bios:notes:intel_me
Table of Contents
Acer Aspire TC-780
Notes
- me_cleaner
--soft-disable-only
: Works fine - me_cleaner
--soft-disable
: Causes a BSoD during Windows 10 installation and thus prevents Windows 10 from being installed - ifdtool
--unlock
+--altmedisable 1
: Untested; potentially better than me_cleaner--soft-disable-only
Unmodified Dump
me_cleaner check
Full image detected Found FPT header at 0x1010 Found 11 partition(s) Found FTPR header: FTPR partition spans from 0x1000 to 0xa8000 Found FTPR manifest at 0x1448 ME/TXE firmware version 11.8.50.3460 (generation 3) Public key match: Intel ME, firmware versions 11.x.x.x The HAP bit is NOT SET Checking the FTPR RSA signature... VALID
ifdtool dump
File /home/espionage724/Downloads/TC-780-R02-B2-stock-me_cleaner/stock-unmodified.bin is 8388608 bytes ICH Revision: 100 series Sunrise Point FLMAP0: 0x00040003 NR: 0 FRBA: 0x40 NC: 1 FCBA: 0x30 FLMAP1: 0x58100208 ISL: 0x58 FPSBA: 0x100 NM: 2 FMBA: 0x80 FLMAP2: 0x00310330 PSL: 0x3103 FMSBA: 0x300 FLUMAP1: 0x000026df Intel ME VSCC Table Length (VTL): 38 Intel ME VSCC Table Base Address (VTBA): 0x000df0 ME VSCC table: JID0: 0x0000471f SPI Componend Vendor ID: 0x1f SPI Componend Device ID 0: 0x47 SPI Componend Device ID 1: 0x00 VSCC0: 0x20152015 Lower Erase Opcode: 0x20 Lower Write Enable on Write Status: 0x06 Lower Write Status Required: No Lower Write Granularity: 64 bytes Lower Block / Sector Erase Size: 4KB Upper Erase Opcode: 0x20 Upper Write Enable on Write Status: 0x06 Upper Write Status Required: No Upper Write Granularity: 64 bytes Upper Block / Sector Erase Size: 4KB JID1: 0x001740ef SPI Componend Vendor ID: 0xef SPI Componend Device ID 0: 0x40 SPI Componend Device ID 1: 0x17 VSCC1: 0x20252025 Lower Erase Opcode: 0x20 Lower Write Enable on Write Status: 0x50 Lower Write Status Required: No Lower Write Granularity: 64 bytes Lower Block / Sector Erase Size: 4KB Upper Erase Opcode: 0x20 Upper Write Enable on Write Status: 0x50 Upper Write Status Required: No Upper Write Granularity: 64 bytes Upper Block / Sector Erase Size: 4KB JID2: 0x001740ef SPI Componend Vendor ID: 0xef SPI Componend Device ID 0: 0x40 SPI Componend Device ID 1: 0x17 VSCC2: 0x20252025 Lower Erase Opcode: 0x20 Lower Write Enable on Write Status: 0x50 Lower Write Status Required: No Lower Write Granularity: 64 bytes Lower Block / Sector Erase Size: 4KB Upper Erase Opcode: 0x20 Upper Write Enable on Write Status: 0x50 Upper Write Status Required: No Upper Write Granularity: 64 bytes Upper Block / Sector Erase Size: 4KB JID3: 0x001720c2 SPI Componend Vendor ID: 0xc2 SPI Componend Device ID 0: 0x20 SPI Componend Device ID 1: 0x17 VSCC3: 0x20452045 Lower Erase Opcode: 0x20 Lower Write Enable on Write Status: 0x50 Lower Write Status Required: No Lower Write Granularity: 64 bytes Lower Block / Sector Erase Size: 4KB Upper Erase Opcode: 0x20 Upper Write Enable on Write Status: 0x50 Upper Write Status Required: No Upper Write Granularity: 64 bytes Upper Block / Sector Erase Size: 4KB JID4: 0x001720c2 SPI Componend Vendor ID: 0xc2 SPI Componend Device ID 0: 0x20 SPI Componend Device ID 1: 0x17 VSCC4: 0x20452045 Lower Erase Opcode: 0x20 Lower Write Enable on Write Status: 0x50 Lower Write Status Required: No Lower Write Granularity: 64 bytes Lower Block / Sector Erase Size: 4KB Upper Erase Opcode: 0x20 Upper Write Enable on Write Status: 0x50 Upper Write Status Required: No Upper Write Granularity: 64 bytes Upper Block / Sector Erase Size: 4KB JID5: 0x00177120 SPI Componend Vendor ID: 0x20 SPI Componend Device ID 0: 0x71 SPI Componend Device ID 1: 0x17 VSCC5: 0x20052005 Lower Erase Opcode: 0x20 Lower Write Enable on Write Status: 0x50 Lower Write Status Required: No Lower Write Granularity: 64 bytes Lower Block / Sector Erase Size: 4KB Upper Erase Opcode: 0x20 Upper Write Enable on Write Status: 0x50 Upper Write Status Required: No Upper Write Granularity: 64 bytes Upper Block / Sector Erase Size: 4KB JID6: 0x0017ba20 SPI Componend Vendor ID: 0x20 SPI Componend Device ID 0: 0xba SPI Componend Device ID 1: 0x17 VSCC6: 0x20052005 Lower Erase Opcode: 0x20 Lower Write Enable on Write Status: 0x50 Lower Write Status Required: No Lower Write Granularity: 64 bytes Lower Block / Sector Erase Size: 4KB Upper Erase Opcode: 0x20 Upper Write Enable on Write Status: 0x50 Upper Write Status Required: No Upper Write Granularity: 64 bytes Upper Block / Sector Erase Size: 4KB JID7: 0x0000481f SPI Componend Vendor ID: 0x1f SPI Componend Device ID 0: 0x48 SPI Componend Device ID 1: 0x00 VSCC7: 0x20152015 Lower Erase Opcode: 0x20 Lower Write Enable on Write Status: 0x06 Lower Write Status Required: No Lower Write Granularity: 64 bytes Lower Block / Sector Erase Size: 4KB Upper Erase Opcode: 0x20 Upper Write Enable on Write Status: 0x06 Upper Write Status Required: No Upper Write Granularity: 64 bytes Upper Block / Sector Erase Size: 4KB OEM Section: 00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 10: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 20: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 30: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff Found Region Section FLREG0: 0x00000000 Flash Region 0 (Flash Descriptor): 00000000 - 00000fff FLREG1: 0x07ff0200 Flash Region 1 (BIOS): 00200000 - 007fffff FLREG2: 0x01ff0001 Flash Region 2 (Intel ME): 00001000 - 001fffff FLREG3: 0x00007fff Flash Region 3 (GbE): 07fff000 - 00000fff (unused) FLREG4: 0x00007fff Flash Region 4 (Platform Data): 07fff000 - 00000fff (unused) FLREG5: 0x00007fff Flash Region 5 (Reserved): 07fff000 - 00000fff (unused) FLREG6: 0x00007fff Flash Region 6 (Reserved): 07fff000 - 00000fff (unused) FLREG7: 0x00007fff Flash Region 7 (Reserved): 07fff000 - 00000fff (unused) FLREG8: 0x00007fff Flash Region 8 (EC): 07fff000 - 00000fff (unused) Found Component Section FLCOMP 0x325c00f4 Dual Output Fast Read Support: not supported Read ID/Read Status Clock Frequency: 17MHz Write/Erase Clock Frequency: 48MHz Fast Read Clock Frequency: 48MHz Fast Read Support: supported Read Clock Frequency: 17MHz Component 2 Density: UNUSED Component 1 Density: 8MB FLILL 0xad604221 Invalid Instruction 3: 0xad Invalid Instruction 2: 0x60 Invalid Instruction 1: 0x42 Invalid Instruction 0: 0x21 FLPB 0xc7c4b9b7 Flash Partition Boundary Address: 0x9b7000 Found PCH Strap Section PCHSTRP0: 0x00800000 PCHSTRP1: 0x00000100 PCHSTRP2: 0x00000000 PCHSTRP3: 0x00000000 PCHSTRP4: 0x00000000 PCHSTRP5: 0x00010000 PCHSTRP6: 0x00000100 PCHSTRP7: 0x00000000 PCHSTRP8: 0x00000000 PCHSTRP9: 0x00000000 PCHSTRP10: 0x00030000 PCHSTRP11: 0x00000100 PCHSTRP12: 0x00000000 PCHSTRP13: 0x00000000 PCHSTRP14: 0x00000000 PCHSTRP15: 