 7. | [USB stack enable/disable][USS] | USS | All |
| 8. | [SMM BIOS write protection][SMM] | SMM | All |

> Note: in Dasharo for Protectli VP66XX ME is HAP disabled by default - no
> additional option for ME disabling is available in the Setup Menu.

[TPM]: ../../unified-test-documentation/dasharo-security/200-tpm-support.md
[VBO]: ../../unified-test-documentation/dasharo-security/201-verified-boot.md
[MBO]: ../../unified-test-documentation/dasharo-security/203-measured-boot.md
[SBO]: ../../unified-test-documentation/dasharo-security/206-secure-boot.md
[MNE]: ../../unified-test-documentation/dasharo-security/20F-me-neuter.md
[BLS]: ../../unified-test-documentation/dasharo-security/20J-bios-lock-support.md
[USS]: ../../unified-test-documentation/dasharo-security/20S-usb-stack.md
[SMM]: ../../unified-test-documentation/dasharo-security/20O-SMM-bios-write-protection.md

## Module: Dasharo performance

| No. | Supported test suite | Test suite ID | Supported test cases |
|:-----|:--------------------------------------|:-------------:|:-------------------------------------|
| 1. | [coreboot bring up time measurement][CBMEM] | CBMEM | All |
| 2. | [CPU temperature measure][CPT] | CPT | All |
| 3. | [CPU frequency measure][CPF] | CPF | Without CPU003.XXX and CPU005.XXX |
| 4. | [Platform stability][STB] | STB | All |
| 5. | [Ubuntu booting performance test][BUB] | BUB | All |
| 6. | [Debian booting performance test][BDE] | BDE | All |
| 7. | [FreeBSD booting performance test][BFB] | BFB | All |
| 8. | [Proxmox booting performance test][BPM] | BPM | All |
| 9. | [Ubuntu Server booting performance test][BUS] | BUS | All |
| 10. | [OPNsense (serial output) booting performance test][BOS] | BOS | All |
| 11. | [OPNsense (VGA output) booting performance test][BOV] | BOV | All |
| 12. | [pfSense (serial output) booting performance test][BPS] | BPS | All |
| 13. | [pfSense (VGA output) booting performance test][BPV] | BPV | All |

[CBMEM]: ../../unified-test-documentation/dasharo-performance/400-coreboot-boot-measure.md
[CPT]: ../../unified-test-documentation/dasharo-performance/401-cpu-temperature.md
[CPF]: ../../unified-test-documentation/dasharo-performance/402-cpu-frequency.md
[STB]: ../../unified-test-documentation/dasharo-performance/404-platform-stability.md
[BUB]: ../../unified-test-documentation/dasharo-performance/407-ubuntu-booting-performance-test.md
[BDE]: ../../unified-test-documentation/dasharo-performance/408-debian-booting-performance-test.md
[BFB]: ../../unified-test-documentation/dasharo-performance/409-freebsd-booting-performance-test.md
[BPM]: ../../unified-test-documentation/dasharo-performance/410-proxmox-booting-performance-test.md
[BUS]: ../../unified-test-documentation/dasharo-performance/411-ubuntu-server-booting-performance-test.md
[BOS]: ../../unified-test-documentation/dasharo-performance/412-opnsense-serial-booting-performance-test.md
[BOV]: ../../unified-test-documentation/dasharo-performance/413-opnsense-vga-booting-performance-test.md
[BPS]: ../../unified-test-documentation/dasharo-performance/414-pfsense-serial-booting-performance-test.md
[BPV]: ../../unified-test-documentation/dasharo-performance/415-pfsense-vga-booting-performance-test.md
25 changes: 25 additions & 0 deletions docs/variants/protectli_vp32xx/hardware-matrix.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,25 @@
# Hardware configuration matrix

## Introduction

This document describes the hardware configuration used for validation of the
coreboot port on the Protectli VP3210/VP3230 firewall.

## Protectli VP3230

| Component | Description |
|------------------------|----------------------------------------------------------|
| **CPU** | Intel(R) Core(TM) i3-N305 @ 1.80GHz |
| **RAM** | Corsair CMSX32GX5M2A4800C40 |
| **Flash memory** | Macronix KH25L12835F |
| **MMC drive** | SAMSUNG BJTD4R (on-board) |
| **Attached devices** | 1. Logitech, Inc. Keyboard K120 |
| | 2. Dell Mouse MS116p |
| | 3. TPM2.0 Infineon SLB9670 |
| **Wireless card** | Qualcomm Atheros QCA6174 |
| **Display** | HDMI 1920x1080p, DP 1920x1080p |
| **Ethernet** | 2x Intel i226 (on-board) |
| **Power supply** | Channel Well Technology 12V, 7.5A 90W |

> Note, that in **RAM** section all used during verification procedure modules
> have been listed. Device has only one RAM mounting slot.
7 changes: 7 additions & 0 deletions docs/variants/protectli_vp32xx/openness-score.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
# Dasharo Openness Score

This page contains the [Dasharo Openness
Score](../../glossary.md#dasharo-openness-score) for Protectli
VP3210/VP3230 Dasharo releases. The content of the page is generated
with [Dasharo Openness Score
utility](https://github.com/Dasharo/Openness-Score).
Loading
Loading