Jump to content

[Guide] AMI Aptio Native SpeedStep UEFI Patch


  • Please log in to reply
2 replies to this topic

#1
androdev

androdev

    InsanelyMac Protégé

  • Members
  • Pip
  • 41 posts

AMI Aptio Native SpeedStep UEFI Modding

detailed guide with all essential tools

(works on all latest Sandy Bridge motherboards and notebooks)


Hi everyone. I'm here to share my bios modding experience. It was a long road before I had a native speedstep. I want to thank dgsga in general for his bios unlock guide, as mine is fully based on it. I also thank carlicous for his great post

http://forum.noteboo...88-post141.html

up here, explaining UEFI bios MSRs modding. It was a pleasure working with guides from applelife.ru (hi Clover EFI!) and

http://www.insanelym...howtopic=271573

Dell guide from Mohamed Khairy (IDT Apple HDA!). I would never change my opinion now: 15R is most hackintoshable notebook I ever had. Thank you all!



Lets start with the tools you need. It's basically:

- Latest (A10 on the moment) bios package from Dell site. Simply unpack the ROM file:

C:\Users\Владислав>cd "C:\Users\Владислав\Desktop\Dell 15R UEFI"
C:\Users\Владислав\Desktop\Dell 15R UEFI>N5110A10.exe /writeromfile
- Latest Phoenix Tool (202 included)
- Latest MMTool (or not latest, not important in fact, 4.50 is here)

- objdump tool

- HEX Editor (included one for you)

- Flash tool


I created an archive which I upload for you, with all essential tools included. I do not upload a modded bios as it's your responsibility if you brick something.

Attached File  Dell 15R UEFI.zip   9.45MB   182 downloads


The process itself:

1. Start Phoenix Tool and select your ROM file. It has some information for you, press OK twice. Do not close it just now.


2. Use MMTool to locate your PowerManagement module. It's confirmed to have GUID

8C783970-F02A-4A4D-AF09-8797A51EEC8D

for all latest Aptio bioses.


3. Find this file (choose the largest one, mine is 16Kb), copy to another place and disassemble it:


C:\Users\Владислав>cd "C:\Users\Владислав\Desktop\Dell 15R UEFI"
C:\Users\Владислав\Desktop\Dell 15R UEFI>objdump -m i386 -b binary -D 8C783970-F
02A-4A4D-AF09-8797A51EEC8D_1_276.ROM > PowerManagement.asm

4. Take a look at the code in output file. We need to unlock bit 15 of MSR 0xE2. The 0xf is lock bit. Search for
0f ba e8 0f
and look above for
mov	$0xe2,%ecx
This is the place we need to mod.

5. As dgsga explains, we need to jump unconditionnaly, not allowing the setting of bit lock.
The requied change is
jne	0x2748
to

jmp	0x2748

6. This is a code from my bios in fact:
	2724: b9 e2 00 00 00		mov	$0xe2,%ecx
	2729: e8 8e 09 00 00		call   0x30bc
	272e: 48					dec	%eax
	272f: 89 44 24 30		   mov	%eax,0x30(%esp)
	2733: 0f ba f0 0f		   btr	$0xf,%eax
	2737: 89 44 24 30		   mov	%eax,0x30(%esp)
	273b: 80 fb 01			  cmp	$0x1,%bl
	273e: 75 08				 jne	0x2748
	2740: 0f ba e8 0f		   bts	$0xf,%eax
	2744: 89 44 24 30	   mov	%eax,0x30(%esp)
Open hex edit and patch the module file with
75 08 0F BA E8 0F 89 44 24 30
to
EB 08 0F BA E8 0F 89 44 24 30
and click on save.

7. Get back to Phoenix. Select Dell as manufacturer. In advanced tab tick
Allow user to modify other modules
No SLIC
and finally press Go.

8. It will ask you to perform your modifications to modules. Replace the module in DUMP folder with your edited one. Press OK.

8. It will create a new bios file, which you only left to flash. The flash tool is included.

Everything is done on Windows 8 Release Preview running in native mode.

#2
androdev

androdev

    InsanelyMac Protégé

  • Members
  • Pip
  • 41 posts
Updated with tools

#3
hisho

hisho

    InsanelyMac Protégé

  • Members
  • PipPip
  • 63 posts
it worked great,thanks

the laptop seems faster





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

© 2014 InsanelyMac  |   News  |   Forum  |   Downloads  |   OSx86 Wiki  |   Mac Netbook  |   PHP hosting by CatN  |   Designed by Ed Gain  |   Logo by irfan  |   Privacy Policy