HP Elite Dragonfly Chromebook (REDRIX) Engineering Unit – Unable to Boot With MrChromebox Coreboot ROM or Install OS

Hi everyone and developers,

I recently acquired an engineering sample of the HP Elite Dragonfly Chromebook, codename REDRIX (shows as REDRIX TEST XXXX on the firmware screen). This device uses developer-signed firmware, not MP-signed firmware, so normal ChromeOS recovery images do not work.

Here’s the situation:

Device Information

• Model: HP Elite Dragonfly Chromebook (engineering unit)

• Codename: REDRIX

• CPU: Intel 0000 (engineering sample CPU, reported as 0000)

• RAM: 8GB

• Firmware: developer-signed (engineering sample firmware)

What I tried

I attempted to flash the following MrChromebox coreboot + EDK2 Full ROM builds:

• coreboot_edk2-redrix4es-mrchromebox_20251108.rom

• coreboot_edk2-redrix4-mrchromebox_20251108.rom

Both ROMs flash successfully, but the device cannot boot afterward.

I also tried using the normal REDRIX ChromeOS recovery image and USB installation, but:

• The firmware refuses to boot external media (USB install blocked)

• “Install OS from external drive” does not work

• ChromeOS recovery fails because the firmware is developer-signed

• I no longer have the original system image (ChromeOS rootfs), only the firmware dump

Current state

I restored the engineering firmware backup (.rom), and now:

• The machine boots only into “You are in Developer Mode”

• VT2 / shell is not accessible

• Ctrl+L gives: alternate bootloaders are disabled

• No valid ChromeOS system is present, so boot fails

• Cannot install anything from USB due to firmware restrictions

• Recovery mode won’t work (developer keys mismatch)

What I need help with

I want to know:

1. Does REDRIX engineering hardware require a different coreboot configuration?

2. Is external boot permanently restricted on engineering firmware?

3. Is there any known engineering-unit-specific ROM that supports USB boot?

4. Is my engineering sample effectively soft-bricked without a proper factory system image?

5. If someone has original REDRIX engineering OS image or knows how to reconstruct it, that would help a lot.

I do have:

• A SuzyQable

• Full SPI firmware dump (engineering, developer-signed)

• The original engineering firmware restored and functioning

• But zero access to shell or alternate bootloaders

Any direction or experience with REDRIX engineering Chromebooks would be greatly appreciated.

Thanks!

Below is the engineering firmware dump from my HP Elite Dragonfly Chromebook (REDRIX engineering unit), along with the log output captured when attempting to install or boot the standard production REDRIX ChromeOS image.

1. not sure how anyone here could possibly know that. Pre-production devices often differ from the final product in many ways, and without the schematics for that board, no way to know.

2. of course not, it follows the same rules as production firmware. crossystem flags or GBB flags can be set to enable it. You can modify the flags with gbb_utility and flash the RW_LEGACY firmware via SuzyQ

3. no

4. no

5. nobody here has this

I would clone the mrchromebox coreboot repo, build debug versions of redrix and redrix4es, flash with the SuzyQ, and record debug logs from ttyUSB1 to see what’s going on.

I build redrix4es coreboot image and enabled CONFIG_CONSOLE_SERIAL=y.

I’ve gone through the log, but I still can’t clearly identify why it fails or what the correct fix is.
Could you please help me check whether my configuration is missing something, or if there are specific build options I should modify for this board?

Below is the full UART debug log I captured during boot.

Welcome to minicom 2.9

OPTIONS: I18n 
Port /dev/ttyUSB1, 11:59:35

Press CTRL-A Z for help on special keys
                                                             
[CRIT ]  HECI: reset failed                                  
[ERROR]  HECI: receive Failed                                
[ERROR]  cse: Could not get boot performance data            
[DEBUG]  FMAP: area COREBOOT found @ 1c05000 (4173824 bytes) 
[INFO ]  Fixed Decode Window: SPI flash base=0x1000000, Host base=0xff000000, Size=0x100000
[INFO ]  Extended Decode Window: SPI flash base=0x500000, Host base=0xf9500000, Size=0xb000
[INFO ]  CBFS: Found 'fspm.bin' @0xddfc0 size 0xc0000 in mcache @0xfef8c498
[DEBUG]  FMAP: area RW_MRC_CACHE found @ 1bb0000 (65536 bytes)
[DEBUG]  ramtop_table invalid signature
[WARN ]  EFIVARS: No

