Did further study as well.
Realize that HP has two different bios chip
8MB for EC and 16MB for BIOS
Raw dump can be opened with UEFITool.
Inside EC Firmware, there are lots of executable which can be analyzsed with IDA too.
I was hunting for recovery mode since this gets executed when BIOS is corrupted which makes me to believe it has to be exists on EC.
However, I couldn’t find any useful file except on very shady padding region.
Its located right after Microcode section where FIT exists.
It has some SureStart strings as well as something call “Firebird” which Im not sure what it is.
I still dont know what kind of binary it is so cant really analyze properly with IDA yet but still working on it.
!! Firebird Aggressive mode !!
!! Firebird Requested G3 Reset !!
!! Firebird phase2 check !!
!! Firebird phase2 Completed with Led Blink = %d !!
!! Firebird Phase2 Finished Successfully !!
!! Firebird phase2 re-validation after BB recovery fails !!
!! Firebird phase2 Repair !!
!! Firebird phase2 Manual Recovery !!
!! Wait till S0 Firebird completes before Sx Firebird Entry !!
!! S0 Firebird completed - ignore FB results !!
!! Firebird phase4 check launched from S0 State !!
!! Firebird phase4 Completed with Led Blink = %d !!
!! Firebird Phase4 Finished Successfully !!
!! Firebird phase4 re-validation after BB recovery fails !!
!! S0 Firebird recovered BB - generate SCI !!
!! Firebird phase4 Repair !!
!! Firebird phase4 Manual Recovery !!
!! Firebird phase4 check launched from S%d State !!
!! Firebird phase4 Completed with Led Blink = %d !!
!! Firebird phase4 Manual Recovery !!
!! Firebird phase4 re-validation after BB recovery fails !!
!! Firebird Phase4 Finished Successfully !!
!! Firebird phase4 Repair !!
!! Launch Firebird to change EC_MPM! Enable:%u Disable:%u !!
!! S0 Firebird is running !!
!!! ERROR: Firebird Could not Repair BootBlock.!!!
!!Can not run Firebird P2!!
!!! ERROR: Firebird Could not Repair BootBlock.!!!
!!Can not run Firebird P4!!
!!Can not run Firebird lite eSPI Intel!!
Full Firebird AMD
Firebird Self Test requested on next boot…
Full Firebird Intel
Firebird Self Test requested on next boot…
Firebird Lite for AMD and Intel starts
Firebird busy - rejecting command %d
Firebird busy - rejecting command %d
Set Firebird Policy Rejected. EC_MPM = %02hXh CloseTrustedAPI = %02hXh
!!! ERROR: Firebird Could not Repair BootBlock. Forcing G3 Reset!!!
!!! ERROR: Firebird Could not Repair BootBlock. Forcing G3 Reset!!!