PMC 150.1.20.1042 Prod Indep LP C TGP.bin.zip (90.5 KB)
Has a date 2022-11-04, but I don’t see a hint in the forum and it’s not in the database of MEA?
EDIT
Had a closer look and it seems it has been added in DB r309 already and is in the linked repo in #1. This one is marked as new because of a slightly different date (2 days younger) and a different RSA signature.
Yeah, the only difference is those 2 days and the RSA signature of course. Identical otherwise. This was happening often with TGP stuff, including IUPs. My guess is that they released different system tool kits for TGP-based PCH/SoCs and would (stupidly) recompile the same firmware with slightly different dates. Anyway, they are the same.
Hi. How are folks building stitched CSME 15 LP firmwares? Getting a consistent run error:
Decomposed SKU Value: “Intel(R) Tigerlake LP Refresh C0 Chipset - TGP-LP-C0 Premium U”.
Start Building Image
Executing pre-build actions
Warning: CSE FW version: 15.0.49.2573 is not the same as the FIT version: 15.0.35.1951
If pre-locking is not set, closemnf will revert back master access settings to ‘golden master access settings’. To set master access post locking, use -CLOSEMNF command of the Intel(R) Flash Programming Tool (FPT).
Error 237: [Ifwi Actions] Failed to load input file. IO Manageability Engine Binary File: Empty file path
Error 20: [Csme Binary Gen] Error executing pre-build actions.
Error 2: Failed to build.
Failed to build!
The de-compiled IomOemConfigDataFile.bin is at 0KB. The CSME v12 instructions include a couple extra steps, but I don’t think they apply for 15. Thanks
Edit: Updated Intel(R) Tigerlake LP Refresh C0 Chipset to Intel(R) Tigerlake LP Refresh C0 Chipset, but still getting the same error/result.
Too little information. Do you want to build an firmware update or do you want to build a region in a complete firmware image?
Do you have the MEA output for your existing firmware? / What machine?
Whats the issue with the one that is linked in this section?
B1. (Converged Security) Management Engine - (CS)ME
CSME 12.0 CON LP C v12.0.92.2145.rar
I’m just trying to create a stitched ME firmware, like you and others are doing, and that should be achievable, regardless of my machine, as long as I’ve got the correct CSME FIT (CSME System Tools v15.0 r15 is good), ME firmware, PCHC.bin, and PMC.bin. PHY shouldn’t be needed.
It’s weird that the FIT 15 program changes the chipset to tigerlake LP Refresh C0 from LP B0. When I change it back, I’m getting the error. If I leave it at Refresh C0, I’m getting the error.
I am glad that you asked me to run the MEA program, though, because I’m getting the dreaded “Impossible” FWUpdate Support. This does make sense, because when I updated the Dell Latitute 5320 firmware update, the Dell program updates the Corp ME, looks to update the Consumer ME but doesn’t, and then I get another “off” MEInfo run.
It’s a strange setup, for sure. If I extract the downloaded Dell bios update, there’s a corporate and consumer ME bin, and I guess that makes sense, even though the Dell update program looks first to update both. The weirdess is the MEA vs. the MEInfo. MEA says Corporate LP. MEInfo says LP Consumer.
The “Impossible” makes this a mute point, but I should be able to stitch, regardless, but FIT is choking.
Thanks. See the attached
MEA and MEInfo.zip (3.9 KB)
To be a bit clearer, FIT opens up with Intel(R) Tigerlake LP B0 Chipset. When I pull over the 15.0.49.2573_CON_LP_B_PRD_EXTR_9FF3F390.bin, FIT changes to Intel(R) Tigerlake LP Refresh C0 Chipset. That seems strange, although I can change the dropdown menu back.
I may make a run at stitching an H chipset just for fun.
Microsoft Windows [Version 10.0.19045.4651]
(c) Microsoft Corporation. All rights reserved.
C:\Users\chris\Downloads\CSME System Tools v15.0 r15\MEInfo\WIN64>MEInfoWin64
Intel (R) ME Info Version: 15.0.41.2142
Copyright (C) 2005 - 2022, Intel Corporation. All rights reserved.
