me_cleaner status

[corna]

Please comment here if me_cleaner works on your device.
If this tool does not work on your PC (or it does not behave as expected), don't comment here but open an issue instead.
Specify:

• CPU architecture
• CPU model
• Laptop/motherboard
• OEM BIOS or coreboot?
• If you used the -s/-S flag in me_cleaner

Thanks

[corna]

Working on:

• Intel Core i5-2520M
• Sandy Bridge
• Lenovo Thinkpad X220
• coreboot
• both with and without the -S flag

Working for more than a month now. Everything works perfectly, and the MEI device has disappeared from the PCI bus.

[afics]

• Sandy Bridge
• Lenovo Thinkpad X220
• coreboot

I can confirm it works on the Lenovo Thinkpad X220, but coreboot then recognizes only one of my two 8GB RAM modules. I'm currently investigating.

[philmb3487]

• Intel Celeron 2955U
• Haswell
• Chromebook C720p
• coreboot

Hey there, I build and flashed an image of coreboot for my chromebook (C720p) running a Haswell 2955U.

There is no MEI entry in the lspci list.
Not sure what other tests I can run to see the ME's state, open to running other tests, just tell me.

Passed the 30 minutes mark, seems to work. Thanks

[f-izzo]

Working on:

• Intel i5-6500
• Skylake
• MSI Bazooka B150M
• Stock AMI Bios
• 61fd606

Everything works, the HECI (formerly MEI) device disapperars, a screen at boot notifies that the ME firmware is corrupted, but pressing F2 lets the boot continue.

[zamaudio]

• Intel
• Core i5-2540M
• Lenovo Thinkpad X220
• Coreboot
• 48deb6c

^^ Yes that's right, the experimental branch works on this board folks! No lzma modules!

[simonepsp]

Working on

• Intel Core i5 3320M
• Ivy Bridge
• Lenovo Thinkpad X230
• Coreboot
• d2e2308

[tlaurion]

Working on

• Intel Core i5 3320M
• Ivy Bridge
• Lenovo Thinkpad X230
• Stock BIOS
• d2e2308

[ilikenwf]

• Intel Core i7 4790k
• Haswell
• Desktop, ASRock Z97 Pro4
• Modded Bios (see below)
• ffe60d8

ASRock's bios packages are all in a proprietary format, but Windows based tools, specifically the UBU pack (http://www.win-raid.com/t154f16-Tool-Guide-News-quot-UEFI-BIOS-Updater-quot-UBU.html), allow them to be extracted and the firmware inside upgraded or downgraded. One may flash this modified file directly from the UEFI settings themselves, as it doesn't validate them.

It is unclear whether or not ME is properly disabled, as the kernel module loads but is not really usable, and the tools to check ME status segfault.

Removing extra partitions...
Removing extra partition entries in FPT...
Removing EFFS presence flag...
Reading FTPR modules list...
Wiping LZMA section (0xa7680 - 0xcf000)
 UPDATE: removed (0xa7680 - 0xa78aa)
 ROMP: removal of Huffman modules is not supported yet, skipping
 BUP: removal of Huffman modules is not supported yet, skipping
 KERNEL: removal of Huffman modules is not supported yet, skipping
 POLICY: removal of Huffman modules is not supported yet, skipping
 HOSTCOMM: removed (0xa78aa - 0xafbb5)
 TDT: removed (0xafbb5 - 0xb4f71)
 FPF: removed (0xb4f71 - 0xb6a77)
Correcting checksum (0xea)...
Done! Good luck!

• Intel Core i7 4790k
• Haswell
• Desktop, ASRock Z97 Extreme6
• Modded bios -- see me_cleaner status #3 (comment)
• ffe60d8

BIOS file name must be same as Instant Flash bios name, or else instant flash in bios does not detect it. In this case, Z97Ex62.70

/dev/mei0 does not exist, intelmetool reports it doesnt support my system (maybe it doesn't?), mei/mei_me modules still required by some ASRock Intel ME pci listing

Of note, Intel's own "Intel® Management Engine Verification Utility" in windows is perpetually spinning, which I should have tested beforehand. Looks like that only works if your cpu supports vPro. Tested on another Intel based machine with ME still in bios.

But everything seems to be working properly so far.

Full image detected

The ME region goes from 0x3000 to 0x1fffff

Found FPT header at 0x3010

Found 20 partition(s)
ME firmware version 9.1.10.1000
Found FTPR header: FTPR partition spans from 0x4a000 to 0xd2000
Removing extra partitions...
Removing extra partition entries in FPT...
Removing EFFS presence flag...
Reading FTPR modules list...
Wiping LZMA section (0xaa680 - 0xd2000)
 UPDATE          : removed (0xaa680 - 0xaa8aa)
 ROMP            : removal of Huffman modules is not supported yet, skipping
 BUP             : removal of Huffman modules is not supported yet, skipping
 KERNEL          : removal of Huffman modules is not supported yet, skipping
 POLICY          : removal of Huffman modules is not supported yet, skipping
 HOSTCOMM        : removed (0xaa8aa - 0xb2bb5)
 TDT             : removed (0xb2bb5 - 0xb7f71)
 FPF             : removed (0xb7f71 - 0xb9a77)
Correcting checksum (0xea)...
Done! Good luck!

[nilesr]

I can try to cat /dev/mei0 and I get "no such device" as root...so I guess that's good?

On my system that I've never flashed before (I haven't used me_cleaner yet) I get the same message when trying to read from /dev/mei0. It does not mean that the ME is disabled

[n1zzo]

Working on

• Intel Core i5 2520M
• Sandy Bridge
• Dell Latitude e6220
• OEM BIOS
• ffe60d8

MEI is no more present in lspci output.
However, the ethernet card does not show up anymore on "ip a" output.

dmesg says:

e1000e: Intel(R) PRO/1000 Network Driver - 3.2.6-k
e1000e: Copyright(c) 1999 - 2015 Intel Corporation.
e1000e 0000:00:19.0: Interrupt Throttling Rate (ints/sec) set to dynamic conservative mode
e1000e: probe of 0000:00:19.0 failed with error -e

The problem seems identical to the one reported by this user:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/984404
and as he suggests just rebooting the machine temporarily fixes the problem.
When a power cycle is performed again (power off+power on) the ethernet
card is gone again.

This is the related bug on the ubuntu kernel bug tracker:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1576953