0x00010000 PCHSTRP16: 0x00000100 PCHSTRP17: 0x00000000 HAP bit is not set Found Master Section FLMSTR1: 0x00a00b00 (Host CPU/BIOS) EC Region Write Access: disabled Platform Data Region Write Access: disabled GbE Region Write Access: enabled Intel ME Region Write Access: disabled Host CPU/BIOS Region Write Access: enabled Flash Descriptor Write Access: disabled EC Region Read Access: disabled Platform Data Region Read Access: disabled GbE Region Read Access: enabled Intel ME Region Read Access: disabled Host CPU/BIOS Region Read Access: enabled Flash Descriptor Read Access: enabled FLMSTR2: 0x00c00d00 (Intel ME) EC Region Write Access: disabled Platform Data Region Write Access: disabled GbE Region Write Access: enabled Intel ME Region Write Access: enabled Host CPU/BIOS Region Write Access: disabled Flash Descriptor Write Access: disabled EC Region Read Access: disabled Platform Data Region Read Access: disabled GbE Region Read Access: enabled Intel ME Region Read Access: enabled Host CPU/BIOS Region Read Access: disabled Flash Descriptor Read Access: enabled FLMSTR3: 0x008fff00 (GbE) EC Region Write Access: disabled Platform Data Region Write Access: disabled GbE Region Write Access: enabled Intel ME Region Write Access: disabled Host CPU/BIOS Region Write Access: disabled Flash Descriptor Write Access: disabled EC Region Read Access: enabled Platform Data Region Read Access: enabled GbE Region Read Access: enabled Intel ME Region Read Access: enabled Host CPU/BIOS Region Read Access: enabled Flash Descriptor Read Access: enabled FLMSTR5: 0xffffff00 (EC) EC Region Write Access: enabled Platform Data Region Write Access: enabled GbE Region Write Access: enabled Intel ME Region Write Access: enabled Host CPU/BIOS Region Write Access: enabled Flash Descriptor Write Access: enabled EC Region Read Access: enabled Platform Data Region Read Access: enabled GbE Region Read Access: enabled Intel ME Region Read Access: enabled Host CPU/BIOS Region Read Access: enabled Flash Descriptor Read Access: enabled Found Processor Strap Section ????: 0x00001000 ????: 0x80118012 ????: 0x00000295 ????: 0xffffffff ????: 0xffffffff ????: 0xffffffff ????: 0xffffffff ????: 0xffffffff
me_cleaner
soft-disable
- Ran on the unmodified
stock-unmodified.bin
image - This removes non-essential partitions and sets the HAP bit
Full image detected Found FPT header at 0x1010 Found 11 partition(s) Found FTPR header: FTPR partition spans from 0x1000 to 0xa8000 Found FTPR manifest at 0x1448 ME/TXE firmware version 11.8.50.3460 (generation 3) Public key match: Intel ME, firmware versions 11.x.x.x The HAP bit is NOT SET Reading partitions list... FTPR (0x00001000 - 0x0000a8000, 0x000a7000 total bytes): NOT removed FTUP (0x00110000 - 0x0001bc000, 0x000ac000 total bytes): removed DLMP ( no data here , 0x00000000 total bytes): nothing to remove PSVN (0x00000e00 - 0x000001000, 0x00000200 total bytes): removed IVBP (0x0010c000 - 0x000110000, 0x00004000 total bytes): removed MFS (0x000a8000 - 0x00010c000, 0x00064000 total bytes): removed NFTP (0x00110000 - 0x0001bc000, 0x000ac000 total bytes): removed ROMB ( no data here , 0x00000000 total bytes): nothing to remove FLOG (0x001bc000 - 0x0001bd000, 0x00001000 total bytes): removed UTOK (0x001bd000 - 0x0001bf000, 0x00002000 total bytes): removed ISHC ( no data here , 0x00000000 total bytes): nothing to remove Removing partition entries in FPT... Removing EFFS presence flag... Correcting checksum (0x20)... Reading FTPR modules list... FTPR.man (uncompressed, 0x001448 - 0x002018): NOT removed, partition manif. rbe.met (uncompressed, 0x002018 - 0x0020ae): NOT removed, module metadata kernel.met (uncompressed, 0x0020ae - 0x00213c): NOT removed, module metadata syslib.met (uncompressed, 0x00213c - 0x0021a0): NOT removed, module metadata bup.met (uncompressed, 0x0021a0 - 0x00274a): NOT removed, module metadata pm.met (uncompressed, 0x00274a - 0x0027f8): NOT removed, module metadata vfs.met (uncompressed, 0x0027f8 - 0x003158): NOT removed, module metadata evtdisp.met (uncompressed, 0x003158 - 0x0032e6): NOT removed, module metadata loadmgr.met (uncompressed, 0x0032e6 - 0x00340e): NOT removed, module metadata busdrv.met (uncompressed, 0x00340e - 0x003792): NOT removed, module metadata gpio.met (uncompressed, 0x003792 - 0x0038dc): NOT removed, module metadata prtc.met (uncompressed, 0x0038dc - 0x003a8c): NOT removed, module metadata policy.met (uncompressed, 0x003a8c - 0x003c4e): NOT removed, module metadata crypto.met (uncompressed, 0x003c4e - 0x003dd8): NOT removed, module metadata heci.met (uncompressed, 0x003dd8 - 0x003fa4): NOT removed, module metadata storage.met (uncompressed, 0x003fa4 - 0x0042a0): NOT removed, module metadata pmdrv.met (uncompressed, 0x0042a0 - 0x0043c4): NOT removed, module metadata maestro.met (uncompressed, 0x0043c4 - 0x0044ae): NOT removed, module metadata fpf.met (uncompressed, 0x0044ae - 0x0045ba): NOT removed, module metadata hci.met (uncompressed, 0x0045ba - 0x0046bc): NOT removed, module metadata fwupdate.met (uncompressed, 0x0046bc - 0x0047c4): NOT removed, module metadata ptt.met (uncompressed, 0x0047c4 - 0x0048d0): NOT removed, module metadata touch_fw.met (uncompressed, 0x0048d0 - 0x004a00): NOT removed, module metadata rbe (Huffman , 0x004a00 - 0x007180): NOT removed, essential kernel (Huffman , 0x007180 - 0x016fc0): NOT removed, essential syslib (Huffman , 0x016fc0 - 0x028e80): NOT removed, essential bup (Huffman , 0x028e80 - 0x053280): NOT removed, essential pm (LZMA/uncomp., 0x053280 - 0x055880): removed vfs (LZMA/uncomp., 0x055880 - 0x05d880): removed evtdisp (LZMA/uncomp., 0x05d880 - 0x05f280): removed loadmgr (LZMA/uncomp., 0x05f280 - 0x062080): removed busdrv (LZMA/uncomp., 0x062080 - 0x063940): removed gpio (LZMA/uncomp., 0x063940 - 0x064a80): removed prtc (LZMA/uncomp., 0x064a80 - 0x065640): removed policy (LZMA/uncomp., 0x065640 - 0x06a240): removed crypto (LZMA/uncomp., 0x06a240 - 0x077e40): removed heci (LZMA/uncomp., 0x077e40 - 0x07bd40): removed storage (LZMA/uncomp., 0x07bd40 - 0x080380): removed pmdrv (LZMA/uncomp., 0x080380 - 0x081540): removed maestro (LZMA/uncomp., 0x081540 - 0x083300): removed fpf (LZMA/uncomp., 0x083300 - 0x084d00): removed hci (LZMA/uncomp., 0x084d00 - 0x0855c0): removed fwupdate (LZMA/uncomp., 0x0855c0 - 0x08a300): removed ptt (LZMA/uncomp., 0x08a300 - 0x09fa00): removed touch_fw (LZMA/uncomp., 0x09fa00 - 0x0a8000): removed The ME minimum size should be 360448 bytes (0x58000 bytes) The ME region can be reduced up to: 00001000:00058fff me Setting the HAP bit in PCHSTRP0 to disable Intel ME... Checking the FTPR RSA signature... VALID Done! Good luck!