[NOTE ]  coreboot-MrChromebox-2509.3-23-g0c0001ee378a-dirty-MrChromebox-2509.3-23-g0c0001e.
[DEBUG]  CPU: Genuine Intel(R) 0000                                                        
[DEBUG]  CPU: ID 906a1, Alderlake Q0 Platform, ucode: 0000011f                             
[DEBUG]  CPU: AES supported, TXT supported, VT supported                                   
[INFO ]  Cache: Level 3: Associativity = 12 Partitions = 1 Line Size = 64 Sets = 16384     
[INFO ]  Cache size = 12 MiB                                                               
[DEBUG]  MCH: device id 4601 (rev 03) is Alderlake-P                                       
[DEBUG]  PCH: device id 5181 (rev 00) is Alderlake-P SKU                                   
[DEBUG]  IGD: device id 46a8 (rev 04) is Alderlake P GT2                                   
[DEBUG]  FMAP: Found "FLASH" version 1.1 at 0x1c04000.                                     
[DEBUG]  FMAP: base = 0x0 size = 0x2000000 #areas = 8                                      
[DEBUG]  FMAP: area COREBOOT found @ 1c05000 (4173824 bytes)                               
[INFO ]  CBFS: mcache @0xfef8c200 built for 19 files, used 0x3c0 of 0x4000 bytes           
[INFO ]  CBFS: Found 'fallback/romstage' @0x5b140 size 0x18f68 in mcache @0xfef8c28c       
[DEBUG]  BS: bootblock times (exec / console): total (unknown) / 105 ms                    
                                                                                           
                                                                                           
[NOTE ]  coreboot-MrChromebox-2509.3-23-g0c0001ee378a-dirty-MrChromebox-2509.3-23-g0c0001e.
[DEBUG]  pm1_sts: 0100 pm1_en: 0000 pm1_cnt: 00000000                                      
[DEBUG]  gpe0_sts[0]: 00002000 gpe0_en[0]: 00000000                                        
[DEBUG]  gpe0_sts[1]: 00000000 gpe0_en[1]: 00000000                                        
[DEBUG]  gpe0_sts[2]: 00000000 gpe0_en[2]: 00000000                                        
[DEBUG]  gpe0_sts[3]: 00000000 gpe0_en[3]: 00000000                                        
[DEBUG]  TCO_STS:   0000 0000                                                              
[DEBUG]  GEN_PMCON: a0014000 00000204                                                      
[DEBUG]  GBLRST_CAUSE: 00000000 00000000                                                   
[DEBUG]  HPR_CAUSE0: 00000000                                                              
[DEBUG]  prev_sleep_state 5 (S5)                                                           
[INFO ]  OC Watchdog: disabling watchdog timer                                             
[INFO ]  TXT disabled successfully - Unlocked memory                                       
[DEBUG]  cse_lite: Number of partitions = 3                                                
[DEBUG]  cse_lite: Current partition = RO                                                  
[DEBUG]  cse_lite: Next partition = RO                                                     
[DEBUG]  cse_lite: Flags = 0x3                                                             
[DEBUG]  cse_lite: RO version = 16.0.10.1473 (Start=0x2000, End=0x19afff)                  
[DEBUG]  cse_lite: RW version = 16.0.10.1473 (Start=0x204000, End=0x437fff)                
[INFO ]  cse_lite: Set Boot Partition Info Command (RW)                                    
[DEBUG]  HECI: Global Reset(Type:1) Command                                                
                                                                                           
