This tools removes any unnecessary partition from an Intel ME firmware, reducing its size and its ability to interact with the system. It should work both with Coreboot and with the factory BIOS.
https://github.com/corna/me_cleaner
@plutomaniac or @Fernando can you tell us something about this “tool”?
As you may know, Intel ME is flawed with many securities issues:
https://newsroom.intel.com/news/importan…ility-firmware/
https://www.blackhat.com/eu-17/briefings…ent-engine-8668
https://www.bleepingcomputer.com/news/ha…code-execution/
TL;DR: Every Intel PC since 2008 runs a completely independent computer in your computer, and as long as you are connected on the Internet, a bad guy can take complete and unlimited control of your PC, even if it’s powered down, and you can’t do or see anything because it’s running outside of the OS.
Only solution: neutralize the part in the ME firmware that is responsible of that (or disconnect from the Net).
Now the good news: there is a method to disable the ME, and/or clean as much as possible of it.
About ME Disable Bit:
http://blog.ptsecurity.com/2017/08/disabling-intel-me.html
https://news.ycombinator.com/item?id=15444607
https://www.bleepingcomputer.com/news/ha…esy-of-the-nsa/
http://www.zdnet.com/article/researchers…e-switched-off/
Here is a guide to apply the cleaning/disabling of the ME then flashing it:
https://github.com/corna/me_cleaner/wiki…pply-me_cleaner
Short guide for Windows:
- Install Python and download me_cleaner
- Dump your BIOS (covered in many guides in this forum)
- Copy your dumped BIOS and me_cleaner.py in a folder of your choice
- Run one of the following command:
To just set the MeAltDisable bit: python me_cleaner.py -O -s clean_bios.bin dumped_bios.bin
To clean the ME: python me_cleaner.py -O clean_bios.bin dumped_bios.bin
To clean the ME and set the MeAltDisable bit: python me_cleaner.py -O -S clean_bios.bin dumped_bios.bin
Depending of your motherboard, a method may work but not the other, so I advice you to try all three.
Your BIOS file is now ready to be flashed, your can either flash it with any method to flash a modded BIOS (not recommended), or use a SPI programmer (2€ on eBay). The latter is highly recommended, because if anything goes bad you can easily restore the original BIOS or try an other method.
I also suggest to buy a spare BIOS chip on eBay, (especially if you don’t use a SPI programmer) they are very cheap, and if something gone bad you have a backup.
Update:
Neuter Intel ME with me_cleaner
Thanks to the work by the me_cleaner team!
Basic steps are
Obtain a copy of me_cleaner from Github
Install python, if not already installed
Dump BIOS firmware with SPI flash reader
Clean the image with the command python me_cleaner.py -S -O modified_image.bin original_dump.bin
Flash modified image
Check status of Intel ME with MEInfoWin.exe in Windows or intelmetool in Linux
Obtaining a Copy of me_cleaner
Run git clone https://github.com/corna/me_cleaner.git [desired location]
Alternatively download straight from the project page
Dump BIOS
For this you will require
Some SPI programmer with drivers - I used a $3 CH341a USB-SPI programmer
A SOIC-8/SOP-8 test clip
Some jumper cables to connect the clip to the programmer
Flashrom installed
Some patience
Assuming you have the above we can then connected the programmer to the BIOS chip.
Disconnect the battery and AC from the laptop
Locate the BIOS chip on the motherboard directly right of the Expresscard cover
Connect the chip to the programmer as per below
For Linux run sudo flashrom -r original.bin -p ch341a_spi -c "MX25L6436E/MX25L6445E/MX25L6465E/MX25L6473E"For Windows follow the GUI
An example output is shown at the bottom of the post
Run again and make sure MD5 hashes match
Notes
You may need to change the chip model depending on your motherboard
If flashrom says it cannot detect any chips, check your wiring and clip connection
Clean the Image
Run the command python me_cleaner.py -S -O modified_image.bin original_dump.bin
An example output is shown at the bottom of the post
-O specifies output filename
-S neuters the Intel ME firmware and sets the High Assurance Program (HAP) bit
-s leaves the firmware intact but sets the HAP bit
Read the readme for more details
Flash Modified Image
For Linux run sudo flashrom -w modified_image.bin -p ch341a_spi -c "MX25L6436E/MX25L6445E/MX25L6465E/MX25L6473E"For Windows follow the GUI
An example output is shown at the bottom of the post
With luck flashrom will say “VERIFIED” meaning that the firmware was flashed successfully.
Check Status of Intel ME
For Linux
Install intelmetool
Add iomem=relaxed to kernel commandline to /etc/default/grub
Rebuild grub using sudo update-grub
Reboot
Run sudo rmmod mei_me; sudo rmmod mei; sudo intelmetool -S
Check what the output means here
For Window
Obtain MEInfoWin.exe tool via Intel ME firmware update extracted files
Run MEInfoWin.exe with admin privileges
Congratulations!
Now your system is mostly free of Intel ME!
Log Dumps
[arch@x220b me_cleaner-master]$ sudo flashrom -r original.bin -p ch341a_spi -c "MX25L6436E/MX25L6445E/MX25L6465E/MX25L6473E"
flashrom v1.0 on Linux 4.18.9-arch1-1-ARCH (x86_64)
flashrom is free software, get the source code at https://flashrom.org
flashrom was built with libpci 3.5.6, GCC 7.2.1 20171224, little endian
Command line (7 args): flashrom -r original.bin -V -p ch341a_spi -c MX25L6436E/MX25L6445E/MX25L6465E/MX25L6473E
Using clock_gettime for delay loops (clk_id: 1, resolution: 1ns).