ifdtool
Unmodified
unlock + altmedisable
- This is ran on the unmodified
stock-unmodified.bin
image --unlock
is ran first, and then--altmedisable 1
is ran on the unlockedstock-unmodified.bin.new
image- The results are from the report of
ifdtool
--dump
on the final modifiedstock-unmodified.bin.new.new
image
File /home/espionage724/Downloads/TC-780-R02-B2-stock-me_cleaner/stock-unmodified.bin.new.new is 8388608 bytes ICH Revision: 100 series Sunrise Point FLMAP0: 0x00040003 NR: 0 FRBA: 0x40 NC: 1 FCBA: 0x30 FLMAP1: 0x58100208 ISL: 0x58 FPSBA: 0x100 NM: 2 FMBA: 0x80 FLMAP2: 0x00310330 PSL: 0x3103 FMSBA: 0x300 FLUMAP1: 0x000026df Intel ME VSCC Table Length (VTL): 38 Intel ME VSCC Table Base Address (VTBA): 0x000df0 ME VSCC table: JID0: 0x0000471f SPI Componend Vendor ID: 0x1f SPI Componend Device ID 0: 0x47 SPI Componend Device ID 1: 0x00 VSCC0: 0x20152015 Lower Erase Opcode: 0x20 Lower Write Enable on Write Status: 0x06 Lower Write Status Required: No Lower Write Granularity: 64 bytes Lower Block / Sector Erase Size: 4KB Upper Erase Opcode: 0x20 Upper Write Enable on Write Status: 0x06 Upper Write Status Required: No Upper Write Granularity: 64 bytes Upper Block / Sector Erase Size: 4KB JID1: 0x001740ef SPI Componend Vendor ID: 0xef SPI Componend Device ID 0: 0x40 SPI Componend Device ID 1: 0x17 VSCC1: 0x20252025 Lower Erase Opcode: 0x20 Lower Write Enable on Write Status: 0x50 Lower Write Status Required: No Lower Write Granularity: 64 bytes Lower Block / Sector Erase Size: 4KB Upper Erase Opcode: 0x20 Upper Write Enable on Write Status: 0x50 Upper Write Status Required: No Upper Write Granularity: 64 bytes Upper Block / Sector Erase Size: 4KB JID2: 0x001740ef SPI Componend Vendor ID: 0xef SPI Componend Device ID 0: 0x40 SPI Componend Device ID 1: 0x17 VSCC2: 0x20252025 Lower Erase Opcode: 0x20 Lower Write Enable on Write Status: 0x50 Lower Write Status Required: No Lower Write Granularity: 64 bytes Lower Block / Sector Erase Size: 4KB Upper Erase Opcode: 0x20 Upper Write Enable on Write Status: 0x50 Upper Write Status Required: No Upper Write Granularity: 64 bytes Upper Block / Sector Erase Size: 4KB JID3: 0x001720c2 SPI Componend Vendor ID: 0xc2 SPI Componend Device ID 0: 0x20 SPI Componend Device ID 1: 0x17 VSCC3: 0x20452045 Lower Erase Opcode: 0x20 Lower Write Enable on Write Status: 0x50 Lower Write Status Required: No Lower Write Granularity: 64 bytes Lower Block / Sector Erase Size: 4KB Upper Erase Opcode: 0x20 Upper Write Enable on Write Status: 0x50 Upper Write Status Required: No Upper Write Granularity: 64 bytes Upper Block / Sector Erase Size: 4KB JID4: 0x001720c2 SPI Componend Vendor ID: 0xc2 SPI Componend Device ID 0: 0x20 SPI Componend Device ID 1: 0x17 VSCC4: 0x20452045 Lower Erase Opcode: 0x20 Lower Write Enable on Write Status: 0x50 Lower Write Status Required: No Lower Write Granularity: 64 bytes Lower Block / Sector Erase Size: 4KB Upper Erase Opcode: 0x20 Upper Write Enable on Write Status: 0x50 Upper Write Status Required: No Upper Write Granularity: 64 bytes Upper Block / Sector Erase Size: 4KB JID5: 0x00177120 SPI Componend Vendor ID: 0x20 SPI Componend Device ID 0: 0x71 SPI Componend Device ID 1: 0x17 VSCC5: 0x20052005 Lower Erase Opcode: 0x20 Lower Write Enable on Write Status: 0x50 Lower Write Status Required: No Lower Write Granularity: 64 bytes Lower Block / Sector Erase Size: 4KB Upper Erase Opcode: 0x20 Upper Write Enable on Write Status: 0x50 Upper Write Status Required: No Upper Write Granularity: 64 bytes Upper Block / Sector Erase Size: 4KB JID6: 0x0017ba20 SPI Componend Vendor ID: 0x20 SPI Componend Device ID 0: 0xba SPI Componend Device ID 1: 0x17 VSCC6: 0x20052005 Lower Erase Opcode: 0x20 Lower Write Enable on Write Status: 0x50 Lower Write Status Required: No Lower Write Granularity: 64 bytes Lower Block / Sector Erase Size: 4KB Upper Erase Opcode: 0x20 Upper Write Enable on Write Status: 0x50 Upper Write Status Required: No Upper Write Granularity: 64 bytes Upper Block / Sector Erase Size: 4KB JID7: 0x0000481f SPI Componend Vendor ID: 0x1f SPI Componend Device ID 0: 0x48 SPI Componend Device ID 1: 0x00 VSCC7: 0x20152015 Lower Erase Opcode: 0x20 Lower Write Enable on Write Status: 0x06 Lower Write Status Required: No Lower Write Granularity: 64 bytes Lower Block / Sector Erase Size: 4KB Upper Erase Opcode: 0x20 Upper Write Enable on Write Status: 0x06 Upper Write Status Required: No Upper Write Granularity: 64 bytes Upper Block / Sector Erase Size: 4KB OEM Section: 00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 10: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 20: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 30: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff Found Region Section FLREG0: 0x00000000 Flash Region 0 (Flash Descriptor): 00000000 - 00000fff FLREG1: 0x07ff0200 Flash Region 1 (BIOS): 00200000 - 007fffff FLREG2: 0x01ff0001 Flash Region 2 (Intel ME): 00001000 - 001fffff FLREG3: 0x00007fff Flash Region 3 (GbE): 07fff000 - 00000fff (unused) FLREG4: 0x00007fff Flash Region 4 (Platform Data): 07fff000 - 00000fff (unused) FLREG5: 0x00007fff Flash Region 5 (Reserved): 07fff000 - 00000fff (unused) FLREG6: 0x00007fff Flash Region 6 (Reserved): 07fff000 - 00000fff (unused) FLREG7: 0x00007fff Flash Region 7 (Reserved): 07fff000 - 00000fff (unused) FLREG8: 0x00007fff Flash Region 8 (EC): 07fff000 - 00000fff (unused) Found Component Section FLCOMP 0x325c00f4 Dual Output Fast Read Support: not supported Read ID/Read Status Clock Frequency: 17MHz Write/Erase Clock Frequency: 48MHz Fast Read Clock Frequency: 48MHz Fast Read Support: supported Read Clock Frequency: 17MHz Component 2 Density: UNUSED Component 1 Density: 8MB FLILL 0xad604221 Invalid Instruction 3: 0xad Invalid Instruction 2: 0x60 Invalid Instruction 1: 0x42 Invalid Instruction 0: 0x21 FLPB 0xc7c4b9b7 Flash Partition Boundary Address: 0x9b7000 Found PCH Strap Section PCHSTRP0: 0x00810000 PCHSTRP1: 0x00000100 PCHSTRP2: 0x00000000 PCHSTRP3: 0x00000000 PCHSTRP4: 0x00000000 PCHSTRP5: 0x00010000 PCHSTRP6: 0x00000100 PCHSTRP7: 0x00000000 PCHSTRP8: 0x00000000 PCHSTRP9: 0x00000000 PCHSTRP10: 0x00030000 PCHSTRP11: 0x00000100 PCHSTRP12: 0x00000000 PCHSTRP13: 0x00000000 PCHSTRP14: 0x00000000 PCHSTRP15: 0x00010000 PCHSTRP16: 0x00000100 PCHSTRP17: 0x00000000 HAP bit is set Found Master Section FLMSTR1: 0xffffff00 (Host CPU/BIOS) EC Region Write Access: enabled Platform Data Region Write Access: enabled GbE Region Write Access: enabled Intel ME Region Write Access: enabled Host CPU/BIOS Region Write Access: enabled Flash Descriptor Write Access: enabled EC Region Read Access: enabled Platform Data Region Read Access: enabled GbE Region Read Access: enabled Intel ME Region Read Access: enabled Host CPU/BIOS Region Read Access: enabled Flash Descriptor Read Access: enabled FLMSTR2: 0xffffff00 (Intel ME) EC Region Write Access: enabled Platform Data Region Write Access: enabled GbE Region Write Access: enabled Intel ME Region Write Access: enabled Host CPU/BIOS Region Write Access: enabled Flash Descriptor Write Access: enabled EC Region Read Access: enabled Platform Data Region Read Access: enabled GbE Region Read Access: enabled Intel ME Region Read Access: enabled Host CPU/BIOS Region Read Access: enabled Flash Descriptor Read Access: enabled FLMSTR3: 0xffffff00 (GbE) EC Region Write Access: enabled Platform Data Region Write Access: enabled GbE Region Write Access: enabled Intel ME Region Write Access: enabled Host CPU/BIOS Region Write Access: enabled Flash Descriptor Write Access: enabled EC Region Read Access: enabled Platform Data Region Read Access: enabled GbE Region Read Access: enabled Intel ME Region Read Access: enabled Host CPU/BIOS Region Read Access: enabled Flash Descriptor Read Access: enabled FLMSTR5: 0xffffff00 (EC) EC Region Write Access: enabled Platform Data Region Write Access: enabled GbE Region Write Access: enabled Intel ME Region Write Access: enabled Host CPU/BIOS Region Write Access: enabled Flash Descriptor Write Access: enabled EC Region Read Access: enabled Platform Data Region Read Access: enabled GbE Region Read Access: enabled Intel ME Region Read Access: enabled Host CPU/BIOS Region Read Access: enabled Flash Descriptor Read Access: enabled Found Processor Strap Section ????: 0x00001000 ????: 0x80118012 ????: 0x00000295 ????: 0xffffffff ????: 0xffffffff ????: 0xffffffff ????: 0xffffffff ????: 0xffffffff
