Forum RSS Feed Follow @ Twitter Follow On Facebook

Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
[-]
Welcome
You have to register before you can post on our site.

Username:


Password:





[-]
Latest Threads
Lenovo ThinkPad SL510 Whitelist Removal....
Last Post: deepTeNk
Yesterday 03:32 PM
» Replies: 5
» Views: 6359
[REQUEST] HP Pavilion G42-272BR Whitelis...
Last Post: eepromm
11-22-2024 01:55 AM
» Replies: 0
» Views: 113
[REQUEST] Lenovo G710 BIOS Whitelist Rem...
Last Post: voyageur
11-21-2024 04:33 PM
» Replies: 475
» Views: 167427
[REQUEST] Acer Aspire 5738(G,Z): CPU Upg...
Last Post: DeathBringer
11-21-2024 03:44 PM
» Replies: 49
» Views: 32892
[REQUEST] HP Mini 110-4100 BIOS Unlock
Last Post: DSI INF
11-21-2024 09:24 AM
» Replies: 7
» Views: 256
[REQUEST] Lenovo IdeaPad U310 & U410 (65...
Last Post: Dudu2002
11-21-2024 03:11 AM
» Replies: 1780
» Views: 495634
Lenovo ThinkCentre M715q 2nd Gen & AMD R...
Last Post: Elmurley
11-20-2024 09:37 PM
» Replies: 2
» Views: 1296
[REQUEST] Lenovo Y50-70 (9ECNxxWW) White...
Last Post: SWZSSR
11-20-2024 09:34 PM
» Replies: 1775
» Views: 554112
[REQUEST] Lenovo Thinkpad X240 (GIETxxWW...
Last Post: Dudu2002
11-20-2024 04:58 PM
» Replies: 337
» Views: 143734
Unlock bios insyde
Last Post: Matox3140
11-19-2024 03:40 PM
» Replies: 0
» Views: 226
Whitelist WIFI card removal Lenovo Yoga ...
Last Post: Dudu2002
11-19-2024 12:58 PM
» Replies: 1
» Views: 233
[REQUEST] H310 MSI Gaming Infinite S (MS...
Last Post: awittyusername
11-19-2024 09:21 AM
» Replies: 10
» Views: 141
[REQUEST] Gigabyte GA-B85M-HD3 Rev 2.0 u...
Last Post: Maduli
11-19-2024 02:22 AM
» Replies: 0
» Views: 178
[REQUEST] Lenovo Ideapad 330-15ICH BIOS ...
Last Post: Dudu2002
11-18-2024 01:25 PM
» Replies: 8
» Views: 1910
[REQUEST] Lenovo ThinkPad Edge E330 (H3E...
Last Post: Dudu2002
11-18-2024 01:23 PM
» Replies: 640
» Views: 221443
[Request] Unlocked Bios for Asus TUF FX5...
Last Post: FlT4ever
11-18-2024 01:05 PM
» Replies: 1
» Views: 431
[REQUEST] Lenovo ThinkPad Edge E125(v1.1...
Last Post: kamome74
11-18-2024 10:43 AM
» Replies: 0
» Views: 218
[REQUEST] Xpg 15g 4070 2023ver InsydeH20...
Last Post: MireVelli
11-18-2024 07:26 AM
» Replies: 2
» Views: 215
Please help me recover my bios
Last Post: FuryOP
11-17-2024 12:37 PM
» Replies: 0
» Views: 233
[Request-Camilo] Sony Vaio SA/SB/SC/SD/S...
Last Post: edit
11-17-2024 12:13 PM
» Replies: 107
» Views: 136984

ami hex edit help
#1
Ok so I have a bios for a dell t7810 that I'm trying to get some stuff unlocked for someone. Menus can't be made visible so I'm just trying to hex code some changes. starting small I changed overclocking lock. Opened the rom in uefitool alpha 62 and extracted the efi file body. made changes and then replaced it using uefitool 26.0. Machine will not boot after this is applied. can someone help me out here?

