digmorepaka
commented
2 years ago Currently we don't have patches for L430/L530. Testing is needed.
Open FouzR opened 2 years ago
digmorepaka
commented
2 years ago Currently we don't have patches for L430/L530. Testing is needed.
FouzR
commented
2 years ago I see I do have one question, my L430 has 2 miniPCIe slots, so would the whitelist be active on the secondary slot?
valpackett
commented
2 years ago I currently have an L430 and a chip clip, I can test things.
So far I've tried me_cleaner -S, now it doesn't fully boot (hangs on _ when entering setup or continuing boot after the RTC error) :D maybe this is that ME delay everyone's talking about and I wasn't patient enough. UPD yeah stock fw doesn't like the disable flag set by me_cleaner, a normal clean without the flag works fine.
Also maybe flashrom doesn't seem to handle the IFD well on this? At least dumping --ifd -i bios or --ifd -i me or whatever also results in an 8MiB file (!) despite the expected "Using region" message. (Or is that the expected padding thing?? That the 1vyrain script handles on the write side)
What should I test first? Putting https://github.com/n4ru/patched-bioses/blob/master/L430.rom into the bios partition and flashing externally?
valpackett
commented
2 years ago So, more testing!
Injecting that rom with ifdtool results in not booting at all.
Applied patches to the stock bios region as extracted with ifdtool (firmware G3ET65WW(2.04) from 2012-09-25):
UPD same result with G3UJ33US(2.76) firmware. I'm looking into making a working patch.
valpackett
commented
2 years ago So one condition was missed in those patches, the full working patch set is:
79E0EDD7-9D1D-4F41-AE1A-F896169E5216 10 P:C8390E0F84:C8390E90E9
79E0EDD7-9D1D-4F41-AE1A-F896169E5216 10 P:C8390E75620F:C8390E75000F
79E0EDD7-9D1D-4F41-AE1A-F896169E5216 10 P:C8394E04754E83:C8394E04750083
79E0EDD7-9D1D-4F41-AE1A-F896169E5216 10 P:0983FA0474:0983FA04EBNow that boots with a ralink Wi-Fi card \o/
digmorepaka
commented
2 years ago Could you submit a PR in https://github.com/digmorepaka/thinkpad-firmware-patches/ with all the details? Afterwards it will be added to 1vyrain and will need one final test before release.
valpackett
commented
2 years ago Yeah, just found that repo while reading the other threads :)
will need one final test before release
Especially considering how the .rom from the patched-bioses repo didn't boot at all for me. I'll have to revert to stock and try flashing from the live USB, right? To test the full "end user" experience.
digmorepaka
commented
2 years ago @unrelentingtech Alright this is a binary of the latest UEFI with the patchset. You will need to pad it by 4M and flash it with the --ifd -i bios parameter manually with flashrom(https://github.com/n4ru/1vyrain/issues/64#issuecomment-761773042)
It should work, but I want to verify before packing a full 1vyrain image
http://0x0.st/-7IC.fixed
e900453fa85235eab78c40e629b35134
valpackett
commented
2 years ago It works \o/
(I've also tried to test the TPM… it's in MFG mode, clearing from Windows does nothing, and I couldn't get tpm-tools on Arch because github is having issues lol)
digmorepaka
commented
2 years ago MFG mode means completely off, try this, it should either do 5 beeps and still not work or work perfectly fine
1d3cead051fd59f5fb377c25f76e3472 md5
valpackett
commented
2 years ago Works great, what was changed, just self-signing?
digmorepaka
commented
2 years ago For some reason the MFG mode was turned on by thinkpad-uefi-sign(it shouldn't do that).
This is a full image, so this should autodetect your model. https://xorg-broke-aga.in/1vyrain.iso md5 50b763065b73443e68e34eff24c36695
valpackett
commented
2 years ago Looks like you've added the rom file but didn't uncomment the start.sh lines.
digmorepaka
commented
2 years ago It appears that i have uploaded the wrong file. Fixed, same link md5sum 43c896ecf7b2b368020be7ac263af301
valpackett
commented
2 years ago The same link still returns 50b763065b73443e68e34eff24c36695…
digmorepaka
commented
2 years ago ergh cloudflare cache probably not updated yet,I did check the file on the server and it is correct. I issued a cache purge so it should be the right file
valpackett
commented
2 years ago line 49: [: : integer expression expected
hmm seems like the version extraction command fails. Running it manually, the awk invocation extracts nothing from $3 — really it's all in $2 which is G3ET65WW(2.04). Do newer firmwares / other models always have whitespace before the opening (?
digmorepaka
commented
2 years ago Looking over some other reports, it does look like other models use a different format and we have trouble detecting L430. I do have an idea for a bandaid fix as the latest(which is extremely likely final) UEFI still have the vulnerability. I will work on it tomorrow
valpackett
commented
2 years ago Well, one possibility is using a regexp for the parentheses on the whole line without using whitespace "fields"…
FouzR
commented
2 years ago So, by the looks of things, you'll update the iso by tomorrow with L430 support?
digmorepaka
commented
2 years ago @FouzR you can already flash the rom manually, but for full automatic support that is the plan. https://github.com/n4ru/1vyrain/issues/87#issuecomment-980782028
FouzR
commented
2 years ago I'll wait for the full automatic support just to be safe :)
digmorepaka
commented
2 years ago @unrelentingtech same link, 588896ad851ec9d5fffb914e205840c6 bypassed version check as it's not needed
valpackett
commented
2 years ago Now everything works perfectly! \o/
FouzR
commented
2 years ago On which BIOS version did you try it?
FouzR
commented
2 years ago 
It's showing this when I tried to do on mine
digmorepaka
commented
2 years ago PITA I know what this is, lucky that we caught it before releasing.
