Intel (Converged Security) Management Engine: Drivers, Firmware and Tools (2-15)

I’m a little confused, this is what my bios shows, and I’m not sure if this can be upgraded at all ?

╔════════════════════════════════════════════════════════╗
║ E3-PRO-GAMING-V5-ASUS-2606.CAP (1/1) ║
╟─────────────────────────────────────┬──────────────────╢
║ Family │ CSE SPS ║
╟─────────────────────────────────────┼──────────────────╢
║ Version │ 04.01.04.054 ║
╟─────────────────────────────────────┼──────────────────╢
║ Release │ Production ║
╟─────────────────────────────────────┼──────────────────╢
║ Type │ Extracted ║
╟─────────────────────────────────────┼──────────────────╢
║ SKU │ Slim ║
╟─────────────────────────────────────┼──────────────────╢
║ Chipset │ SPT-H B ║
╟─────────────────────────────────────┼──────────────────╢
║ TCB Security Version Number │ 3 ║
╟─────────────────────────────────────┼──────────────────╢
║ ARB Security Version Number │ 0 ║
╟─────────────────────────────────────┼──────────────────╢
║ Version Control Number │ 0 ║
╟─────────────────────────────────────┼──────────────────╢
║ Production Ready │ No ║
╟─────────────────────────────────────┼──────────────────╢
║ OEM Configuration │ No ║
╟─────────────────────────────────────┼──────────────────╢
║ Date │ 2017-09-25 ║
╟─────────────────────────────────────┼──────────────────╢
║ File System State │ Configured ║
╟─────────────────────────────────────┼──────────────────╢
║ Size │ 0x2F9000 ║
╟─────────────────────────────────────┼──────────────────╢
║ Flash Image Tool │ 04.01.04.054 ║
╟─────────────────────────────────────┼──────────────────╢
║ Chipset Support │ SPT-H ║
╚═════════════════════════════════════╧══════════════════╝

Note: Adjusted buffer to Flash Descriptor 0x800 - 0x1000800!


That’s Server Platform Services (SPS) firmware, not Management Engine (ME). It works and gets updated in different ways. We also lack tools for such platforms. So no, you cannot use anything from this thread. You’ll have to leave it as it is.


That’s Server Platform Services (SPS) firmware, not Management Engine (ME). It works and gets updated in different ways. We also lack tools for such platforms. So no, you cannot use anything from this thread. You’ll have to leave it as it is.




I see, I was hoping I could extract from another Asus BIOS which uses the C232 chipset, for example the P10S-I updated to ME F/W to SPS_E3_04.01.04.109.0 …

can someone plz help me to downgrade ime on dell t7610?

Zitat von Gast im Beitrag #5564
can someone plz help me to downgrade ime on dell t7610?

Downgrade MEI? To which version?

CSME 15.0 Consumer LP B (C) v15.0.35.1879

Capture1.PNG



PMC MCC LP B v154.1.10.1021

Capture.PNG



Note: ME Analyzer v1.230.0 or newer is required for CSME >= 15.0.35 detection.

Hello, I recently just updated my Asus Z170-A CSME11.8 firmware from 11.8.xx.xxxx to the 11.8.86.3909 version, and the MEinfo and Memanuf shows result like this, is this fine?, since the EK Revoke State shows Revoked


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
 

Intel(R) MEInfo Version: 11.8.86.3909
Copyright(C) 2005 - 2020, Intel Corporation. All rights reserved.
 

 
Intel(R) ME code versions:
 
BIOS Version 3802
MEBx Version 0.0.0.0000
GbE Version 0.7
Vendor ID 8086
PCH Version 31
FW Version 11.8.86.3909 H
Security Version (SVN) 3
LMS Version 2120.0.21.0
MEI Driver Version 2108.100.0.1053
Wireless Hardware Version Not Available
Wireless Driver Version Not Available
 
FW Capabilities 0x31111540
 
Intel(R) Capability Licensing Service - PRESENT/ENABLED
Protect Audio Video Path - PRESENT/ENABLED
Intel(R) Dynamic Application Loader - PRESENT/ENABLED
Intel(R) Platform Trust Technology - PRESENT/ENABLED
 
Re-key needed False
Platform is re-key capable True
TLS Disabled
Last ME reset reason Firmware reset
Local FWUpdate Enabled
BIOS Config Lock Enabled
GbE Config Lock Enabled
Host Read Access to ME Enabled
Host Write Access to ME Disabled
Host Read Access to EC Disabled
Host Write Access to EC Disabled
SPI Flash ID 1 EF4018
SPI Flash ID 2 Unknown
BIOS boot State Post Boot
OEM ID 00000000-0000-0000-0000-000000000000
Capability Licensing Service Enabled
OEM Tag 0x00000000
Slot 1 Board Manufacturer 0x00000000
Slot 2 System Assembler 0x00000000
Slot 3 Reserved 0x00000000
M3 Autotest Disabled
C-link Status Disabled
Independent Firmware Recovery Disabled
EPID Group ID 0x1F83
LSPCON Ports None
5K Ports None
OEM Public Key Hash FPF 0000000000000000000000000000000000000000000000000000000000000000
OEM Public Key Hash ME 0000000000000000000000000000000000000000000000000000000000000000
ACM SVN FPF 0x0
KM SVN FPF 0x0
BSMM SVN FPF 0x0
GuC Encryption Key FPF 0000000000000000000000000000000000000000000000000000000000000000
GuC Encryption Key ME 0000000000000000000000000000000000000000000000000000000000000000
 
