[flashrom] MSI H55-GD65 (MS-7637) (H55, locked ME region, FLOCKDN=0(!))
Stefan Tauner
stefan.tauner at student.tuwien.ac.at
Sun Aug 21 03:09:48 CEST 2011
On Sat, 20 Aug 2011 23:03:16 +0100 (BST)
Luzipher McLeod <luziphermcleod at yahoo.ie> wrote:
> Thanks for your mails ! Good to know that there is something going on (even though you indicate that it'll take quite some time). If I can do anything to help, just let me know.
if you are good at REing you could help a lot (because i am a n00b
regarding x86 asm, and therefor quite unmotivated to stare at
disassembly - especially when i see how fluently others are able to
read this :).
> That said, it really seems to be a messed up situation. As far as I understood, there are several "units" involved in accessing the flash (or at least granting rights to access the flash).
yes. the firmware for the ME, the GbE controller and the host
(=BIOS/EFI) are on the same flash chip and all of them can access it
via the southbridge. they do also write to it (the ME logs some stuff
at least). access restrictions are enforced by the southbridge which
acts as a gatekeeper.
> Am I right that the major missing thing is support for the embedded controller (ME) ?
exactly. usually that is the only real problem. the flash descriptor
region is most often read-only, but that's not really an issue (it does
not need to be updated normally). i *think* to know how the ME can be
told to give us access superficially (using HECI/MEI), but i don't know
the exact details. i have a patch already that implements MEI
communication in flashrom... the question is just what to send (and
what to expect to receive :)
> I also do have a flashing utility that works from DOS if that'd be any help (reverse engineering) ?
there are various of those and RE is the way to go probably (because
intel won't tell us probably). having access to the binary is not the
problem though.
>
> PS: Wir können auch deutsch schreiben, ich hab's mal in Englisch verfasst, weil du erwähnt hast, das das ganze evtl auch der Dokumentation für etwaige Nachfolgerwahnsinnige dient :-)
if it is not too hard for you, english is the way to go because it is
the least common denominator of those involved.
i think i should write together what i know about unlocking the ME.
probably a wiki page would be best...
--
Kind regards/Mit freundlichen Grüßen, Stefan Tauner
More information about the flashrom
mailing list