FouzR
commented
2 years ago Was that due to the band-aid fix you implemented?
digmorepaka
commented
2 years ago Nah, this stems from Macronix chips not being autodetectable by software like flashrom. Good thing our model only ships with one of those(and in the case that someone replaced it there are failsafes). It will be fixed like it was fixed on T430s, not at my PC at the moment so you gotta wait.
FouzR
commented
2 years ago Cool, I'm happy you guys are doing this, so, take your time I guess :)
valpackett
commented
2 years ago Interesting, my unit came with a Winbond chip
digmorepaka
commented
2 years ago @FouzR md5: 4be31f563abd41cc74749ba03b21e713 https://xorg-broke-aga.in/1vyrain.iso it should work now.
Just for future reference i also added L530 support, UEFI is shared between L530 and L430 so I hope the autodetection works
FouzR
commented
2 years ago 
Uhhhh
digmorepaka
commented
2 years ago @unrelentingtech you were able to reflash from the latest version yeah? Could you check the latest iso I posted on your board with a winbond and latest UEFI?
valpackett
commented
2 years ago No, I reverted to stock every time, flashrom failed to write (but seemingly didn't corrupt anything) when already modded. (That was tested before auto detection worked)
FouzR
commented
2 years ago @unrelentingtech did you try the iso at the latest BIOS(2.76)?
valpackett
commented
2 years ago No, not at stock latest bios, will test soon
leecher1337
commented
2 years ago Mod edited, de-cluttered.
Sorry for hijacking this thread, but it seems that there are persons who have the capability to reflash a damaged BIOS ROM in the event that something goes wrong. As I do not have this facility, but successfully created and tested a patch for a 7-row keyboard for the L430, I'm a bit hesitant to flash the BIOS, as I do not want to brick the machine.
I would like to ask for help with testing this, in the related thread https://github.com/hamishcoleman/thinkpad-ec/issues/203
digmorepaka
commented
2 years ago @leecher1337 This is unrelated to this issue, please do not clutter up the thread. Message the people directly, and or bring them to the ec repo issue. https://github.com/hamishcoleman/thinkpad-ec/issues/203#issuecomment-991820190
valpackett
commented
2 years ago So it just fails to flash on 2.76, unsurprisingly doesn't matter whether modded or not.
Looks like if [ "255" -gt "$version" ]; was the correct check — flashing does work on 2.54. So don't delete the version check, just make it work whether there's whitespace before the ( or not.
valpackett
commented
2 years ago @digmorepaka so what was the fix for
MFG mode was turned on by thinkpad-uefi-sign
? I'd like to sign my own builds in a way that makes the TPM work…
digmorepaka
commented
2 years ago ? I'd like to sign my own builds in a way that makes the TPM work…
It seems that running thinkpad-uefi-sign and then manually changing 4C 4E 56 42 42 53 45 43 FF to 4C 4E 56 42 42 53 45 43 FB did the trick.
snakeeater4526
commented
2 years ago Hi there, i just read this thread and i have a L530 , does that mean that 1vyrain support L530 now?
digmorepaka
commented
2 years ago UEFI itself is identical, not yet supported in 1vyrain due to different model string, but UEFI patch is working.
devbrones
commented
1 year ago Hey! I have a L430 and soon a chip clip, can maybe do some testing if time allows it. Is 1vyrain stable on L430 and if so how can i install it?
my bios version is G3ET65WW(2.04) and i have a Winbond W25Q64.V rom
devbrones
commented
1 year ago Hey! I have a L430 and soon a chip clip, can maybe do some testing if time allows it. Is 1vyrain stable on L430 and if so how can i install it?
my bios version is G3ET65WW(2.04) and i have a Winbond W25Q64.V rom
update btw, worked flawlessly on the standard iso from 1vyra.in
BoredOperator
commented
1 month ago Hello i tried to run the 1vyrain.iso on my Thinkpad L430 (with the bios versions 2.76, 2.54 and 2.04) and each time i get the message that my machine is compatible but unsupported. (I dont have a hardware flasher nor do i have any flashing experience) Is there a way to enable support?
Machine: L430 BIOS: G3ET94WW(2.54) Version: Flashsize: 8192
digmorepaka
commented
3 weeks ago Hello i tried to run the 1vyrain.iso on my Thinkpad L430 (with the bios versions 2.76, 2.54 and 2.04) and each time i get the message that my machine is compatible but unsupported. (I dont have a hardware flasher nor do i have any flashing experience) Is there a way to enable support?
Machine: L430 BIOS: G3ET94WW(2.54) Version: Flashsize: 8192
Yeah it's currently in a state where it is supported but not really. You can flash internally, rom is made, but the version string decoding hasn't been done yet because it requires quite a rework to support a total of two laptops that a minority of people have.
To flash your machine(internet connection required)
wget https://github.com/n4ru/patched-bioses/raw/refs/heads/master/L430.romdd if=/dev/zero of=pad.bin bs=1M count=4 cat pad.bin L430.rom > UEFI.rom/root/flashrom/flashrom -p internal:laptop=force_I_want_a_brick -w UEFI.rom --ifd -i bios -N
after that is done, you can reboot BoredOperator
commented
3 weeks ago Hello again, thanks for your the fast reply :).
The flash was a succes after figuring out that i needed the --no-check-certificate flag for wget and that bios version 2.76 (until probably 2.69) does not work and gives out the following error.
When i downgraded the bios to version 2.54 everything went smoothly so thank you very much for your help @digmorepaka :)
I tried the BIOS USB, it showed that it's compatible but unsupported With the below info Machine:L430 BIOS:G3ETB6WW(2.76) Version: Flashsize:
Would I be able to use the whitelist scripts from here: https://github.com/n4ru/1vyrain/issues/27