                                                                                           
[NOTE ]  coreboot-MrChromebox-2509.3-23-g0c0001ee378a-dirty-MrChromebox-2509.3-23-g0c0001e.
[DEBUG]  CPU: Genuine Intel(R) 0000                                                        
[DEBUG]  CPU: ID 906a1, Alderlake Q0 Platform, ucode: 0000011f                             
[DEBUG]  CPU: AES supported, TXT supported, VT supported                                   
[INFO ]  Cache: Level 3: Associativity = 12 Partitions = 1 Line Size = 64 Sets = 16384     
[INFO ]  Cache size = 12 MiB                                                               
[DEBUG]  MCH: device id 4601 (rev 03) is Alderlake-P                                       
[DEBUG]  PCH: device id 5181 (rev 00) is Alderlake-P SKU                                   
[DEBUG]  IGD: device id 46a8 (rev 04) is Alderlake P GT2                                   
[DEBUG]  FMAP: Found "FLASH" version 1.1 at 0x1c04000.                                     
[DEBUG]  FMAP: base = 0x0 size = 0x2000000 #areas = 8                                      
[DEBUG]  FMAP: area COREBOOT found @ 1c05000 (4173824 bytes)                               
[INFO ]  CBFS: mcache @0xfef8c200 built for 19 files, used 0x3c0 of 0x4000 bytes           
[INFO ]  CBFS: Found 'fallback/romstage' @0x5b140 size 0x18f68 in mcache @0xfef8c28c       
[DEBUG]  BS: bootblock times (exec / console): total (unknown) / 105 ms                    
                                                                                           
                                                                                           
[NOTE ]  coreboot-MrChromebox-2509.3-23-g0c0001ee378a-dirty-MrChromebox-2509.3-23-g0c0001e.
[DEBUG]  Enforcing the S5 exit path                                                        
[DEBUG]  pm1_sts: 8100 pm1_en: 0000 pm1_cnt: 00001c00                                      
[DEBUG]  gpe0_sts[0]: 00002000 gpe0_en[0]: 00000000                                        
[DEBUG]  gpe0_sts[1]: 00000000 gpe0_en[1]: 00000000                                        
[DEBUG]  gpe0_sts[2]: 00000000 gpe0_en[2]: 00000000                                        
[DEBUG]  gpe0_sts[3]: 00000000 gpe0_en[3]: 00000000                                        
[DEBUG]  TCO_STS:   0000 0000                                                              
[DEBUG]  GEN_PMCON: a1040000 00000204                                                      
[DEBUG]  GBLRST_CAUSE: 00000040 00000000                                                   
[DEBUG]  HPR_CAUSE0: 00000000                                                              
[DEBUG]  PM1_STS: WAK PWRBTN                                                               
[DEBUG]  prev_sleep_state 5 (S5)                                                           
[INFO ]  OC Watchdog: disabling watchdog timer                                             
[INFO ]  TXT disabled successfully - Unlocked memory                                       
[DEBUG]  cse_lite: Number of partitions = 3                                                
[DEBUG]  cse_lite: Current partition = RW                                                  
[DEBUG]  cse_lite: Next partition = RW                                                     
[DEBUG]  cse_lite: Flags = 0x3                                                             
[DEBUG]  cse_lite: RO version = 16.0.10.1473 (Start=0x2000, End=0x19afff)                  
[DEBUG]  cse_lite: RW version = 16.0.10.1473 (Start=0x204000, End=0x437fff)                
[ERROR]  HECI: timed out reading answer!                                                   
[ERROR]  HECI: Failed to receive!                                                          
[DEBUG]  HECI: Trigger HECI Reset                                                          
[CRIT ]  HECI: reset failed                                                                
[ERROR]  HECI: receive Failed                                                              
[ERROR]  cse: Could not get boot performance data                                          
[DEBUG]  FMAP: area COREBOOT found @ 1c05000 (4173824 bytes)                               
[INFO ]  Fixed Decode Window: SPI flash base=0x1000000, Host base=0xff000000, Size=0x100000
[INFO ]  Extended Decode Window: SPI flash base=0x500000, Host base=0xf9500000, Size=0xb000
[INFO ]  CBFS: Found 'fspm.bin' @0xddfc0 size 0xc0000 in mcache @0xfef8c498                
[DEBUG]  FMAP: area RW_MRC_CACHE found @ 1bb0000 (65536 bytes)                             
[DEBUG]  ramtop_table invalid signature                                                    
[WARN ]  EFIVARS: No Firmware Volume header present                                        
[WARN ]  EFIVARS: Failed to validate firmware header                                       
[WARN ]  EFIVARS: No Firmware Volume header present                                        
[WARN ]  EFIVARS: Failed to validate firmware header                                       
[WARN ]  EFIVARS: No Firmware Volume header present                                        
[WARN ]  EFIVARS: Failed to validate firmware header                                       
[INFO ]  FW_CONFIG value from CBI is 0x800000010d                                          
[DEBUG]  SPD index = 1                                                                     
[INFO ]  CBFS: Found 'spd.bin' @0x9fd80 size 0xa00 in mcache @0xfef8c3b8                   
[INFO ]  SPD: module type is LPDDR4X                                                       
[INFO ]  SPD: module part number is                                                        
[INFO ]  SPD: banks 8, ranks 1, rows 16, columns 10, density 8192 Mb                       
[INFO ]  SPD: device width 16 bits, bus width 16 bits                                      
[INFO ]  SPD: module size is 1024 MB (per channel)                                         
[DEBUG]  rt_debug: CPU Trace Hub Mode: 0 PCH Trace Hub Mode: 0                             

