New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Asus Z10PE-D8 WS (motherboard); no FTPR modules except BUP? #71

Closed
sakaki- opened this Issue Oct 3, 2017 · 5 comments

Comments

Projects
None yet
3 participants
@sakaki-

sakaki- commented Oct 3, 2017

Hi,

Thanks for making this tool available!

I have run me_cleaner successfully on three PCs now, two laptops and a server (reports here, here and here).

On the two laptop systems, me_cleaner produced a long list of FTPR modules that were removed (kernel, policy etc.). However, on the server, an ASUS Z10PE-D8 WS motherboard, only BUP was detected (and not removed). Output of me_cleaner run copied again below:

root@pi64 ~ # python me_cleaner/me_cleaner.py -S original6.rom -O modified6.rom
Full image detected
The ME/TXE region goes from 0x1000 to 0x800000
Found FPT header at 0x1010
Found 6 partition(s)
Found FTPR header: FTPR partition spans from 0x22000 to 0x42000
ME/TXE firmware version 3.1.3.30
Removing extra partitions...
Removing extra partition entries in FPT...
Removing EFFS presence flag...
Correcting checksum (0x4b)...
Reading FTPR modules list...
 BUP              (uncomp., 0x02235c - 0x03935c): NOT removed, essential
The ME minimum size should be 249856 bytes (0x3d000 bytes)
The ME region can be reduced up to:
 00001000:0003dfff me
Setting the AltMeDisable bit in PCHSTRP10 to disable Intel ME...
Checking the FTPR RSA signature... VALID
Done! Good luck!

root@pi64 ~ # cmp -l original6.rom modified6.rom | wc -l
1048321

Is that what would be expected given this is a server rather than a consumer machine BIOS? At any event the ME appears to have been disabled (see report), and me_cleaner has written about 1MiB of 0xFF bytes into the ROM image.

PS the BIOS image is available for download from Asus' site here. This is a .CAP file (once unzipped) but you can just do:

user@pc $ dd if=Z10PE-D8-WS-ASUS-3304.CAP of=Z10PE-D8-WS-ASUS-3304.rom bs=1024 skip=2

to get the raw .rom.

@corna

This comment has been minimized.

Owner

corna commented Oct 3, 2017

Hi,

you're trying to disable a SPS firmware, which is officially not supported (yet). Seems to work well in your case though.

Thanks for providing me the link and commands needed to get the rom file (instead of sending me the extracted file, which is not allowed).

From the log I see that the FTPR partition contains only a partition (not removed), however there were 6 partitions, 5 of which have been removed. The ME region is huge (8 MB) however the SPS firmware occupies only the first 1.5 MB, which is not much compared to the other Intel firmware, so I suppose this one is a minimal firmware and it seems resonable that the FTPR partition contains only the BUP module. @platomav is probably more informed than me.

Also consider that me_cleaner removed most of the code, from ~1.5 MB to ~90 kB (but it didn't show it, as it wasn't in the FTPR partition).

Can you try again without the -S flag and report the results? No need to tell you that this might cause a brick.

@platomav

This comment has been minimized.

platomav commented Oct 3, 2017

SPS is built from two modules: Recovery (FTPR) and Operational (OPR). Everything else is generated automatically by Intel's Flash Image Tool. For redundancy, SPS can have Backup regions which are usually copies of the original (MFS & MFSB, OPR1 & OPR2). Little is known about SPS and even less people have systems to test but the general idea is that OPR loads first, if it fails it goes to backup and if that fails, it loads FTPR. OPR can be configured to work either as a simple platform configurator (Silicon Enabling mode) or with Node Manager application (Node Manager mode).

For SPS 3 only, the $FPT has a 2-byte checksum field at the end of its entries which me_cleaner does not adjust currently.

capture

Also, the total Engine region size does not matter because, by default, FIT appends all remaining SPI image padding to the Engine region.

So, other than the SPS3-specific checksum, I don't see anything wrong with me_cleaner's actions.

@sakaki-

This comment has been minimized.

sakaki- commented Oct 3, 2017

@corna:

Can you try again without the -s flag and report the results? No need to tell you that this might cause a brick.

Happy to do so. This is a production machine though, so it'll probably be the weekend before I can try it.

@sakaki-

This comment has been minimized.

sakaki- commented Oct 9, 2017

OK just retried without -S flag. Very similar results. Survives 30mins, some BIOS state lost (drops back to legacy boot initially, EFI boot list has been forgotten when EFI boot re-enabled), but that happens with the -S image too (I have migrated to the more modern 3407 BIOS).