Platform Type Mobile
FW Image Type Production
Last ME Reset Reason Other
BIOS Boot State Post Boot
Boot Critical Code Redundancy Enabled
Current Boot Partition 1
Factory Defaults Restoration Status Disabled
Factory Defaults Recovery Status Enabled
Firmware Update OEM ID 68853622-EED3-4E83-8A86-6CDE315F6B78
TCSS FW partial update Disabled
Camera privacy feature control disabled Unknown
Crypto HW Support Enabled
Intel(R) ISH Power State Enabled
OEM Tag 0x00
FW Update State Enabled
TLS State Enabled
CSME Measured Boot to TPM Enabled
BIOS Recovery State Enabled
Intel(R) ME Code Versions
BIOS Version 1.38.0
MEBx Version 15.0.0.0004
MEI Driver Version 2407.6.1.0
FW Version 15.0.47.2521 LP Consumer
LMS Version Not Installed
IUPs Information
PMC FW Version 150.1.20.1041
OEM FW Version 0.0.0.0000
ISHC FW Version 54.1.4479.0008
LOCL FW Version 15.0.47.2521
WCOD FW Version 15.0.47.2521
IOM FW Version 17.24.0.0000
NPHY FW Version 11.225.276.2043
TBT FW Version 15.0.0.4801
PCHC FW Version 15.0.0.1021
PCH Information
PCH Name TGL
PCH Device ID A082
PCH Revision ID B0
PCH SKU Type Production PRQ Revenue
PCH Replacement State Disabled
PCH Replaceable Counter 0
PCH Unlocked State Disabled
Transactional FW Information
Original image type Corporate
Current sku type Consumer
Flash Information
Storage Device Type SPI
SPI Flash ID 1 C84019
RPMC Supported
RPMC Bind Counter 1
RPMC Bind Status Post-bind
RPMC Rebind Supported
RPMC Replay Protection Max Rebind 15
BIOS Read Access 0x000F
BIOS Write Access 0x000A
GBE Read Access 0x0009
GBE Write Access 0x0008
ME Read Access 0x000D
ME Write Access 0x0004
EC Read Access 0x0101
EC Write Access 0x0100
FW Capabilities 0x31311600
Intel(R) Protected Audio Video Path Present/Enabled
Intel(R) Dynamic Application Loader Present/Enabled
Intel(R) Platform Trust Technology Present/Disabled
End Of Manufacturing
NVAR Configuration State Locked
EOM Settings Lock(Flash,Config)
HW Binding State Enabled
Flash Protection Mode Protected
FPF Committed Yes
Intel(R) Active Management Technology
Intel(R) AMT State in FW Present/Disabled
Auto-BIST State Enabled
Localized Language English
Wireless C-Link Status Enabled
Intel(R) SMLink0 MCTP Address Unknown
Intel(R) Manageability HW Status Disabled
Discrete vPro NIC on-board State Disabled
On Board Discrete vPro NIC SMBus address 0x00
vPRO TBT Dock State Disabled
On dock vPro NIC SMBus address 0x00
Thunderbolt Port1 SMBus Address 0x20
Thunderbolt Port2 SMBus Address 0x21
Thunderbolt Port3 SMBus Address 0x22
Thunderbolt Port4 SMBus Address 0x23
AMT Global State Enabled
Redirection Privacy / Security Level Default
Intel(R) Trusted Device Setup
Signing Policy Seal Signing Required
Reseal Timeout 0x06
Seal State Disabled
Trusted Device Setup Supported Disabled
Intel(R) Protected Audio Video Path
Widevine provisioning state Not Provisioned
Attestation KeyBox Not Provisioned
PAVP State Yes
Security Version Numbers
Trusted Computing Base SVN 1
Anti Rollback SVNs
PMC 0 [minimum allowed: 0]
CSE 6 [minimum allowed: 0]
ROT KM 0 [minimum allowed: 0]
IDLM 0 [minimum allowed: 0]
SECURE BOOT BSMM 0 [minimum allowed: 0]
OEM KM 0 [minimum allowed: 0]
SECURE BOOT KM 0 [minimum allowed: 0]
SECURE BOOT ACM 2 [minimum allowed: 0]
HW Glitch Detection 0x08
TRC Polarity Rising Trans
TRC Mode Full-cycle polarity trans
TRC State Disabled
Intel(R) Unique Platform ID
UPID supported Disabled
Intel(R) Platform Trust Technology
Intel(R) PTT initial power-up state Disabled
Intel(R) PTT State Disabled
SMx State Disabled