FPF ME
--- --
Force Boot Guard ACM Disabled Disabled
Protect BIOS Environment Disabled Disabled
CPU Debugging Enabled Enabled
BSP Initialization Enabled Enabled
Measured Boot Disabled Disabled
Verified Boot Disabled Disabled
Key Manifest ID 0x0 0x0
Enforcement Policy 0x0 0x0
PTT Enabled Enabled
PTT Lockout Override Counter 0x0
EK Revoke State Revoked
PTT RTC Clear Detection FPF Not set
 

 

Intel(R) MEManuf Version: 11.8.86.3909
Copyright(C) 2005 - 2021, Intel Corporation. All rights reserved.
 

Windows OS Version : 10.0
 
FW Status Register1: 0x94000245
FW Status Register2: 0x06F60506
FW Status Register3: 0x00000420
FW Status Register4: 0x00084000
FW Status Register5: 0x00000000
FW Status Register6: 0x40000000
 
CurrentState: Normal
ManufacturingMode: Disabled
FlashPartition: Valid
OperationalState: CM0 with UMA
InitComplete: Complete
BUPLoadState: Success
ErrorCode: No Error
ModeOfOperation: Normal
SPI Flash Log: Not Present
FPF HW Source value: Not Applicable
ME FPF Fusing Patch Status: ME FPF Fusing patch NOT applicable
Phase: ROM/Preboot
ICC: Valid OEM data, ICC programmed
ME File System Corrupted: No
PhaseStatus: AFTER_SRAM_INIT
FPF and ME Config Status: Match
 
FW Capabilities value is 0x31111540
Feature enablement is 0x31111140
Platform type is 0x71220322
No Intel Wireless device was found
Feature enablement is 0x31111140
ME initialization state valid
ME operation mode valid
Current operation state valid
ME error state valid
OEM ICC data valid and programmed correctly
MFS is not corrupted
PCH SKU Emulation is correct
FPF and ME Config values matched
 
Request Intel(R) ME BIST status command... done
 
Get Intel(R) ME test data command... done
 
Get Intel(R) ME test data command... done
Total of 10 Intel(R) ME test result retrieved
 

Policy Kernel - Boot Guard : Self Test - Passed
MCA - MCA Tests : Blob - Passed
MCA - MCA Tests : MCA Manuf - Passed
SMBus - SMBus : Read byte - Passed
VDM - General : VDM engine - Passed
PAVP - General : Verify Edp and Lspcon Configurations - Passed
PAVP - General : Set Lspcon Port - Passed
PAVP - General : Set Edp Port - Passed
 
Clear Intel(R) ME test data command... done
 

MEManuf Operation Passed
 

 


It is fine.

Hello there,

could someone please help me regarding the update process for an Intel 11th gen device?

I have recently bought a OneXPlayer from 1Netbook and would like to update its ME :slight_smile:
The device itself is a laptop (albeit in a different form factor) and is powered by an Intel 1165G7.

After going through the opening post and its guide, I did check with MEAnalyzer and received this output:

╔═══════════════════════════════════════════╗
║ ME Analyzer v1.230.0 r256 ║
╚═══════════════════════════════════════════╝

Welcome to Intel Engine & Graphics Firmware Analysis Tool

Press Enter to skip or input -? to list options


File: Base.rom

Option(s): ╔═══════════════════════════════════════════╗
║ ME Analyzer v1.230.0 r256 ║
╚═══════════════════════════════════════════╝

