Release Notes
Following Release Notes describe status of Open Source Firmware development for Protectli VP46xx
For details about our release process please read Dasharo Standard Release Process.
Test results for this platform can be found here.
v1.2.0 - 2024-03-25
Test results for this release can be found here.
Added
- Setup menu password configuration
- Serial port console redirection option in setup menu
- Customizable Serial Number and UUID via CBFS support
- Customizable boot logo support
- Support for taking screenshots in the firmware
- ESP partition scanning in look for grubx64.efi or shimx64.efi or Windows bootmgr
- Microsoft and Windows 2023 UEFI Secure Boot certificates
- UEFI 2.8 errata C compliance in EDKII fork
Changed
- Rebased to coreboot 4.21
- Enroll default UEFI Secure Boot keys on the first boot
- Improved UEFI Secure Boot menu user experience
- Scope of reset to defaults hotkey to global in firmware setup
- Updated microcode to the newer version; refer to SBOM section below
- Updated ME to the newer version; refer to SBOM section below
- Prepared unified support for v1 and v2 CPUs resulting in a single binary for all 3 board variants
Fixed
- Auto Boot Time-out is reset to 0 when F9 is pressed
- Reset to defaults with F9 causes the wrong settings to be restored
- RTC time and date resetting to the coreboot build date on 29th February
Known issues
- Unexpected errors in dmesg on VP4670 v2 with 1.2.0
- Maximum reported frequency is base frequency, not turbo frequency (Windows 11)
- No ability to change active PCR banks with TPM PPI in FW
- DisplayPort output does not work with 16:10 (1920x1200) monitors
Binaries
protectli_vp46xx_v1.2.0.rom sha256 sha256.sig
protectli_vp46xx_v1.2.0_dev_signed.rom sha256 sha256.sig
To verify binary integrity with hash and signature please follow the instructions in Dasharo release signature verification using this key
SBOM (Software Bill of Materials)
- Dasharo coreboot fork based on 4.21 revision add9d720
- Dasharo EDKII fork based on edk2-stable202002 revision 2a15268b
- iPXE based on 2023.12 revision 838611b3
- vboot based on 0c11187c75 revision 0c11187c
- Intel Management Engine based on v14.0.47.1558 revision d0b63476
- Intel Flash Descriptor based on v1.0 revision d0b63476
- Intel Firmware Support Package based on CometLake1 9.0.7B.20 revision 481ea7cf
- Intel Firmware Support Package based on CometLake2 9.2.7B.20 revision 481ea7cf
- Intel microcode based on CML-U42 V0 0x000000f8 revision microcode-20230808
- Intel microcode based on CML-U62 V1 A0 0x000000f8 revision microcode-20230808
- Intel microcode based on CML-U62 V2 K1 0x000000f8 revision microcode-20230808
v1.1.0 - 2023-06-05
Release version v1.1.0 is currently only available for the VP4670 platform.
Added
Changed
- Reverted to use FSP GOP for graphics initialization as it caused problems with Windows 11 display on VP4670
- Switched to use driver for IT8784E Super I/O, which is present on the boards
- CPU power limits increased from baseline to performance
- Updating from v1.0.x requires flashing the WP_RO recovery partition
- Firmware version v1.1.x are signed with a new key
Fixed
- Booting problems with Ubuntu 22.04
- Low CPU frequency values
- Disabled C states deeper than C1 on VP4670 to fix Proxmox booting issue
- Protectli VP4670 - windows crashes after installing updates
- The inconvenience of using external headsets VP46XX
Known issues
Binaries
protectli_vp4670_v1.1.0.rom sha256 sha256.sig
To verify binary integrity with hash and signature please follow the instructions in Dasharo release signature verification using this key
SBOM (Software Bill of Materials)
- coreboot based on c6ee1509da revision dcc5f2e2
- edk2 based on 7f90b9cd revision 19bf14b4
- iPXE based on 6ba671ac revision 6ba671ac
v1.0.19 - 2022-12-08
Changed
- ME is now disabled by default (ME soft-disable)
- vboot is now run as separate verstage (previously was run inside bootblock)
- increased pre-RAM console buffer to fit more early cbmem logs
Binaries
protectli_vp4630_vp4650_v1.0.19.rom sha256 sha256.sig
protectli_vp4670_v1.0.19.rom sha256 sha256.sig
To verify binary integrity with hash and signature please follow the instructions in Dasharo release signature verification using this key
SBOM (Software Bill of Materials)
- coreboot based on c6ee1509da revision 9034fb12
- edk2 based on 7f90b9cd revision e31b7a71
- iPXE for EFI revision 988d2
- VP4670: Cometlake1 FSP 9.0.7B.20
- VP4630 and VP4650: Cometlake2 FSP 9.2.7B.20
- Intel i225 EFI driver version 0.10.4, SHA256: 2d234ecf629fc10dc0c291a1390de3d27a05c6ecbd935628b6ff154f386d061e
- Management Engine: Custom image based on ME 14.0.47.1558, SHA256: 7fa37e108176c9a2d0df60c93b10b3ad9c7725f1f82b87197a2991208c4cffec
- microcode:
- CPU signature: 0x0806EC, Date: 17.11.2021, Revision: 0xF0
- CPU signature: 0x0A0660, Date: 15.11.2021, Revision: 0xF0
- CPU signature: 0x0A0661, Date: 16.11.2021, Revision: 0xF0
v1.0.18 - 2022-11-16
Test results for this release can be found here.
