ASUS KRPA-U16 full BIOS dump request

[cool_recep]

i have a third option: RMA to ASUS and ask for Milan BIOS.
not normal the BMC is not working. Heartbeat LED flashing ? waited long enough ? takes 2 minutes to respond from powerup.
Web GUI connection is not safe(not ssh)

The LED is flashing, yes. Waited long enough, yes. Even if could connect to BMC, it has no use for me as I can not add Milan support via BMC. BMC itself needs to be updated via DOS.

And I live in Turkey where the service is unable to update the BIOS of this one, as far as I know.

 

[RolloZ170]

Even if could connect to BMC, it has no use for me as I can not add Milan support via BMC. BMC itself needs to be updated via DOS.

i got this part long ago.
but ther is a guy who can tweak the IPMI to flash anything you want, bypass signage of file etc.

 

[RolloZ170]

And I live in Turkey where the service is unable to update the BIOS of this one, as far as I know.

BMC is not working. for me RMA case. not your problem who can and who not.

 

[cool_recep]

BMC is not working. for me RMA case. not your problem who can and who not.

The RMA can not flash the motherboard. They do not have the proper tools here. The product is not sold in Turkey.

 

[RolloZ170]

The RMA can not flash the motherboard.

RMA normaly ships the Board to the Manufacturer, ASUS can flash any BIOS thought.

 

[cool_recep]

That is the last resort. I'll burn the god damn chip trying to flash but not send it!

 

[cool_recep]

I'll flash it and I'll wirte a proper guide.

 

[RolloZ170]

That is the last resort. I'll burn the god damn chip trying to flash but not send it!

good luck then first. use a USB3.0 ports for the CH341A because the programmer delivers 3.3V ot the flash chip and this voltage is connected to other parts of the motherboard which will be powered to. i had bad experience flashing a supermicro X12 ended up to power up the board with onl y the ATX24P PSU connected.

 

[cool_recep]

Is this CH341A pinout correct?

 

[RolloZ170]

Is this CH341A pinout correct?

this is schematics, but should be correct. i told you a 16 to 16 pin clamp will not work because the ZIF socket is only prepared for 8 pin.
i.e. if you want to flash a SOIC16 chip you need a special DIL8->SOIC16.

 

[cool_recep]

this is schematics, but should be correct. i told you a 16 to 16 pin clamp will not work because the ZIF socket is only prepared for 8 pin.
i.e. if you want to flash a SOIC16 chip you need a special DIL8->SOIC16.
View attachment 22667

Thank you. I'll use SPI this time. I got wires. I'm going to make PIN to PIN connection.

 

[cool_recep]

this is schematics, but should be correct.

On the right side, you can see the socket pinout like MOSI, CLK etc.

 

[RolloZ170]

Thank you. I'll use SPI this time. I got wires. I'm going to make PIN to PIN connection.

do you have the exact pinout of the ASUS SPI1 header ?

 

[cool_recep]

do you have the exact pinout of the ASUS SPI1 header ?

Yepp And I shared it with you yesterday: SPI-header pinouts

And today, flashrom successfully detected the chip and I'm reading it right now.

But you were right. The chip is 32 MB but the file is 16 and if I flash it, I'll brick it just like the OP. I'll try to find BIN file.

 

[RolloZ170]

Yepp And I shared it with you yesterday: SPI-header pinouts

this is flash chip pinout, same pinout at SPI Header is not a must thought.

And today, flashrom successfully detected the chip and I'm reading it right now.

nice. congrats

But you were right. The chip is 32 MB but the file is 16 and if I flash it, I'll brick it just like the OP. I'll try to find BIN file.

will not work, there is a CAP header and some other stuff need to remove and shifted.

 

[cool_recep]

will not work, there is a CAP header and some other stuff need to remove and shifted.

Did some reading. I'll try to modify the original file using UEFITool and I'll try to update it's contents from the new one.

 

[cool_recep]

this is flash chip pinout, same pinout at SPI Header is not a must thought.