RSA1K Support Disabled
FW Supported FPFs FPF UEP
*In Use
— —
1st OEM Key Hash Revoked Disabled Disabled
1st OEM Key Hash size Enabled Enabled
1st OEM RSA Key size Enabled Enabled
2nd OEM Key Hash Revoked Disabled Disabled
2nd OEM Key Hash size Enabled Enabled
2nd OEM RSA Key size Disabled Disabled
BSMM Anti Rollback Enabled Enabled
DAL OEM Signing Disabled Disabled
DNX Anti Rollback Enabled Enabled
EOM Flow Full Flexible
Error Enforcement Policy 0 Enabled Enabled
Error Enforcement Policy 1 Enabled Enabled
Flash Descriptor Verification Disabled Disabled
Glitch Detection Disabled Enabled Enabled
Glitch Detection Enabled Disabled Disabled
IDLM Anti Rollback Enabled Enabled
Intel PTT Encryption Key Not Revoked Not Revoked
Intel(R) Manageability HW Fuse Status Enabled Enabled
Intel(R) PTT Enabled Enabled
OEM ID 0x00 0x00
OEM KM Anti Rollback Enabled Enabled
OEM Key Manifest Enabled Enabled
OEM Key Revocation State Disabled Disabled
OEM Platform ID 0x00 0x00
OEM Secure Boot Policy 0x3F9 0x3F9
CPU Debugging Enabled Enabled
BSP Initialization Enabled Enabled
Protect BIOS Environment Enabled Enabled
Measured Boot Enabled Enabled
Verified Boot Enabled Enabled
Key Manifest ID 0x0F 0x0F
Force Boot Guard ACM Enabled Enabled
OEM key Hash RSA key size Enabled Enabled
PID Refurbish Counter 0x00 0x00
PMC Anti Rollback Enabled Enabled
PTT Lockout Override Counter 0x00 0x00
Persistent PRTC Backup Power Disabled Disabled
RBE Anti Rollback Enabled Enabled
ROT Anti Rollback Enabled Enabled
RPMB Monotonic Counters 0x00 0x00
RPMC Rebinding Enabled Enabled
RPMC Support Enabled Enabled
SOC Config Lock State Enabled Disabled
SPI Boot Source Enabled Enabled
SPIRAL CPU Disabled Disabled
Secure boot KM Anti Rollback Enabled Enabled
TXT Supported Enabled Enabled
UFS Boot Source Disabled Disabled
USB Port ID 0x00 0x00
uCode Anti Rollback Disabled Disabled
DNX SVN 0x03 0x00
IDLM SVN 0x00 0x00
OEM KM SVN 0x00 0x00
PMC SVN 0x00 0x00
ROT KM SVN 0x00 0x00
Secure boot ACM SVN 0x00 0x00
Secure boot BSMM SVN 0x00 0x00
Secure boot KM SVN 0x00 0x00
Ucode SVN 0x00 0x00
1st OEM Public Key Hash FPF CEC5BBA33899D87B16D38581F3DB0DBF5920F6094074437A94DD6756CEC56923D3747EE0ACE7F56E0577B97592C84096
1st OEM Public Key Hash UEP CEC5BBA33899D87B16D38581F3DB0DBF5920F6094074437A94DD6756CEC56923D3747EE0ACE7F56E0577B97592C84096
2nd OEM Public Key Hash FPF 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
2nd OEM Public Key Hash UEP 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
C:\Users\chris\Downloads\CSME System Tools v15.0 r15\MEInfo\WIN64>
All FIT versions behave a little different. Most lazy way in your case (if it’s really a Dell 5320):
Click Build Image For Fw Update
This is what you get:
FWUpdate.zip (6.4 MB)
(Added some lines FF to get rid of “Note: File is missing optional Firmware 4K alignment padding!”)
Unclear if this helps?
The firmware versions might be designed to for newer chipset even if you have an older chipset, I assume this might be more relevant for building complete images. Then you do more chipset revision dependant things since you configure PCH register settings located in FD, too.
The ‘update impossible’ message might not be so relevant. For ME 14 FwUpdate- images without PHY always are classified ‘FwUpdate Support: Impossible’ but they will work just fine for machines which were originally 14.0 and never had a PHY.
lfb6, many thanks. This answers a lot of my “weirdness” questions, and is really a great post for CSME 15 application.