me_clean soft-disable
unlock + altmedisable
- This is ran on the
me_clean --soft-disable
modifiedtest.bin
image --unlock
is ran first, and then--altmedisable 1
is ran on the unlockedtest.bin.new
image- The results are from the report of
ifdtool
--dump
on the final modifiedtest.bin.new.new
image - This accomplishes non-essential ME partition removal, setting the HAP bit, and full R/W on the chip
File /home/espionage724/test.bin.new.new is 8388608 bytes ICH Revision: 100 series Sunrise Point FLMAP0: 0x00040003 NR: 0 FRBA: 0x40 NC: 1 FCBA: 0x30 FLMAP1: 0x58100208 ISL: 0x58 FPSBA: 0x100 NM: 2 FMBA: 0x80 FLMAP2: 0x00310330 PSL: 0x3103 FMSBA: 0x300 FLUMAP1: 0x000026df Intel ME VSCC Table Length (VTL): 38 Intel ME VSCC Table Base Address (VTBA): 0x000df0 ME VSCC table: JID0: 0x0000471f SPI Componend Vendor ID: 0x1f SPI Componend Device ID 0: 0x47 SPI Componend Device ID 1: 0x00 VSCC0: 0x20152015 Lower Erase Opcode: 0x20 Lower Write Enable on Write Status: 0x06 Lower Write Status Required: No Lower Write Granularity: 64 bytes Lower Block / Sector Erase Size: 4KB Upper Erase Opcode: 0x20 Upper Write Enable on Write Status: 0x06 Upper Write Status Required: No Upper Write Granularity: 64 bytes Upper Block / Sector Erase Size: 4KB JID1: 0x001740ef SPI Componend Vendor ID: 0xef SPI Componend Device ID 0: 0x40 SPI Componend Device ID 1: 0x17 VSCC1: 0x20252025 Lower Erase Opcode: 0x20 Lower Write Enable on Write Status: 0x50 Lower Write Status Required: No Lower Write Granularity: 64 bytes Lower Block / Sector Erase Size: 4KB Upper Erase Opcode: 0x20 Upper Write Enable on Write Status: 0x50 Upper Write Status Required: No Upper Write Granularity: 64 bytes Upper Block / Sector Erase Size: 4KB JID2: 0x001740ef SPI Componend Vendor ID: 0xef SPI Componend Device ID 0: 0x40 SPI Componend Device ID 1: 0x17 VSCC2: 0x20252025 Lower Erase Opcode: 0x20 Lower Write Enable on Write Status: 0x50 Lower Write Status Required: No Lower Write Granularity: 64 bytes Lower Block / Sector Erase Size: 4KB Upper Erase Opcode: 0x20 Upper Write Enable on Write Status: 0x50 Upper Write Status Required: No Upper Write Granularity: 64 bytes Upper Block / Sector Erase Size: 4KB JID3: 0x001720c2 SPI Componend Vendor ID: 0xc2 SPI Componend Device ID 0: 0x20 SPI Componend Device ID 1: 0x17 VSCC3: 0x20452045 Lower Erase Opcode: 0x20 Lower Write Enable on Write Status: 0x50 Lower Write Status Required: No Lower Write Granularity: 64 bytes Lower Block / Sector Erase Size: 4KB Upper Erase Opcode: 0x20 Upper Write Enable on Write Status: 0x50 Upper Write Status Required: No Upper Write Granularity: 64 bytes Upper Block / Sector Erase Size: 4KB JID4: 0x001720c2 SPI Componend Vendor ID: 0xc2 SPI Componend Device ID 0: 0x20 SPI Componend Device ID 1: 0x17 VSCC4: 0x20452045 Lower Erase Opcode: 0x20 Lower Write Enable on Write Status: 0x50 Lower Write Status Required: No Lower Write Granularity: 64 bytes Lower Block / Sector Erase Size: 4KB Upper Erase Opcode: 0x20 Upper Write Enable on Write Status: 0x50 Upper Write Status Required: No Upper Write Granularity: 64 bytes Upper Block / Sector Erase Size: 4KB JID5: 0x00177120 SPI Componend Vendor ID: 0x20 SPI Componend Device ID 0: 0x71 SPI Componend Device ID 1: 0x17 VSCC5: 0x20052005 Lower Erase Opcode: 0x20 Lower Write Enable on Write Status: 0x50 Lower Write Status Required: No Lower Write Granularity: 64 bytes Lower Block / Sector Erase Size: 4KB Upper Erase Opcode: 0x20 Upper Write Enable on Write Status: 0x50 Upper Write Status Required: No Upper Write Granularity: 64 bytes Upper Block / Sector Erase Size: 4KB JID6: 0x0017ba20 SPI Componend Vendor ID: 0x20 SPI Componend Device ID 0: 0xba SPI Componend Device ID 1: 0x17 VSCC6: 0x20052005 Lower Erase Opcode: 0x20 Lower Write Enable on Write Status: 0x50 Lower Write Status Required: No Lower Write Granularity: 64 bytes Lower Block / Sector Erase Size: 4KB Upper Erase Opcode: 0x20 Upper Write Enable on Write Status: 0x50 Upper Write Status Required: No Upper Write Granularity: 64 bytes Upper Block / Sector Erase Size: 4KB JID7: 0x0000481f SPI Componend Vendor ID: 0x1f SPI Componend Device ID 0: 0x48 SPI Componend Device ID 1: 0x00 VSCC7: 0x20152015 Lower Erase Opcode: 0x20 Lower Write Enable on Write Status: 0x06 Lower Write Status Required: No Lower Write Granularity: 64 bytes Lower Block / Sector Erase Size: 4KB Upper Erase Opcode: 0x20 Upper Write Enable on Write Status: 0x06 Upper Write Status Required: No Upper Write Granularity: 64 bytes Upper Block / Sector Erase Size: 4KB OEM Section: 00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 10: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 20: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 30: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff Found Region Section FLREG0: 0x00000000 Flash Region 0 (Flash Descriptor): 00000000 - 00000fff FLREG1: 0x07ff0200 Flash Region 1 (BIOS): 00200000 - 007fffff FLREG2: 0x01ff0001 Flash Region 2 (Intel ME): 00001000 - 001fffff FLREG3: 0x00007fff Flash Region 3 (GbE): 07fff000 - 00000fff (unused) FLREG4: 0x00007fff Flash Region 4 (Platform Data): 07fff000 - 00000fff (unused) FLREG5: 0x00007fff Flash Region 5 (Reserved): 07fff000 - 00000fff (unused) FLREG6: 0x00007fff Flash Region 6 (Reserved): 07fff000 - 00000fff (unused) FLREG7: 0x00007fff Flash Region 7 (Reserved): 07fff000 - 00000fff (unused) FLREG8: 0x00007fff Flash Region 8 (EC): 07fff000 - 00000fff (unused) Found Component Section FLCOMP 0x325c00f4 Dual Output Fast Read Support: not supported Read ID/Read Status Clock Frequency: 17MHz Write/Erase Clock Frequency: 48MHz Fast Read Clock Frequency: 48MHz Fast Read Support: supported Read Clock Frequency: 17MHz Component 2 Density: UNUSED Component 1 Density: 8MB FLILL 0xad604221 Invalid Instruction 3: 0xad Invalid Instruction 2: 0x60 Invalid Instruction 1: 0x42 Invalid Instruction 0: 0x21 FLPB 0xc7c4b9b7 Flash Partition Boundary Address: 0x9b7000 Found PCH Strap Section PCHSTRP0: 0x00810000 PCHSTRP1: 0x00000100 PCHSTRP2: 0x00000000 PCHSTRP3: 0x00000000 PCHSTRP4: 0x00000000 PCHSTRP5: 0x00010000 PCHSTRP6: 0x00000100 PCHSTRP7: 0x00000000 PCHSTRP8: 0x00000000 PCHSTRP9: 0x00000000 PCHSTRP10: 0x00030000 PCHSTRP11: 0x00000100 PCHSTRP12: 0x00000000 PCHSTRP13: 0x00000000 PCHSTRP14: 0x00000000 PCHSTRP15: 0x00010000 PCHSTRP16: 0x00000100 PCHSTRP17: 0x00000000 HAP bit is set Found Master Section FLMSTR1: 0xffffff00 (Host CPU/BIOS) EC Region Write Access: enabled Platform Data Region Write Access: enabled GbE Region Write Access: enabled Intel ME Region Write Access: enabled Host CPU/BIOS Region Write Access: enabled Flash Descriptor Write Access: enabled EC Region Read Access: enabled Platform Data Region