Before and After IFR of the mod

EFI File Changes


0x38335 One Of: Overclocking Lock, VarStoreInfo (VarOffset/VarName): 0x1271, VarStore: 0x1, QuestionId: 0xC75, Size: 1, Min: 0x0, Max 0x1, Step: 0x0 {05 91 6A 12 6B 12 75 0C 01 00 71 12 10 10 00 01 00}
0x38346 One Of Option: Disable, Value (8 bit): 0x1 {09 07 41 0A 00 00 01}
0x3834D One Of Option: Enable, Value (8 bit): 0x0 (default) {09 07 40 0A 30 00 00}

Changed to

0x38335 One Of: Overclocking Lock, VarStoreInfo (VarOffset/VarName): 0x1271, VarStore: 0x0, QuestionId: 0xC75, Size: 1, Min: 0x0, Max 0x1, Step: 0x0 {05 91 6A 12 6B 12 75 0C 00 00 71 12 10 10 00 01 00}
0x38346 One Of Option: Enable, Value (8 bit): 0x1 {09 07 40 0A 00 00 01}
0x3834D One Of Option: Disable, Value (8 bit): 0x0 (default) {09 07 41 0A 30 00 00}

and then a link to the screenshot of 2 instances of amibcp open showing the stock bin vs the modded bin
https://drive.google.com/file/d/1nnT38oo0Dz-ZwCUtKtXgTEZ0eltwbkz6/view?usp=share_link

and then he provided me with this if it helps at all. 

[CHIPSEC] Platform: IVB
[CHIPSEC]    CPUID: 306F2
[CHIPSEC]      VID: 8086
[CHIPSEC]      DID: 7190
[CHIPSEC]      RID: 01
[CHIPSEC] PCH    : Default PCH
[CHIPSEC]      VID: FFFF
[CHIPSEC]      DID: FFFF
[CHIPSEC]      RID: FF


[*]loading common modules from "/usr/local/lib/python3.10/dist-packages/chipsec-1.10.2-py3.10-linux-x86_64.egg/chipsec/modules/common" ..
[*]loading platform specific modules from "/usr/local/lib/python3.10/dist-packages/chipsec-1.10.2-py3.10-linux-x86_64.egg/chipsec/modules/ivb" ..
[*]loading modules from "/usr/local/lib/python3.10/dist-packages/chipsec-1.10.2-py3.10-linux-x86_64.egg/chipsec/modules" ..
[+] loaded chipsec.modules.common.bios_kbrd_buffer
[+] loaded chipsec.modules.common.bios_smi
[+] loaded chipsec.modules.common.bios_ts
[+] loaded chipsec.modules.common.bios_wp
[+] loaded chipsec.modules.common.cpu.cpu_info
[+] loaded chipsec.modules.common.cpu.ia_untrusted
[+] loaded chipsec.modules.common.cpu.spectre_v2
[+] loaded chipsec.modules.common.debugenabled
[+] loaded chipsec.modules.common.ia32cfg
[+] loaded chipsec.modules.common.me_mfg_mode
[+] loaded chipsec.modules.common.memconfig
[+] loaded chipsec.modules.common.memlock
[+] loaded chipsec.modules.common.remap
[+] loaded chipsec.modules.common.rtclock
[+] loaded chipsec.modules.common.secureboot.variables
[+] loaded chipsec.modules.common.sgx_check
[+] loaded chipsec.modules.common.smm
[+] loaded chipsec.modules.common.smm_code_chk
[+] loaded chipsec.modules.common.smm_dma
[+] loaded chipsec.modules.common.smrr
[+] loaded chipsec.modules.common.spd_wd
[+] loaded chipsec.modules.common.spi_access
[+] loaded chipsec.modules.common.spi_desc
[+] loaded chipsec.modules.common.spi_fdopss
[+] loaded chipsec.modules.common.spi_lock
[+] loaded chipsec.modules.common.uefi.access_uefispec
[+] loaded chipsec.modules.common.uefi.s3bootscript

[*]running loaded modules ..

[*]Running module: chipsec.modules.common.bios_kbrd_buffer
[x][ =======================================================================
[x][ Module: Pre-boot Passwords in the BIOS Keyboard Buffer
[x][ =======================================================================

[*]Keyboard buffer head pointer = 0x1E (at 0x41A), tail pointer = 0x1E (at 0x41C)
[*]Keyboard buffer contents (at 0x41E):
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |               
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |               

[*]Checking contents of the keyboard buffer..