╔═══════════════════════════════════════════╗
║ Base.rom (1/1) ║
╟─────────────────────────────┬─────────────╢
║ Family │ CSE ME ║
╟─────────────────────────────┼─────────────╢
║ Version │ 15.0.2.1377 ║
╟─────────────────────────────┼─────────────╢
║ Release │ Production ║
╟─────────────────────────────┼─────────────╢
║ Type │ Extracted ║
╟─────────────────────────────┼─────────────╢
║ SKU │ Consumer LP ║
╟─────────────────────────────┼─────────────╢
║ Chipset │ TGP-LP B ║
╟─────────────────────────────┼─────────────╢
║ TCB Security Version Number │ 1 ║
╟─────────────────────────────┼─────────────╢
║ ARB Security Version Number │ 1 ║
╟─────────────────────────────┼─────────────╢
║ Version Control Number │ 3 ║
╟─────────────────────────────┼─────────────╢
║ Production Ready │ Yes ║
╟─────────────────────────────┼─────────────╢
║ OEM Configuration │ Yes ║
╟─────────────────────────────┼─────────────╢
║ FWUpdate Support │ No ║
╟─────────────────────────────┼─────────────╢
║ Date │ 2020-09-03 ║
╟─────────────────────────────┼─────────────╢
║ File System State │ Configured ║
╟─────────────────────────────┼─────────────╢
║ Size │ 0x46F000 ║
╟─────────────────────────────┼─────────────╢
║ Flash Image Tool │ 15.0.2.1377 ║
╟─────────────────────────────┼─────────────╢
║ Latest │ No ║
╚═════════════════════════════╧═════════════╝
╔═════════════════════════════════════════════╗
║ Power Management Controller ║
╟─────────────────────────────┬───────────────╢
║ Family │ PMC ║
╟─────────────────────────────┼───────────────╢
║ Version │ 150.1.20.1024 ║
╟─────────────────────────────┼───────────────╢
║ Release │ Production ║
╟─────────────────────────────┼───────────────╢
║ Type │ Independent ║
╟─────────────────────────────┼───────────────╢
║ Chipset SKU │ LP ║
╟─────────────────────────────┼───────────────╢
║ Chipset Stepping │ C ║
╟─────────────────────────────┼───────────────╢
║ TCB Security Version Number │ 0 ║
╟─────────────────────────────┼───────────────╢
║ ARB Security Version Number │ 0 ║
╟─────────────────────────────┼───────────────╢
║ Version Control Number │ 0 ║
╟─────────────────────────────┼───────────────╢
║ Production Ready │ Yes ║
╟─────────────────────────────┼───────────────╢
║ Date │ 2020-09-02 ║
╟─────────────────────────────┼───────────────╢
║ Size │ 0x40000 ║
╟─────────────────────────────┼───────────────╢
║ Manifest Extension Utility │ 15.0.0.1282 ║
╟─────────────────────────────┼───────────────╢
║ Chipset Support │ TGP ║
╟─────────────────────────────┼───────────────╢
║ Latest │ No ║
╚═════════════════════════════╧═══════════════╝
╔═══════════════════════════════════════════╗
║ Platform Controller Hub Configuration ║
╟─────────────────────────────┬─────────────╢
║ Family │ PCHC ║
╟─────────────────────────────┼─────────────╢
║ Version │ 15.0.0.1014 ║
╟─────────────────────────────┼─────────────╢
║ Release │ Production ║
╟─────────────────────────────┼─────────────╢
║ Type │ Independent ║
╟─────────────────────────────┼─────────────╢
║ TCB Security Version Number │ 0 ║
╟─────────────────────────────┼─────────────╢
║ ARB Security Version Number │ 0 ║
╟─────────────────────────────┼─────────────╢
║ Version Control Number │ 0 ║
╟─────────────────────────────┼─────────────╢
║ Production Ready │ Yes ║
╟─────────────────────────────┼─────────────╢
║ Date │ 2020-06-30 ║
╟─────────────────────────────┼─────────────╢
║ Size │ 0x1000 ║
╟─────────────────────────────┼─────────────╢
║ Manifest Extension Utility │ 15.0.0.9000 ║
╟─────────────────────────────┼─────────────╢
║ Chipset Support │ TGP ║
╟─────────────────────────────┼─────────────╢
║ Latest │ No ║
╚═════════════════════════════╧═════════════╝
╔═══════════════════════════════════════════════╗
║ USB Type C Physical ║
╟─────────────────────────────┬─────────────────╢
║ Family │ PHY ║
╟─────────────────────────────┼─────────────────╢
║ Version │ 11.221.209.0221 ║
╟─────────────────────────────┼─────────────────╢
║ Release │ Production ║
╟─────────────────────────────┼─────────────────╢
║ Type │ Independent ║
╟─────────────────────────────┼─────────────────╢
║ SKU │ N ║
╟─────────────────────────────┼─────────────────╢
║ TCB Security Version Number │ 0 ║
╟─────────────────────────────┼─────────────────╢
║ ARB Security Version Number │ 0 ║
╟─────────────────────────────┼─────────────────╢
║ Version Control Number │ 0 ║
╟─────────────────────────────┼─────────────────╢
║ Production Ready │ Yes ║
╟─────────────────────────────┼─────────────────╢
║ Date │ 2020-09-10 ║
╟─────────────────────────────┼─────────────────╢
║ Size │ 0x10000 ║
╟─────────────────────────────┼─────────────────╢
║ Manifest Extension Utility │ 15.0.0.1224 ║
╟─────────────────────────────┼─────────────────╢
║ Chipset Support │ TGP ║
╟─────────────────────────────┼─────────────────╢
║ Latest │ No ║
╚═════════════════════════════╧═════════════════╝


MEInfo does show the following:
Intel (R) ME Info Version: 15.0.30.1716
Copyright (C) 2005 - 2021, Intel Corporation. All rights reserved.