Here is the me_cleaner output with -S (on the 3407 BIOS rom):

Full image detected
The ME/TXE region goes from 0x1000 to 0x800000
Found FPT header at 0x1010
Found 6 partition(s)
Found FTPR header: FTPR partition spans from 0x22000 to 0x42000
ME/TXE firmware version 3.1.3.38
Removing extra partitions...
Removing extra partition entries in FPT...
Removing EFFS presence flag...
Correcting checksum (0x4b)...
Reading FTPR modules list...
 BUP              (uncomp., 0x02235c - 0x03935c): NOT removed, essential
The ME minimum size should be 249856 bytes (0x3d000 bytes)
The ME region can be reduced up to:
 00001000:0003dfff me
Setting the AltMeDisable bit in PCHSTRP10 to disable Intel ME...
Checking the FTPR RSA signature... VALID
Done! Good luck!

and without -S:

Full image detected
The ME/TXE region goes from 0x1000 to 0x800000
Found FPT header at 0x1010
Found 6 partition(s)
Found FTPR header: FTPR partition spans from 0x22000 to 0x42000
ME/TXE firmware version 3.1.3.38
Removing extra partitions...
Removing extra partition entries in FPT...
Removing EFFS presence flag...
Correcting checksum (0x4b)...
Reading FTPR modules list...
 BUP              (uncomp., 0x02235c - 0x03935c): NOT removed, essential
The ME minimum size should be 249856 bytes (0x3d000 bytes)
The ME region can be reduced up to:
 00001000:0003dfff me
Checking the FTPR RSA signature... VALID
Done! Good luck!

Here is the intelmetool output with -S:

MEI not hidden on PCI, checking if visible
MEI found: [8086:8d3a] C610/X99 series chipset MEI Controller #1

ME Status   : 0xf0382
ME Status 2 : 0x9040d008

ME: FW Partition Table      : OK
ME: Bringup Loader Failure  : NO
ME: Firmware Init Complete  : YES
ME: Manufacturing Mode      : NO
ME: Boot Options Present    : NO
ME: Update In Progress      : NO
ME: Current Working State   : Recovery
ME: Current Operation State : Bring up
ME: Current Operation Mode  : M0 without UMA but with error
ME: Error Code              : No Error
ME: Progress Phase          : Uncategorized Failure
ME: Power Management Event  : Clean Moff->Mx wake
ME: Progress Phase State    : Unknown 0x40

ME: Extend Register not valid

ME: timeout waiting for data: expected 8, available 6
ME: GET FW VERSION message failed
ME: timeout waiting for data: expected 5, available 0
ME: GET FWCAPS message failed

and without -S:

MEI was hidden on PCI, now unlocked
MEI found: [8086:8d3a] C610/X99 series chipset MEI Controller #1

ME Status   : 0xf0382
ME Status 2 : 0x90401008

ME: FW Partition Table      : OK
ME: Bringup Loader Failure  : NO
ME: Firmware Init Complete  : YES
ME: Manufacturing Mode      : NO
ME: Boot Options Present    : NO
ME: Update In Progress      : NO
ME: Current Working State   : Recovery
ME: Current Operation State : Bring up
ME: Current Operation Mode  : M0 without UMA but with error
ME: Error Code              : No Error
ME: Progress Phase          : Uncategorized Failure
ME: Power Management Event  : Clean Moff->Mx wake
ME: Progress Phase State    : Unknown 0x40

ME: Extend Register not valid

ME: timeout waiting for data: expected 8, available 6
ME: GET FW VERSION message failed
ME: timeout waiting for data: expected 5, available 0
ME: GET FWCAPS message failed
Re-hiding MEI device...done

Diff between -S and no -S outputs of intelmetool:

1c1
< MEI not hidden on PCI, checking if visible
---
> MEI was hidden on PCI, now unlocked
5c5
< ME Status 2 : 0x9040d008
---
> ME Status 2 : 0x90401008
26a27
> Re-hiding MEI device...done

Does that mean the AltMeDisable bit is being ignored on SPS firmware?

Edit: I suppose I could run it with just -s / --soft-disable-only to answer that question myself...

hth, sakaki

@corna

This comment has been minimized.

Owner

corna commented Oct 13, 2017

Thanks for the tests.

Yes, it seems that AltMeDisable is ignored on SPS (but the modules removal works on your platform at least).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment