Jump to content

[UEFIPatch] UEFI patching utility


CodeRush
1,981 posts in this topic

Recommended Posts

Some help i am trying to find how to exactly remove the msr 0xE2 lock on my Asus ROG Strix X99 Gaming board.

 

I now have used UEFIPatch

C:\UBU>UEFIPatch STRIX-X99-GAMING-ASUS-1801.CAP
parseImageFile: Aptio capsule signature may become invalid after image modifications
parseSection: section with unknown type 52h
parseFile: non-empty pad-file contents will be destroyed after volume modifications
parseSection: section with unknown type 52h
parseFile: non-empty pad-file contents will be destroyed after volume modifications
patch: replaced 6 bytes at offset F69h 0FBA6C24400F -> 0FBA7424400F
Image patched

Is this ok? does this mean my MSR 0xE2 lock is removed?

Link to comment
Share on other sites

Some help i am trying to find how to exactly remove the msr 0xE2 lock on my Asus ROG Strix X99 Gaming board.

 

I now have used UEFIPatch

C:\UBU>UEFIPatch STRIX-X99-GAMING-ASUS-1801.CAP
parseImageFile: Aptio capsule signature may become invalid after image modifications
parseSection: section with unknown type 52h
parseFile: non-empty pad-file contents will be destroyed after volume modifications
parseSection: section with unknown type 52h
parseFile: non-empty pad-file contents will be destroyed after volume modifications
patch: replaced 6 bytes at offset F69h 0FBA6C24400F -> 0FBA7424400F
Image patched

Is this ok? does this mean my MSR 0xE2 lock is removed?

yes it is OK

normal output

Link to comment
Share on other sites

Thanks well i need a lot more patching for my bios ;-)

 

Disable ME and remove hasswell microcode, i know this step is good.

Only some problems left to solve ;-)

 

Does anybody know how to convert a de-CAPed file (so extracted rom from CAPSULE) back to Capsule?

I used BRenamerl but UBU does not see it as the original CAP file and does not automatically rename the file to STXX99.CAP but makes it mod_NAME.cap

So BRenamerl does not really convert back to a capsule file it seems like it renames the file

Link to comment
Share on other sites

Thanks well i need a lot more patching for my bios ;-)

 

Disable ME and remove hasswell microcode, i know this step is good.

Only some problems left to solve ;-)

 

Does anybody know how to convert a de-CAPed file (so extracted rom from CAPSULE) back to Capsule?

I used BRenamerl but UBU does not see it as the original CAP file and does not automatically rename the file to STXX99.CAP but makes it mod_NAME.cap

So BRenamerl does not really convert back to a capsule file it seems like it renames the file

for your asus should be enough to remove microcode to have a working overclock boost for your V3 ..

UBU in this case is good and it does the trick

For Me, maybe is useful for you to bypass problems with security known in these days..but it is not related to success to OC all cores (IMHO)

Hi.

First sorry for my bad english.

 

I have a problem with motherboard asus z87-deluxe.

 

My motherboard not save bios setting.

 

When i press f10 save changes and exit its shutdown.

 

And its loop on " new cpu installed press f1"

I modified bios with amicbp v4 and i changed wait for f1 to disabled.

 

But i couldnt flash modified bios afuwin says " unble to start secure flash session"

 

And i tried usb flashback with modded bios and nothing.

Its not work, led flash for 3-4 times then stop flashing.

 

Please help me to fix this.

Tnx

before using flashback mode enter in bios and load optimized default or press clear cmos button if you have, then on yopur motherboard and off it without booting

after that if you have a correct modded bios you can use flashback normally

 

often in other platform like x99 IE flashback procedure seems not work because some bios barameter (i think on usb side) are modified for proper needs.

Resetting to the default one do the tricks..and no need to revert to old bios :-)

Link to comment
Share on other sites

Hi,

 

I get this :

 

"No patches can be applied to input file"

 

for my Gigabyte B85M-D2V rev 1.1 motherboard BIOS file. No other messages, just that. I can open it with UEFITool but not with the Patcher. What can I do ?

Link to comment
Share on other sites

for your asus should be enough to remove microcode to have a working overclock boost for your V3 ..

UBU in this case is good and it does the trick

 

I know! That is no problem.... only problem is to get a Capsule file back... when disable mangement engine (to get rid of the patch https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00088&languageid=en-fr ) i need to use me_cleaner and for that tool i have to extract the CAP file and make rom file, after all patches i need to get it back into a AMI Aptio capsule, but that step is hard. I used BRenamerl but this tool really just renames the file into the file needed for Asus flashback but i do not think it will work because it is not put back into a AMI Aptio capsule (at least not if i open it in UEFITool.)

Link to comment
Share on other sites

  • 3 weeks later...

Hi. I  unlocked  MSR 0xE2 on Z370(AORUS Z370 Gaming 5), use UEFIPatch_0-3.11 and get this message 

C:\UEFIPatch_0-3>UEFIPatch Z370AG5.F5f
parseFile: non-empty pad-file contents will be destroyed after volume modifications
patch: replaced 8 bytes at offset 3564h 81E10080000033C1 -> 9090909090909090
Image patched

What about Сoffe Lake? This is enough? 

