Fujitsu G558 enable legacy boot mode

Hi,

i need for my machine Fujitsu G558 (micro PC) to enable Boot Mode- Uefi & Legacy. Or CSM boot. I have full dump made with FPT (ME version 12). I have tried to write back unlocked modules edited with AMIBCP 5.0.2 but my machine is not booting anymore. I think AMIBCP is corrupting my BIOS. I needed to restore with external programmer. Aptio V bios. I have the knowhow to edit UEFI vars from grub setup_var. Those are working. But i’m not sure how to change Boot Mode to UEFI and Legacy. Attached is
BIOS Lock VarOffset - 0xA18.
At the end of my edit with AMIBCP 5.0.2.0031 i receive a message - Saving secure rom as unsigned. Maybe this is the problem. I’m trying to enable menus but my bios should be signed. But how?
Please find the link with my dumps - https://drive.google.com/file/d/1gfzxuYg…iew?usp=sharing

Thank you!
invictus


Hello sir, I don’t know what is really happening under amibcp but im pretty sure you can change boot mode from uefi to legacy inside RU or in this case grub setup_var.
Boot option filter, VarStoreInfo (VarOffset/VarName): 0x11E8, <— offset
UEFI and Legacy, Value (8 bit): 0x0 <— values (use as 00)
Legacy only, Value (8 bit): 0x1 (01)
UEFI only, Value (8 bit): 0x2 (02)

Hello,

the funny part is that 0x00 is default. Checked with setup_var and 0x00 was set. I’ve put then 0x01 and should be Legacy only. But i could still boot windows UEFI loader and that makes me believe that is not working(the settings with setup_var was stored). Any more ideas? Could the Intel ME 12 be the cause of bricking my machine when i try to mod my bios? How can i disable ME? and How can I boot unsigned modified BIOS?

Thanks!


If I am not wrong, W10 can pretty much boot under BIOS or UEFI, you can try checking if you are running legacy(BIOS) or UEFI by running msinfo32 (usual Win+R) and look for BIOS Mode, try to reboot and change bios values and report back.
I’m not sure you can boot into a bricked bios, you can try downgrading your bios and run older one through amibcp maybe it wont brick - newer require version above 5.X that is in “public” domain I was searching for a newer version but no luck, should be called AMIBCP Pro (version 5.11 or something) Or just manually edit your bios, I bet you wanna open all of the settings under advanced/chipset tabs? Go here ->

and search for General Aptio V Mod Guide there is a “tiny” manual on how to do it.


If I am not wrong, W10 can pretty much boot under BIOS or UEFI, you can try checking if you are running legacy(BIOS) or UEFI by running msinfo32 (usual Win+R) and look for BIOS Mode, try to reboot and change bios values and report back.
I’m not sure you can boot into a bricked bios, you can try downgrading your bios and run older one through amibcp maybe it wont brick - newer require version above 5.X that is in “public” domain I was searching for a newer version but no luck, should be called AMIBCP Pro (version 5.11 or something) Or just manually edit your bios, I bet you wanna open all of the settings under advanced/chipset tabs? Go here ->

and search for General Aptio V Mod Guide there is a “tiny” manual on how to do it.


:slight_smile: I’m not booting into a bricking BIOS. Not at all. I need to flash back with external flasher everytime i mod my bios, from a backup. I’m booting into windows after your “setup_var” variable change. But that keeps the BIOS unaltered and since the machine is booting. I have studied and seems i have a Bios Guard implementation. Implemented correctly and in conjunction with Intel AMT or ME ver 12 i might be in the impossibility to unlock any additional menus my BIOS. Thanks for the tip with msinfo32. I’ll check after i restore my backup into my SPI flash.


If I am not wrong, W10 can pretty much boot under BIOS or UEFI, you can try checking if you are running legacy(BIOS) or UEFI by running msinfo32 (usual Win+R) and look for BIOS Mode, try to reboot and change bios values and report back.
I’m not sure you can boot into a bricked bios, you can try downgrading your bios and run older one through amibcp maybe it wont brick - newer require version above 5.X that is in “public” domain I was searching for a newer version but no luck, should be called AMIBCP Pro (version 5.11 or something) Or just manually edit your bios, I bet you wanna open all of the settings under advanced/chipset tabs? Go here ->

and search for General Aptio V Mod Guide there is a “tiny” manual on how to do it.


