Intel ME vulnerability (BIOS Updates?!)

Discussion in 'Panasonic' started by tomcatsniper, May 3, 2017.

  1. Karl Klammer

    Karl Klammer Notebook Consultant

    Reputations:
    30
    Messages:
    102
    Likes Received:
    38
    Trophy Points:
    41
    updates can't be installed on my cf19mk6,
    due to "Error 8719 Firmware update cannot be initiated because Local Firmware Update is disabled. "
    aka "Bad news, you have a 'QM77 Express Chipset LPC Controller' so you have ME hardware on board and you can't control or disable it, continuing..."

    anyone else experienced this error?
    http://www.toughbooktalk.com/viewtopic.php?f=39&t=3301&p=28118#p28118
     
  2. Shawn

    Shawn Crackpot Search Ninja and Options Whore

    Reputations:
    1,415
    Messages:
    6,687
    Likes Received:
    1,064
    Trophy Points:
    331
    I keep meaning to experiment with the ME update, but real life keeps getting in the way.
     
    UNCNDL1 likes this.
  3. kode-niner

    kode-niner Notebook Consultant

    Reputations:
    17
    Messages:
    211
    Likes Received:
    64
    Trophy Points:
    41
    <useless info>I have updated several servers and have not seen this error.</useless>

    Nevertheless, I am interested in any developments.
     
  4. Karl Klammer

    Karl Klammer Notebook Consultant

    Reputations:
    30
    Messages:
    102
    Likes Received:
    38
    Trophy Points:
    41
    I am able to flash panasonics ME.bin after upgrading bios to V06.00L12 and resetting bios-amt config ("unconfiguring ME").
    Okay, the boring part works.

    Now to the interesting part:
    I am able to extract a FWUpdClc64.exe -SAVE dump.bin, but it doesn't contain flash descriptors according to me_cleaner and ifdtool.
    I am not able to flash a me_cleaned ME.bin using FWUpdClc64.exe due to 7441 Invalid File error, even tough me_cleaner -c tells me that FTPR RSA signatures are valid.
    Looking at output of "strings ME.bin" and "strings ME_cleaned.bin", I can see that the cleaned one misses names of Certifcate Authorities ... so I gues FWUpdClc64.exe performs additional signature checks.

    user@random-deb8:~/meclean/corna.me_cleaner$ ./me_cleaner.py -c ../unzipme/ME.bin
    ME/TXE image detected
    Found FPT header at 0x10
    Found 23 partition(s)
    Found FTPR header: FTPR partition spans from 0x180000 to 0x24a000
    ME/TXE firmware version 8.1.71.3608
    Checking the FTPR RSA signature... VALID

    user@random-deb8:~/meclean/corna.me_cleaner$ ./me_cleaner.py -c ../unzipme/ME_cleaned.bin
    ME/TXE image detected
    Found FPT header at 0x10
    Found 1 partition(s)
    Found FTPR header: FTPR partition spans from 0x180000 to 0x24a000
    ME/TXE firmware version 8.1.71.3608
    Checking the FTPR RSA signature... VALID

    user@random-deb8:~/meclean/corna.me_cleaner$ ./me_cleaner.py -c ../unzipme/ME_dumped.bin
    Unknown image

    user@random-deb8:~/meclean/corna.me_cleaner$ du -sk ../unzipme/ME.bin ../unzipme/ME_cleaned.bin ../unzipme/ME_dumped.bin
    7660 ../unzipme/ME.bin
    7660 ../unzipme/ME_cleaned.bin
    3844 ../unzipme/ME_dumped.bin
     
    Last edited: Sep 6, 2017
  5. Shawn

    Shawn Crackpot Search Ninja and Options Whore

    Reputations:
    1,415
    Messages:
    6,687
    Likes Received:
    1,064
    Trophy Points:
    331
    cf19mk6 bios.jpg
     
    Karl Klammer likes this.
  6. CWB32

    CWB32 Need parts for my flying saucer.

    Reputations:
    174
    Messages:
    1,460
    Likes Received:
    372
    Trophy Points:
    101
    hmmm ...
    i updated one of my TBs a couple of days ago and got an ME error .
    i rebooted and all was good .
    this is the first time this has happened over maaany TBs .
     
  7. Karl Klammer

    Karl Klammer Notebook Consultant

    Reputations:
    30
    Messages:
    102
    Likes Received:
    38
    Trophy Points:
    41

    Attached Files:

    Last edited: Sep 9, 2017
  8. tomcatsniper

    tomcatsniper Notebook Guru

    Reputations:
    15
    Messages:
    68
    Likes Received:
    17
    Trophy Points:
    16
    Hello Karl,

    Be careful not to break the ME completely since I read that if it is not working it will shutdown the machine in 30 minutes. I recommend to make a full dump of the chip with a programmer so you can have a backup.

    For a normal flash update with Panasonic file you need a full working ME, that means BIOS should report the correct version and OS should detect the ME interfaces and also have the drivers installed.

    I saw some Toughbooks with BIOS reporting ME N/A and there are strange things happening, like power on boot will not detect network card but a reboot (not poweroff/poweron) will detect it after that. Once laptop is powered off and on again the network card is again not detected.

    If you want to use me_cleaner from what I know is that you need a BIOS bump with programmer and not a save backup from ME tools. ME tools under OS can only read partial stuff not the full region.

    Hello Shawn,

    This is your machine with ME version N/A? When you start it does it take longer to see the Panasonic logo on the screen than the same machine but with correct ME version? If you boot Linux starting from poweron not reboot do you see the LAN card ready and working?
     
    Last edited by a moderator: Sep 12, 2017
  9. Karl Klammer

    Karl Klammer Notebook Consultant

    Reputations:
    30
    Messages:
    102
    Likes Received:
    38
    Trophy Points:
    41
    hi tomcatsniper. you are correct.

    except for the little fun fact, that I seem to have found a racecondition in ME Local FW Update feature, which allowed me to update a me_cleaned ME.bin directly using fwupdlcl by hijacking a oem ME.bin update session. see github link for details.
     
  10. Shawn

    Shawn Crackpot Search Ninja and Options Whore

    Reputations:
    1,415
    Messages:
    6,687
    Likes Received:
    1,064
    Trophy Points:
    331
    It does not have a Panasonic logo..It has a custom logo.
    I never timed it. I saw no reason to. Why is boot time a concern?
    Same machine never had ME so I can't compare it to anything anyway.
    No I am NOT flashing ME on it just to see.

    Do you mean LAN or WLAN? I don't use LAN so I disable it in BIOS.
    What does Linux have to do with this?.....confused..

    BTW flashing my bios file onto your mk6 with software WILL NOT WORK.
    The chip MUST be removed and flashed with a hardware PROGRAMMER.
    You will destroy the chip or motherboard removing it. I suggest the chip. Have a new chip on hand.
     
Loading...

Share This Page