# Topton N100 (X2F)2 Firewall Appliance
This page describes how to run coreboot on the Topton N100.
```{eval-rst}
+---------------+---------------------------------+----------------------+
| Binary file | Apply | Required / Optional |
+===============+=================================+======================+
| IFD | Intel Flash Descriptor | Required (see below) |
+---------------+---------------------------------+----------------------+
| ME | Intel Management Engine | Required (see below) |
+---------------+---------------------------------+----------------------+
| FSP-M & FSP-S | Intel Firmware Support Package | Required |
+---------------+---------------------------------+----------------------+
```
## Flashing coreboot
**WARNING:** There are multiple devices from the same vendor with
similar name, using different board layout, capabilities and EC/SuperIO.
Likewise, there are other vendors selling their devices with
the same mainboard. According to the sticker on the box: `H30W-N100-226`.
Please **DO NOT cross-flash firmware on "similar-looking" device**.
Doing so **may kill your device**. You have been warned :)
### Internally
Vendor of this motherboard hasn't locked any flash regions, resulting
in [flashprog] having full access to the SPI chip.
Assuming that user had booted Linux with `iomem=relaxed`, they can:
- Flash coreboot from stock firmware
- Flash stock firmware from coreboot
- Update coreboot build to a newer version
Without opening the case and connecting the SPI flasher.
Please note that for AlderLake-N platform you will need to use
[flashprog] v1.3.0 or newer.
[flashrom] is broken due to regressions, which results in
failed flashes, bricking the device.
[flashprog] is a better maintained fork of [flashrom], which
works flawlessly.
You can skip extracting `SI_BIOS` and `SI_ME` regions from your ROM
and flash coreboot to `SI_BIOS` region by issuing the following command:
`flashprog -p internal --ifd -i SI_BIOS -w ./build/coreboot.rom`
### Externally
SPI chip on this mainboard is located near the SoC, on the other side
of the board (upper-right corner).
Please note that SPI voltage on this board is standard 3.3V, despite
using mobile SoC.
Vendor populated this board with Winbond W25Q128JV chip in SOIC-8 package.
## Functionality
### Tested and working
- All USB ports (including mPCIe)
- All NICs (4x Intel I226-V 2.5GbE)
- All display outputs (HDMI, DisplayPort)
- M.2 NVME (PCIe x2 electrically)
- mPCIe WiFi
- SATA port
- Intel PTT (fTPM 2.0)
- PC Speaker (goes beep-boop)
- Serial console on the front of the device (RS232 in RJ45 form-factor),
"Cisco-style"
- PCIe passtrough (NICs to VMs, such as OpenWrt using libvirt)
- Payload: EDK2, LinuxBoot
- OS: Alpine Linux, Windows 11
### Untested, broken
- 5G modem on special M.2-like connector (lack hardware for it).
- Suspend in Windows 11
(might work, but Windows has been tested from USB drive).
## Specification
```{eval-rst}
+--------+-------------------------------+
| SoC | Intel AlderLake N100 (IoT) |
+--------+-------------------------------+
| Memory | DDR5 SO-DIMM (single-channel) |
+--------+-------------------------------+
| EC | ITE IT8625E |
+--------+-------------------------------+
| SPI | Winbond W25Q128 (16MiB 3.3V) |
+--------+-------------------------------+
| NIC | 4x Intel I226-V (2.5GbE) |
+--------+-------------------------------+
```
[flashprog]: https://flashprog.org/wiki/Flashprog
[flashrom]: https://flashrom.org/Flashrom