:slight_smile: I’m not booting into a bricking BIOS. Not at all. I need to flash back with external flasher everytime i mod my bios, from a backup. I’m booting into windows after your “setup_var” variable change. But that keeps the BIOS unaltered and since the machine is booting. I have studied and seems i have a Bios Guard implementation. Implemented correctly and in conjunction with Intel AMT or ME ver 12 i might be in the impossibility to unlock any additional menus my BIOS. Thanks for the tip with msinfo32. I’ll check after i restore my backup into my SPI flash.


If you are flashing with external, after modifying with amibcp and it still works then do full reconfig through amibcp, i mean > disable bioslock (admin/chipset/pch/security) and enable legacy only bootfilter (advanced/csm/) put optimal on enabled/disabled(whatever you are looking for) then flash, reboot into bios, reset all values on optimal, reboot and you should be gucci and for flashing unsecured bios you have to use FPT(intels, correct version can be found on forum(probably if no i’ll look for it) you just need to know your chipset series) should work with bioslock disabled easy.
Edit: actually, your intel bios guard is disabled by default

what I’m saying is that every single bit modded in my original dump gives a brick. Never i boot after mod.


So you can’t use AMIBCP, I told you before, you have to manually edit your bios I can try but I can’t promise you any results, will report later

here i changed settings but it might be tampered anyway, try to flash it and report, if goes ok on bios settings reset csm should be enabled with legacy and uefi, bios lock disabled by default aswell. tommorow will try a different way going to sleep for now.

Thanks! I’ll try

flashed with external programmer. not booting :frowning: Some additional magic is required :slight_smile: Thank you for your help!

Here is maybe an interesting information obtained with MEinfo tool. https://drive.google.com/file/d/1XFNZ-Ta…iew?usp=sharing
What worries me is this:
Protect BIOS Environment Enabled
Verified Boot Enabled

Here this one seems to be untampered, tried to mod it after with amibcp and on save says “saving as unsigned” same mods as before, I really cant find how to enable the menus, setup module seems quite complicated we will need help from @Lost_N_BIOS here. But anyway try to flash (bios only region) maybe it works out

edit:for the rest there is a very nice guide here, search for “changing the lock bit” it uses RU software tho, might be a little tricky first times

edit2:there is also full image same mods, shouldnt be tampered here



Not working m8. Tried both files, bios and full dump. None will boot my machine. I think we need advance knowhow on checksums involved here.

Yeah, we pretty much do, but I think its actually down to bios version, you would need new Amibcp that is not publicly available anyway, maybe you can just try tinkering with setup_var/ru software and actually enable csm on offset 0x11E2 value 01 (enables csm only, with uefi and legacy all together) for the rest we need lost_n_bios help.



hi nif3lheim,

playing with UBU and included UEFITool NE i see this message at Parser tab for your mod - checkProtectedRanges: AMI protected range [86A000h:D50A4h] hash mismatch, opened image may refuse to boot
Any ideas? Thx!

I believe my dump is too new for this tools. parseVendorHashFile: new AMI hash file found
I have also check for my original dump that is booting just fine and the message in UEFITool NE is the same. Oh well… crap :frowning:

some more development for this board. I have managed to disable ME/AMT with the help of me-cleaner a special version found in the request for commits link here https://github.com/corna/me_cleaner/pull/282 Thanks for this @dt_zero
My MeInfo looks good - disabled.

Intel (R) MEInfo Version: 12.0.49.1536
Copyright (C) 2005 - 2019, Intel Corporation. All rights reserved.

Error 198: ME disabled.

But i don’t fully understand what other protections are in place. As again any BIOS mod renders my machine not bootable(bios brick). I was under the impression that Verified boot was done by ME. But still there something stinky here…

Any hints?
Here are my current BIOS only and full SPI dump with ME disabled. Maybe someone can clarify this mystery. https://drive.google.com/file/d/1DjIoJJ3…iew?usp=sharing

Regards