Read Access: enabled GbE Region Read Access: enabled Intel ME Region Read Access: enabled Host CPU/BIOS Region Read Access: enabled Flash Descriptor Read Access: enabled FLMSTR2: 0xffffff00 (Intel ME) EC Region Write Access: enabled Platform Data Region Write Access: enabled GbE Region Write Access: enabled Intel ME Region Write Access: enabled Host CPU/BIOS Region Write Access: enabled Flash Descriptor Write Access: enabled EC Region Read Access: enabled Platform Data Region Read Access: enabled GbE Region Read Access: enabled Intel ME Region Read Access: enabled Host CPU/BIOS Region Read Access: enabled Flash Descriptor Read Access: enabled FLMSTR3: 0xffffff00 (GbE) EC Region Write Access: enabled Platform Data Region Write Access: enabled GbE Region Write Access: enabled Intel ME Region Write Access: enabled Host CPU/BIOS Region Write Access: enabled Flash Descriptor Write Access: enabled EC Region Read Access: enabled Platform Data Region Read Access: enabled GbE Region Read Access: enabled Intel ME Region Read Access: enabled Host CPU/BIOS Region Read Access: enabled Flash Descriptor Read Access: enabled FLMSTR5: 0xffffff00 (EC) EC Region Write Access: enabled Platform Data Region Write Access: enabled GbE Region Write Access: enabled Intel ME Region Write Access: enabled Host CPU/BIOS Region Write Access: enabled Flash Descriptor Write Access: enabled EC Region Read Access: enabled Platform Data Region Read Access: enabled GbE Region Read Access: enabled Intel ME Region Read Access: enabled Host CPU/BIOS Region Read Access: enabled Flash Descriptor Read Access: enabled Found Processor Strap Section ????: 0x00001000 ????: 0x80118012 ????: 0x00000295 ????: 0xffffffff ????: 0xffffffff ????: 0xffffffff ????: 0xffffffff ????: 0xffffffff
MEInfo
me_cleaner
+--soft-disable-only
E:\Programs\Hardware Diag\Intel CSME System Tools v11 r16\MEInfo\WIN64>"E:\Programs\Hardware Diag\Intel CSME System Tools v11 r16\MEInfo\WIN64\MEInfoWin64.exe" -VERBOSE Intel(R) MEInfo Version: 11.8.59.3560 Copyright(C) 2005 - 2017, Intel Corporation. All rights reserved. Windows OS Version : 10.0 Table Type 18 ( 0x 12 ) found, size of 0 (0x 00 ) bytes Table Type 0 ( 0x 00 ) found, size of 68 (0x 44 ) bytes Table Type 1 ( 0x 01 ) found, size of 90 (0x 5A ) bytes Table Type 2 ( 0x 02 ) found, size of 128 (0x 80 ) bytes Table Type 3 ( 0x 03 ) found, size of 106 (0x 6A ) bytes Table Type 9 ( 0x 09 ) found, size of 22 (0x 16 ) bytes Table Type 10 ( 0x 0A ) found, size of 127 (0x 7F ) bytes Table Type 11 ( 0x 0B ) found, size of 49 (0x 31 ) bytes Table Type 24 ( 0x 18 ) found, size of 7 (0x 07 ) bytes Table Type 32 ( 0x 20 ) found, size of 22 (0x 16 ) bytes Table Type 41 ( 0x 29 ) found, size of 37 (0x 25 ) bytes Table Type 16 ( 0x 10 ) found, size of 25 (0x 19 ) bytes Table Type 17 ( 0x 11 ) found, size of 101 (0x 65 ) bytes Table Type 19 ( 0x 13 ) found, size of 33 (0x 21 ) bytes Table Type 14 ( 0x 0E ) found, size of 14 (0x 0E ) bytes Table Type 0 ( 0x 00 ) found, size of 68 (0x 44 ) bytes Table Type 1 ( 0x 01 ) found, size of 90 (0x 5A ) bytes Table Type 2 ( 0x 02 ) found, size of 128 (0x 80 ) bytes Table Type 3 ( 0x 03 ) found, size of 106 (0x 6A ) bytes Table Type 9 ( 0x 09 ) found, size of 22 (0x 16 ) bytes Table Type 10 ( 0x 0A ) found, size of 127 (0x 7F ) bytes Table Type 11 ( 0x 0B ) found, size of 49 (0x 31 ) bytes Table Type 24 ( 0x 18 ) found, size of 7 (0x 07 ) bytes Table Type 32 ( 0x 20 ) found, size of 22 (0x 16 ) bytes Table Type 41 ( 0x 29 ) found, size of 37 (0x 25 ) bytes Table Type 16 ( 0x 10 ) found, size of 25 (0x 19 ) bytes Table Type 17 ( 0x 11 ) found, size of 101 (0x 65 ) bytes Table Type 19 ( 0x 13 ) found, size of 33 (0x 21 ) bytes Table Type 14 ( 0x 0E ) found, size of 14 (0x 0E ) bytes FW Status Register1: 0x80022004 FW Status Register2: 0x304D0106 FW Status Register3: 0x00000020 FW Status Register4: 0x00086000 FW Status Register5: 0x00000000 FW Status Register6: 0x40000000 CurrentState: Disabled ManufacturingMode: Disabled FlashPartition: Valid OperationalState: Transitioning InitComplete: Initializing BUPLoadState: Success ErrorCode: Disabled ModeOfOperation: Alt Disable Mode SPI Flash Log: Not Present FPF HW Source value: Not Applicable ME FPF Fusing Patch Status: ME FPF Fusing patch NOT applicable Phase: BringUp ICC: Valid OEM data, ICC programmed ME File System Corrupted: No PhaseStatus: UNKNOWN FPF and ME Config Status: Match Error 86: Communication error between application and Intel(R) ME module (FWU client) Error 81: Internal error (Could not determine FW features information)
Dell XPS 13 9360
Notes
- me_cleaner
--soft-disable-only
: Works fine - me_cleaner
--soft-disable
: Works fine - ifdtool
--unlock
+--altmedisable 1
: Untested; potentially better than me_cleaner--soft-disable-only
Unmodified Dump
me_cleaner check
Full image detected Found FPT header at 0x3010 Found 13 partition(s) Found FTPR header: FTPR partition spans from 0x1000 to 0x130000 Found FTPR manifest at 0x1478 ME/TXE firmware version 11.8.55.3510 (generation 3) Public key match: Intel ME, firmware versions 11.x.x.x The HAP bit is SET Checking the FTPR RSA signature... VALID
ifdtool dump
File /home/espionage724/Downloads/9360-me_cleaner/test1.bin is 33554432 bytes ICH Revision: 100 series Sunrise Point FLMAP0: 0x00040003 NR: 0 FRBA: 0x40 NC: 1 FCBA: 0x30 FLMAP1: 0x42100208 ISL: 0x42 FPSBA: 0x100 NM: 2 FMBA: 0x80 FLMAP2: 0x00310330 PSL: 0x3103 FMSBA: 0x300 FLUMAP1: 0x000004df Intel ME VSCC Table Length (VTL): 4 Intel ME VSCC Table Base Address (VTBA): 0x000df0 ME VSCC table: JID0: 0x0019bb20 SPI Componend Vendor ID: 0x20 SPI Componend Device ID 0: 0xbb SPI Componend Device ID 1: 0x19 VSCC0: 0x20052005 Lower Erase Opcode: 0x20 Lower Write Enable on Write Status: 0x50 Lower Write Status Required: No Lower Write Granularity: 64 bytes Lower Block / Sector Erase Size: 4KB Upper Erase Opcode: 0x20 Upper Write Enable on Write Status: 0x50 Upper Write Status Required: No Upper Write Granularity: 64 bytes Upper Block / Sector Erase Size: 4KB JID1: 0x001940ef SPI Componend Vendor ID: 0xef SPI Componend Device ID 0: 0x40 SPI Componend Device ID 1: 0x19 VSCC1: 0x20252025 Lower Erase Opcode: 0x20 Lower Write Enable on Write Status: 0x50 Lower Write Status Required: No Lower Write Granularity: 64 bytes Lower Block / Sector Erase Size: 4KB Upper Erase Opcode: 0x20 Upper Write Enable on Write Status: 0x50 Upper Write Status Required: No Upper Write Granularity: 64 bytes Upper Block / Sector Erase Size: 4KB OEM Section: 00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 10: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 20: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 30: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff Found Region Section FLREG0: 0x00000000 Flash Region 0 (Flash Descriptor): 00000000 - 00000fff FLREG1: 0x1fff1700 Flash Region 1 (BIOS): 01700000 - 01ffffff FLREG2: 0x16ff0003 Flash Region 2 (Intel ME): 00003000 - 016fffff FLREG3: 0x00020001 Flash Region 3 (GbE): 00001000 - 00002fff FLREG4: 0x00007fff Flash Region 4 (Platform Data): 07fff000 - 00000fff (unused) FLREG5: 0x00007fff Flash Region 5 (Reserved): 07fff000 - 00000fff (unused) FLREG6: 0x00007fff Flash Region 6 (Reserved): 07fff000 - 00000fff (unused) FLREG7: 0x00007fff Flash Region 7 (Reserved): 07fff000 - 00000fff (unused) FLREG8: 0x00007fff Flash Region 8 (EC): 07fff000 - 00000fff (unused) Found Component Section FLCOMP 0x125c00f6 Dual Output Fast Read Support: not supported Read ID/Read Status Clock Frequency: 48MHz Write/Erase Clock Frequency: 