0xStubs

System Administration, Reconfigurable Computing and Other Random Topics

Tinkering with the StarFive VisionFive 2

With RISC-V getting more and more attention, I was curious and got myself a StarFive VisionFive 2, a single board computer equipped with a SiFive JH7110 SoC which implements the RV64GC ISA. While the performance is not on par with ARM SBCs yet, the overall experience has been quite good so far. In this article, I share some of my experiences with it.

StarFive VisionFive 2 SBC
StarFive VisionFive 2 SBC

Warning

First of all, a word of warning: Do not use the VisionFive 2 with the currently available image (202302) for any form of productive work, in particular not in multi-user environments. Its kernel is based on Linux 5.15.0 which contains the Dirty Pipe vulnerability. Therefore, it is very easy for everyone with access to the board to get root permissions. See the corresponding bug report.

It seems to be relatively easy to rebase the modified kernel onto a current Linux 5.15 release, as already done by Michalng on github, so I hope that a new image with an updated kernel will be released soon.

First Boot

Getting the board to boot was as simple as downloading the current image (in my case this was the 202302 release), flashing it to a microSD card and setting the onboard DIP switches to SD. Two points worth noting are:

  • The partitions are not automatically extended to fill up the SD card, so after flashing the image, one should manually extend the last partition using fdisk or parted and then resize the contained filesystem with resize2fs.
  • The labels on the onboard DIP switches are somewhat confusing. The key is to ignore the printing on the DIP switch itself (1/2, on/off) and only believe the silk screen on the board (RGPIO_0/1, L/H).

First configuration steps

The provided image is a bare minimal Debian sid installation, extended by an XFCE desktop. So far I never attached any screen or keyboard to the board, so I cannot say much on the graphical experience. Unfortunately, the image comes without an SSH server, so without desktop peripherals one has to resort to the serial interface via the GPIO pins. Next to the root account, there is an account named user available for login. Both accounts have the password starfive.

For network configuration, NetworkManager is installed which can be used graphically or on the console via nmcli. To get a properly configured system, I suggest taking the following steps:

  • set proper passwords for root and for user
  • run “apt update” and install the following packages:
    • dialog (used by dpkg for user interaction during package configuration)
    • locales
    • openssh-server
  • run “dpkg-reconfigure locales” to choose which locales should be generated and which should be the default
  • use “localectl” to properly configure localization
  • use “timedatectl” to setup the correct time zone

Wifi

When bought with the Wifi option, the VisionFive 2 comes with a bare-PCB dongle which identifies itself as ESWIN 6600U.

ESWIN 6600U Wifi Dongle
ESWIN 6600U Wifi Dongle

Interestingly, all information about this device on the internet is connected to the VisionFive 2, so it seems that this device has never been publicly distributed before. There is a github repository for a Linux driver which had its first commit in November 2022. The code itself contains copyright notices such as

* Copyright (c) 2012 Neratec Solutions AG
* Copyright (C) ESWIN 2015-2020

which hint towards a much longer legacy though. No license is specified for the code. The current Debian image for the VisionFive 2 contains the driver as prebuilt module, so the dongle can be used right away. The 6600U seems to only work on 2.4 GHz.

IPv6

Unfortunately, the current image contains a kernel built without IPv6 support. Hence, NetworkManager will spam the journal with error messages like the following:

platform-linux: do-add-ip6-address[…]: failure 95 (Operation not supported)

As a workaround, one can entirely disable IPv6 for the connection in NetworkManager. Via the console this can be done with the following command:

nmcli connection modify <SSID> ipv6.method "disabled"

Alternatively, one could probably rebuild the kernel with IPv6 enabled. The source code is available on github.

Issues with group rekeying, apparent disconnects

One issue showing up in my network is that after the regular group rekeying done in WPA/WPA2, the VisionFive 2 often stops to receive any broadcast or multicast packets. This has the unfortunate consequence that ARP stops working and the VisionFive 2 becomes invisible and unreachable over network. However, connections initiated by the VisionFive 2 still work fine. Issues like this have been observed earlier with other Wifi devices, likely caused by driver bugs.

To get the network working again, one of the following commands can be used:

wpa_cli -i <interface_name> reassociate
nmcli connection up <connection_name>

If you need to connect via SSH to the VisionFive 2 but it is already unreachable via network, you can add it manually to your ARP table and it will be reachable again:

arp -s <visionfive_hostname> <visionfive_mac_address>

A closer look at the Debian installation

The Debian installation contained in the 202302 image is based on a snapshot of the RISC-V Debian port from 2022-12-25. apt is configured to use this snapshot as package source, so while further packages can be installed via apt, by default no updates will be available.

Next to the deb packages from the repository, the following custom packages are installed:

  • linux-headers-5.15.0-starfive
  • linux-image-5.15.0-starfive
  • linux-libc-dev_5.15.0-starfive
  • sdl2

The former three packages are also placed as .deb files in /root, so they can easily be reinstalled. The sdl2 package seems to be only contained in its installed form.

Next to the custom debian packages, there are also things installed in /usr/local, bypassing the package management. These all seem to belong to a custom build of Xorg with its dependencies. To make this Xorg installation active, the creators of the image have then copied /usr/local/bin/Xorg over to /usr/bin/Xorg, replacing the file that originally belongs to Debian’s xserver-xorg-core package.

Lastly, three custom kernel modules are placed in /lib/modules/5.15.0-starfive/extra:

  • jpu.ko
  • vdec.ko
  • venc.ko

These are also contained in /lib/modules/5.15.0-starfive/v2.6.0.tar.gz and probably originate from the third party repository for the JH7110.

The entire SD image should be reproducible using the VisionFive2 repository.

Switching to an up-to-date Debian unstable

The developers of the image probably have good reasons to stick to a fixed snapshot of Debian, likely to avoid any incompatibilities with the custom software and to keep their overwritten /usr/bin/Xorg from being reset. However, it is very well possible to change the system to an up-to-date Debian unstable.

Warning: If you follow these steps, you do so at your own risk. This procedure may break your installation.

  1. Download debian-ports-archive-keyring from packages.debian.org and install it via
    dpkg -i debian-ports-archive-keyring_*_all.deb
  2. Change the entry in /etc/apt/sources.list to
    deb https://deb.debian.org/debian-ports unstable main
  3. Remove the file /etc/apt/apt.conf.d/99-no-check-valid-until as we do not depend on old packages and old signatures anymore
  4. apt update && apt upgrade
  5. After each update of xserver-xorg-core, restore the custom Xorg binary:
    cp /usr/local/bin/Xorg /usr/bin

Available extra packages

Some packages are not yet included in Debian’s repositories for RISC-V due to build errors. StarFive has made some of these available via custom builds. They can simply be downloaded and installed via dpkg, although dependencies need to be installed manually (see install_package_and_dependencies.sh).

By now, nodejs is also available via the Debian repositories. Firefox is getting close to build properly as well and a user-provided build of Firefox 111.0 is available.

Unofficial images

While I have tested none of these so far, there are alternative images available for the VisionFive 2 already:

Changes

This post was updated after initial release:

  • 2023-04-02: Added “Warning” in the beginning, section on “Issues with group rekeying, apparent disconnects” and extended list of “Unofficial images”

Leave a Reply

Your email address will not be published. Required fields are marked *

Captcha loading...