General FW Information

Platform Type Mobile
FW Image Type Production
Last ME Reset Reason Other
BIOS Boot State Post Boot
Boot Critical Code Redundancy Disabled
Current Boot Partition 1
Factory Defaults Recovery Status Enabled
Firmware Update OEM ID 00000000-0000-0000-0000-000000000000
TCSS FW partial update Disabled
Crypto HW Support Enabled
Intel(R) ISH Power State Disabled
OEM Tag 0x00
FW Update State Enabled
TLS State Enabled
CSME Measured Boot to TPM Disabled
BIOS Recovery State Disabled

Intel(R) ME Code Versions
BIOS Version 1AWHY8.51
MEI Driver Version 2108.100.0.1053
FW Version 15.0.2.1377 LP Consumer
LMS Version 2117.0.1.0

IUPs Information
PMC FW Version 150.1.20.1024
OEM FW Version 0.0.0.0000
IUNT FW Version 0.5.1.1192
IOM FW Version 17.16.0.0000
NPHY FW Version 11.221.209.0221
TBT FW Version 14.0.0.3401
PCHC FW Version 15.0.0.1014

PCH Information
PCH Name TGL
PCH Device ID A082
PCH Revision ID B0
PCH SKU Type Production PRQ Revenue
PCH Replacement State Disabled
PCH Replaceable Counter 0
PCH Unlocked State Disabled

Transactional FW Information
Original image type Consumer
Current sku type Consumer

Flash Information
Storage Device Type SPI
SPI Flash ID 1 C22018
RPMC Unsupported
RPMC Bind Counter 0
RPMC Bind Status Pre-bind
RPMC Rebind Unsupported
RPMC Replay Protection Max Rebind 1
BIOS Read Access 0xFFFF
BIOS Write Access 0xFFFF
GBE Read Access 0xFFFF
GBE Write Access 0xFFFF
ME Read Access 0xFFFF
ME Write Access 0xFFFF
EC Read Access 0xFFFF
EC Write Access 0xFFFF

FW Capabilities 0x31319240
Intel(R) Protected Audio Video Path Present/Enabled
Intel(R) Dynamic Application Loader Present/Enabled
Intel(R) Platform Trust Technology Present/Enabled
Persistent RTC and Memory Present/Enabled

End Of Manufacturing
NVAR Configuration State Unlocked
EOM Settings Lock(Flash,Config)
HW Binding State Enabled
Flash Protection Mode Unprotected
FPF Committed No

Trusted Device Setup

Intel(R) Protected Audio Video Path
Widevine provisioning state Not Provisioned
Attestation KeyBox Not Provisioned
PAVP State Yes

Security Version Numbers
Trusted Computing Base SVN 1

Anti Rollback SVNs
PMC 1 [minimum allowed: 1]
CSE 1 [minimum allowed: 1]
ROT KM 1 [minimum allowed: 1]
IDLM 1 [minimum allowed: 1]
OEM KM 1 [minimum allowed: 1]

HW Glitch Detection 0x08
TRC Polarity Rising Trans
TRC Mode Full-cycle polarity trans
TRC State Disabled

Intel(R) Platform Trust Technology
Intel(R) PTT initial power-up state Enabled
Intel(R) PTT State Enabled
SMx State Enabled
RSA1K Support Enabled

FW Supported FPFs FPF UEP
*In Use
— —
1st OEM Key Hash Revoked Not set Disabled
1st OEM Key Hash size Not set Enabled
1st OEM RSA Key size Not set Enabled
2nd OEM Key Hash Revoked Not set Disabled
2nd OEM Key Hash size Not set Enabled
2nd OEM RSA Key size Not set Disabled
BSMM Anti Rollback Not set Enabled
DAL OEM Signing Not set Disabled
DNX Anti Rollback Not set Enabled
EOM Flow Not set Flexible
Error Enforcement Policy 0 Not set Disabled
Error Enforcement Policy 1 Not set Disabled
Flash Descriptor Verification Not set Disabled
Glitch Detection Disabled Not set Enabled
Glitch Detection Enabled Not set Disabled
IDLM Anti Rollback Not set Enabled
Intel PTT Encryption Key Not set Not Revoked
Intel(R) Manageability HW Fuse Status Not set Enabled
Intel(R) PTT Not set Enabled
OEM ID Not set 0x00
OEM KM Anti Rollback Not set Enabled
OEM Key Manifest Not set Enabled
OEM Key Revocation State Not set Disabled
OEM Platform ID Not set 0x00
OEM Secure Boot Policy Not set 0x40
CPU Debugging Not set Enabled
BSP Initialization Not set Enabled
Protect BIOS Environment Not set Disabled
Measured Boot Not set Disabled
Verified Boot Not set Disabled
Key Manifest ID Not set 0x01
Force Boot Guard ACM Not set Disabled
OEM key Hash RSA key size Not set Enabled
PID Refurbish Counter Not set 0x00
PMC Anti Rollback Not set Enabled
PTT Lockout Override Counter Not set 0x00
Persistent PRTC Backup Power Not set Enabled
RBE Anti Rollback Not set Enabled
ROT Anti Rollback Not set Enabled
RPMB Monotonic Counters Not set 0x00
RPMC Rebinding Not set Disabled
RPMC Support Not set Disabled
SOC Config Lock State Not set Disabled
SPI Boot Source Not set Enabled
SPIRAL CPU Not set Disabled
Secure boot KM Anti Rollback Not set Enabled
TXT Supported Not set Disabled
UFS Boot Source Not set Disabled
USB Port ID Not set 0x00
uCode Anti Rollback Not set Disabled

