I got this EVGA board that for some reason does not seem to have PTT/TPM2 enabled (did not think to check in this day and age). There does not have to be a TPM socket like ASUS boards.
Fortunately the descriptors seem to be unlocked. But PTT is not listed at all (not PRESENT/DISABLED) just missing. The ME is current thus does not need to be updated - or does it since PTT is not even listed as present in the firmware?
I’ve read the clean-up guide - but since BIOS/ME are OK - is it just a case of dumping the spi, modifying the flags in FIT and then just flashing it back?
Thanks for the guide and sorry for all the questions - just don’t want to “screw it up” and return it if PTT cannot be enabled ;(
BIOS Version 1.12 MEBx Version 0.0.0.0000 GbE Version 0.2 Vendor ID 8086 PCH Version 0 FW Version 11.11.50.1436 H Security Version (SVN) 3 LMS Version 11.7.0.1058 MEI Driver Version 11.7.0.1045
<PTT not even listed here at all - missing from ME firmware?>
Re-key needed False Platform is re-key capable True TLS Disabled Last ME reset reason Firmware reset Local FWUpdate Enabled BIOS Config Lock Enabled GbE Config Lock Enabled Host Read Access to ME Enabled <- cool Host Write Access to ME Enabled <- cool Host Read Access to EC Enabled Host Write Access to EC Enabled SPI Flash ID 1 C84018 SPI Flash ID 2 Unknown BIOS boot State Pre Boot OEM ID 00000000-0000-0000-0000-000000000000 Capability Licensing Service Enabled OEM Tag 0x00000000 Slot 1 Board Manufacturer 0x00000000 Slot 2 System Assembler 0x00000000 Slot 3 Reserved 0x00000000 M3 Autotest Disabled C-link Status Disabled Independent Firmware Recovery Disabled EPID Group ID 0x1FD5 LSPCON Ports None 5K Ports None OEM Public Key Hash FPF Not set OEM Public Key Hash ME 0000000000000000000000000000000000000000000000000000000000000000 ACM SVN FPF 0x0 KM SVN FPF 0x0 BSMM SVN FPF 0x0
FPF ME --- -- Force Boot Guard ACM Not set Disabled Protect BIOS Environment Not set Disabled CPU Debugging Not set Enabled BSP Initialization Not set Enabled Measured Boot Not set Disabled Verified Boot Not set Disabled Key Manifest ID Not set 0x0 Enforcement Policy Not set 0x0
Which EVGA motherboard are you referring to? Since you have FD read/write access, you can dump your SPI image and adjust settings in Flash Image Tool (FIT) > Platform Protection. Then flash back.
I’ve loaded the SPI in FIT and the PTT flags are disabled. If I just turn them on/enable and rebuilt in FIT - do I flash full SPI or just ME region with flash tool?
I’m also not sure what kind of init (just -greset?) is required for ME to use the new flags (I remember when Intel changed the NUC ME to increase OPI bus rate for NVME SSDs it needed a complete BIOS recovery not just a flash for the new flags to take)
Use the EVGA SPI/BIOS image (1E295112.bin) at FIT and adjust PTT settings to your liking. Then build the new SPI/BIOS (outimage.bin). Since you only need to re-flash the Engine region (not the entire SPI), use UEFITool to extract the Engine region from outimage.bin and flash it via “fptw -me -f outimage_me.bin” command followed by “fptw -greset”, if successful.
Unfortunately I’ve done the above and it is not taking.
1. I modified 1E295112.bin in FIT - changed “Intel PTT Supported: No” to "Yes" 2. Built it with FIT. 3. Deleted all intermediates, opened “out_image.bin” in FIT - checked that "Intel PTT Supported: Yes" 4. Exported ME.bin with UEFI tool - 4MB.
5. Flashed ME.bin. Performed reset. 6. Upon reboot, PTT still not shown (checked MEInfo - same result no changes whatsoever)
7. Dumped whole SPI. Loaded it in FIT - same as before "Intel PTT Supported: No"
It seems the PTT value does not stick. Any ideas? Should I start with clean ME - is it possible the code (for PTT) itself is missing from the ME firmware EVGA provides? Flash the whole SPI BIOS?
I can post SPI if needed, also original and the one I’ve modified - done it 4 times, no change. Should I reset CMOS? Wipe NVRAM?
The firmware is the same for all OEMs, all configuration is then done via FIT. So unless the platform does not support PTT (I think it does), setting it via FIT should enable it. It doesn’t make sense for an option to be reset back once set in FIT. In such case, it is possible that EVGA has implemented some sort of firmware restoration procedure. I can’t see something at the SPI/BIOS image that would indicate that though. Try the attached CSME region via “fptw -rewrite -me 1E295112_ptt_me.bin” followed by “fptw -greset”. After the reboot, go into the BIOS and make sure that any Platform Trust Technology (PTT) option is set to Enabled. That should be enough.