48MHz Fast Read Clock Frequency: 48MHz Fast Read Support: supported Read Clock Frequency: 17MHz Component 2 Density: UNUSED Component 1 Density: 32MB FLILL 0xad604221 Invalid Instruction 3: 0xad Invalid Instruction 2: 0x60 Invalid Instruction 1: 0x42 Invalid Instruction 0: 0x21 FLPB 0xc7c4b9b7 Flash Partition Boundary Address: 0x9b7000 Found PCH Strap Section PCHSTRP0: 0x00110000 PCHSTRP1: 0x00000100 PCHSTRP2: 0x00000000 PCHSTRP3: 0x00000000 PCHSTRP4: 0x00000000 PCHSTRP5: 0x00010000 PCHSTRP6: 0x00000000 PCHSTRP7: 0x00000000 PCHSTRP8: 0x00000000 PCHSTRP9: 0x00000000 PCHSTRP10: 0x00030000 PCHSTRP11: 0x00000000 PCHSTRP12: 0x00000000 PCHSTRP13: 0x00000000 PCHSTRP14: 0x00000000 PCHSTRP15: 0x00020000 PCHSTRP16: 0x00000000 PCHSTRP17: 0x00000070 HAP bit is set Found Master Section FLMSTR1: 0x00a00b00 (Host CPU/BIOS) EC Region Write Access: disabled Platform Data Region Write Access: disabled GbE Region Write Access: enabled Intel ME Region Write Access: disabled Host CPU/BIOS Region Write Access: enabled Flash Descriptor Write Access: disabled EC Region Read Access: disabled Platform Data Region Read Access: disabled GbE Region Read Access: enabled Intel ME Region Read Access: disabled Host CPU/BIOS Region Read Access: enabled Flash Descriptor Read Access: enabled FLMSTR2: 0x00c00d00 (Intel ME) EC Region Write Access: disabled Platform Data Region Write Access: disabled GbE Region Write Access: enabled Intel ME Region Write Access: enabled Host CPU/BIOS Region Write Access: disabled Flash Descriptor Write Access: disabled EC Region Read Access: disabled Platform Data Region Read Access: disabled GbE Region Read Access: enabled Intel ME Region Read Access: enabled Host CPU/BIOS Region Read Access: disabled Flash Descriptor Read Access: enabled FLMSTR3: 0x00800900 (GbE) EC Region Write Access: disabled Platform Data Region Write Access: disabled GbE Region Write Access: enabled Intel ME Region Write Access: disabled Host CPU/BIOS Region Write Access: disabled Flash Descriptor Write Access: disabled EC Region Read Access: disabled Platform Data Region Read Access: disabled GbE Region Read Access: enabled Intel ME Region Read Access: disabled Host CPU/BIOS Region Read Access: disabled Flash Descriptor Read Access: enabled FLMSTR5: 0x10010300 (EC) EC Region Write Access: enabled Platform Data Region Write Access: disabled GbE Region Write Access: disabled Intel ME Region Write Access: disabled Host CPU/BIOS Region Write Access: disabled Flash Descriptor Write Access: disabled EC Region Read Access: enabled Platform Data Region Read Access: disabled GbE Region Read Access: disabled Intel ME Region Read Access: disabled Host CPU/BIOS Region Read Access: enabled Flash Descriptor Read Access: enabled Found Processor Strap Section ????: 0x00001000 ????: 0x00118002 ????: 0x00000210 ????: 0xffffffff ????: 0xffffffff ????: 0xffffffff ????: 0xffffffff ????: 0xffffffff
me_cleaner
soft-disable
- Ran on the unmodified
test1.bin
image - This removes non-essential partitions and sets the HAP bit
Full image detected Found FPT header at 0x3010 Found 13 partition(s) Found FTPR header: FTPR partition spans from 0x1000 to 0x130000 Found FTPR manifest at 0x1478 ME/TXE firmware version 11.8.55.3510 (generation 3) Public key match: Intel ME, firmware versions 11.x.x.x The HAP bit is SET Reading partitions list... FTPR (0x00001000 - 0x000130000, 0x0012f000 total bytes): NOT removed FTUP (0x00272000 - 0x000600000, 0x0038e000 total bytes): removed DLMP (0x0012e000 - 0x000131000, 0x00003000 total bytes): removed PSVN (0x00000e00 - 0x000001000, 0x00000200 total bytes): removed IVBP (0x0026e000 - 0x000272000, 0x00004000 total bytes): removed MFS (0x00130000 - 0x00026e000, 0x0013e000 total bytes): removed NFTP (0x00272000 - 0x00057d000, 0x0030b000 total bytes): removed ROMB ( no data here , 0x00000000 total bytes): nothing to remove WCOD (0x0057d000 - 0x0005fd000, 0x00080000 total bytes): removed LOCL (0x005fd000 - 0x000600000, 0x00003000 total bytes): removed FLOG (0x00600000 - 0x000601000, 0x00001000 total bytes): removed UTOK (0x00601000 - 0x000603000, 0x00002000 total bytes): removed ISHC ( no data here , 0x00000000 total bytes): nothing to remove Removing partition entries in FPT... Removing EFFS presence flag... Correcting checksum (0xf2)... Reading FTPR modules list... FTPR.man (uncompressed, 0x001478 - 0x0021e4): NOT removed, partition manif. rbe.met (uncompressed, 0x0021e4 - 0x00227a): NOT removed, module metadata fptemp.met (uncompressed, 0x00227a - 0x0022b2): NOT removed, module metadata kernel.met (uncompressed, 0x0022b2 - 0x002340): NOT removed, module metadata syslib.met (uncompressed, 0x002340 - 0x0023a4): NOT removed, module metadata bup.met (uncompressed, 0x0023a4 - 0x00294e): NOT removed, module metadata pm.met (uncompressed, 0x00294e - 0x0029fc): NOT removed, module metadata vfs.met (uncompressed, 0x0029fc - 0x003494): NOT removed, module metadata evtdisp.met (uncompressed, 0x003494 - 0x003622): NOT removed, module metadata loadmgr.met (uncompressed, 0x003622 - 0x00374a): NOT removed, module metadata busdrv.met (uncompressed, 0x00374a - 0x003af2): NOT removed, module metadata gpio.met (uncompressed, 0x003af2 - 0x003c3c): NOT removed, module metadata prtc.met (uncompressed, 0x003c3c - 0x003dec): NOT removed, module metadata policy.met (uncompressed, 0x003dec - 0x003fae): NOT removed, module metadata crypto.met (uncompressed, 0x003fae - 0x004138): NOT removed, module metadata heci.met (uncompressed, 0x004138 - 0x004304): NOT removed, module metadata storage.met (uncompressed, 0x004304 - 0x004600): NOT removed, module metadata pmdrv.met (uncompressed, 0x004600 - 0x004724): NOT removed, module metadata maestro.met (uncompressed, 0x004724 - 0x00480e): NOT removed, module metadata fpf.met (uncompressed, 0x00480e - 0x00491a): NOT removed, module metadata hci.met (uncompressed, 0x00491a - 0x004a1c): NOT removed, module metadata fwupdate.met (uncompressed, 0x004a1c - 0x004b24): NOT removed, module metadata ptt.met (uncompressed, 0x004b24 - 0x004c30): NOT removed, module metadata touch_fw.met (uncompressed, 0x004c30 - 0x004d40): NOT removed, module metadata rbe (Huffman , 0x004d40 - 0x007b80): NOT removed, essential fptemp (LZMA/uncomp., 0x007b80 - 0x009b80): removed kernel (Huffman , 0x009b80 - 0x0199c0): NOT removed, essential syslib (Huffman , 0x0199c0 - 0x02bc40): NOT removed, essential bup (Huffman , 0x02bc40 - 0x0564c0): NOT removed, essential pm (Huffman , 0x0564c0 - 0x059ec0): removed vfs (Huffman , 0x059ec0 - 0x068840): removed evtdisp (Huffman , 0x068840 - 0x06b2c0): removed loadmgr (Huffman , 0x06b2c0 - 0x0701c0): removed busdrv (Huffman , 0x0701c0 - 0x073e00): removed gpio (Huffman , 0x073e00 - 0x075c80): removed prtc (Huffman , 0x075c80 - 0x077000): removed policy (Huffman , 0x077000 - 0x082040): removed crypto (Huffman , 0x082040 - 0x09cc80): removed heci (LZMA/uncomp., 0x09cc80 - 0x0a0b80): removed storage (Huffman , 0x0a0b80 - 0x0a6dc0): removed pmdrv (Huffman , 0x0a6dc0 - 0x0a8b40): removed maestro (Huffman , 0x0a8b40 - 0x0ad9c0): removed fpf (Huffman , 0x0ad9c0 - 0x0b0540): removed hci (LZMA/uncomp., 0x0b0540 - 0x0b0e00): removed fwupdate (LZMA/uncomp., 0x0b0e00 - 0x0b5b80): removed ptt (LZMA/uncomp., 0x0b5b80 - 0x0cb400): removed touch_fw (LZMA/uncomp., 0x0cb400 - 0x130000): removed The ME minimum size should be 372736 bytes (0x5b000 bytes) The ME region can be reduced up to: 00003000:0005dfff me Setting the HAP bit in PCHSTRP0 to disable Intel ME... Checking the FTPR RSA signature... VALID Done! Good luck!