[+] PASSED: Keyboard buffer looks empty. Pre-boot passwords don't seem to be exposed

[*]Running module: chipsec.modules.common.bios_smi
[x][ =======================================================================
[x][ Module: SMI Events Configuration
[x][ =======================================================================
[+] SMM BIOS region write protection is enabled (SMM_BWP is used)

[*]Checking SMI enables..
    Global SMI enable: 1
    TCO SMI enable  : 1
[+] All required SMI events are enabled

[*]Checking SMI configuration locks..
[+] TCO SMI configuration is locked (TCO SMI Lock)
[+] SMI events global configuration is locked (SMI Lock)

[+] PASSED: All required SMI sources seem to be enabled and locked

[*]Running module: chipsec.modules.common.bios_ts
[x][ =======================================================================
[x][ Module: BIOS Interface Lock (including Top Swap Mode)
[x][ =======================================================================

[*]BiosInterfaceLockDown (BILD) control = 0
[*]BIOS Top Swap mode: can't determine status.
[*]RTC TopSwap control (TS) = 1
[-] FAILED: BIOS Interface is not locked (including Top Swap Mode)

[*]Running module: chipsec.modules.common.bios_wp
[x][ =======================================================================
[x][ Module: BIOS Region Write Protection
[x][ =======================================================================

[*]BC = 0xFF << BIOS Control (b:d.f 00:31.0 + 0xDC)
    [00] BIOSWE          = 1 << BIOS Write Enable
    [01] BLE              = 1 << BIOS Lock Enable
    [02] SRC              = 3 << SPI Read Configuration
    [04] TSS              = 1 << Top Swap Status
    [05] SMM_BWP          = 1 << SMM BIOS Write Protection
[-] BIOS region write protection is disabled!

[*]BIOS Region: Base = 0x008FD000, Limit = 0x004E9FFF
SPI Protected Ranges
------------------------------------------------------------
PRx (offset) | Value    | Base    | Limit    | WP? | RP?
------------------------------------------------------------
PR0 (74)    | 1175E938 | 00938000 | 01175FFF | 0  | 1
PR1 (78)    | 80BBD7B0 | 017B0000 | 000BBFFF | 1  | 1
PR2 (7C)    | FFBCE9F8 | 009F8000 | 01FBCFFF | 1  | 1
PR3 (80)    | BB80CC80 | 00C80000 | 01B80FFF | 1  | 1
PR4 (84)    | B6E9F889 | 01889000 | 016E9FFF | 1  | 1

[!] None of the SPI protected ranges write-protect BIOS region

[!] BIOS should enable all available SMM based write protection mechanisms.
[!] Or configure SPI protected ranges to protect the entire BIOS region.
[-] FAILED: BIOS is NOT protected completely

[*]Running module: chipsec.modules.common.cpu.cpu_info
[x][ =======================================================================
[x][ Module: Current Processor Information:
[x][ =======================================================================

[*]Thread 0000
[*]Processor: Intel® Xeon® CPU E5-2630 v3 @ 2.40GHz
[*]            Family: 06 Model: 3F Stepping: 2
[*]            Microcode: 00000043

[*]Thread 0001
[*]Processor: Intel® Xeon® CPU E5-2630 v3 @ 2.40GHz
[*]            Family: 06 Model: 3F Stepping: 2
[*]            Microcode: 00000043

[*]Thread 0002
[*]Processor: Intel® Xeon® CPU E5-2630 v3 @ 2.40GHz
[*]            Family: 06 Model: 3F Stepping: 2
[*]            Microcode: 00000043

[*]Thread 0003
[*]Processor: Intel® Xeon® CPU E5-2630 v3 @ 2.40GHz
[*]            Family: 06 Model: 3F Stepping: 2
[*]            Microcode: 00000043

[*]Thread 0004
[*]Processor: Intel® Xeon® CPU E5-2630 v3 @ 2.40GHz
[*]            Family: 06 Model: 3F Stepping: 2
[*]            Microcode: 00000043

[*]Thread 0005
[*]Processor: Intel® Xeon® CPU E5-2630 v3 @ 2.40GHz
[*]            Family: 06 Model: 3F Stepping: 2
[*]            Microcode: 00000043

