Thoughts After Three Years With a Raptor Blackbird

Jul. 13, 2022 [technology] [hardware] [privacy-security] [libre]

The ultimate hacker computer? Overpriced prototype passed off as product? This is a sort of belated review after having spent nearly three years almost exclusively on a Raptor Computing Systems’ Blackbird motherboard. It’s not all sugar plums and happy thoughts but I couldn’t imagine a more appropriate device for my design mission. It really is the most user respecting system I’ve ever had the pleasure to work with.

First, let’s get the obvious out of the way, the boards are very expensive right now. The price was on a downward trend before the manufactured crisis shutdown the world economy and it hasn’t recovered since. But for those who demand free and secure design, the cost may be justified. No other system on the market currently checks all the boxes for being both performant and open while enjoying a lineage of established software availability. Their closest RISC-V based competition are still launguishing in the territory of low-power single board computers.

The Good

1. The most thoroughly open source/open schematic hardware available. Full schematics are provided on physical media with the purchase. IBM even share the processor blueprints through their OpenPOWER initiative. The firmware can be compiled from Raptor’s git.
2. Can be purchased with cryptocurrency.
3. Does not require thermal paste. The higher core count CPUs (>18) are recommended indium pads for thermal transfer.
4. 4-way SMT. That’s four threads per core, for the neophytes out there.
5. Most well secured design I have ever worked with. The remote management apparatus is network isolated. Each IC chip is selected for openess or lack of firmware blobs. Full ECC and IOMMU provide resilience against things like Rowhammer and malicious DMA devices, respectively. The BIOS-equivalent and BMC are on separate ROM chips (There is no pulling the CMOS battery to reset credentials). Secure boot is possible with fully user managed keys and hardware enable/disable jumpers are used liberally.
6. Obscurity precludes common antifeatures from software builds. For example, Firefox’s EME DRM module does not exist at all in the ppc64le package.
7. Mostly manufactured in the USA. The boards are assembled in Texas IIRC, while the CPUs are manufactured in New York.
8. Server class hardware that fits in a tiny microATX case.

The Bad

1. Incomplete repository package coverage. For example, Void’s repository is only 96% buildable for ppc64le as of this writing.
2. No video output on add-in graphics during boot unless you write gpu firmware to PNOR, disrupting Raptor’s IOMMU security model.
3. If you hit a snag, you’re (sort of) on your own. Some very knowledgeable people frequent the forum and IRC but it’s a small crowd. And Raptor’s official support can have a long turnaround time.
4. Slow to boot up. The Blackbird needs about two minutes to IPL after receiving mains power. Once the BMC has fully started, chassis power can then be applied, initiating a Hostboot-Skiboot-Petitboot chain which takes another few minutes. Raptor claim their upcoming Kestral add-in daughterboard, which entirely replaces the BMC, can cut this time significantly.
5. No suspend functionality supported.
6. Limited I/O. There are only four USB ports and only two PCIe slots.
7. Limited heatsink+fan assembly options. Myself and others have had to devise our own 2U cooling solutions.
8. Some firmware management requires a separate computer. Upgrading the firmware is done either through SSH or by the web server interface to the BMC. You need to be able to trust the secondary computer as it will be handling your BMC credentials and other highly sensitive data.

The result of all this trouble is that you end up with a system which harbors no malfeatures lurking beneath some opaque veil. Unlike x86 platforms which all have CPU backdoors since at least 2013, if you find you don’t need remote administrative functionality on the Blackbird (or Talos II), simply do not connect to the NCSI bridged ethernet port 3. And if you do, it is all exclusively under your contol anyway.

Running an uncommon ISA forces one to broaden their knowledge about software and computing. I had found myself tweaking and compiling more programs from source than ever previously justified. Familiarizing oneself with chips on the PCB to manage their respective roles imparts a respect for the segmentation involved. And what becomes blindingly clear is that access to source code essentially dictates whether or not a software may be available on the platform. Even within GNU/Linux projects, there is such a pervasive expectation that end users will be running x86_64 that documentation gets tailored around it. Precompiled packages are often posted only in x86_64 with a side helping of aarch64. Libraries and dependencies used by other applications fail to account for minority achitectures. If you fly the POWER flag, you will end up employing some workarounds.

It comes with the added benefit of keeping everything on your device well within the freely licensed paradigm. Technocrat OSes like Windows literally cannot run on Raptor hardware because they simply aren’t compiled for ppc64(le). So as nice as it would be to promote such a solution to everyone, I cannot say that these POWER9 boards are appropriate for those who aren’t very proficient with GNU/Linux or with computers, more generally. But if you’re up for the challange, factor the above into your migration strategy.