ifdtool
Unmodified
unlock + altmedisable
- This is ran on the unmodified
test1.bin
image --unlock
is ran first, and then--altmedisable 1
is ran on the unlockedtest1.bin.new
image- The results are from the report of
ifdtool
--dump
on the final modifiedtest1.bin.new.new
image
File /home/espionage724/Downloads/9360-me_cleaner/test1.bin.new.new is 33554432 bytes ICH Revision: 100 series Sunrise Point FLMAP0: 0x00040003 NR: 0 FRBA: 0x40 NC: 1 FCBA: 0x30 FLMAP1: 0x42100208 ISL: 0x42 FPSBA: 0x100 NM: 2 FMBA: 0x80 FLMAP2: 0x00310330 PSL: 0x3103 FMSBA: 0x300 FLUMAP1: 0x000004df Intel ME VSCC Table Length (VTL): 4 Intel ME VSCC Table Base Address (VTBA): 0x000df0 ME VSCC table: JID0: 0x0019bb20 SPI Componend Vendor ID: 0x20 SPI Componend Device ID 0: 0xbb SPI Componend Device ID 1: 0x19 VSCC0: 0x20052005 Lower Erase Opcode: 0x20 Lower Write Enable on Write Status: 0x50 Lower Write Status Required: No Lower Write Granularity: 64 bytes Lower Block / Sector Erase Size: 4KB Upper Erase Opcode: 0x20 Upper Write Enable on Write Status: 0x50 Upper Write Status Required: No Upper Write Granularity: 64 bytes Upper Block / Sector Erase Size: 4KB JID1: 0x001940ef SPI Componend Vendor ID: 0xef SPI Componend Device ID 0: 0x40 SPI Componend Device ID 1: 0x19 VSCC1: 0x20252025 Lower Erase Opcode: 0x20 Lower Write Enable on Write Status: 0x50 Lower Write Status Required: No Lower Write Granularity: 64 bytes Lower Block / Sector Erase Size: 4KB Upper Erase Opcode: 0x20 Upper Write Enable on Write Status: 0x50 Upper Write Status Required: No Upper Write Granularity: 64 bytes Upper Block / Sector Erase Size: 4KB OEM Section: 00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 10: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 20: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 30: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff Found Region Section FLREG0: 0x00000000 Flash Region 0 (Flash Descriptor): 00000000 - 00000fff FLREG1: 0x1fff1700 Flash Region 1 (BIOS): 01700000 - 01ffffff FLREG2: 0x16ff0003 Flash Region 2 (Intel ME): 00003000 - 016fffff FLREG3: 0x00020001 Flash Region 3 (GbE): 00001000 - 00002fff FLREG4: 0x00007fff Flash Region 4 (Platform Data): 07fff000 - 00000fff (unused) FLREG5: 0x00007fff Flash Region 5 (Reserved): 07fff000 - 00000fff (unused) FLREG6: 0x00007fff Flash Region 6 (Reserved): 07fff000 - 00000fff (unused) FLREG7: 0x00007fff Flash Region 7 (Reserved): 07fff000 - 00000fff (unused) FLREG8: 0x00007fff Flash Region 8 (EC): 07fff000 - 00000fff (unused) Found Component Section FLCOMP 0x125c00f6 Dual Output Fast Read Support: not supported Read ID/Read Status Clock Frequency: 48MHz Write/Erase Clock Frequency: 48MHz Fast Read Clock Frequency: 48MHz Fast Read Support: supported Read Clock Frequency: 17MHz Component 2 Density: UNUSED Component 1 Density: 32MB FLILL 0xad604221 Invalid Instruction 3: 0xad Invalid Instruction 2: 0x60 Invalid Instruction 1: 0x42 Invalid Instruction 0: 0x21 FLPB 0xc7c4b9b7 Flash Partition Boundary Address: 0x9b7000 Found PCH Strap Section PCHSTRP0: 0x00110000 PCHSTRP1: 0x00000100 PCHSTRP2: 0x00000000 PCHSTRP3: 0x00000000 PCHSTRP4: 0x00000000 PCHSTRP5: 0x00010000 PCHSTRP6: 0x00000000 PCHSTRP7: 0x00000000 PCHSTRP8: 0x00000000 PCHSTRP9: 0x00000000 PCHSTRP10: 0x00030000 PCHSTRP11: 0x00000000 PCHSTRP12: 0x00000000 PCHSTRP13: 0x00000000 PCHSTRP14: 0x00000000 PCHSTRP15: 0x00020000 PCHSTRP16: 0x00000000 PCHSTRP17: 0x00000070 HAP bit is set Found Master Section FLMSTR1: 0xffffff00 (Host CPU/BIOS) EC Region Write Access: enabled Platform Data Region Write Access: enabled GbE Region Write Access: enabled Intel ME Region Write Access: enabled Host CPU/BIOS Region Write Access: enabled Flash Descriptor Write Access: enabled EC Region Read Access: enabled Platform Data Region Read Access: enabled GbE Region Read Access: enabled Intel ME Region Read Access: enabled Host CPU/BIOS Region Read Access: enabled Flash Descriptor Read Access: enabled FLMSTR2: 0xffffff00 (Intel ME) EC Region Write Access: enabled Platform Data Region Write Access: enabled GbE Region Write Access: enabled Intel ME Region Write Access: enabled Host CPU/BIOS Region Write Access: enabled Flash Descriptor Write Access: enabled EC Region Read Access: enabled Platform Data Region Read Access: enabled GbE Region Read Access: enabled Intel ME Region Read Access: enabled Host CPU/BIOS Region Read Access: enabled Flash Descriptor Read Access: enabled FLMSTR3: 0xffffff00 (GbE) EC Region Write Access: enabled Platform Data Region Write Access: enabled GbE Region Write Access: enabled Intel ME Region Write Access: enabled Host CPU/BIOS Region Write Access: enabled Flash Descriptor Write Access: enabled EC Region Read Access: enabled Platform Data Region Read Access: enabled GbE Region Read Access: enabled Intel ME Region Read Access: enabled Host CPU/BIOS Region Read Access: enabled Flash Descriptor Read Access: enabled FLMSTR5: 0x10010300 (EC) EC Region Write Access: enabled Platform Data Region Write Access: disabled GbE Region Write Access: disabled Intel ME Region Write Access: disabled Host CPU/BIOS Region Write Access: disabled Flash Descriptor Write Access: disabled EC Region Read Access: enabled Platform Data Region Read Access: disabled GbE Region Read Access: disabled Intel ME Region Read Access: disabled Host CPU/BIOS Region Read Access: enabled Flash Descriptor Read Access: enabled Found Processor Strap Section ????: 0x00001000 ????: 0x00118002 ????: 0x00000210 ????: 0xffffffff ????: 0xffffffff ????: 0xffffffff ????: 0xffffffff ????: 0xffffffff
me_cleaner + ifdtool
- The unmodified
test1.bin
is passed throughme_cleaner
without arguments for the non-essential partition removal, resulting intest.bin
test.bin
is passed throughifdtool
with the--unlock
option, resulting intest.bin.new
test.bin.new
is passed throughifdtool
with the--altmedisable 1
option, resulting intest.bin.new.new
- The final, modified image
test.bin.new.new
is then ran throughifdtool
with the--dump
option, and the report is mentioned below - This accomplishes non-essential ME partition removal, setting the HAP bit, and full R/W on the chip