use the --debug flag with the build script so you get logging from edk2 as well, then re-log

though if that’s where it ends, it’s due to failing ram init it would appear, from first glance on my phone

I rebuilt with --debug and recorded a new UART log.
Can you check if this is the right one?

Welcome to minicom 2.9

OPTIONS: I18n 
Port /dev/ttyUSB1, 12:00:21

Press CTRL-A Z for help on special keys
                                                                                                            
                                                                                                            
                                                                                                            
[NOTE ]  coreboot-MrChromebox-2509.3-23-g0c0001ee378a-dirty-MrChromebox-2509.3-23-g0c0001ee37-dirty Tue Nov 25 17:24:37 UTC 2025 x86_32 bootblock starting (log level: 7)...
[DEBUG]  CPU: Genuine Intel(R) 0000                                                                         
[DEBUG]  CPU: ID 906a1, Alderlake Q0 Platform, ucode: 0000011f
[DEBUG]  CPU: AES supported, TXT supported, VT supported
[INFO ]  Cache: Level 3: Associativity = 12 Partitions = 1 Line Size = 64 Sets = 16384
[INFO ]  Cache size = 12 MiB
[DEBUG]  MCH: device id 4601 (rev 03) is Alderlake-P
[DEBUG]  PCH: device id 5181 (rev 00) is Alderlake-P SKU
[DEBUG]  IGD: device id 46a8 (rev 04) is Alderlake P GT2
[DEBUG]  FMAP: Found "FLASH" version 1.1 at 0x1c04000.
[DEBUG]  FMAP: base = 0x0 size = 0x2000000 #areas = 8
[DEBUG]  FMAP: area COREBOOT found @ 1c05000 (4173824 bytes)
[INFO ]  CBFS: mcache @0xfef8c200 built for 19 files, used 0x3c0 of 0x4000 bytes
[INFO ]  CBFS: Found 'fallback/romstage' @0x5b140 size 0x18f68 in mcache @0xfef8c28c
[DEBUG]  BS: bootblock times (exec / console): total (unknown) / 105 ms