DNX SVN Not set 0x00
IDLM SVN Not set 0x00
OEM KM SVN Not set 0x00
PMC SVN Not set 0x00
ROT KM SVN Not set 0x00
Secure boot ACM SVN Not set 0x00
Secure boot BSMM SVN Not set 0x00
Secure boot KM SVN Not set 0x00
Ucode SVN Not set 0x00


1st OEM Public Key Hash FPF Not set
1st OEM Public Key Hash UEP 13436CC373E8DA121456A38D7862496C5F2EEDF86F2F443182706CD3E07CB1D9144DFAAA86D8C10059E170119F2E6D21
2nd OEM Public Key Hash FPF Not set
2nd OEM Public Key Hash UEP 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000


So far, I would assume that updating via FWUpdate is ok, as it is not “impossible”.
As this is version 15.0, and TGP’s flavor of LP, I need to build the update image myself, i.e. merge the following via FIT:
CSME 15.0 CON LP B v15.0.35.1879
PMC TGP LP C v150.1.20.1036
PCHC TGP v15.0.0.1021
no PHY as it is “n/a” in the table

Unfortunately, this is where I am unsure how to proceed.
FIT asks for a platform (“Tigerlake LP B0” I assume, as that is given in MEInfo) as well as the variant, which I’ll assume is “Premium” (guide says ignore).
After adding the various files in FIT and pressing the green button to “Build image for FWUpdate”, I did receive a file.

Running this file through MEAnalyzer does show the following scary messages:
Warning: Detected additional EFS Data Buffer contents, wrong EFST!

Note: File is missing optional Firmware 4K alignment padding!


The complete output is as follows:
╔═══════════════════════════════════════════╗
║ ME Analyzer v1.230.0 r256 ║
╚═══════════════════════════════════════════╝

╔════════════════════════════════════════════╗
║ FWUpdate.bin (1/1) ║
╟─────────────────────────────┬──────────────╢
║ Family │ CSE ME ║
╟─────────────────────────────┼──────────────╢
║ Version │ 15.0.35.1879 ║
╟─────────────────────────────┼──────────────╢
║ Release │ Production ║
╟─────────────────────────────┼──────────────╢
║ Type │ Extracted ║
╟─────────────────────────────┼──────────────╢
║ SKU │ Consumer LP ║
╟─────────────────────────────┼──────────────╢
║ Chipset │ TGP-LP B ║
╟─────────────────────────────┼──────────────╢
║ TCB Security Version Number │ 1 ║
╟─────────────────────────────┼──────────────╢
║ ARB Security Version Number │ 4 ║
╟─────────────────────────────┼──────────────╢
║ Version Control Number │ 26 ║
╟─────────────────────────────┼──────────────╢
║ Production Ready │ Yes ║
╟─────────────────────────────┼──────────────╢
║ OEM Configuration │ No ║
╟─────────────────────────────┼──────────────╢
║ FWUpdate Support │ Yes ║
╟─────────────────────────────┼──────────────╢
║ Date │ 2021-06-23 ║
╟─────────────────────────────┼──────────────╢
║ File System State │ Unconfigured ║
╟─────────────────────────────┼──────────────╢
║ Size │ 0x322000 ║
╟─────────────────────────────┼──────────────╢
║ Flash Image Tool │ 15.0.30.1716 ║
╟─────────────────────────────┼──────────────╢
║ Latest │ Yes ║
╚═════════════════════════════╧══════════════╝
╔═════════════════════════════════════════════╗
║ Power Management Controller ║
╟─────────────────────────────┬───────────────╢
║ Family │ PMC ║
╟─────────────────────────────┼───────────────╢
║ Version │ 150.1.20.1036 ║
╟─────────────────────────────┼───────────────╢
║ Release │ Production ║
╟─────────────────────────────┼───────────────╢
║ Type │ Independent ║
╟─────────────────────────────┼───────────────╢
║ Chipset SKU │ LP ║
╟─────────────────────────────┼───────────────╢
║ Chipset Stepping │ C ║
╟─────────────────────────────┼───────────────╢
║ TCB Security Version Number │ 0 ║
╟─────────────────────────────┼───────────────╢
║ ARB Security Version Number │ 0 ║
╟─────────────────────────────┼───────────────╢
║ Version Control Number │ 0 ║
╟─────────────────────────────┼───────────────╢
║ Production Ready │ Yes ║
╟─────────────────────────────┼───────────────╢
║ Date │ 2021-03-16 ║
╟─────────────────────────────┼───────────────╢
║ Size │ 0x26000 ║
╟─────────────────────────────┼───────────────╢
║ Manifest Extension Utility │ 15.0.0.1282 ║
╟─────────────────────────────┼───────────────╢
║ Chipset Support │ TGP ║
╟─────────────────────────────┼───────────────╢
║ Latest │ Yes ║
╚═════════════════════════════╧═══════════════╝
╔════════════════════════════════════════════╗
║ Platform Controller Hub Configuration ║
╟─────────────────────────────┬──────────────╢
║ Family │ PCHC ║
╟─────────────────────────────┼──────────────╢
║ Version │ 15.0.0.1021 ║
╟─────────────────────────────┼──────────────╢
║ Release │ Production ║
╟─────────────────────────────┼──────────────╢
║ Type │ Independent ║
╟─────────────────────────────┼──────────────╢
║ TCB Security Version Number │ 0 ║
╟─────────────────────────────┼──────────────╢
║ ARB Security Version Number │ 0 ║
╟─────────────────────────────┼──────────────╢
║ Version Control Number │ 0 ║
╟─────────────────────────────┼──────────────╢
║ Production Ready │ Yes ║
╟─────────────────────────────┼──────────────╢
║ Date │ 2021-04-28 ║
╟─────────────────────────────┼──────────────╢
║ Size │ 0x1000 ║
╟─────────────────────────────┼──────────────╢
║ Manifest Extension Utility │ 15.0.30.1716 ║
╟─────────────────────────────┼──────────────╢
║ Chipset Support │ TGP ║
╟─────────────────────────────┼──────────────╢
║ Latest │ Yes ║
╚═════════════════════════════╧══════════════╝

