search

corna / me_cleaner

Tool for partial deblobbing of Intel ME/TXE firmware images
GNU General Public License v3.0
4.46k stars 277 forks source link

Asrock Z270M Extreme 4 + me_cleaner = no NVME #228

Closed ghost closed 5 years ago

ghost commented 6 years ago

Hi!

First, thanks for me_cleaner, is very useful!

Worked well for most of my motherboard, but I've found a small problem with Asrock Z270M Extreme 4's bios ( 2.30 ) that you can download from their support web:

https://www.asrock.com/MB/Intel/Z270M%20Extreme4/index.asp#BIOS

After running me_clean v1.2 , I cannot see my M2 & NVME ssds anymore. Here's the me_clean log for the BIOS:

Full image detected The ME/TXE region goes from 0x3000 to 0x200000 Found FPT header at 0x3010 Found 11 partition(s) Found FTPR header: FTPR partition spans from 0x1000 to 0xa8000 Found FTPR manifest at 0x1448 ME/TXE firmware version 11.8.50.3425 Public key match: Intel ME, firmware versions 11.x.x.x The HAP bit is NOT SET Reading partitions list... FTPR (0x00001000 - 0x0000a8000, 0x000a7000 total bytes): NOT removed FTUP (0x00110000 - 0x0001bc000, 0x000ac000 total bytes): removed DLMP ( no data here , 0x00000000 total bytes): nothing to remove PSVN (0x00000e00 - 0x000001000, 0x00000200 total bytes): removed IVBP (0x0010c000 - 0x000110000, 0x00004000 total bytes): removed MFS (0x000a8000 - 0x00010c000, 0x00064000 total bytes): removed NFTP (0x00110000 - 0x0001bc000, 0x000ac000 total bytes): removed ROMB ( no data here , 0x00000000 total bytes): nothing to remove FLOG (0x001bc000 - 0x0001bd000, 0x00001000 total bytes): removed UTOK (0x001bd000 - 0x0001bf000, 0x00002000 total bytes): removed ISHC ( no data here , 0x00000000 total bytes): nothing to remove Removing partition entries in FPT... Removing EFFS presence flag... Correcting checksum (0xf2)... Reading FTPR modules list... FTPR.man (uncompressed, 0x001448 - 0x002018): NOT removed, partition manif. rbe.met (uncompressed, 0x002018 - 0x0020ae): NOT removed, module metadata kernel.met (uncompressed, 0x0020ae - 0x00213c): NOT removed, module metadata syslib.met (uncompressed, 0x00213c - 0x0021a0): NOT removed, module metadata bup.met (uncompressed, 0x0021a0 - 0x00274a): NOT removed, module metadata pm.met (uncompressed, 0x00274a - 0x0027f8): NOT removed, module metadata vfs.met (uncompressed, 0x0027f8 - 0x003158): NOT removed, module metadata evtdisp.met (uncompressed, 0x003158 - 0x0032e6): NOT removed, module metadata loadmgr.met (uncompressed, 0x0032e6 - 0x00340e): NOT removed, module metadata busdrv.met (uncompressed, 0x00340e - 0x003792): NOT removed, module metadata gpio.met (uncompressed, 0x003792 - 0x0038dc): NOT removed, module metadata prtc.met (uncompressed, 0x0038dc - 0x003a8c): NOT removed, module metadata policy.met (uncompressed, 0x003a8c - 0x003c4e): NOT removed, module metadata crypto.met (uncompressed, 0x003c4e - 0x003dd8): NOT removed, module metadata heci.met (uncompressed, 0x003dd8 - 0x003fa4): NOT removed, module metadata storage.met (uncompressed, 0x003fa4 - 0x0042a0): NOT removed, module metadata pmdrv.met (uncompressed, 0x0042a0 - 0x0043c4): NOT removed, module metadata maestro.met (uncompressed, 0x0043c4 - 0x0044ae): NOT removed, module metadata fpf.met (uncompressed, 0x0044ae - 0x0045ba): NOT removed, module metadata hci.met (uncompressed, 0x0045ba - 0x0046bc): NOT removed, module metadata fwupdate.met (uncompressed, 0x0046bc - 0x0047c4): NOT removed, module metadata ptt.met (uncompressed, 0x0047c4 - 0x0048d0): NOT removed, module metadata touch_fw.met (uncompressed, 0x0048d0 - 0x004a00): NOT removed, module metadata rbe (Huffman , 0x004a00 - 0x007100): NOT removed, essential kernel (Huffman , 0x007100 - 0x0170c0): NOT removed, essential syslib (Huffman , 0x0170c0 - 0x028f80): NOT removed, essential bup (Huffman , 0x028f80 - 0x053140): NOT removed, essential pm (LZMA/uncomp., 0x053140 - 0x055740): removed vfs (LZMA/uncomp., 0x055740 - 0x05d6c0): removed evtdisp (LZMA/uncomp., 0x05d6c0 - 0x05f0c0): removed loadmgr (LZMA/uncomp., 0x05f0c0 - 0x061ec0): removed busdrv (LZMA/uncomp., 0x061ec0 - 0x063780): removed gpio (LZMA/uncomp., 0x063780 - 0x0648c0): removed prtc (LZMA/uncomp., 0x0648c0 - 0x065480): removed policy (LZMA/uncomp., 0x065480 - 0x06a040): removed crypto (LZMA/uncomp., 0x06a040 - 0x077c40): removed heci (LZMA/uncomp., 0x077c40 - 0x07bb40): removed storage (LZMA/uncomp., 0x07bb40 - 0x080180): removed pmdrv (LZMA/uncomp., 0x080180 - 0x081340): removed maestro (LZMA/uncomp., 0x081340 - 0x083100): removed fpf (LZMA/uncomp., 0x083100 - 0x084b00): removed hci (LZMA/uncomp., 0x084b00 - 0x0853c0): removed fwupdate (LZMA/uncomp., 0x0853c0 - 0x08a100): removed ptt (LZMA/uncomp., 0x08a100 - 0x09f7c0): removed touch_fw (LZMA/uncomp., 0x09f7c0 - 0x0a8000): removed The ME minimum size should be 360448 bytes (0x58000 bytes) The ME region can be reduced up to: 00003000:0005afff me Setting the HAP bit in PCHSTRP0 to disable Intel ME... Checking the FTPR RSA signature... VALID Done! Good luck!

I also tweaked your python script in order to avoid removing the "storage" module but it does not work either.

Using me_cleaner with their bios z27mex42.30 ( ME 11.x ), apparently makes the board to ignore any M2/NVME ssd present.

thanks.

corna commented 6 years ago

Try to add -w MFS to the me_cleaner's arguments, which keeps the ME's partition for the read-write storage, this sometimes solves this kind of issues.

ghost commented 5 years ago

The "-w MFS" option worked, thanks! Now I can use NVME/M2 ssds, yay!

but I'm just wondering the implications of that... if I don't remove the MFS partition... would the ME be able to access my computer's memory & file system? By the way, do you know what's the "storage" module and "storage.met" metadata for? Thanks.