[*]Thread 0006
[*]Processor: Intel® Xeon® CPU E5-2630 v3 @ 2.40GHz
[*]            Family: 06 Model: 3F Stepping: 2
[*]            Microcode: 00000043

[*]Thread 0007
[*]Processor: Intel® Xeon® CPU E5-2630 v3 @ 2.40GHz
[*]            Family: 06 Model: 3F Stepping: 2
[*]            Microcode: 00000043

[*]Thread 0008
[*]Processor: Intel® Xeon® CPU E5-2630 v3 @ 2.40GHz
[*]            Family: 06 Model: 3F Stepping: 2
[*]            Microcode: 00000043

[*]Thread 0009
[*]Processor: Intel® Xeon® CPU E5-2630 v3 @ 2.40GHz
[*]            Family: 06 Model: 3F Stepping: 2
[*]            Microcode: 00000043

[*]Thread 0010
[*]Processor: Intel® Xeon® CPU E5-2630 v3 @ 2.40GHz
[*]            Family: 06 Model: 3F Stepping: 2
[*]            Microcode: 00000043

[*]Thread 0011
[*]Processor: Intel® Xeon® CPU E5-2630 v3 @ 2.40GHz
[*]            Family: 06 Model: 3F Stepping: 2
[*]            Microcode: 00000043

[*]Thread 0012
[*]Processor: Intel® Xeon® CPU E5-2630 v3 @ 2.40GHz
[*]            Family: 06 Model: 3F Stepping: 2
[*]            Microcode: 00000043

[*]Thread 0013
[*]Processor: Intel® Xeon® CPU E5-2630 v3 @ 2.40GHz
[*]            Family: 06 Model: 3F Stepping: 2
[*]            Microcode: 00000043

[*]Thread 0014
[*]Processor: Intel® Xeon® CPU E5-2630 v3 @ 2.40GHz
[*]            Family: 06 Model: 3F Stepping: 2
[*]            Microcode: 00000043

[*]Thread 0015
[*]Processor: Intel® Xeon® CPU E5-2630 v3 @ 2.40GHz
[*]            Family: 06 Model: 3F Stepping: 2
[*]            Microcode: 00000043
[*]
[#] INFORMATION: Processor information displayed

[*]Running module: chipsec.modules.common.cpu.ia_untrusted
[!] MSR_BIOS_DONE.IA_UNTRUSTED is not defined for platform.  Skipping checks.
Skipping module chipsec.modules.common.cpu.ia_untrusted since it is not applicable in this environment and/or platform

[*]Running module: chipsec.modules.common.cpu.spectre_v2
[x][ =======================================================================
[x][ Module: Checks for Branch Target Injection / Spectre v2 (CVE-2017-5715)
[x][ =======================================================================

[*]CPUID.7H:EDX[26] = 1 Indirect Branch Restricted Speculation (IBRS) & Predictor Barrier (IBPB)
[*]CPUID.7H:EDX[27] = 1 Single Thread Indirect Branch Predictors (STIBP)
[*]CPUID.7H:EDX[29] = 1 IA32_ARCH_CAPABILITIES
[+] CPU supports IBRS and IBPB
[+] CPU supports STIBP

[*]Checking enhanced IBRS support in IA32_ARCH_CAPABILITIES...
[*]  cpu0: IBRS_ALL = 0
[-] CPU doesn't support enhanced IBRS
WARNING: CPU supports mitigation (IBRS) but doesn't support enhanced IBRS
[!] OS may be using software based mitigation (eg. retpoline)
WARNING: 'retpoline_enabled' is not implemented

[*]Running module: chipsec.modules.common.debugenabled
[!] CPU Debug features are not supported on this platform.  Skipping module.
Skipping module chipsec.modules.common.debugenabled since it is not applicable in this environment and/or platform

[*]Running module: chipsec.modules.common.ia32cfg
[x][ =======================================================================
[x][ Module: IA32 Feature Control Lock
[x][ =======================================================================

