A 3mdeb port to the Gigabyte MZ33 AR1 moves open source CPU initialization off reference demos and onto Zen 5 server silicon, with real audit and security implications for operators.
The first EPYC server you can buy where the code that boots before your operating system is readable by the people who run it has arrived, and it is not a reference board in a lab. According to a hands-on writeup by Michael Larabel at Phoronix on 12 June 2026, the consulting firm 3mdeb has ported AMD's open-source CPU silicon initialization library, openSIL, together with Coreboot onto the Gigabyte MZ33-AR1, a shipping server motherboard built around EPYC 9005, AMD's Zen 5 server silicon. The build covered in the Phoronix review is described as flashable from the board's baseboard management controller, not a developer rig.
The substantive change is not "open source" as ideology. It is what openness actually buys the people who run these machines. Today, the first code a server executes, the part that initializes memory, configures the memory controller, and hands off to the bootloader, lives inside a closed AGESA-derived binary that AMD ships to its firmware partners. Operators and security teams can review it only as an opaque object. With openSIL paired with Coreboot, that initialization surface becomes inspectable, modifiable, and modernizable by the operator community. Larabel frames the milestone in those terms: transparency and security are the wins, not open branding.
Three actors made this port work. AMD published the openSIL project in early 2023 as the long-term replacement for AGESA, with the stated goal of broader and cleaner Coreboot support. 3mdeb, the Polish consulting firm behind much of the public Coreboot and Dasharo work, did the engineering port to the MZ33-AR1. Gigabyte supplies the shipping platform. Dasharo, the open firmware distribution 3mdeb maintains, packages the result into something an operator can actually deploy. The Phoronix review reports AMD's Secure Memory Encryption enabled by default in the Dasharo build under test, a meaningful detail for confidential workloads.
The honest caveats matter as much as the milestone. AMD's own production timeline for openSIL still points at Zen 6, the generation after the one now booting open source. The MZ33-AR1 result is a community and consulting port, not an AMD-released production path. Platform support is narrow: today it is the Gigabyte MZ33-AR1, with additional Gigabyte boards and forthcoming MSI boards in the pipeline. BIOS feature parity and IPMI integration are still maturing, and support responsibility sits with a small consulting team rather than a hyperscaler-scale vendor organization. None of that erases the achievement, but it scopes it.
For operators, the practical question is what an inspectable initialization stack actually changes. Security teams gain a smaller, auditable boot-time attack surface and a chance to verify, rather than trust, the code that runs before the operating system. Confidential-computing buyers get a path to attestation chains where the silicon initialization, not just the hypervisor and guest, can be reasoned about. Hyperscalers and regulated industries that already demand supply-chain transparency gain a working template for firmware provenance. These are the workload categories that have been asking, often quietly, for exactly this option.
The frame that fits is agency. The question has never really been whether AGESA works; it usually does. The question is who gets to read, audit, modify, and ship the first code that runs on a server. With the 3mdeb port of openSIL and Coreboot to the Gigabyte MZ33-AR1, the answer for at least one shipping EPYC server is no longer "only AMD and its firmware partners." It is also anyone willing to read the code and ship a build.