[NOTE ]  coreboot-MrChromebox-2509.3-23-g0c0001ee378a-dirty-MrChromebox-2509.3-23-g0c0001ee37-dirty Tue Nov 25 17:24:37 UTC 2025 x86_32 romstage starting (log level: 7)...
[DEBUG]  pm1_sts: 0100 pm1_en: 0000 pm1_cnt: 00000000
[DEBUG]  gpe0_sts[0]: 00002000 gpe0_en[0]: 00000000
[DEBUG]  gpe0_sts[1]: 00000000 gpe0_en[1]: 00000000
[DEBUG]  gpe0_sts[2]: 00000000 gpe0_en[2]: 00000000
[DEBUG]  gpe0_sts[3]: 00000000 gpe0_en[3]: 00000000
[DEBUG]  TCO_STS:   0000 0000
[DEBUG]  GEN_PMCON: a0014000 00000204
[DEBUG]  GBLRST_CAUSE: 00000000 00000000
[DEBUG]  HPR_CAUSE0: 00000000
[DEBUG]  prev_sleep_state 5 (S5)
[INFO ]  OC Watchdog: disabling watchdog timer
[INFO ]  TXT disabled successfully - Unlocked memory
[DEBUG]  cse_lite: Number of partitions = 3
[DEBUG]  cse_lite: Current partition = RO
[DEBUG]  cse_lite: Next partition = RO
[DEBUG]  cse_lite: Flags = 0x3
[DEBUG]  cse_lite: RO version = 16.0.10.1473 (Start=0x2000, End=0x19afff)
[DEBUG]  cse_lite: RW version = 16.0.10.1473 (Start=0x204000, End=0x437fff)
[INFO ]  cse_lite: Set Boot Partition Info Command (RW)
[DEBUG]  HECI: Global Reset(Type:1) Command


[NOTE ]  coreboot-MrChromebox-2509.3-23-g0c0001ee378a-dirty-MrChromebox-2509.3-23-g0c0001ee37-dirty Tue Nov 25 17:24:37 UTC 2025 x86_32 bootblock starting (log level: 7)...
[DEBUG]  CPU: Genuine Intel(R) 0000
[DEBUG]  CPU: ID 906a1, Alderlake Q0 Platform, ucode: 0000011f
[DEBUG]  CPU: AES supported, TXT supported, VT supported
[INFO ]  Cache: Level 3: Associativity = 12 Partitions = 1 Line Size = 64 Sets = 16384
[INFO ]  Cache size = 12 MiB
[DEBUG]  MCH: device id 4601 (rev 03) is Alderlake-P
[DEBUG]  PCH: device id 5181 (rev 00) is Alderlake-P SKU
[DEBUG]  IGD: device id 46a8 (rev 04) is Alderlake P GT2
[DEBUG]  FMAP: Found "FLASH" version 1.1 at 0x1c04000.
[DEBUG]  FMAP: base = 0x0 size = 0x2000000 #areas = 8
[DEBUG]  FMAP: area COREBOOT found @ 1c05000 (4173824 bytes)
[INFO ]  CBFS: mcache @0xfef8c200 built for 19 files, used 0x3c0 of 0x4000 bytes
[INFO ]  CBFS: Found 'fallback/romstage' @0x5b140 size 0x18f68 in mcache @0xfef8c28c
[DEBUG]  BS: bootblock times (exec / console): total (unknown) / 105 ms