[*]Verifying IA32_Feature_Control MSR is locked on all logical CPUs..
[*]cpu0: IA32_FEATURE_CONTROL Lock = 1
[*]cpu1: IA32_FEATURE_CONTROL Lock = 1
[*]cpu2: IA32_FEATURE_CONTROL Lock = 1
[*]cpu3: IA32_FEATURE_CONTROL Lock = 1
[*]cpu4: IA32_FEATURE_CONTROL Lock = 1
[*]cpu5: IA32_FEATURE_CONTROL Lock = 1
[*]cpu6: IA32_FEATURE_CONTROL Lock = 1
[*]cpu7: IA32_FEATURE_CONTROL Lock = 1
[*]cpu8: IA32_FEATURE_CONTROL Lock = 1
[*]cpu9: IA32_FEATURE_CONTROL Lock = 1
[*]cpu10: IA32_FEATURE_CONTROL Lock = 1
[*]cpu11: IA32_FEATURE_CONTROL Lock = 1
[*]cpu12: IA32_FEATURE_CONTROL Lock = 1
[*]cpu13: IA32_FEATURE_CONTROL Lock = 1
[*]cpu14: IA32_FEATURE_CONTROL Lock = 1
[*]cpu15: IA32_FEATURE_CONTROL Lock = 1
[+] PASSED: IA32_FEATURE_CONTROL MSR is locked on all logical CPUs

[*]Running module: chipsec.modules.common.me_mfg_mode
[x][ =======================================================================
[x][ Module: ME Manufacturing Mode
[x][ =======================================================================
[+] PASSED: ME is not in Manufacturing Mode

[*]Running module: chipsec.modules.common.memconfig
[x][ =======================================================================
[x][ Module: Host Bridge Memory Map Locks
[x][ =======================================================================

[*]Checking register lock state:
[-] PCI0.0.0_BDSM        = 0x0000000000000000 - UNLOCKED - Base of Graphics Stolen Memory
[-] PCI0.0.0_BGSM        = 0x0000000000000000 - UNLOCKED - Base of GTT Stolen Memory
[-] PCI0.0.0_DPR        = 0x0000000011333000 - UNLOCKED - DMA Protected Range
[-] PCI0.0.0_GGC        = 0x0000000000008208 - UNLOCKED - Graphics Control
[-] PCI0.0.0_MESEG_MASK  = 0x0000000000000000 - UNLOCKED - Manageability Engine Limit Address Register
[-] PCI0.0.0_PAVPC      = 0x0000000011111003 - UNLOCKED - PAVP Configuration
[-] PCI0.0.0_REMAPBASE  = 0x0000000000000000 - UNLOCKED - Memory Remap Base Address
[-] PCI0.0.0_REMAPLIMIT  = 0x0000000000000000 - UNLOCKED - Memory Remap Limit Address
[-] PCI0.0.0_TOLUD      = 0x0000000000000000 - UNLOCKED - Top of Low Usable DRAM
[-] PCI0.0.0_TOM        = 0x0000000000000000 - UNLOCKED - Top of Memory
[-] PCI0.0.0_TOUUD      = 0x0000000000000000 - UNLOCKED - Top of Upper Usable DRAM
[-] PCI0.0.0_TSEGMB      = 0x0000000000000000 - UNLOCKED - TSEG Memory Base

[*]
[-] FAILED: Not all memory map registers are locked down

[*]Running module: chipsec.modules.common.memlock
[x][ =======================================================================
[x][ Module: Check MSR_LT_LOCK_MEMORY
[x][ =======================================================================

[*]Checking MSR_LT_LOCK_MEMORY status
[*]  cpu0: MSR_LT_LOCK_MEMORY[LT_LOCK] = 0
[*]  cpu1: MSR_LT_LOCK_MEMORY[LT_LOCK] = 0
[*]  cpu2: MSR_LT_LOCK_MEMORY[LT_LOCK] = 0
[*]  cpu3: MSR_LT_LOCK_MEMORY[LT_LOCK] = 0
[*]  cpu4: MSR_LT_LOCK_MEMORY[LT_LOCK] = 0
[*]  cpu5: MSR_LT_LOCK_MEMORY[LT_LOCK] = 0
[*]  cpu6: MSR_LT_LOCK_MEMORY[LT_LOCK] = 0
[*]  cpu7: MSR_LT_LOCK_MEMORY[LT_LOCK] = 0
[*]  cpu8: MSR_LT_LOCK_MEMORY[LT_LOCK] = 0
[*]  cpu9: MSR_LT_LOCK_MEMORY[LT_LOCK] = 0
[*]  cpu10: MSR_LT_LOCK_MEMORY[LT_LOCK] = 0
[*]  cpu11: MSR_LT_LOCK_MEMORY[LT_LOCK] = 0
[*]  cpu12: MSR_LT_LOCK_MEMORY[LT_LOCK] = 0
[*]  cpu13: MSR_LT_LOCK_MEMORY[LT_LOCK] = 0
[*]  cpu14: MSR_LT_LOCK_MEMORY[LT_LOCK] = 0
[*]  cpu15: MSR_LT_LOCK_MEMORY[LT_LOCK] = 0
[-] FAILED: MSR_LT_LOCK_MEMORY.LT_LOCK bit is not configured correctly