Flashing BIOS has successfully and good result  no need more KernelPM patch

Link to comment
Share on other sites

Hey guys,

 

I am working on a patch for x299.

 

This patch applies, but it is not enough

# SiInit | Kaby Lake
299D6F8B-2EC9-4E40-9EC6-DDAA7EBF5FD9 10 P:81E10080000033C1:9090909090909090
 
This patch I made IS enough:
# PpmInitialize | Skylake X 
3FFCAE95-23CF-4967-94F5-16352F68E43B 10 P:0FBAE80F:0FBAE00F 
 
But for some strange reason the msr 0xe2 is re-locken on s3 resume.
 
Any idea why? Has anybody ever seen that happen?
 
Thanks.
Link to comment
Share on other sites

 

Hey guys,

 

I am working on a patch for x299.

 

This patch applies, but it is not enough

# SiInit | Kaby Lake
299D6F8B-2EC9-4E40-9EC6-DDAA7EBF5FD9 10 P:81E10080000033C1:9090909090909090
 
This patch I made IS enough:
# PpmInitialize | Skylake X 
3FFCAE95-23CF-4967-94F5-16352F68E43B 10 P:0FBAE80F:0FBAE00F 
 
But for some strange reason the msr 0xe2 is re-locken on s3 resume.
 
Any idea why? Has anybody ever seen that happen?
 
Thanks.

 

Thanks for the observation!

I also have an effect that 0xE2 is not locked in Clover boot.log but locked later. It will be good to find a moment when it happens.

Link to comment
Share on other sites

Sorry I don't know how to flash a patched bios on your motherboard 

Are you sure original bios is not factory MSR 0XE2 unlocked?

 

I have tried flash bios with Efiflash and with the use of Bios without success. both put file error.

Link to comment
Share on other sites

  • 2 months later...
  • 4 months later...
On 2/2/2018 at 3:47 PM, camillionario said:

The BIOS patch works !!
I managed to flash BIOS and unlock MSR ok, I have restarted a couple of times and everything is perfect.
Attached Bios Modified if someone is interested. (BIOS VERSION 7)

 

post-887245-0-69774500-1517582802_thumb.png

 

Thanks Fabiosun

Z270GK3.F7.patched.zip

 

Did you manage to get a F9D patched ?

 

http://download.gigabyte.eu/FileList/BIOS/mb_bios_ga-z270-gaming-k3_f9d.zip

 

Fabiosun maybe you can help me ?

 

Link to comment
Share on other sites

  • 2 months later...

Hello friends!I tried and finally managed to patch(NOT TESTED) the bios of ASUS VIVOBOOK X510UN and also change the boot logo using UEFIPatch and UEFITool.All my desktop machines have custom boot logo and I never had a problem flashing the modded bios(I use mainly ASUS mobos) but this is my first time unlocking MSR 0xE2  and  I don't know if I should change my mind! (MODDED BIOS ATTACHED,I REAPEAT NOT TESTED) 
 This is my terminal output:

parseImageFile: Aptio capsule signature may become invalid after image modifications
parseFile: non-empty pad-file contents will be destroyed after volume modifications
patch: replaced 8 bytes at offset 43FFh 81E10080000033C1 -> 9090909090909090
Image patched

Says invaldid signature,Is this a bad thing?
X510UN-AS.306

Edited by Lathos
Link to comment
Share on other sites

  • 1 month later...

Hi, I'm having a trouble patching an EVGA X299 DARK BIOS for Skylake-X:
C:\Users\Florindo\Desktop\UEFIPatch_0.3.9_win>UEFIPatch 1E299114.bin
parseFile: non-empty pad-file contents will be destroyed after volume modifications
patch: replaced 8 bytes at offset 4389h 81E10080000033C1 -> 9090909090909090
patch: replaced 7 bytes at offset 2B0Ch 742CB9E2000000 -> 752CB9E2000000
patch: replaced 8 bytes at offset 1510h BE0080000023CE0B -> BE0000000023CE0B
reconstructSection: executable section rebase failed
Error ,

 

Can anyone help me please?


 

 
Link to comment
Share on other sites

  • 1 month later...
On 1/4/2013 at 7:11 PM, CodeRush said:

PMPatch is obsolete and not supported by me anymore.

I have developed the successor of it, UEFIPatch, which is both more universal and reliable, and uses UEFITool's engine for proper UEFI modification.

Combined topic about all my UEFITool-based utilities is here, sources and binaries are available on GitHub.

Bug reports are welcome. 

 

To any new readers of this topic: it's you who takes all the risk of bricking your board, it's you who is responsible for all things that you do to your PC, not me or any other developer out there!

BIOS modifications are risky by their nature, please be aware of it and don't blame me if anything is gone wrong for you.

 

Hi!

Is it possible to force NvmExpressDxe_4.ffs or NvmExpressDxe_Small.ffs to be loaded from the EFI system partition? In order not to modify the EFI firmware (especially since I have a Gigabyte Hybride BIOS), which is not able to start Win 7 from NVMe.

Best Regards, Roman.

 

Link to comment
Share on other sites

×
×
  • Create New...