Complete ME disablement on X79 systems?

ghost commented 5 years ago

Hi all, It seems that some chipsets (or mainboards?) do not have an active ME watchdog timer. I have an ASUS Rampage IV Extreme and was able to wipe the ME region (all 0xFF) with almost no ill effects:

# ./intelmetool -s
MEI not hidden on PCI, checking if visible
MEI device not found

# lspci | grep -c Comm
0

# uptime -p
up 19 hours, 14 minutes

# flashrom -p internal -r /tmp/no_me.rom &>/dev/null
# ./ifdtool -x /tmp/no_me.rom >/dev/null && hexdump -C flashregion_2_intel_me.bin
00000000  ff ff ff ff ff ff ff ff  ff ff ff ff ff ff ff ff  |................|
*
00001000

AFAICT there are only two side-effects of removing the ME firmware:

When coming from a ROM with ME firmware, or when resetting CMOS, the first boot will fail after a second or two. The system resets itself, and then all subsequent boots succeed.
The onboard NIC doesn't work on a cold boot. This can be fixed by resetting the NIC: *(volatile uint32_t*)GBE_BAR |= 0x84000000;

If anyone else has this board, other X79 mainboards, or even more recent intel HEDT systems (X99 or X299), I think everyone would be interested in finding out whether they have active watchdog timers.

githubisnonfree commented 2 years ago

hey, this link is dead: https://github.com/nkht/me_removal

can you restore it?

githubisnonfree commented 2 years ago

I'm told that there is an archive link:

https://archive.softwareheritage.org/browse/origin/directory/?origin_url=https://github.com/nkht/me_removal

Stitch626 commented 2 years ago

Yup, seems like the right revision as well.

corna / me_cleaner

Complete ME disablement on X79 systems? #278