search

digmorepaka / thinkpad-firmware-patches

Collection of ThinkPad UEFI patches.
Do What The F*ck You Want To Public License
257 stars 24 forks source link

WWAN whitelist removal not working on T480s #18

Open TitoBournet opened 2 years ago

TitoBournet commented 2 years ago
Model T480s
Patchset xx70_xx80_patches_v6.txt (only advance menu and wwan whitelist selected)
TPM MFG state
Notes I have the advanced menu in the BIOS, although the WWAN whitelist is still there.

Hello everyone!
I'm trying to remove the WWAN whitelist on my T480s.

I've applied the patches "enable advance menu" and "remove wwan whitelist" in xx70_xx80_patches_v6.txt
To disable tamper protection I've replaced 4C 4E 56 42 42 53 45 43 FB with 4C 4E 56 42 42 53 45 43 FF in a hex editor, and after flashing it back, I have the advanced menu in the BIOS, but the WWAN whitelist is still there. If I leave the WWAN card inserted, I get error 1802:

1802: Unauthorized network card is plugged in - Power off and remove the network card
System is halted

TPM was previously disabled, but after the patch, it was in "MFG" state.

Should I use a different script on my T480s?
Could someone help me to remove the WWAN whitelist?

Thank you very much!

digmorepaka commented 2 years ago

I'll take a look, could you post your dump?

TitoBournet commented 2 years ago

Hi Daniel,

Here is a dump of my original BIOS ROM:

Thanks in advance, Pablo

digmorepaka commented 2 years ago

I see absolutely zero why the regular patches wouldn't work, nonetheless, here's a manually modified version only containing the wwan whitelist bypass. http://0x0.st/oARB.bin md5:e3737ff1846f47aebc346df0d4f0cfde T480s-patched-UEFI.bin

digmorepaka commented 2 years ago

woops

TitoBournet commented 2 years ago

Hi Daniel, thank you very much!

I'll try it as soon as I get a chance (sometime over the weekend I estimate) and let you know.

Best regards, Tito

TitoBournet commented 2 years ago

Hi, I flashed back the BIOS MOD that Daniel (@digmorepaka) did and I still get the same behavior as doing it through the scripts, i.e. if I leave the WWLAN card plugged, I get error 1802:

1802: Unauthorized network card is plugged in - Power off and remove the network card System is halted

Even the behavior of the TPM was the same (from disabled to MFG state).

What other test could I perform?

Thanks a lot, Tito

digmorepaka commented 2 years ago

The module looks exactly the same as the one in the T480 UEFI, for some reason the pattern isn't automatically found - ok found it manually. But it does not work, might need a second module patched too. If I get around to it, I will post it here. Currently working on a couple other projects so sorry if I take a while to do it.

TitoBournet commented 2 years ago

OK Daniel, thank you very much for taking the time. There's no rush, so I'll wait until you get a chance to see it. Best regards, Tito

debdrup commented 1 year ago

The module looks exactly the same as the one in the T480 UEFI, for some reason the pattern isn't automatically found - ok found it manually. But it does not work, might need a second module patched too. If I get around to it, I will post it here. Currently working on a couple other projects so sorry if I take a while to do it.

I'd hate to disturb anyone, but I'd love to know if you've managed to find time to look at this. I'd love to be able to plug in one of these.

k1gen commented 1 year ago

hey @digmorepaka, I have the same issue on my T480s after applying Advanced menu and WWAN whitelist removal patches: Advanced menu appears and is usable, but WWAN whitelist is still there. any chance you could fix this with now three of us encountering this exact problem? I can send my original and current BIOS dumps if you need them

k1gen commented 1 year ago

@digmorepaka? you there?

maz3max commented 1 year ago

Just noticed that this specific error message is not from the LenovoWmaPolicy module, but from the BdsMilestone module. Still have no clue how to properly patch this.

Attaching the extracted efi file in case anyone would like to take a stab at it: Section_PE32_image_BdsMilestone_BdsMilestone_body.efi.zip

maz3max commented 1 year ago

Maybe the line 6A628EFE-3682-4FDC-A31E-C635BDF18CC8 10 P:803D1CDE0000000F841102:803D1CDE000000E9120200 could fix it. No guarantee though, I need to wait for hardware to test it. Assume that this damages your system.

maz3max commented 1 year ago

Just noticed that I don't need to mod the bios of my X1C5 to install an AX210 card, so I won't pursue this further.

k1gen commented 1 year ago

I still want @digmorepaka or someone else to fix this, because for now any adequately-priced WWAN card won't work in my T480s

dukzcry2 commented 5 months ago

I can't make universal patch, but here is what works for me for 1.57 bios https://gitlab.com/repos-holder/thinkpad-firmware-patches/-/blob/master/xx70_xx80_patches_v7.txt?ref_type=heads Its not hard to adjust it for specific bios version with ida pro (ghidra crashed for me). these notes https://gitlab.com/repos-holder/thinkpad-firmware-patches/-/blob/master/notes.txt?ref_type=heads may help