search

corna / me_cleaner

Tool for partial deblobbing of Intel ME/TXE firmware images
GNU General Public License v3.0
4.49k stars 278 forks source link

Undo HAP bit setting #112

Closed p4block closed 6 years ago

p4block commented 6 years ago

Long story short, I have a modified BIOS that just had the HAP bit set (-s), and the original dump was lost and is not available to download anywhere.

I'd like to set the bit back to 0 to restore it to its original state for testing. I'm not confident enough in my python skills to hack the current py to do so hah

Great work on this project, my thanks to everyone involved.

corna commented 6 years ago

Change line 741:

 pchstrp0 |= (1 << 16)

to

 pchstrp0 &= ~(1 << 16)

and run me_cleaner -s <image>.

Check the result with vbindiff, only the byte at offset 0x102 (for ME >= 11) should have changed.

For ME < 11 do the same on line 748.

Wiggum127 commented 6 years ago

Instead of changing the source code, couldn't this become an option to set via the command line? So either set the HAP on or off?

p4block commented 6 years ago

A thousand thanks @corna, worked like a charm.

Asus TP301UA has some weird setup, doesn't appear to have vboot enabled but disabling the ME even with -s completely kills the laptop.

Gonna do some probing with the latest intelmetool and confirm that there's no boot guard.

corna commented 6 years ago

@Wiggum127 it's shouldn't be needed, people must always have a backup to rollback

@p4block unfortunately some BIOS are badly designed and doesn't handle well a disabled ME