Sure - the Asus X299-A I’ve tried and pretty much everything else does support PTT - it did not even occur to me that EVGA would specifically disable it (I got a deal).
Somehow - the above does not work either. I think I may have an explanation for you - in FIT there is a 2nd disable option which says “warning disabling this will permanently disable PTT” and I think both settings were “No” aka disabled originally - unfortunately due to so many flashings I cannot be 100% certain. Otherwise I cannot explain why it does not stick. I am pretty sure I’ve not disabled anything myself. Unless the board itself is “defective” in a very strange way.
The only other way I can try - is remove the BIOS (it’s socketed) and try a clean BIOS chip (programmed externally) - even without any data (serials, MAC, etc) with the modified ME - and see whether this does come up with ME enabled. I have the programmer and everything just need to find the time to do it.
I would like to thank you for all your help. Many thanks.
By 2nd option I assume you mean “PTT Supported [FPF]”. Indeed, if that was set to “No” (Disabled) at the initial SPI flash and first motherboard boot at the EVGA factory, PTT would be permanently set to Disabled. That option sets a PCH Field Programmable Fuse (FPF) which is permanent and would require a new PCH to adjust. There is no need for you to re-flash any changed SPI/CSME firmware in such case. Thing is, I don’t understand why EVGA would (potentially) do such a thing on a high-end X299 motherboard for custom system builds. I think you can check if PTT is disabled via FPF via “MEInfo -verbose” tool. Can you take a look?
Attached MeInfo -verbose to this post - please let me know what else you want me to run. Strangely FPF says “not set” for everything - PTT just does not feature at all (!) and “PTT” and the rest show as “not present” rather than “disabled”. That’s why I find it confusing why they are “missing” and not disabled. It’s the FW Caps that are just missing completely.
I will get you a corresponding Asus X299-A if you need to see it. It MEInfo dump is completely different. Should I try to extract ME from it and flash to the EVGA?
Intel(R) Capability Licensing Service - PRESENT/ENABLED Intel(R) Dynamic Application Loader - PRESENT/ENABLED Service Advertisement & Discovery - NOT PRESENT Intel(R) NFC Capabilities - NOT PRESENT Intel(R) Platform Trust Technology - NOT PRESENT
FPF ME --- -- Force Boot Guard ACM Not set Retrieving Variable "Force Boot Guard ACM Enabled" Disabled Protect BIOS Environment Not set Retrieving Variable "Protect BIOS Environment Enabled" Disabled CPU Debugging Not set Retrieving Variable "CPU Debugging" Enabled BSP Initialization Not set Retrieving Variable "BSP Initialization" Enabled Measured Boot Not set Retrieving Variable "Measured Boot Enabled" Disabled Verified Boot Not set Retrieving Variable "Verified Boot Enabled" Disabled Key Manifest ID Not set Retrieving Variable "Key Manifest ID" 0x0 Enforcement Policy Not set Retrieving Variable "Error Enforcement Policy" 0x0
The FPF state of your EVGA motherboard is not Committed exactly because Manufacturing Mode is enabled, which also allows Read/Write access to the Engine region.
The Engine firmware is properly configured. I’m fairly certain that the problem is with the BIOS as PTT must be currently set to Disabled there. Are you sure that you cannot see any menu relating to PTT or Platform Trust Technology? Maybe under a TPM or Trusted Platform Module menu? Usually it’s called “PTT Configuration” though. If it’s not there, obviously EVGA forgot to enable it for the end user to configure TPM or PTT so you should let them know and wait for a new BIOS update.
Sorry but surely this means ME has not been fully configured either by mistake so we need to commit ME config? Isn’t the fix toggling ME out of manufacturing mode?
PTT just seems to be a symptom of the ME being in manufacturing mode and thus the configuration is not set.
You are correct. The FPF are set when Manufacturing Mode is Disabled for the first time (normally at the OEM factory) and thus the platform is FPF Committed. PTT does not work in Manufacturing Mode (no FPF commitment) so that’s why it’s not shown at all. So, now that you still have read/write access to the Engine region (Manufacturing Mode Enabled), download the attached Engine region which has PTT fully enabled. Flash via “fptw -rewrite -me -f 1E295112_ME_PTT.bin” followed by “fptw -greset”. After the reboot, run “fptw -closemnf”. PTT should now be Enabled.
Due to other issues I was not able to do this earlier. Flashed your version, reset, then closed man-mode.