[NOTE ]  coreboot-MrChromebox-2509.3-23-g0c0001ee378a-dirty-MrChromebox-2509.3-23-g0c0001ee37-dirty Tue Nov 25 17:24:37 UTC 2025 x86_32 romstage starting (log level: 7)...
[DEBUG]  Enforcing the S5 exit path
[DEBUG]  pm1_sts: 8100 pm1_en: 0000 pm1_cnt: 00001c00
[DEBUG]  gpe0_sts[0]: 00002000 gpe0_en[0]: 00000000
[DEBUG]  gpe0_sts[1]: 00000000 gpe0_en[1]: 00000000
[DEBUG]  gpe0_sts[2]: 00000000 gpe0_en[2]: 00000000
[DEBUG]  gpe0_sts[3]: 00000000 gpe0_en[3]: 00000000
[DEBUG]  TCO_STS:   0000 0000
[DEBUG]  GEN_PMCON: a1040000 00000204
[DEBUG]  GBLRST_CAUSE: 00000040 00000000
[DEBUG]  HPR_CAUSE0: 00000000
[DEBUG]  PM1_STS: WAK PWRBTN 
[DEBUG]  prev_sleep_state 5 (S5)                                                                            
[INFO ]  OC Watchdog: disabling watchdog timer                                                              
[INFO ]  TXT disabled successfully - Unlocked memory                                                        
[DEBUG]  cse_lite: Number of partitions = 3                                                                 
[DEBUG]  cse_lite: Current partition = RW                                                                   
[DEBUG]  cse_lite: Next partition = RW
[DEBUG]  cse_lite: Flags = 0x3
[DEBUG]  cse_lite: RO version = 16.0.10.1473 (Start=0x2000, End=0x19afff)
[DEBUG]  cse_lite: RW version = 16.0.10.1473 (Start=0x204000, End=0x437fff)
[ERROR]  HECI: timed out reading answer!
[ERROR]  HECI: Failed to receive!
[DEBUG]  HECI: Trigger HECI Reset
[CRIT ]  HECI: reset failed
[ERROR]  HECI: receive Failed
[ERROR]  cse: Could not get boot performance data
[DEBUG]  FMAP: area COREBOOT found @ 1c05000 (4173824 bytes)
[INFO ]  Fixed Decode Window: SPI flash base=0x1000000, Host base=0xff000000, Size=0x1000000
[INFO ]  Extended Decode Window: SPI flash base=0x500000, Host base=0xf9500000, Size=0xb00000
[INFO ]  CBFS: Found 'fspm.bin' @0xddfc0 size 0xc0000 in mcache @0xfef8c498
[DEBUG]  FMAP: area RW_MRC_CACHE found @ 1bb0000 (65536 bytes)
[NOTE ]  MRC: no data in 'RW_MRC_CACHE'
[WARN ]  EFIVARS: No Firmware Volume header present
[WARN ]  EFIVARS: Failed to validate firmware header
[WARN ]  EFIVARS: No Firmware Volume header present
[WARN ]  EFIVARS: Failed to validate firmware header
[WARN ]  EFIVARS: No Firmware Volume header present
[WARN ]  EFIVARS: Failed to validate firmware header
[INFO ]  FW_CONFIG value from CBI is 0x800000010d
[DEBUG]  SPD index = 1
[INFO ]  CBFS: Found 'spd.bin' @0x9fd80 size 0xa00 in mcache @0xfef8c3b8
[INFO ]  SPD: module type is LPDDR4X
[INFO ]  SPD: module part number is                     
[INFO ]  SPD: banks 8, ranks 1, rows 16, columns 10, density 8192 Mb
[INFO ]  SPD: device width 16 bits, bus width 16 bits
[INFO ]  SPD: module size is 1024 MB (per channel)
[DEBUG]  rt_debug: CPU Trace Hub Mode: 0 PCH Trace Hub Mode: 0


[NOTE ]  coreboot-MrChromebox-2509.3-23-g0c0001ee378a-dirty-MrChromebox-2509.3-23-g0c0001ee37-dirty Tue Nov 25 17:24:37 UTC 2025 x86_32 bootblock starting (log level: 7)...
[DEBUG]  CPU: Genuine Intel(R) 0000
[DEBUG]  CPU: ID 906a1, Alderlake Q0 Platform, ucode: 0000011f
[DEBUG]  CPU: AES supported, TXT supported, VT supported
[INFO ]  Cache: Level 3: Associativity = 12 Partitions = 1 Line Size = 64 Sets = 16384
[INFO ]  Cache size = 12 MiB
[DEBUG]  MCH: device id 4601 (rev 03) is Alderlake-P
[DEBUG]  PCH: device id 5181 (rev 00) is Alderlake-P SKU
[DEBUG]  IGD: device id 46a8 (rev 04) is Alderlake P GT2
[DEBUG]  FMAP: Found "FLASH" version 1.1 at 0x1c04000.
[DEBUG]  FMAP: base = 0x0 size = 0x2000000 #areas = 8
[DEBUG]  FMAP: area COREBOOT found @ 1c05000 (4173824 bytes)
[INFO ]  CBFS: mcache @0xfef8c200 built for 19 files, used 0x3c0 of 0x4000 bytes
[INFO ]  CBFS: Found 'fallback/romstage' @0x5b140 size 0x18f68 in mcache @0xfef8c28c
[DEBUG]  BS: bootblock times (exec / console): total (unknown) / 105 ms