[*]Running module: chipsec.modules.common.remap
[x][ =======================================================================
[x][ Module: Memory Remapping Configuration
[x][ =======================================================================

[*]Registers:
[*]  TOUUD    : 0x0000000000000000
[*]  REMAPLIMIT: 0x0000000000000000
[*]  REMAPBASE : 0x0000000000000000
[*]  TOLUD    : 0x00000000
[*]  TSEGMB    : 0x00000000

[*]Memory Map:
[*]  Top Of Upper Memory: 0x0000000000000000
[*]  Remap Limit Address: 0x00000000000FFFFF
[*]  Remap Base Address : 0x0000000000000000
[*]  4GB                : 0x0000000100000000
[*]  Top Of Low Memory  : 0x0000000000000000
[*]  TSEG (SMRAM) Base  : 0x0000000000000000

[*]Checking memory remap configuration..
[!]  Memory Remap status is Unknown
[+]  All addresses are 1MB aligned

[*]Checking if memory remap configuration is locked..
[-]  TOUUD is not locked
[-]  TOLUD is not locked
[-]  REMAPBASE and REMAPLIMIT are not locked
[-] FAILED: Memory Remap is not properly configured/locked. Remaping attack may be possible

[*]Running module: chipsec.modules.common.rtclock
[x][ =======================================================================
[x][ Module: Protected RTC memory locations
[x][ =======================================================================

[*]RC = 0x0F2404E8 << RTC Configuration (RCBA + 0x3400)
    [02] UE              = 0 << Upper 128 Byte Enable
    [03] LL              = 1 << Lower 128 Byte Lock
    [04] UL              = 0 << Upper 128 Byte Lock
[+] Protected bytes (0x38-0x3F) in low 128-byte bank of RTC memory are locked
[-] Protected bytes (0x38-0x3F) in high 128-byte bank of RTC memory are not locked
WARNING: Protected locations in RTC memory are accessible (BIOS may not be using them)

[*]Running module: chipsec.modules.common.secureboot.variables
[!] OS does not support UEFI Runtime API.  Skipping module.
Skipping module chipsec.modules.common.secureboot.variables since it is not applicable in this environment and/or platform

[*]Running module: chipsec.modules.common.sgx_check
[!] SGX not supported.  Skipping module.
[!] SGX not supported.  Skipping module.
[!] SGX not supported.  Skipping module.
[!] SGX not supported.  Skipping module.
[!] SGX not supported.  Skipping module.
[!] SGX not supported.  Skipping module.
[!] SGX not supported.  Skipping module.
[!] SGX not supported.  Skipping module.
[!] SGX not supported.  Skipping module.
[!] SGX not supported.  Skipping module.
[!] SGX not supported.  Skipping module.
[!] SGX not supported.  Skipping module.
[!] SGX not supported.  Skipping module.
[!] SGX not supported.  Skipping module.
[!] SGX not supported.  Skipping module.
[!] SGX not supported.  Skipping module.
Skipping module chipsec.modules.common.sgx_check since it is not applicable in this environment and/or platform

[*]Running module: chipsec.modules.common.smm
[x][ =======================================================================
[x][ Module: Compatible SMM memory (SMRAM) Protection
[x][ =======================================================================

[*]PCI0.0.0_SMRAMC = 0x00 << System Management RAM Control (b:d.f 00:00.0 + 0x88)
    [00] C_BASE_SEG      = 0 << SMRAM Base Segment = 010b
    [03] G_SMRAME        = 0 << SMRAM Enabled
    [04] D_LCK            = 0 << SMRAM Locked
    [05] D_CLS            = 0 << SMRAM Closed
    [06] D_OPEN          = 0 << SMRAM Open

[*]Compatible SMRAM is not enabled. Skipping..

