Jump to content

[UEFIPatch] UEFI patching utility


CodeRush
1,981 posts in this topic

Recommended Posts

Hi Coderush, i'm trying your new Uefitool and i have a weirds messages with one MSI original bios, the message is 

https://www.dropbox.com/s/l0fnc3lty0u9orr/errors-uefitool.PNG?dl=0

 

Attached there is original MSI bios E7799IMS.zip

 

i dont know if it's ok or i have some problem, the bios runs well 

Link to comment
Share on other sites

MSI just goes and adds JPEG images and other non-executable data into PE sections, neat. This is clearly a bug in FDF file rules (i.e. in MSI BIOS build process). 

I will remove duplicate messages (i.e. if DOS signature is wrong, no need to check PE signature validity), but I won't remove the diagnostic itself because it's not only crazy to have such structures, but it's also a big BIOS security issue, because someone can make a DXE driver and then add it as a picture using MSI ChangeLogo analog. MSI delivers, what can I say more. :)

  • Like 2
Link to comment
Share on other sites

MSI just goes and adds JPEG images and other non-executable data into PE sections, neat. This is clearly a bug in FDF file rules (i.e. in MSI BIOS build process). 

I will remove duplicate messages (i.e. if DOS signature is wrong, no need to check PE signature validity), but I won't remove the diagnostic itself because it's not only crazy to have such structures, but it's also a big BIOS security issue, because someone can make a DXE driver and then add it as a picture using MSI ChangeLogo analog. MSI delivers, what can I say more. :)

Thank you CodeRush, my message was only to inform you if there was some bug, but for what you say, it's' a MSI "feature" :-) so, thanks 

Link to comment
Share on other sites

I think I finally removed MSR lock from my x301a Asus laptop! I used FPTw64 to dump and reflash the bios!

 

I followed this guide:

 

http://www.overclock.net/t/1493245/asus-g75vx-unlock-system-bios-nvidia-gtx-670mx-custom-vbios-tutorial-how-to

 

First I dumped the bios with the command 

 

fptw64 -d BIOS-Backup.rom -BIOS

 

then I used uefipatch to patch the dumped rom and renamed it patched.rom

then I reflashed the bios using this  command

 

fptw64 -f patched.rom -BIOS

 

then I shut down the laptop, removed power chord and battery and pressed down the power button for 30 secs.

Restarted the laptop and entered the bios to reload setup defaults.

 

Now with read write everything I can see that the bit at 15 in 0xE2 is set to 0 ! So this means it's unlocked right??

 

--- update ---

 

I tried to dump the bios again and to apply the patch with uefipatch and now the result is "nothing to patch"!

So the lock is really gone!! GREAT!!!

 

I attached picture of the flashing operation.

post-76108-0-78241200-1423241982_thumb.jpg

  • Like 1
Link to comment
Share on other sites

@coderush I found a way to modify the setup module of the bios to show the chipset menu. However I got some concerns, after extracting and modifying the module with mmtool I can replace it only as is, uncompressed. The offset of all other modules seems unchanged anyway I don't know if the compression is required or not. What do you think / know ?

 

If I recall correctly your uefi patch tool needs to decompress a module to search for the bit to modify right? So does it repack the image rom with the compressed or uncompressed module?

Link to comment
Share on other sites

Either way is fine, compressed or not. Compressed modules occupies less space, uncompressed are starting a bit quicker.

UEFIPatch packs the module exactly the way it was, so unpacked module remains unpacked and otherwise.

Link to comment
Share on other sites

@coderush ok got it, but is there a way to compress the module before replacing ?

yes, you have yo use MMTOOL to compress modules it's easy to use.

Link to comment
Share on other sites

This "replace/extract uncompressed/compressed" thing is MMTool-specific and should not exist at all. If you want to replace the whole FFS file, you can create it the way you like, compressed, plain, raw, with CRC and so on, it fully up to you. If you just need to replace a section (for example, a patched PE32 section), you can just go and replace it, and UEFITool will do all other stuff for you.