Warning: Detected additional EFS Data Buffer contents, wrong EFST!

Note: File is missing optional Firmware 4K alignment padding!


Is this FWUpdate.bin (see attachment) useable or have I messed up somewhere?

Thank you very much for your time and support! :slight_smile:

FWUpdate.zip (1.81 MB)


It is fine.





Okay, thank you very much

@FrozenLord

First of all thank you for reading the guide at the first post carefully. Nice work. The FWUpdate image is proper for your system (w/o PHY as it is not obligatory to include it for FWUpdate tool use at CSME 15.0 LP). The EFST warning is related to changes Intel made at 15.0.35+ firmware which requires us to find a newer Flash Image Tool, grab the EFS Table and update MEA. However, that does not affect any FWUpdate tool functionality so you have nothing to worry about. The padding note can be safely ignored. Once you’re done, please post a newer MEInfo -verbose report to verify that everything worked correctly.

Thank you very much for the quick response :slight_smile:
The file flashed just fine and after a reboot, the verbose output of MEInfo looks like this:

Intel (R) ME Info Version: 15.0.30.1716
Copyright (C) 2005 - 2021, Intel Corporation. All rights reserved.

General FW Information

Platform Type Mobile
FW Image Type Production
Last ME Reset Reason Global system reset
BIOS Boot State Post Boot
Boot Critical Code Redundancy Disabled
Current Boot Partition 1
Factory Defaults Recovery Status Enabled
Firmware Update OEM ID 00000000-0000-0000-0000-000000000000
TCSS FW partial update Disabled
Crypto HW Support Enabled
Intel(R) ISH Power State Disabled
OEM Tag 0x00
FW Update State Enabled
TLS State Enabled
CSME Measured Boot to TPM Disabled
BIOS Recovery State Disabled

Intel(R) ME Code Versions
BIOS Version 1AWHY8.51
MEI Driver Version 2108.100.0.1053
FW Version 15.0.35.1879 LP Consumer
LMS Version 2117.0.1.0

IUPs Information
PMC FW Version 150.1.20.1036
OEM FW Version 0.0.0.0000
IUNT FW Version 0.5.1.1192
IOM FW Version 17.16.0.0000
NPHY FW Version 11.221.209.0221
TBT FW Version 14.0.0.3401
PCHC FW Version 15.0.0.1021

PCH Information
PCH Name TGL
PCH Device ID A082
PCH Revision ID B0
PCH SKU Type Production PRQ Revenue
PCH Replacement State Disabled
PCH Replaceable Counter 0
PCH Unlocked State Disabled

Transactional FW Information
Original image type Consumer
Current sku type Consumer

Flash Information
Storage Device Type SPI
SPI Flash ID 1 C22018
RPMC Unsupported
RPMC Bind Counter 0
RPMC Bind Status Pre-bind
RPMC Rebind Unsupported
RPMC Replay Protection Max Rebind 1
BIOS Read Access 0xFFFF
BIOS Write Access 0xFFFF
GBE Read Access 0xFFFF
GBE Write Access 0xFFFF
ME Read Access 0xFFFF
ME Write Access 0xFFFF
EC Read Access 0xFFFF
EC Write Access 0xFFFF

FW Capabilities 0x31319200
Intel(R) Protected Audio Video Path Present/Enabled
Intel(R) Dynamic Application Loader Present/Enabled
Intel(R) Platform Trust Technology Present/Enabled
Persistent RTC and Memory Present/Enabled

End Of Manufacturing
NVAR Configuration State Unlocked
EOM Settings Lock(Flash,Config)
HW Binding State Enabled
Flash Protection Mode Unprotected
FPF Committed No

Trusted Device Setup

Intel(R) Protected Audio Video Path
Widevine provisioning state Not Provisioned
Attestation KeyBox Not Provisioned
PAVP State Yes