[*]Running module: chipsec.modules.common.smm_code_chk
[!] Register MSR_SMM_FEATURE_CONTROL not defined for platform.  Skipping module.
Skipping module chipsec.modules.common.smm_code_chk since it is not applicable in this environment and/or platform

[*]Running module: chipsec.modules.common.smm_dma
[x][ =======================================================================
[x][ Module: SMM TSEG Range Configuration Check
[x][ =======================================================================

[*]TSEG      : 0x0000000000000000 - 0x-000000000000001 (size = 0x00000000)
[*]SMRR is not supported

[*]Checking TSEG range configuration..
WARNING: TSEG is properly configured but can't determine if it covers entire SMRAM

[*]Running module: chipsec.modules.common.smrr
[x][ =======================================================================
[x][ Module: CPU SMM Cache Poisoning / System Management Range Registers
[x][ =======================================================================
NOT APPLICABLE: CPU does not support SMRR range protection of SMRAM

[*]Running module: chipsec.modules.common.spd_wd
[!] SMBUS device appears disabled.  Skipping module.
Skipping module chipsec.modules.common.spd_wd since it is not applicable in this environment and/or platform

[*]Running module: chipsec.modules.common.spi_access
[x][ =======================================================================
[x][ Module: SPI Flash Region Access Control
[x][ =======================================================================
SPI Flash Region Access Permissions
------------------------------------------------------------

BIOS Region Write Access Grant (E9):
  FREG0_FLASHD: 1
  FREG1_BIOS  : 0
  FREG2_ME    : 0
  FREG3_GBE  : 1
  FREG4_PD    : 0
  FREG5      : 1
  FREG6      : 1
BIOS Region Read Access Grant (F8):
  FREG0_FLASHD: 0
  FREG1_BIOS  : 0
  FREG2_ME    : 0
  FREG3_GBE  : 1
  FREG4_PD    : 1
  FREG5      : 1
  FREG6      : 1
BIOS Region Write Access (56):
  FREG0_FLASHD: 0
  FREG1_BIOS  : 1
  FREG2_ME    : 1
  FREG3_GBE  : 0
  FREG4_PD    : 1
  FREG5      : 0
  FREG6      : 1
BIOS Region Read Access (BB):
  FREG0_FLASHD: 1
  FREG1_BIOS  : 1
  FREG2_ME    : 0
  FREG3_GBE  : 1
  FREG4_PD    : 1
  FREG5      : 1
  FREG6      : 0

[*]Software has write access to Platform Data region in SPI flash (it's platform specific)
[-] Software has write access to Management Engine (ME) region in SPI flash
[-] FAILED: SPI Flash Region Access Permissions are not programmed securely in flash descriptor
[!] System may be using alternative protection by including descriptor region in SPI Protected Range Registers
[!] If using alternative protections, this can be considered a WARNING

[*]Running module: chipsec.modules.common.spi_desc
[x][ =======================================================================
[x][ Module: SPI Flash Region Access Control
[x][ =======================================================================

[*]FRAP = 0xE9F856BB << SPI Flash Regions Access Permissions Register (SPIBAR + 0x50)
    [00] BRRA            = BB << BIOS Region Read Access
    [08] BRWA            = 56 << BIOS Region Write Access
    [16] BMRAG            = F8 << BIOS Master Read Access Grant
    [24] BMWAG            = E9 << BIOS Master Write Access Grant

[*]Software access to SPI flash regions: read = 0xBB, write = 0x56

[+] PASSED: SPI flash permissions prevent SW from writing to flash descriptor

[*]Running module: chipsec.modules.common.spi_fdopss
[x][ =======================================================================
[x][ Module: SPI Flash Descriptor Security Override Pin-Strap
[x][ =======================================================================

