Forum RSS Feed Follow @ Twitter Follow On Facebook

Thread Rating:
  • 11 Vote(s) - 4.64 Average
  • 1
  • 2
  • 3
  • 4
  • 5
[-]
Welcome
You have to register before you can post on our site.

Username:


Password:





[-]
Latest Threads
[REQUEST] CPU Support for Ryzen 5 3600 o...
Last Post: flexpavillion
Today 04:32 AM
» Replies: 1
» Views: 293
Clevo P775TM1-G BIOS
Last Post: ActivatedNut
Today 01:36 AM
» Replies: 145
» Views: 55283
[REQUEST] Lenovo G50-70 (9ACNxxWW) BIOS ...
Last Post: colin89
Yesterday 06:16 PM
» Replies: 138
» Views: 40944
ASUS P5G41T-M LX2/GB Unlocked Hidden Ove...
Last Post: GangsteR23
Yesterday 04:58 PM
» Replies: 25
» Views: 64120
lenovo z570 Advanced Menu Unlocked
Last Post: Kaluva12345
Yesterday 04:58 PM
» Replies: 7
» Views: 4094
[Request] HP Elitebook 6930P WLAN Whitel...
Last Post: Maxinator500
Yesterday 02:25 PM
» Replies: 15
» Views: 6556
[REQUEST] Lenovo Yoga 11E (N15ETxxW) Whi...
Last Post: drradkin
Yesterday 12:30 PM
» Replies: 4
» Views: 2501
Lenovo ThinkCentre M715q 2nd Gen & AMD R...
Last Post: RedfieldHUN1987
Yesterday 09:23 AM
» Replies: 2
» Views: 137
L14 Gen 3 AMD , Need UEFI unlock advance...
Last Post: frankeinstein2532555
Yesterday 04:08 AM
» Replies: 0
» Views: 84
[REQUEST] Lenovo Y400 & Y500 (6BCNxxWW) ...
Last Post: freedome
03-26-2024 11:00 PM
» Replies: 188
» Views: 52166
[REQUEST] Lenovo G510 (79CNxxWW) Whiteli...
Last Post: ghostinoss
03-26-2024 09:21 PM
» Replies: 655
» Views: 167065
[Request] CPU support for Lenovo IQ57I
Last Post: DeathBringer
03-26-2024 10:02 AM
» Replies: 5
» Views: 230
unlocked Bios for Machenike s16
Last Post: Dudu2002
03-26-2024 09:06 AM
» Replies: 5
» Views: 322
[REQUEST] Bios Unlock Whitelist HP DV6-6...
Last Post: DimanTLT63
03-26-2024 03:03 AM
» Replies: 0
» Views: 134
[REQUEST] HP Pavilion G6-1252ss Whitelis...
Last Post: joseefitness
03-26-2024 01:40 AM
» Replies: 0
» Views: 118
[REQUEST] Lenovo S310 & S410 (8BCNxxWW) ...
Last Post: morgley
03-25-2024 10:43 PM
» Replies: 14
» Views: 6328
Acer Nitro ANV15-51 Bios Bin File Reques...
Last Post: Papethzkie23
03-25-2024 06:04 PM
» Replies: 0
» Views: 135
[REQUEST] Lenovo G710 BIOS Whitelist Rem...
Last Post: si1975
03-25-2024 01:28 PM
» Replies: 468
» Views: 125397
[REQUEST] Lenovo Yoga 2 Pro (76CNxxWW) W...
Last Post: TalKaz
03-25-2024 11:10 AM
» Replies: 844
» Views: 317019
[REQUEST] Toshiba Satellite A300D PSAK0C...
Last Post: 1000palladium
03-25-2024 10:43 AM
» Replies: 4
» Views: 227

(UEFI) Dell XPS 15z L511z modded BIOS - and HOWTO
Hey all,
CodeRush chimed in today providing me this material for reading: http://wenku.baidu.com/view/55ecfbdcd15abe23482f4d75
(please don't share it widely as I've yet to gather enough Caifu Zhi to download the actual copy... and *someone* can take the file down by request in a matter of seconds).
A lot of things cleared up .. some on the other hand got more confusing. I won't have time to carefully read the document, but after skimming through it appears to have answers for most of our questions regarding ME and region permissions/structure.
find
quote
And here comes todays update .. again from CodeRush.
Pay attention to the right top corner on this page:
[Image: 1CINf]
Then go ahead and download our 6-series chipset datasheet from Intel, which has to say the following on pp.91:
[Image: 1CIPI]

Now get your HDEF datasheet and find the following ...in a nutshell pin 5 has to be supplied voltage from pin 1 (shorted together) upon boot to trigger descriptor security override and enable debugging mode for ME:
[Image: 1CIQq]

CodeRush ended up with this:
[Image: 1CISA]

[Image: 1CIT2]

As you can see the master lock is still intact and yet it allowed him to dump through host access..
What this means is that there's no need for a hardware flasher to gain write access to ME.
There's that for now Smile props to the man behind this find.
find
quote
thanks for the info! Smile

mmm, so acording to this, bypassing the descriptor can be done with a single 1K resistor , right?

not bad, this will make things easier for you guys.
anyway, keep in mind having a flasher was the thing wich saved my laptop when it got screwed after flashing stuff from the OS with unlocked descriptor.

if I didnt had the chip backup from the flasher, I would have a brick now.