It is the ASUS specific SPI pinout. The poster is the ASUS engineer.

Now all I need is updating the BIN...

 

[oneplane]

It's likely that you won't be able to update or 'flash' anything useful this way anyway since the update itself can be pre-loaded into flash but then has to be executed by the PSP. That is also the reason you can't switch architectures without an old CPU since the new CPU won't be able to start without the update, and without an update it can't perform a normal flash.

Flashing directly over SPI is a bad idea too since 10 years on modern platforms because flash memory essentially has a filesystem that contains many things to make your system work like configuration data specific to your own system, signatures, firmwares for the ECs, PSP, Ethernet controllers, USB controllers, microcode patches, and the initial loaded firmware for the CPU itself. If you just wipe whatever you have and dump whatever someone else had into your flash chip you essentially cloned their board. So you get their MAC address, their serial numbers, their UUID etc. If that's not a problem then you can just clone it. Keep in mind that very recent boards also lock the chips together, so if your CPU was bound to your digital signature and you flash someone else's firmware your CPU will never start.

The capsule files and all other packaged updates aren't full "dump everything in the flash chip" updates, they don't need to be. Most updates only contain a bit of an UEFI update, mostly DXE and sometimes PEI. Then there are microcode updates that are added in, same as PSP code and sometimes updates to the EC firmware. Only the DXE and PEI updates are 'visible' to the user where a DOS-based, EFI-based or in-firmware based tool will show you a 'progress bar' etc. Everything else is done silently. A CAP file (and most other update files) aren't just "the rom and some extra bits". It does contain a flash filesystem and header, but it also contains instructions for the update code to what parts of the flash can be updated and with which sections of the update file that was supposed to happen. Sometimes they do silly things like first reading most DMI data, then flashing DMI and other parts, and then writing the DMI data back, generating a new checksum and if they are really dumb, generating a new signature.

Instead of trying to 'hack' things, just get an old CPU on loan somewhere.

 

[cool_recep]

It's likely that you won't be able to update or 'flash' anything useful this way anyway since the update itself can be pre-loaded into flash but then has to be executed by the PSP. That is also the reason you can't switch architectures without an old CPU since the new CPU won't be able to start without the update, and without an update it can't perform a normal flash.

Flashing directly over SPI is a bad idea too since 10 years on modern platforms because flash memory essentially has a filesystem that contains many things to make your system work like configuration data specific to your own system, signatures, firmwares for the ECs, PSP, Ethernet controllers, USB controllers, microcode patches, and the initial loaded firmware for the CPU itself. If you just wipe whatever you have and dump whatever someone else had into your flash chip you essentially cloned their board. So you get their MAC address, their serial numbers, their UUID etc. If that's not a problem then you can just clone it. Keep in mind that very recent boards also lock the chips together, so if your CPU was bound to your digital signature and you flash someone else's firmware your CPU will never start.

The capsule files and all other packaged updates aren't full "dump everything in the flash chip" updates, they don't need to be. Most updates only contain a bit of an UEFI update, mostly DXE and sometimes PEI. Then there are microcode updates that are added in, same as PSP code and sometimes updates to the EC firmware. Only the DXE and PEI updates are 'visible' to the user where a DOS-based, EFI-based or in-firmware based tool will show you a 'progress bar' etc. Everything else is done silently. A CAP file (and most other update files) aren't just "the rom and some extra bits". It does contain a flash filesystem and header, but it also contains instructions for the update code to what parts of the flash can be updated and with which sections of the update file that was supposed to happen. Sometimes they do silly things like first reading most DMI data, then flashing DMI and other parts, and then writing the DMI data back, generating a new checksum and if they are really dumb, generating a new signature.

Instead of trying to 'hack' things, just get an old CPU on loan somewhere.

Really informative, thanks. After digging a little I also came to the same conclusion and contacted a guy to loan an old CPU.

I've also contacted ASUS, sent them the original dump so that maybe they can create a flashable BIN file specific to my system. There are also tools but they are very old and probably miss some data inbetween.