Your “Added some lines FF” is in line with the MEA run for the Station Drivers Intel Management Engine (ME/AMT) Firmware Version 15.0.49.2573 (LP)(1.5Mo) post.
I was kind of hoping I missed something in applying the How to use FWUpdate Tool at CSME v13+ application, but that’s not the case - I tried using the older firmware to match the FIT. CSME 15 is a special case - at least for the LP chipsets. I haven’t tried the H chipsets yet.
Edit: The Station Drivers CON stitched firmware applies PMC version 150.1.20.1041. I’m not sure if applying MC version 150.1.20.1042 would be problematic or not, but I would probably play it safe and apply 1041.
I’m going to wait this out until Dell publishes an updated firmware, since they are still supporting this computer, but thanks again for this. Really helpful.
I don’t think this makes a large difference. In addition there might be a slightly newer PHY N version TGP_N_11.225.284.2044
Be aware the stations drivers version and the dell version have different PHY N main versions
Unfortunately plutomaniac stopped updating this thread / working with the ME structure- you can see in the matrix in the first post that there’s no PHY for 15.0 TGP LP, but there’s definitely N11 and N16…
The uploads at stations drivers are often just pulled from a specific machine. Since there’s only code partitions that get transfered/ updated this isn’t a problem as long as the elements of the update fit. The one from station drivers is from an a little cryptic chinese Lenovo update
I actually have noe idea what would happen if you updated your machine with a PHY N 16.*
CSE ME 15.20.15.1863 Production Extracted Slim H EBG-H A
PMC 01.32.0.0 Production Independent H A CNP
PCHC 15.20.0.1001 Production Independent Unknown
HP Desktop Workstation U60 Family
15.20.15.1863.bin.zip (3.7 MB)
lfb6, your directions worked well. The only issue is that I first got the following error:
Error 172: [Fit Actions] File Path could not be resolved Region: BiosRegionData File:
Error 228: [Ifwi Actions] Failed to calculate boot partition sizes. Failed to calculate regions size.
Error 20: [Csme Binary Gen] Error executing pre-build actions.
Error 2: Failed to build.
So I had to insert the ME Sub Partition.bin (Binary Bios) File from the decompiled 1 Latitude_5320_1.38.0 – 3 Intel Management Engine Consumer Firmware Update v15.0.47.2521 folder (it would not build proper using the same from the decompiled 1 Latitude_5320_1.38.0 – 2 Intel Management Engine Corporate Firmware Update v15.0.47.2521 folder - don’t think that’s an issue).
It doesn’t look like your FWUpdate.bin pulled in the BIOS Binary File., so yours is smaller. When my build was completed, I was left with the attached outimage.bin in Flash Image Tool\WIN32 and CSE Region.bin in Flash Image Tool\WIN32\Int. I’m assuming I’d use the outimage.bin file to flash, even though it’s bigger that yours. Is there an issue using mine with the included BIOS Binary File.
I’m not including the CSE Region.bin file. It’s 13.0 MB (13,643,776 bytes).
Thanks again. Doing it made me understand why you did it the way you did.
zip file.zip (6.5 MB)
I don’t understand that file? It’s an firmware image with an FD, an ME region and an unstructured thing that’s called bios region but contains ME stuff?
Don’t use this!
Yep. My issue is still the FIT program itself. The attached is the CSE Region, that was in the Flash Image Tool\WIN32\Int folder. I can’t throw it into FIT, like I can with yours.
I’m going to try using an older FIT that’s close to the version used by Dell, but I’ve got the same FIT application problem I had at the beginning.
CSE Region.zip (4.7 MB)
Again:
All my earlier answers were intended for building an update binary
CSE ME 12.0.95.2489 Prod Extr ConsLP CNP_CMP-LP C.bin.zip (1.6 MB)
CSE ME 12.0.95.2489 Prod Extr CorpLP CNP_CMP-LP C.bin.zip (5.6 MB)
CSE ME 11.8.96.4657 Prod CorpH KBP BSF GCF-H A_SPT-H D.bin.zip (4.2 MB)
i’ve no idea to find the link, please send me direct link please, thanks