Link to comment
Share on other sites

This "replace/extract uncompressed/compressed" thing is MMTool-specific and should not exist at all. If you want to replace the whole FFS file, you can create it the way you like, compressed, plain, raw, with CRC and so on, it fully up to you. If you just need to replace a section (for example, a patched PE32 section), you can just go and replace it, and UEFITool will do all other stuff for you.

 

So if I use uefitool instead of mmtool and I modify a bit in the setup module then uefitool will update the checksum hardcoded in the module? As using mmtool I had to modify it by hand at address 011h ... more details of what I did here --> https://www.bios-mods.com/forum/Thread-unhide-chipset-menu-in-ami-bios?pid=84199#pid84199

Link to comment
Share on other sites

Put Uefipatch and bios in the same directory and cd to that directory. There's no UEFIpatch in desktop.

folder on the desktop named "bios"

2zpsac8.jpg

iMac-di-Fabio:~ fabio$ cd /Users/Fabio/Desktop/bios
iMac-di-Fabio:bios fabio$ ./UEFIPatch /Users/Fabio/Desktop/Z97-PRO-ASUS-2012.CAP.bin
Input file not found

Thanks

 

Fabio

Link to comment
Share on other sites

Regarding Z97 try to check in bios options if there is something about MSR lock bit, i have one Z97 asus and i dont need to use uefipatch to avoid AppleIntelCpuPowerManagement kext, but i need only set to unlock this bit

If i remember well you can find this option under CPU into bios settings 

keep in mind that you can't edit .CAP file, but you have to extract Body from cap file with uefitool, modify as you know, rename according to naming scheme for asus flasback bios and flashback with know procedure, or, you have to boot with dos usb and use afu to backup bios and modify this then flash back with afu 

Link to comment
Share on other sites

folder on the desktop named "bios"

2zpsac8.jpg

iMac-di-Fabio:~ fabio$ cd /Users/Fabio/Desktop/bios
iMac-di-Fabio:bios fabio$ ./UEFIPatch /Users/Fabio/Desktop/Z97-PRO-ASUS-2012.CAP.bin
Input file not found

Thanks

 

Fabio

 

If the folder is bios why are you using /Users/Fabio/Desktop/ ? 
cd into /Users/Fabio/Desktop/bios and run ./UEFIPatch Z97-PRO-ASUS-2012.CAP.bin 
you don't have to specify the path, you are already there.
And by the way, are you sure the file extension is .bin? Is it hidden?
Link to comment
Share on other sites

 

If the folder is bios why are you using /Users/Fabio/Desktop/ ? 
cd into /Users/Fabio/Desktop/bios and run ./UEFIPatch Z97-PRO-ASUS-2012.CAP.bin 
you don't have to specify the path, you are already there.
And by the way, are you sure the file extension is .bin? Is it hidden?

 

what would be the terminal command

 

Fabio

Link to comment
Share on other sites

I told you ->   ./UEFIPatch Z97-PRO-ASUS-2012.CAP.bin 

 

Tra l'altro la patch non va applicata al file cap ma al file del bios. Un altro utente ti ha detto che nel bios della Z97 c'è un' opzione per sbloccare l'msr. Probabilmente sotto CPU settings qualcosa come CFG lock (on/off), per cui non c'è bisogno di patcharlo con UEFIpatch.

Link to comment
Share on other sites

I told you ->   ./UEFIPatch Z97-PRO-ASUS-2012.CAP.bin 

 

Tra l'altro la patch non va applicata al file cap ma al file del bios. Un altro utente ti ha detto che nel bios della Z97 c'è un' opzione per sbloccare l'msr. Probabilmente sotto CPU settings qualcosa come CFG lock (on/off), per cui non c'è bisogno di patcharlo con UEFIpatch.

ok control thanks

 

Fabio

Link to comment
Share on other sites

×
×
  • Create New...