More on BIOS hacking

Today was the day to finish the setup on a firewall/LTSP server, and to test one of the thin clients that go with it.

The server was pretty much a snap and should be ready to go. Red Hat has a new kernel out for RH8.0, 2.4.18-24 if memory serves. There aren’t any readily available FreeS/WAN RPMs that I saw, so I had to update my FreeS/WAN spec file to build with the new stuff. I took the opportunity to make it build correctly as a regular user too, which has the side effect of not screwing up the kernel source in /usr/src. On the down side, this means making a copy of /usr/src/linux-2.4. Anyway, it worked. I’ll try and remember to post my spec and maybe my patches, if relevant, here later. (Right now the machine is turned off and I don’t particularly feel like plugging it back up.)

Now we move on to the somewhat sore subject of the client. I told the person procuring these “thin clients” (read: stripped down PC) that I needed something that would net boot, and I needed to test it before they bought it — unless they specifically contained something normal like an Intel or 3Com card. Did I get one to test? No. They gave me a slightly computer that supposedly used the same motherboard, and they gave it to me late in the game. That was when I did my previous BIOS hacking excursion, which miraculously worked. So now the final product gets in, so I mail the BIOS off to my co-worker (read: boss) and tell him to flash it to all the PCs, look for “something weird as a boot option,” and we should be good.

I remember him calling and talking about how he was having trouble flashing. I told him he just needed to try about every AMI flash utility on the Amptron (the manufacturers of these PCs) website and one should work. I cannot recall him calling me back to tell me anything different other than (basically) “everything is flashed.” So he asks me to test one of the PCs, so I bring it home.

Somehow I knew something wasn’t going to be right, but I didn’t really know what. Perhaps I should have taken the hint that none of the computers were packed up; they’re all sitting on a table, lined up, built, but not boxed or anything. (We’re delivering… this Wednesday. Date was just set… Monday.) Anyway, I boot the thing up, no Etherboot. I check the BIOS and, lo, there is no via-rhine.lz boot option. Hark, I believe this computer has not been flashed at all! Indeed, it proceeds to quite happily go in to the Novell RPL boot loader, which I do believe I had removed from my BIOS.

I don’t have any real concrete evidence to prove that he didn’t flash the computers, I suppose. Maybe the flash utility thinks it worked. Still, I think my instruction of “something real weird” in the boot menu should have been a sufficient test, because there wasn’t anything in the boot menu that looked out of place until you loaded my BIOS. Given this particular person’s history, I do not give him the benefit of the doubt, and instead speculate that one of two things happened. The first possibility is that he couldn’t figure out the flash, left it for a few days, then thought for some reason he’d done it. To every computer, I guess. The second possibility is that he couldn’t get it to load, didn’t want to keep fucking with it (i.e., work) and instead decided to hand me the computers in the hope that either (a) they’d magically work, or (b) I’d fix them (a.k.a., doing his work for him).

Needless to say, I’m a bit incensed about this.

Anyway, it turns out my handy AMINF332.EXE wasn’t going to flash this board for me. The board, incidentally, should be identical to the one I originally made the BIOS for and tested with; apparently it is not identical. The flash utility was giving me the lovely “No chipset/part” error, or some such. At some point I found the magic /X flag to the AMI flash utility. This is a little interactive text UI with menus and such where you can select options a bit more easily. Here I found a catalog of “chipsets” and “parts.” I eventually figured out that I needed to manually select my VIA chipset (which was actually marked P4M266/8233C in AMINF332.EXE) and my flash “part” number. I found the 8233C bit when I found out that VIA actually makes this whole motherboard and read some docs on their site. For the flash chip I actually peeled the sticker off of the BIOS chip and roughly matched the part number to a similar part number in the flash utility’s catalog. After this, you select the file you want to flash, and it goes about doing it.

This actually ended up working, even in spite of a mistake or two I made. For example, one time I accidentally picked the wrong part and ended up trying to flash some AMD flash chip. The computer hung when it went to try and write the BIOS, and the BIOS was intact upon cold boot. I think I may have even used the latest AMI flash utility off of Amptron’s site.

Tomorrow: my revenge upon those who would deceive me!