[NOTE ]  coreboot-MrChromebox-2509.3-23-g0c0001ee378a-dirty-MrChromebox-2509.3-23-g0c0001ee37-dirty Tue Nov 25 17:24:37 UTC 2025 x86_32 romstage starting (log level: 7)...
[DEBUG]  pm1_sts: 0100 pm1_en: 0000 pm1_cnt: 00000000
[DEBUG]  gpe0_sts[0]: 00002000 gpe0_en[0]: 00000000
[DEBUG]  gpe0_sts[1]: 00000000 gpe0_en[1]: 00000000
[DEBUG]  gpe0_sts[2]: 00000000 gpe0_en[2]: 00000000
[DEBUG]  gpe0_sts[3]: 00000000 gpe0_en[3]: 00000000
[DEBUG]  TCO_STS:   0000 0000
[DEBUG]  GEN_PMCON: a0014000 00000204
[DEBUG]  GBLRST_CAUSE: 00000000 00000000
[DEBUG]  HPR_CAUSE0: 00000000
[DEBUG]  prev_sleep_state 5 (S5)
[INFO ]  OC Watchdog: disabling watchdog timer
[INFO ]  TXT disabled successfully - Unlocked memory
[DEBUG]  cse_lite: Number of partitions = 3
[DEBUG]  cse_lite: Current partition = RO
[DEBUG]  cse_lite: Next partition = RO
[DEBUG]  cse_lite: Flags = 0x3
[DEBUG]  cse_lite: RO version = 16.0.10.1473 (Start=0x2000, End=0x19afff)
[DEBUG]  cse_lite: RW version = 16.0.10.1473 (Start=0x204000, End=0x437fff)
[INFO ]  cse_lite: Set Boot Partition Info Command (RW)
[DEBUG]  HECI: Global Reset(Type:1) Command


[NOTE ]  coreboot-MrChromebox-2509.3-23-g0c0001ee378a-dirty-MrChromebox-2509.3-23-g0c0001ee37-dirty Tue Nov 25 17:24:37 UTC 2025 x86_32 bootblock starting (log level: 7)...
[DEBUG]  CPU: Genuine Intel(R) 0000
[DEBUG]  CPU: ID 906a1, Alderlake Q0 Platform, ucode: 0000011f
[DEBUG]  CPU: AES supported, TXT supported, VT supported
[INFO ]  Cache: Level 3: Associativity = 12 Partitions = 1 Line Size = 64 Sets = 16384
[INFO ]  Cache size = 12 MiB
[DEBUG]  MCH: device id 4601 (rev 03) is Alderlake-P
[DEBUG]  PCH: device id 5181 (rev 00) is Alderlake-P SKU
[DEBUG]  IGD: device id 46a8 (rev 04) is Alderlake P GT2
[DEBUG]  FMAP: Found "FLASH" version 1.1 at 0x1c04000.
[DEBUG]  FMAP: base = 0x0 size = 0x2000000 #areas = 8
[DEBUG]  FMAP: area COREBOOT found @ 1c05000 (4173824 bytes)
[INFO ]  CBFS: mcache @0xfef8c200 built for 19 files, used 0x3c0 of 0x4000 bytes
[INFO ]  CBFS: Found 'fallback/romstage' @0x5b140 size 0x18f68 in mcache @0xfef8c28c
[DEBUG]  BS: bootblock times (exec / console): total (unknown) / 105 ms


