This whole TPM fiasco has had me looking into it as well. So I have been on these forums for a few days just looking around and trying to get a feel for things.
I started with just trying to enable the hidden TPM Device Selection field in BIOS (v3401), ME FW v11.6.10.1196 At first I did a regular BIOS update from Asus support page (v3801). This didn’t change anything. I then looked into a thread with this name the post #12: (setup_var idea) Cannot enable Intel PTT TPM at ASUS motherboard
This also changed nothing. The TPM was still not visible from Windows.
Then I upgrade the ME FW to v11.8.86.3909 going step-by-step through the guide: Intel Converged Security Management Engine Drivers Firmware and Tools This all went through fine and I was now with the new ME FW version.
But, alas, still no TPM/PTT functionality.
Then I fiddled around with the BIOS, modifying it a little: I used the AMIBCP tool to change the visibility of the PCH-FW items in BIOS. From there I managed to set the TPM device in BIOS and it seemed to have stayed that way. HWInfo showed the updated ME FW and stated that the system is PTT capable and it is enabled, but Windows 10 still didn’t recognize it.
I tried disabling the ME in BIOS to toggle it and change the settings surrounding it accordingly. But nothing seemed to help.
I thought of reinstalling the ME drivers, and this is where, I think, things went haywire. Firstly, I just tried repairing the drivers. As this changed nothing, I thought that I could simply to a clean install for the drivers. So I ran the installer again and now, instead of selecting “repair”, I selected “remove”. This completed successfully. Now I tried to run the installer again, but now the installer gave an error: "The Setup program ended prematurely because of the following error: This platform is not supported."
After this the Management Engine device was gone from Windows Device Manager and now BIOS shows the ME FW version as 0.0.0.0 Also, HWInfo now doesn’t show the MEI part under motherboard section anymore as well.
I have tried following the Guide-How To: Clean Dumped Intel Engine (CS)ME/(CS)TXE Regions with Data Initialization to try to reset the ME FW, but I can’t flash the FW because of: Error 451: The host CPU does not have write access to the target flash area. To enable write access for this operation you must modify the descriptor settings to give host access to this region. FPT Operation Failed.
I have tried enabling the “ME Re-Flash Image” option via GRUB according to “Guide-Unlock-Intel-Flash-Descriptor-Read-Write-Access-Permissions-for-SPI-Servicing”, but it resets every time, and even if I continue directly to windows from GRUB, it still gives the same error.
The read works fine, but writing is not possible. I have attached my overall spi dump (spi.bin) and also the ME specific dump. Here’s also a ME Analyzer info:
Unfortunately I don’t have any of the previous MEInfo dumps from when it was working, and I can’t create new ones due to missing driver.
If anyone has nay idea, how to help this guy out, who, in all honesty, got into this mess by himself, I would sincerely grateful
With regards, RabadashTheFool
EDIT by Fernando: Thread moved into the Win11 Sub-Forum (your problem has nothing to do with BIOS-Modding) and thread title shortened (was too long)
Well m8 welcome to superfluous discussion about TPM and all that bullsh*** of miracles, u got a present from that adventures and a corrupted Intel ME image, start here:
Yeah, I’ve gone through those steps and guides (I couldn’t post links in the first post).
I was able to flash the BIOS, but I can’t flash the ME image, because of the
I was unable to unlock the Intel Flash Descriptor Write access (I have read access, because I can read the image).
What is "RU" in this context?
I have tried so far to change the "ME Re-Flash image" setting with setup_var, but it won’t stick (doesn’t seem to work if I boot into windows straight after).
I can try to see, if changing it with AMIBCP has any effect. I flashed previously some of the AMIBCP changes (mostly visibility changes) with AFUDOS.
A note…dont try “just” to flash Intel ME it wont work, even after all unlocked, u must do as the guide to clean. It will always stay 0.0.0.0 until done correctly with a clean image.
EDIT: Did the comand FPT -greset ever worked? Indeed the operations with FPT for flashing requires unlocks… flash programmer as last resource as u have Asus BFB. As u have Asus BFB, keep a spare usb with original cap file. Keep a good backup of ur SPI because of UUID SN etc… With UEFItool replace the Intel ME FW image from outputimage.bin on another same version CAP, rebuild/save, use another USB for BFB with it for flash. Try that.
As I said, I followed the guide to clean dumped ME image to the point where I have to flash the cleaned image.
So I have already prepared a clean version. (have the outimage.bin, with “Configured” File System state in MEA). By the Guide, all that’s left to do, is to flash it, but that’s the thing I can’t do. Neither in windows or DOS.
Is there a difference to using setup_var or HEX to edit the variable? I mean, they’re basically doing the same thing - trying to edit a value on a software level.
Should I look into hardware SPI programming, since the software solutions are unable to give access to ME image Write capabilities?
I did as you told, switched the cleaned ME region into the official latest version BIOS. Then used the Bios Flashback system for the mobo and voilà, it shows up correctly in BIOS and also in Windows again with the 11.8 version.
Thanks a bunch!
I’ve gotta say, though, it was a fun thing to tinker with and explore the unfamiliar world
Now I’ve still got to figure out how to get the PTT working. Maybe the same way
I know. It’s just somewhat interesting to tinker with such things
I mean, I am aware of the potential reasons for the requirements for Win 11 being like that (TPM and the minimum 8th gen processors idea). Linus gave a great insight as to why Microsoft most likely won’t and even more shouldn’t lower the bar for Win11 in the last WAN show (07/02/2021).
I guess I’m just curious about the experience of the new OS as I’ve ran the preview builds for Win 10 as well during win 8.1 days
Definietly use a CH341A programmer to restore your bios or experiment with different ME versions - the socketed bios on the M8F makes this really easy with no need to mess around with trying to unlock the descriptors etc.
Sorry, can you please check if a dump of your actual bios shows Initialized or Configured? I flashed a Configured ME image, but when I get the dump it shows Initialized…