File /home/espionage724/me_cleaner-ifdtool-unlock-altmedisable-tc780-r2b02.bin is 8388608 bytes ICH Revision: 100 series Sunrise Point FLMAP0: 0x00040003 NR: 0 FRBA: 0x40 NC: 1 FCBA: 0x30 FLMAP1: 0x58100208 ISL: 0x58 FPSBA: 0x100 NM: 2 FMBA: 0x80 FLMAP2: 0x00310330 PSL: 0x3103 FMSBA: 0x300 FLUMAP1: 0x000026df Intel ME VSCC Table Length (VTL): 38 Intel ME VSCC Table Base Address (VTBA): 0x000df0 ME VSCC table: JID0: 0x0000471f SPI Componend Vendor ID: 0x1f SPI Componend Device ID 0: 0x47 SPI Componend Device ID 1: 0x00 VSCC0: 0x20152015 Lower Erase Opcode: 0x20 Lower Write Enable on Write Status: 0x06 Lower Write Status Required: No Lower Write Granularity: 64 bytes Lower Block / Sector Erase Size: 4KB Upper Erase Opcode: 0x20 Upper Write Enable on Write Status: 0x06 Upper Write Status Required: No Upper Write Granularity: 64 bytes Upper Block / Sector Erase Size: 4KB JID1: 0x001740ef SPI Componend Vendor ID: 0xef SPI Componend Device ID 0: 0x40 SPI Componend Device ID 1: 0x17 VSCC1: 0x20252025 Lower Erase Opcode: 0x20 Lower Write Enable on Write Status: 0x50 Lower Write Status Required: No Lower Write Granularity: 64 bytes Lower Block / Sector Erase Size: 4KB Upper Erase Opcode: 0x20 Upper Write Enable on Write Status: 0x50 Upper Write Status Required: No Upper Write Granularity: 64 bytes Upper Block / Sector Erase Size: 4KB JID2: 0x001740ef SPI Componend Vendor ID: 0xef SPI Componend Device ID 0: 0x40 SPI Componend Device ID 1: 0x17 VSCC2: 0x20252025 Lower Erase Opcode: 0x20 Lower Write Enable on Write Status: 0x50 Lower Write Status Required: No Lower Write Granularity: 64 bytes Lower Block / Sector Erase Size: 4KB Upper Erase Opcode: 0x20 Upper Write Enable on Write Status: 0x50 Upper Write Status Required: No Upper Write Granularity: 64 bytes Upper Block / Sector Erase Size: 4KB JID3: 0x001720c2 SPI Componend Vendor ID: 0xc2 SPI Componend Device ID 0: 0x20 SPI Componend Device ID 1: 0x17 VSCC3: 0x20452045 Lower Erase Opcode: 0x20 Lower Write Enable on Write Status: 0x50 Lower Write Status Required: No Lower Write Granularity: 64 bytes Lower Block / Sector Erase Size: 4KB Upper Erase Opcode: 0x20 Upper Write Enable on Write Status: 0x50 Upper Write Status Required: No Upper Write Granularity: 64 bytes Upper Block / Sector Erase Size: 4KB JID4: 0x001720c2 SPI Componend Vendor ID: 0xc2 SPI Componend Device ID 0: 0x20 SPI Componend Device ID 1: 0x17 VSCC4: 0x20452045 Lower Erase Opcode: 0x20 Lower Write Enable on Write Status: 0x50 Lower Write Status Required: No Lower Write Granularity: 64 bytes Lower Block / Sector Erase Size: 4KB Upper Erase Opcode: 0x20 Upper Write Enable on Write Status: 0x50 Upper Write Status Required: No Upper Write Granularity: 64 bytes Upper Block / Sector Erase Size: 4KB JID5: 0x00177120 SPI Componend Vendor ID: 0x20 SPI Componend Device ID 0: 0x71 SPI Componend Device ID 1: 0x17 VSCC5: 0x20052005 Lower Erase Opcode: 0x20 Lower Write Enable on Write Status: 0x50 Lower Write Status Required: No Lower Write Granularity: 64 bytes Lower Block / Sector Erase Size: 4KB Upper Erase Opcode: 0x20 Upper Write Enable on Write Status: 0x50 Upper Write Status Required: No Upper Write Granularity: 64 bytes Upper Block / Sector Erase Size: 4KB JID6: 0x0017ba20 SPI Componend Vendor ID: 0x20 SPI Componend Device ID 0: 0xba SPI Componend Device ID 1: 0x17 VSCC6: 0x20052005 Lower Erase Opcode: 0x20 Lower Write Enable on Write Status: 0x50 Lower Write Status Required: No Lower Write Granularity: 64 bytes Lower Block / Sector Erase Size: 4KB Upper Erase Opcode: 0x20 Upper Write Enable on Write Status: 0x50 Upper Write Status Required: No Upper Write Granularity: 64 bytes Upper Block / Sector Erase Size: 4KB JID7: 0x0000481f SPI Componend Vendor ID: 0x1f SPI Componend Device ID 0: 0x48 SPI Componend Device ID 1: 0x00 VSCC7: 0x20152015 Lower Erase Opcode: 0x20 Lower Write Enable on Write Status: 0x06 Lower Write Status Required: No Lower Write Granularity: 64 bytes Lower Block / Sector Erase Size: 4KB Upper Erase Opcode: 0x20 Upper Write Enable on Write Status: 0x06 Upper Write Status Required: No Upper Write Granularity: 64 bytes Upper Block / Sector Erase Size: 4KB OEM Section: 00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 10: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 20: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 30: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff Found Region Section FLREG0: 0x00000000 Flash Region 0 (Flash Descriptor): 00000000 - 00000fff FLREG1: 0x07ff0200 Flash Region 1 (BIOS): 00200000 - 007fffff FLREG2: 0x01ff0001 Flash Region 2 (Intel ME): 00001000 - 001fffff FLREG3: 0x00007fff Flash Region 3 (GbE): 07fff000 - 00000fff (unused) FLREG4: 0x00007fff Flash Region 4 (Platform Data): 07fff000 - 00000fff (unused) FLREG5: 0x00007fff Flash Region 5 (Reserved): 07fff000 - 00000fff (unused) FLREG6: 0x00007fff Flash Region 6 (Reserved): 07fff000 - 00000fff (unused) FLREG7: 0x00007fff Flash Region 7 (Reserved): 07fff000 - 00000fff (unused) FLREG8: 0x00007fff Flash Region 8 (EC): 07fff000 - 00000fff (unused) Found Component Section FLCOMP 0x325c00f4 Dual Output Fast Read Support: not supported Read ID/Read Status Clock Frequency: 17MHz Write/Erase Clock Frequency: 48MHz Fast Read Clock Frequency: 48MHz Fast Read Support: supported Read Clock Frequency: 17MHz Component 2 Density: UNUSED Component 1 Density: 8MB FLILL 0xad604221 Invalid Instruction 3: 0xad Invalid Instruction 2: 0x60 Invalid Instruction 1: 0x42 Invalid Instruction 0: 0x21 FLPB 0xc7c4b9b7 Flash Partition Boundary Address: 0x9b7000 Found PCH Strap Section PCHSTRP0: 0x00810000 PCHSTRP1: 0x00000100 PCHSTRP2: 0x00000000 PCHSTRP3: 0x00000000 PCHSTRP4: 0x00000000 PCHSTRP5: 0x00010000 PCHSTRP6: 0x00000100 PCHSTRP7: 0x00000000 PCHSTRP8: 0x00000000 PCHSTRP9: 0x00000000 PCHSTRP10: 0x00030000 PCHSTRP11: 0x00000100 PCHSTRP12: 0x00000000 PCHSTRP13: 0x00000000 PCHSTRP14: 0x00000000 PCHSTRP15: 0x00010000 PCHSTRP16: 0x00000100 PCHSTRP17: 0x00000000 HAP bit is set Found Master Section FLMSTR1: 0xffffff00 (Host CPU/BIOS) EC Region Write Access: enabled Platform Data Region Write Access: enabled GbE Region Write Access: enabled Intel ME Region Write Access: enabled Host CPU/BIOS Region Write Access: enabled Flash Descriptor Write Access: enabled EC Region Read Access: enabled Platform Data Region Read Access: enabled GbE Region Read Access: enabled Intel ME Region Read Access: enabled Host CPU/BIOS Region Read Access: enabled Flash Descriptor Read Access: enabled FLMSTR2: 0xffffff00 (Intel ME) EC Region Write Access: enabled Platform Data Region Write Access: enabled GbE Region Write Access: enabled Intel ME Region Write Access: enabled Host CPU/BIOS Region Write Access: enabled Flash Descriptor Write Access: enabled EC Region Read Access: enabled Platform Data Region Read Access: enabled GbE Region Read Access: enabled Intel ME Region Read Access: enabled Host CPU/BIOS Region Read Access: enabled Flash Descriptor Read Access: enabled FLMSTR3: 0xffffff00 (GbE) EC Region Write Access: enabled Platform Data Region Write Access: enabled GbE Region Write Access: enabled Intel ME Region Write Access: enabled Host CPU/BIOS Region Write Access: enabled Flash Descriptor Write Access: enabled EC Region Read Access: enabled Platform Data Region Read Access: enabled GbE Region Read Access: enabled Intel ME Region Read Access: enabled Host CPU/BIOS Region Read Access: enabled Flash Descriptor Read Access: enabled FLMSTR5: 0xffffff00 (EC) EC Region Write Access: enabled Platform Data Region Write Access: enabled GbE Region Write Access: enabled Intel ME Region Write Access: enabled Host CPU/BIOS Region Write Access: enabled Flash Descriptor Write Access: enabled EC Region Read Access: enabled Platform Data Region Read Access: enabled GbE Region Read Access: enabled Intel ME Region Read Access: enabled Host CPU/BIOS Region Read Access: enabled Flash Descriptor Read Access: enabled Found Processor Strap Section ????: 0x00001000 ????: 0x80118012 ????: 0x00000295 ????: 0xffffffff ????: 0xffffffff ????: 0xffffffff ????: 0xffffffff ????: 0xffffffff
MEInfo
- TODO
/var/www/wiki/data/pages/bios/notes/intel_me.txt · Last modified: by 127.0.0.1