[NOTE ]  coreboot-MrChromebox-2509.3-23-g0c0001ee378a-dirty-MrChromebox-2509.3-23-g0c0001ee37-dirty Tue Nov 25 17:24:37 UTC 2025 x86_32 romstage starting (log level: 7)...
[DEBUG]  Enforcing the S5 exit path
[DEBUG]  pm1_sts: 8100 pm1_en: 0000 pm1_cnt: 00001c00
[DEBUG]  gpe0_sts[0]: 00002000 gpe0_en[0]: 00000000
[DEBUG]  gpe0_sts[1]: 00000000 gpe0_en[1]: 00000000
[DEBUG]  gpe0_sts[2]: 00000000 gpe0_en[2]: 00000000
[DEBUG]  gpe0_sts[3]: 00000000 gpe0_en[3]: 00000000
[DEBUG]  TCO_STS:   0000 0000
[DEBUG]  GEN_PMCON: a1040000 00000204
[DEBUG]  GBLRST_CAUSE: 00000040 00000000
[DEBUG]  HPR_CAUSE0: 00000000
[DEBUG]  PM1_STS: WAK PWRBTN 
[DEBUG]  prev_sleep_state 5 (S5)
[INFO ]  OC Watchdog: disabling watchdog timer
[INFO ]  TXT disabled successfully - Unlocked memory
[DEBUG]  cse_lite: Number of partitions = 3
[DEBUG]  cse_lite: Current partition = RW
[DEBUG]  cse_lite: Next partition = RW
[DEBUG]  cse_lite: Flags = 0x3
[DEBUG]  cse_lite: RO version = 16.0.10.1473 (Start=0x2000, End=0x19afff)
[DEBUG]  cse_lite: RW version = 16.0.10.1473 (Start=0x204000, End=0x437fff)
[ERROR]  HECI: timed out reading answer!
[ERROR]  HECI: Failed to receive!
[DEBUG]  HECI: Trigger HECI Reset
[CRIT ]  HECI: reset failed
[ERROR]  HECI: receive Failed
[ERROR]  cse: Could not get boot performance data
[DEBUG]  FMAP: area COREBOOT found @ 1c05000 (4173824 bytes)
[INFO ]  Fixed Decode Window: SPI flash base=0x1000000, Host base=0xff000000, Size=0x1000000
[INFO ]  Extended Decode Window: SPI flash base=0x500000, Host base=0xf9500000, Size=0xb00000
[INFO ]  CBFS: Found 'fspm.bin' @0xddfc0 size 0xc0000 in mcache @0xfef8c498
[DEBUG]  FMAP: area RW_MRC_CACHE found @ 1bb0000 (65536 bytes)
[NOTE ]  MRC: no data in 'RW_MRC_CACHE'
[WARN ]  EFIVARS: No Firmware Volume header present
[WARN ]  EFIVARS: Failed to validate firmware header
[WARN ]  EFIVARS: No Firmware Volume header present
[WARN ]  EFIVARS: Failed to validate firmware header
[WARN ]  EFIVARS: No Firmware Volume header present
[WARN ]  EFIVARS: Failed to validate firmware header
[INFO ]  FW_CONFIG value from CBI is 0x800000010d
[DEBUG]  SPD index = 1
[INFO ]  CBFS: Found 'spd.bin' @0x9fd80 size 0xa00 in mcache @0xfef8c3b8
[INFO ]  SPD: module type is LPDDR4X
[INFO ]  SPD: module part number is                     
[INFO ]  SPD: banks 8, ranks 1, rows 16, columns 10, density 8192 Mb
[INFO ]  SPD: device width 16 bits, bus width 16 bits
[INFO ]  SPD: module size is 1024 MB (per channel)
[DEBUG]  rt_debug: CPU Trace Hub Mode: 0 PCH Trace Hub Mode: 0

also here is the full log because of too long

edit: viewing the full log, the board is crashing during MP init. the microcode is loading properly. it’s possible that the ES CPU needs an older/specific microcode - you can try using one extracted from the factory image instead of the one provided by coreboot at build time.

• extract CPU microcode from factory ES firmware:
  cbfstool stock-firmware-REDRIX-20251109.rom extract -r FW_MAIN_A -n cpu_microcode_blob.bin -f ucode.bin
• add to redrix board config:

CONFIG_CPU_MICROCODE_CBFS_EXTERNAL_BINS=y
CONFIG_CPU_UCODE_BINARIES="ucode.bin"

then rebuild/reflash

you might also try extracting the FSP-m/s files and using those instead of the newer ones from Intel’s github repo

I used the Redrix4ES ChromeOS Firmware Utility Script today and, surprisingly, I was able to boot coreboot and enter Windows successfully.

I’m not sure why it worked, but thanks for all the help anyway.