Just done it now - and FPFs are now set but still no dice. It seems it is not as easy as it sounds:
1 2 3 4 5 6 7 8 9 10
FW Capabilities value is 0x100140 Feature enablement is 0x100140
FW Capabilities 0x00100140
Intel(R) Capability Licensing Service - PRESENT/ENABLED Intel(R) Dynamic Application Loader - PRESENT/ENABLED Service Advertisement & Discovery - NOT PRESENT Intel(R) NFC Capabilities - NOT PRESENT Intel(R) Platform Trust Technology - NOT PRESENT
To me it seems the issue is still that PTT is shown as "NOT PRESENT" and not simply present/disabled as on other boards. Thus there is "nothing to enable" since it is not present.
The question is how the FW capabilities are being set. Pity I liked this board.
The forum is buggy with txt attachments so you should compress them first. Either way, I can tell you for a fact that the problem is not related to CSME firmware. The problem is either hardware or BIOS related. Since I doubt that there is any other way to disable PTT in hardware (other than FPF which is set properly), I believe that there is an EVGA BIOS issue which can be fixed with an update from their part. The BIOS is probably always setting PTT to Disabled at boot with no option exposed to the menu so that’s why you see Not Present at MEInfo. You should contact EVGA and let them know that you cannot enable PTT.
Plutomaniac - sure BIOS can easily fix it - but I think we know EVGA won’t do it. Not a cat’s chance in hell. In fairness until relatively recently ASUS did not provide PTT either even though they could have done it for generations - instead relying on socket for external TPM for some reason.
I thought what we’re trying to do here is to include (not saying “enabled” since that enables present caps) ME capabilities that have not been included by the BIOS. To me it was not clear that the BIOS sets the FW caps “in stone” (not just FPFs) and modifying the ME flags cannot include additional caps no matter what.
It seems it may be possible to enable caps that are included (present) but not enabled by modifying ME but there’s no way to enable caps that are not included (not present) even committing FPF flags or what-not. That is a pity.
The CSME FW Capabilities define the SKU. All Consumer firmware have the same capabilities. All Corporate firmware have the same capabilities. There is no special EVGA CSME firmware SKU with its own FW Capabilities which has PTT disabled. An exception is Apple with their Slim SKU but that’s another story. The FW Capabilities are set by provisioning the firmware via Flash Image Tool. Some of them can then be Enabled/Disabled via MEBx (relevant to Corporate SKU, AMT for example) or via BIOS options which are respected by the CSE, provided that they don’t conflict with any FPF values. All of the provisioning and FPF commitment is done by the CSE, the BIOS can just hide or show a few of them. What I’m saying is that the FW Capabilities are always there, not missing or not included. After that, it’s a matter of FIT provisioning and BIOS showing. That’s an important distinction.
Honestly I don’t understand why EVGA would deny giving the user the option to enable PTT. Especially on a 300$ motherboard for a high-end workstation platform such as X299. That wouldn’t be cool, at least on my books. Before condemning them though, I don’t remember if you said anything about contacting their support. If not, I suggest you ask them but make sure to try the proper channels and not forums, live chats or similar which are usually run by volunteers who don’t even know what CSME is. It is worth a try in my opinion.
Plutomaniac - I hope the previous did not come across the wrong way: I’m not trying to question you or start an argument etc.
I’m simply trying to understand why what we’ve done does not work and perhaps learn something for other people. I am thankful for your help - as I said I think we’re missing something here.
But I do think there’s more than meets the eye here: Both the EVGA and Asus are the same platform* and running the same CSME ME (consumer). But the features are different. We changed/enabled them, we set the FPF flags etc. But the FW Caps are different. And on the EVGA they have not changed despite or changes.
I am also not sure we realise the difference between “not present” and “disabled”. Clearly “not present” cannot be changed through ME modification alone.
If the BIOS through a call (or calls) sets the flags for ME “FW Caps” then they are effectively “set in stone” and cannot be changed. What I mean you cannot enable something that is “not present”.
My understanding - based on what you say - is that FIT/platform determines FW Caps and BIOS/perhaps drivers enables/disables them. But then BIOS could not enable PTT either since it is “not present”.
On Asus (not X299 but Z170) even with external TPM socket, PTT was always “present” but there was no option to enable. Do you see what I mean? So perhaps you could enable it by modifying ME to have “start-up state: enable” but that’s because it was “present/disabled”. But here it is “not present” completely.
* NB. It seems platform IDs are different between the ASUS and EVGA. Perhaps we should have changed platform then?
ASUS: FW Capabilities value is 0x20110540 Feature enablement is 0x20110140 Platform type is 0x71440322
EVGA: FW Capabilities value is 0x100140 Feature enablement is 0x100140 Platform type is 0x714F0322
Do we know of documentation on the flags? AMT SDK?