so in case you guys skip the flasher and the whole chip backup, make sure what you flash and where, the recovery cdrom can only restore the bios region, other regions are unrecoverable with the BIOS.cap trick.


note: I noticed it also said something about enable ME debugging.

as far I know I just unlocked descriptor by tweaking the flasher stuff.

do this means I still have to do the resistor trick even with modded descriptor to enable ME debugging? Big Grin
find
quote
According to CR resistor is not needed, it's meant to have the board in debugging mode permanently at any boot up. if you just need to enable the override temporally then a simple short between pins 1-5 is enough. The document referenced above describes a lot of things in terms of fiddling with FITC and FPT.. so @kasar you are our test subject after Christmas and New Years.. based on this info we possibly can update the ME with just an updater and a custom binary .. without the need of any voodoo magic and chip content slicing and splicing.
find
quote
well, anyway getting a 1K resistor is very easy, and it will save you to bridge it everytime the thing to enter in debugging mode, a little more soldering for a more lazy reboots then.

oh, updating it with modified binary would be awesome to all people, I'm almost sure electronical modifications keep most users away from it ^^
so it would be need only for testing and doing blind/crazy tests like I do Big Grin

hehe, test subject, I like it ^^

with 4 extra preprogramed chips, programer, sockets and backups there is no way of bricking this laptop again, at least bios/firmware related Big Grin


today I tried to flash another modded bios using conventional method, but it failed while the flashing were flashing, it asked weird beep and it asked also write errors at some sectors.

had to use the recovery CD to boot again the machine.

tried to flash again, but it happened again.

well, in order to make it flasheable from the machine itself, I had to extract the chip from the socket and place it again, then it flashed fine.

strange, maybe it was a bad contact again ^^

glad it fixed that, I was about starting to think the chip were different to the one initially installed and it had some issues, but hopefully that wasnt the cause.


edit:

also noticed something at the ivy procesor I have in mind for testing

http://www.ebay.es/itm/NEW-INTEL-i7-3720...3cca708663

go to the link


then you can read this

Quote:For intel mobile 75/76/77 Chipset etc use ONLY (It will NEVER work on 65/67 /55 etc chipset), check your laptop Chipset model with CPU-Z first.

this worries me again.

my chipset is HM67, one of the ones reported as not working, I would be a shame that after getting the cpu, updating ME, HD3000 to HD4000 vbios update and microcodes update it would still not working for IVY proccesors for hardware limitations.

:o
find
quote
To be absolutely fair with you I'm starting to doubt this will happen anytime soon...as per Intel there's this chart:
[Image: 1CPWp]
We have Huron River platforms, guh...
But if Intel is anywhere like Apple (who claim their iMac machines can support only 8Gb of memory which they in fact can support 16 perfectly fine) then we may have a chance of an upgrade headroom ahead of us.
find
quote
I finally managed to register here.
I'm reading this topic since @TimeWalker pointed me to, and I must say that you guys are awesome.
I must also say that I don't have much time to help now and I did't believe that IB-processor can work on HR-chipset from the beginning, but it is a situation where process is more valuable then upcoming results.
find
quote
welcome aboard CodeRush.

I heard really good stuff from you and your projects ^^

oh, about the IB-proccesor on our machines.

is it some kind of software limitation (BIOS, ME firmware ....) or it is more related with hardware/chipset?


if it is just software I think it can be done by the methods discussed here (ME8 + Intel 4000 vbios + microcodes)
but if it is a hardware limitation there isnt a lot we can do :o

well, a safe way to test it, it would be to edit the dump created by my programer, and replace the ME7 zone with ME8 firmware and check if it boot at least with a normal sandy bridge cpu.

timewalker had some kind of modified dump of mine, I think he said the size of the ME zones were identical and easy to replace.

as soon as he or someone else give me a hand with that I will flash it using the programer andthen will report results ^^
find
quote
kasar Wrote:I heard really good stuff from you and your projects ^^
Thanks. BTW, I have a wiki page about RushSPI in english, no need to use crappy Google-Translate anymore. Smile

kasar Wrote:is it some kind of software limitation (BIOS, ME firmware ....) or it is more related with hardware/chipset?
ME and/or hardware. I don't know much about the situation with Phoenix SCT 2.0 compatibility with ME 8, TBH. But I know that ME 8 is incompatible with rev. B2 of 6 series chipsets at all, and ASUS had to rewrite half of their code to add ME 8 support in new BIOS versions for B3. So it won't be surprise if ME 8 won't start on HM67. And without it IB won't start either.

Let's see test results, anyway.
find
quote
well, then we lose nothing by trying ^^
however about getting a ivy proccesor to test, it would be nice to at least ensure first the ME8 firmware is running first on the motherboard ^^

oh, a quick question guys.

as for the software I use to write the chips, I use a DOS version of flashrom

is there are some windows alternatives for this software?

the flasher name I am using is rayer_spi (parallel port based)
I didnt found any software for windows.

and if I try virtualizacion, by installing DOS on a vmware machine and give it access to the phisical parallel port, it is slow as heck and cpu resources ussage goes crazy.

any ideas/alternatives?

spipgm can just read & verify,but it cant write for some reason, flashrom is the only one I noticed working properly while writting the chips
find
quote


Forum Jump:


Users browsing this thread: 13 Guest(s)