Added
- Support for VP4650 and VP4670 platforms
- Platform will beep 12 times and blink HDD led on critical firmware errors
Changed
- Disabled Intel PTT (fTPM)
- Removed workaround for graphics power management as the issue no longer reproduces on newer revision of the hardware
- Binaries are built with coreboot-sdk 2021-09-23_b0d87f753c (was 0ad5fbd48d)
- Open-source graphics initialization with libgfxinit instead of proprietary and closed FSP GOP driver
Binaries
protectli_vp4630_vp4650_v1.0.18.rom sha256 sha256.sig
protectli_vp4670_v1.0.18.rom sha256 sha256.sig
To verify binary integrity with hash and signature please follow the instructions in Dasharo release signature verification using this key
SBOM (Software Bill of Materials)
- coreboot based on c6ee1509da revision ed9f6fe0
- edk2 based on 7f90b9cd revision e31b7a71
- iPXE for EFI revision 988d2
- VP4670: Cometlake1 FSP 9.0.7B.20
- VP4630 and VP4650: Cometlake2 FSP 9.2.7B.20
- Intel i225 EFI driver version 0.10.4, SHA256: 2d234ecf629fc10dc0c291a1390de3d27a05c6ecbd935628b6ff154f386d061e
- Management Engine: Custom image based on ME 14.0.47.1558, SHA256: 7fa37e108176c9a2d0df60c93b10b3ad9c7725f1f82b87197a2991208c4cffec
- microcode:
- CPU signature: 0x0806EC, Date: 17.11.2021, Revision: 0xF0
- CPU signature: 0x0A0660, Date: 15.11.2021, Revision: 0xF0
- CPU signature: 0x0A0661, Date: 16.11.2021, Revision: 0xF0
v1.0.17 - 2022-08-17
Test results for this release can be found here.
Added
Changed
- Set thermal throttling temperature to 80 degrees
- Disabled UEFI Secure Boot by default
Fixed
- Platform rebooting every 56 minutes
- Incorrect menu labels displayed in network boot menu
- Built-in audio jack does not work
Binaries
protectli_vault_cml_v1.0.17.rom_file protectli_vault_cml_v1.0.17.rom_hash protectli_vault_cml_v1.0.17.rom_sig
To verify binary integrity with hash and signature please follow the instructions in Dasharo release signature verification using this key
SBOM (Software Bill of Materials)
- coreboot based on 4.16 revision d662831d
- edk2 based on 7f90b9cd revision 576aa6a4
- iPXE for EFI revision 988d2
- Cometlake2 FSP 9.2.7B.20
- Intel i225 EFI driver version 0.10.4, SHA256: 2d234ecf629fc10dc0c291a1390de3d27a05c6ecbd935628b6ff154f386d061e
- Management Engine: Custom image based on ME 14.0.47.1558, SHA256: 7fa37e108176c9a2d0df60c93b10b3ad9c7725f1f82b87197a2991208c4cffec
- microcode:
- CPU signature: 0x0806EC, Date: 28.04.2021, Revision: 0xEC
- CPU signature: 0x0A0660, Date: 28.04.2021, Revision: 0xEA
- CPU signature: 0x0A0661, Date: 29.04.2021, Revision: 0xEC
v1.0.16 - 2022-07-13
Test results for this release can be found here.
Added
- Vboot Verified Boot
- TPM Measured Boot
- Vboot recovery notification in UEFI Payload
- UEFI Shell
- UEFI Secure Boot
- Intel ME soft disable
- BIOS flash protection for Vboot recovery region
Changed
Fixed
Binaries
protectli_vault_cml_v1.0.16.rom sha256 sha256.sig
To verify binary integrity with hash and signature please follow the instructions in Dasharo release signature verification using this key
SBOM (Software Bill of Materials)
- coreboot based on 4.16 revision dfaaf44d
- edk2 based on 7f90b9cd revision 5345a611
- iPXE for EFI revision 988d2
- Cometlake2 FSP 9.2.7B.20
- Intel i225 EFI driver version 0.10.4, SHA256: 2d234ecf629fc10dc0c291a1390de3d27a05c6ecbd935628b6ff154f386d061e
- Management Engine: Custom image based on ME 14.0.47.1558, SHA256: 7fa37e108176c9a2d0df60c93b10b3ad9c7725f1f82b87197a2991208c4cffec
- microcode:
- CPU signature: 0x0806EC, Date: 28.04.2021, Revision: 0xEC
- CPU signature: 0x0A0660, Date: 28.04.2021, Revision: 0xEA
- CPU signature: 0x0A0661, Date: 29.04.2021, Revision: 0xEC
v1.0.13 - 2022-03-22
Added
- UEFI boot support
- i225 network controller network boot support
- Customized boot menu keys
- Customized setup menu keys
- Configurable boot order
- Configurable boot options
Changed
- ME version to 14.0.47.1558
Known issues
Binaries
protectli_vault_cml_v1.0.13.rom sha256 sha256.sig
To verify binary integrity with hash and signature please follow the instructions in Dasharo release signature verification using this key
SBOM (Software Bill of Materials)
- coreboot based on 4.16 revision 546e1c86
- edk2 based on 7f90b9cd revision 7f90b9cd
- iPXE for EFI revision 988d2
- Cometlake1 FSP 9.0.7B.20
- Intel i225 EFI driver version 0.9.03, SHA256: 63e77b237dc9a8aacdd7465675ee88afc01dad3204156a91a0976a4ad1ed5b00
- Management Engine: Custom image based on ME 14.0.47.1558, SHA256: 7fa37e108176c9a2d0df60c93b10b3ad9c7725f1f82b87197a2991208c4cffec
- microcode:
- CPU signature: 0x0806EC, Date: 28.04.2021, Revision: 0xEC
- CPU signature: 0x0A0660, Date: 28.04.2021, Revision: 0xEA