Security Version Numbers
Trusted Computing Base SVN 1

Anti Rollback SVNs
PMC 0 [minimum allowed: 0]
CSE 4 [minimum allowed: 0]
ROT KM 0 [minimum allowed: 0]
IDLM 0 [minimum allowed: 0]
OEM KM 0 [minimum allowed: 0]

HW Glitch Detection 0x08
TRC Polarity Rising Trans
TRC Mode Full-cycle polarity trans
TRC State Disabled

Intel(R) Platform Trust Technology
Intel(R) PTT initial power-up state Enabled
Intel(R) PTT State Enabled
SMx State Enabled
RSA1K Support Enabled

FW Supported FPFs FPF UEP
*In Use
— —
1st OEM Key Hash Revoked Not set Disabled
1st OEM Key Hash size Not set Enabled
1st OEM RSA Key size Not set Enabled
2nd OEM Key Hash Revoked Not set Disabled
2nd OEM Key Hash size Not set Enabled
2nd OEM RSA Key size Not set Disabled
BSMM Anti Rollback Not set Enabled
DAL OEM Signing Not set Disabled
DNX Anti Rollback Not set Enabled
EOM Flow Not set Flexible
Error Enforcement Policy 0 Not set Disabled
Error Enforcement Policy 1 Not set Disabled
Flash Descriptor Verification Not set Disabled
Glitch Detection Disabled Not set Enabled
Glitch Detection Enabled Not set Disabled
IDLM Anti Rollback Not set Enabled
Intel PTT Encryption Key Not set Not Revoked
Intel(R) Manageability HW Fuse Status Not set Enabled
Intel(R) PTT Not set Enabled
OEM ID Not set 0x00
OEM KM Anti Rollback Not set Enabled
OEM Key Manifest Not set Enabled
OEM Key Revocation State Not set Disabled
OEM Platform ID Not set 0x00
OEM Secure Boot Policy Not set 0x40
CPU Debugging Not set Enabled
BSP Initialization Not set Enabled
Protect BIOS Environment Not set Disabled
Measured Boot Not set Disabled
Verified Boot Not set Disabled
Key Manifest ID Not set 0x01
Force Boot Guard ACM Not set Disabled
OEM key Hash RSA key size Not set Enabled
PID Refurbish Counter Not set 0x00
PMC Anti Rollback Not set Enabled
PTT Lockout Override Counter Not set 0x00
Persistent PRTC Backup Power Not set Enabled
RBE Anti Rollback Not set Enabled
ROT Anti Rollback Not set Enabled
RPMB Monotonic Counters Not set 0x00
RPMC Rebinding Not set Disabled
RPMC Support Not set Disabled
SOC Config Lock State Not set Disabled
SPI Boot Source Not set Enabled
SPIRAL CPU Not set Disabled
Secure boot KM Anti Rollback Not set Enabled
TXT Supported Not set Disabled
UFS Boot Source Not set Disabled
USB Port ID Not set 0x00
uCode Anti Rollback Not set Disabled

DNX SVN Not set 0x03
IDLM SVN Not set 0x00
OEM KM SVN Not set 0x00
PMC SVN Not set 0x00
ROT KM SVN Not set 0x00
Secure boot ACM SVN Not set 0x00
Secure boot BSMM SVN Not set 0x00
Secure boot KM SVN Not set 0x00
Ucode SVN Not set 0x00


1st OEM Public Key Hash FPF Not set
1st OEM Public Key Hash UEP 13436CC373E8DA121456A38D7862496C5F2EEDF86F2F443182706CD3E07CB1D9144DFAAA86D8C10059E170119F2E6D21
2nd OEM Public Key Hash FPF Not set
2nd OEM Public Key Hash UEP 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000

Hello,
can i upgrade FW for my Foxcoon c612 motherboard? Some cpus cannot run on this mb, when using es cpus it stuck at code 79. I try to upgrade the FW, but i didnot find any tools for it.
╔═══════════════════════════════════════════════════════════════╗
║ bios.bin (1/1) ║
╟──────────────────────────────────┬────────────────────────────╢
║ Family │ SPS ║
╟──────────────────────────────────┼────────────────────────────╢
║ Version │ 03.00.07.173 ║
╟──────────────────────────────────┼────────────────────────────╢
║ Release │ Production ║
╟──────────────────────────────────┼────────────────────────────╢
║ Type │ Extracted ║
╟──────────────────────────────────┼────────────────────────────╢
║ SKU │ GR ║
╟──────────────────────────────────┼────────────────────────────╢
║ Date │ 2015-05-28 ║
╟──────────────────────────────────┼────────────────────────────╢
║ Size │ 0x285000 ║
╟──────────────────────────────────┼────────────────────────────╢
║ Chipset Support │ Grantley ║
╚══════════════════════════════════╧════════════════════════════╝

@plutomaniac I’m sure this horse has been beaten before, but I haven’t found any real way to disable these features.

Specifically, Dynamic Application Loader (DAL), Capability Licensing Service (iCLS), and the LMS (Intel(R) Management and Security Application Local Management") software components.

