Login

Dime333 · 01-04-2010, 11:06 AM

Hello guys. I have an HP Pavilion Dv6-1222sl and i would like to know if it's possible to show Execute Disable Bit (or maybe other Intel cpu related parameters) into the Insyde Bios by modding it.

Thanks in advance
Dime

***1234s282*** · 01-04-2010, 08:09 PM

No sorry. Insyde bioses cannot be unlocked as of yet Sad

Regards
Admin

**Sgt-Pepper** · 01-05-2010, 10:39 AM

Should be possible since it's already an option in your BIOS but hidden.

Normally the XD bit is enabled by default unless your CPU does not support it. You can toggle it through software by simply changing IIRC bit 34 of MSR 0x1A0, no need to do it specifically from the BIOS.

Dime333 · 01-05-2010, 12:20 PM

Thanks for replies guys, i'm a total newbie into this kind of stuff so i don't know how to do these things. What kind of software do i have to use to change this bit from OS, and what kind of OS (I use Linux) is needed?.

Thanks
Dime

**Sgt-Pepper** · 01-06-2010, 02:12 AM

You could google "linux msr editor". I don't know which distro your using, Ubuntu maybe? If so you could install the msr-tools by going to a shell and typing

Code:
sudo apt-get install msr-tools

you might also need

Code:
sudo modprobe msr

then you can check the nx bit by typing

Code:
sudo rdmsr -f 34:34 0x1a0

If it's set to zero the nx bit is enabled, if it's set to one it's disabled. Unfortunately the wrmsr requires the whole 64 bits to be written so if you wanted to change it you would first need to read the whole 64 bits

Code:
sudo rdmsr -0 0x1a0

then 'xor' bit 34 to toggle it and write the whole thing back with wrmsr. Of course you should make sure you have booted with the kernel option nxexec set to off before doing this from the OS.

You'll probably find the nx bit is enabled by default if your cpu supports it.

InsecureByDesign · 07-12-2010, 06:10 PM

(01-06-2010, 02:12 AM)Sgt-Pepper Wrote:
Code:
sudo rdmsr -0 0x1a0

then 'xor' bit 34 to toggle it and write the whole thing back with wrmsr. Of course you should make sure you have booted with the kernel option nxexec set to off before doing this from the OS.

You'll probably find the nx bit is enabled by default if your cpu supports it.

Bumping this semi-old thread. I also have an Insyde BIOS and the thing seems to be disabling NX and resetting this bit once I reboot even after I set it with wrmsr as you describe. There is no option for it in the BIOS menu..

Is there any way to somehow set an MSR value early in the boot process? If I set it while the system is running with noexec on, it hardlocks. This leads me to believe I need to somehow set it after the BIOS boots but before the Linux kernel is loaded.

Do you happen to know of some way to do this? I too find it really surprising that my BIOS would forcibly disable NX support and have no option to re-enable it, but that's what appears to be the case.

Or has there been any progress in unlocking Insyde BIOS's in the past 6 months?

***1234s282*** · 07-12-2010, 08:36 PM

Sorry , still no major break throughs!

We are still relying on the leak of the official tools such as whats happened with Award , Ami and Phoenix

Only one official Insyde tool has made it onto the web and its good for moving , deleting and replacing modules but not unlocking Sad

You can be sure that we will publicise any breakthroughs as widely as possible! Tongue

Admin

InsecureByDesign · 07-13-2010, 01:58 AM

What sort of protections does the Insyde BIOS currently have? Is there some sort of signature verification in the flashing tool and/or the BIOS itself? Is the code packed/obfuscated?

Somewhere inside this steamer there has gotta be code that flips this bit.

If I get a copy of the BIOS image from my laptop vendor's website, what barriers do I face before I can load it in IDA, look for the instructions toggling that MSR, nop them out, and re-flash the image? You mention tools for breaking the BIOS image into its component modules and relinking it. Are these tools documented? Will I have any luck using them to this end, or will something else likely defeat me?

It is really pissing me off that this stupid BIOS is this evil/braindead...

Alternately, might it be possible to get GRUB or the Linux kernel itself to flip the MSR for me somehow?

***TheWiz*** · 07-19-2010, 09:08 PM

If we load it into IDA who knows waht we would see. Fifrst I'm not sure if the Insyde compression would show in disassembly, which would completly mask the BIOS contents besides compression bits. I don't really use linux too often, but from what the last user posted those are shell commands you could type into probably any common linux distro to try them out.

TheWiz

Login
Username:
Password:	Lost Password?
	Remember me