[*]HSFS = 0x56E9 << Hardware Sequencing Flash Status Register (SPIBAR + 0x4)
    [00] FDONE            = 1 << Flash Cycle Done
    [01] FCERR            = 0 << Flash Cycle Error
    [02] AEL              = 0 << Access Error Log
    [03] BERASE          = 1 << Block/Sector Erase Size
    [05] SCIP            = 1 << SPI cycle in progress
    [13] FDOPSS          = 0 << Flash Descriptor Override Pin-Strap Status
    [14] FDV              = 1 << Flash Descriptor Valid
    [15] FLOCKDN          = 0 << Flash Configuration Lock-Down
[-] FAILED: SPI Flash Descriptor Security Override is enabled

[*]Running module: chipsec.modules.common.spi_lock
[x][ =======================================================================
[x][ Module: SPI Flash Controller Configuration Locks
[x][ =======================================================================

[*]HSFS = 0x56E9 << Hardware Sequencing Flash Status Register (SPIBAR + 0x4)
    [00] FDONE            = 1 << Flash Cycle Done
    [01] FCERR            = 0 << Flash Cycle Error
    [02] AEL              = 0 << Access Error Log
    [03] BERASE          = 1 << Block/Sector Erase Size
    [05] SCIP            = 1 << SPI cycle in progress
    [13] FDOPSS          = 0 << Flash Descriptor Override Pin-Strap Status
    [14] FDV              = 1 << Flash Descriptor Valid
    [15] FLOCKDN          = 0 << Flash Configuration Lock-Down
[-] SPI Flash Controller configuration is not locked
[-] FAILED: SPI Flash Controller not locked correctly.

[*]Running module: chipsec.modules.common.uefi.access_uefispec
OS does not support UEFI Runtime API
Skipping module chipsec.modules.common.uefi.access_uefispec since it is not applicable in this environment and/or platform

[*]Running module: chipsec.modules.common.uefi.s3bootscript
OS does not support UEFI Runtime API
Skipping module chipsec.modules.common.uefi.s3bootscript since it is not applicable in this environment and/or platform

[CHIPSEC] ***************************  SUMMARY  ***************************
[CHIPSEC] Time elapsed            0.147
[CHIPSEC] Modules total          27
[CHIPSEC] Modules failed to run  0:
[CHIPSEC] Modules passed          5:
[+] PASSED: chipsec.modules.common.bios_kbrd_buffer
[+] PASSED: chipsec.modules.common.bios_smi
[+] PASSED: chipsec.modules.common.ia32cfg
[+] PASSED: chipsec.modules.common.me_mfg_mode
[+] PASSED: chipsec.modules.common.spi_desc
[CHIPSEC] Modules information    1:
[#] INFORMATION: chipsec.modules.common.cpu.cpu_info
[CHIPSEC] Modules failed          8:
[-] FAILED: chipsec.modules.common.bios_ts
[-] FAILED: chipsec.modules.common.bios_wp
[-] FAILED: chipsec.modules.common.memconfig
[-] FAILED: chipsec.modules.common.memlock
[-] FAILED: chipsec.modules.common.remap
[-] FAILED: chipsec.modules.common.spi_access
[-] FAILED: chipsec.modules.common.spi_fdopss
[-] FAILED: chipsec.modules.common.spi_lock
[CHIPSEC] Modules with warnings  3:
WARNING: chipsec.modules.common.cpu.spectre_v2
WARNING: chipsec.modules.common.rtclock
WARNING: chipsec.modules.common.smm_dma
[CHIPSEC] Modules skipped        1:
SKIPPED: " chipsec.modules.common.smm
[CHIPSEC] Modules not applicable  9:
NOT APPLICABLE: chipsec.modules.common.cpu.ia_untrusted
NOT APPLICABLE: chipsec.modules.common.debugenabled
NOT APPLICABLE: chipsec.modules.common.secureboot.variables
NOT APPLICABLE: chipsec.modules.common.sgx_check
NOT APPLICABLE: chipsec.modules.common.smm_code_chk
NOT APPLICABLE: chipsec.modules.common.smrr
NOT APPLICABLE: chipsec.modules.common.spd_wd
NOT APPLICABLE: chipsec.modules.common.uefi.access_uefispec
NOT APPLICABLE: chipsec.modules.common.uefi.s3bootscript
[CHIPSEC] *****************************************************************
lloyd@lloyd-virtual-machine:~$
find
quote


Forum Jump:


Users browsing this thread: 2 Guest(s)