All the research I’ve done points to these features being useless for a consumer, LMS seems to be features of AMT. I’m sure I’m not the only one that doesn’t like to see unnecessary devices with drivers and services running.

Are there any plain INFs that could install instead of a driver to get rid of the installed services?
Or is there a way to set these features as Not supported in the firmware?

If I am wrong about the purpose, i.e. they are required for functionality, correct me.

Thanks!



I second that enquiry, as I would like to get rid of as many of the integrated ME functionality as possible.


These drivers can be disabled with a stub, but all ME drivers will be disabled.

The driver supports chipsets:
PCI\VEN_8086&DEV_19D3Desc="Intel(R) Atom™ processor C3000 product family Management Engine Interface - 19D3"
PCI\VEN_8086&DEV_19D4Desc="Intel(R) Atom™ processor C3000 product family Management Engine Interface - 19D4"
PCI\VEN_8086&DEV_19D6Desc="Intel(R) Atom™ processor C3000 product family Management Engine Interface - 19D6"
PCI\VEN_8086&DEV_1C3ADesc="Intel(R) 6 Series/C200 Series Chipset Family Management Engine Interface - 1C3A"
PCI\VEN_8086&DEV_1C3BDesc="Intel(R) 6 Series/C200 Series Chipset Family Management Engine Interface - 1C3B"
PCI\VEN_8086&DEV_1D3ADesc="Intel(R) C600/X79 Series Management Engine Interface - 1D3A"
PCI\VEN_8086&DEV_1D3BDesc="Intel(R) C600/X79 Series Management Engine Interface - 1D3B"
PCI\VEN_8086&DEV_1E3ADesc="Intel(R) 7 Series/C216 Chipset Family Management Engine Interface - 1E3A"
PCI\VEN_8086&DEV_8C3ADesc="Intel(R) 8 Series/C220 Series Management Engine Interface - 8C3A"
PCI\VEN_8086&DEV_8C3BDesc="Intel(R) 8 Series/C220 Series Management Engine Interface - 8C3B"
PCI\VEN_8086&DEV_8CBADesc="Intel(R) 9 Series Chipset Family Mobile Management Engine Interface - 8CBA"
PCI\VEN_8086&DEV_8CBBDesc="Intel(R) 9 Series Chipset Family Mobile Management Engine Interface - 8CBB"
PCI\VEN_8086&DEV_8D3ADesc="Intel(R) C610 series/X99 Chipset Management Engine Interface - 8D3A"
PCI\VEN_8086&DEV_8D3BDesc="Intel(R) C610 series/X99 Chipset Management Engine Interface - 8D3B"
PCI\VEN_8086&DEV_9CBADesc="Mobile 5th Generation Intel(R) Core™ Management Engine Interface - 9CBA"
PCI\VEN_8086&DEV_9CBBDesc="Mobile 5th Generation Intel(R) Core™ Management Engine Interface - 9CBB"
PCI\VEN_8086&DEV_A13ADesc="Intel(R) 100 Series/C230 Series Chipset Family Management Engine Interface - A13A"
PCI\VEN_8086&DEV_A13BDesc="Intel(R) 100 Series/C230 Series Chipset Family Management Engine Interface - A13B"
PCI\VEN_8086&DEV_A13EDesc="Intel(R) 100 Series/C230 Series Chipset Family Management Engine Interface - A13E"
PCI\VEN_8086&DEV_A360Desc="Intel(R) Management Engine Interface - A360"
PCI\VEN_8086&DEV_A361Desc="Intel(R) Management Engine Interface - A361"
PCI\VEN_8086&DEV_A364Desc="Intel(R) Management Engine Interface - A364"
PCI\VEN_8086&DEV_A365Desc="Intel(R) Management Engine Interface - A365"
PCI\VEN_8086&DEV_A3BADesc="Intel(R) CSME: HECI #1 - A3BA"
PCI\VEN_8086&DEV_A3BBDesc="Intel(R) CSME: HECI #2 - A3BB"
PCI\VEN_8086&DEV_A3BEDesc="Intel(R) CSME: HECI #3 - A3BE"
PCI\VEN_8086&DEV_43E0Desc="Intel(R) HECI #1 - 43E0"
PCI\VEN_8086&DEV_43E1Desc="Intel(R) HECI #2 - 43E1"
PCI\VEN_8086&DEV_43E4Desc="Intel(R) HECI #3 - 43E4"
PCI\VEN_8086&DEV_43E5Desc="Intel(R) HECI #4 - 43E5"

NULL_HECI.zip (7.94 KB)

MEI Driver v2120.100.0.1085 (Windows 10 >= 1709)



What’s new since last version?

The MEI 2130.16.0.2387 driver has been released.
In this release, the LMS driver declaration is moved to another SOL_LMS_Extension driver. In this regard, the installation of the LMS driver is not necessary on most systems.

@plutomaniac :

What about the attached Intel MEI driver v2124.100.0.1096 dated 06/07/2021?
I have extracted it from the latest Intel MEI Drivers & Software Set v2130.16.0.2387 dated 07/21/2021.

pure Intel MEI Drivers v2124.100.0.1096 (Win10).rar (230 KB)