Saturday 28 March 2020

How to update APU2 pfSense firewall BIOS


First in the pfSense web UI check the system type and current BIOS version.
pfSense Web UI System Information

1. Install flashrom

In pfSense web UI, go to Diagnostics -> Command Prompt
Under "Execute Shell Command" type and execute
 
pkg install -y flashrom

2. Check flashrom 

 To check whether flashrom knows about your chipset and ROM chip, run flashrom -p internal

Example output:
flashrom v1.1 on FreeBSD 11.3-STABLE (amd64)
flashrom is free software, get the source code at https://flashrom.org

Using clock_gettime for delay loops (clk_id: 4, resolution: 2ns).
coreboot table found at 0xdffae000.
Found chipset "AMD FCH".
Enabling flash write... OK.
Found Winbond flash chip "W25Q64.V" (8192 kB, SPI) mapped at physical address 0x00000000ff800000.
No operations were specified.
 

3. Backup the current bios


Run flashrom -p internal -r /tmp/backup.bin and copy the file to your PC for safekeeping



Example output:


flashrom v1.1 on FreeBSD 11.3-STABLE (amd64)
flashrom is free software, get the source code at https://flashrom.org

Using clock_gettime for delay loops (clk_id: 4, resolution: 2ns).
coreboot table found at 0xdffae000.
Found chipset "AMD FCH".
Enabling flash write... OK.
Found Winbond flash chip "W25Q64.V" (8192 kB, SPI) mapped at physical address 0x00000000ff800000.
Reading flash... done.


 


 


Use download file to copy the file /tmp/backup.bin to your computer.


 



4. Download latest BIOS from pcengines



Get the bios file for your APU2 from here: https://pcengines.github.io/

Now upload the file from your computer to the pfsense using "Upload File" under Diagnostics -> Command Prompt

Notice your file will be uploaded to /tmp/


 



5. Upload BIOS to APU2

Use the upload file to copy the latest BIOS file from your computer to the APU. Not the file will be uploaded to /tmp/



6. Flash BIOS





Now Under "Execute Shell Command" type (replace file name with name of the ROM)

flashrom -p internal -w /tmp/apu2_v4.11.0.4.rom

You may need to force the update with  -p internal:boardmismatch=force.



Example output: 


flashrom v1.1 on FreeBSD 11.3-STABLE (amd64)
flashrom is free software, get the source code at https://flashrom.org

Using clock_gettime for delay loops (clk_id: 4, resolution: 2ns).
coreboot table found at 0xdffae000.
Found chipset "AMD FCH".
Enabling flash write... OK.
Found Winbond flash chip "W25Q64.V" (8192 kB, SPI) mapped at physical address 0x00000000ff800000.
This coreboot image (PC Engines:apu2) does not appear to
be correct for the detected mainboard (PC Engines:PCEngines apu2).
Aborting. You can override this with -p internal:boardmismatch=force.


 

Example output:


flashrom v1.1 on FreeBSD 11.3-STABLE (amd64)
flashrom is free software, get the source code at https://flashrom.org

Using clock_gettime for delay loops (clk_id: 4, resolution: 2ns).
coreboot table found at 0xdffae000.
Found chipset "AMD FCH".
Enabling flash write... OK.
Found Winbond flash chip "W25Q64.V" (8192 kB, SPI) mapped at physical address 0x00000000ff800000.
This coreboot image (PC Engines:apu2) does not appear to
be correct for the detected mainboard (PC Engines:PCEngines apu2).
Proceeding anyway because user forced us to.
Reading old flash chip contents... done.
Erasing and writing flash chip... Erase/write done.
Verifying flash... VERIFIED.




 










Posted by



at





No comments:
  


















Labels:
,























        

      









Subscribe to:
Posts (Atom)