Initializing ch341a_spi programmer
Device revision is 3.0.4
The following protocols are supported: SPI.
Probing for Macronix MX25L6436E/MX25L6445E/MX25L6465E/MX25L6473E, 8192 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2017
Found Macronix flash chip “MX25L6436E/MX25L6445E/MX25L6465E/MX25L6473E” (8192 kB, SPI) on ch341a_spi.
Chip status register is 0x00.
Chip status register: Status Register Write Disable (SRWD, SRP, …) is not set
Chip status register: Bit 6 is not set
Chip status register: Block Protect 3 (BP3) is not set
Chip status register: Block Protect 2 (BP2) is not set
Chip status register: Block Protect 1 (BP1) is not set
Chip status register: Block Protect 0 (BP0) is not set
Chip status register: Write Enable Latch (WEL) is not set
Chip status register: Write In Progress (WIP/BUSY) is not set
This chip may contain one-time programmable memory. flashrom cannot read
and may never be able to write it, hence it may not be able to completely
clone the contents of this chip (see man page for details).
Reading flash… done.
[arch@x220b me_cleaner-master]$ sudo flashrom -r original1.bin -p ch341a_spi -c "MX25L6436E/MX25L6445E/MX25L6465E/MX25L6473E"
flashrom v1.0 on Linux 4.18.9-arch1-1-ARCH (x86_64)
flashrom is free software, get the source code at https://flashrom.org
flashrom was built with libpci 3.5.6, GCC 7.2.1 20171224, little endian
Command line (7 args): flashrom -r original1.bin -V -p ch341a_spi -c MX25L6436E/MX25L6445E/MX25L6465E/MX25L6473E
Using clock_gettime for delay loops (clk_id: 1, resolution: 1ns).
Initializing ch341a_spi programmer
Device revision is 3.0.4
The following protocols are supported: SPI.
Probing for Macronix MX25L6436E/MX25L6445E/MX25L6465E/MX25L6473E, 8192 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2017
Found Macronix flash chip “MX25L6436E/MX25L6445E/MX25L6465E/MX25L6473E” (8192 kB, SPI) on ch341a_spi.
Chip status register is 0x00.
Chip status register: Status Register Write Disable (SRWD, SRP, …) is not set
Chip status register: Bit 6 is not set
Chip status register: Block Protect 3 (BP3) is not set
Chip status register: Block Protect 2 (BP2) is not set
Chip status register: Block Protect 1 (BP1) is not set
Chip status register: Block Protect 0 (BP0) is not set
Chip status register: Write Enable Latch (WEL) is not set
Chip status register: Write In Progress (WIP/BUSY) is not set
This chip may contain one-time programmable memory. flashrom cannot read
and may never be able to write it, hence it may not be able to completely
clone the contents of this chip (see man page for details).
Reading flash… done.
[arch@x220b me_cleaner-master]$ md5sum original.bin original1.bin
d039e30faa8411fae705df2701cabbc5 original.bin
d039e30faa8411fae705df2701cabbc5 original1.bin
[arch@x220b me_cleaner-master]$ python me_cleaner.py original.bin -O mecleaned.bin -S
Full image detected
Found FPT header at 0x3010
Found 19 partition(s)
Found FTPR header: FTPR partition spans from 0xcc000 to 0x142000
ME/TXE firmware version 7.1.91.3272 (generation 2)
Public key match: Intel ME, firmware versions 7.x.x.x, 8.x.x.x
The AltMeDisable bit is NOT SET
Reading partitions list…
FOVD (0x00000400 - 0x000001000, 0x00000c00 total bytes): removed
MDES (0x00001000 - 0x000002000, 0x00001000 total bytes): removed
FCRS (0x00002000 - 0x000003000, 0x00001000 total bytes): removed
EFFS (0x00003000 - 0x0000c7000, 0x000c4000 total bytes): removed
BIAL (NVRAM partition, no data, 0x0000adce total bytes): nothing to remove
BIEL (NVRAM partition, no data, 0x00003000 total bytes): nothing to remove
BIIS (NVRAM partition, no data, 0x00036000 total bytes): nothing to remove
NVCL (NVRAM partition, no data, 0x000095d9 total bytes): nothing to remove
NVCM (NVRAM partition, no data, 0x000036fc total bytes): nothing to remove
NVJC (NVRAM partition, no data, 0x00005000 total bytes): nothing to remove
NVKR (NVRAM partition, no data, 0x0000f650 total bytes): nothing to remove
NVOS (NVRAM partition, no data, 0x00035c3c total bytes): nothing to remove
NVQS (NVRAM partition, no data, 0x00000def total bytes): nothing to remove
NVSH (NVRAM partition, no data, 0x000056b7 total bytes): nothing to remove
NVTD (NVRAM partition, no data, 0x00001e44 total bytes): nothing to remove
PLDM (NVRAM partition, no data, 0x0000a000 total bytes): nothing to remove
GLUT (0x000c7000 - 0x0000cc000, 0x00005000 total bytes): removed
FTPR (0x000cc000 - 0x000142000, 0x00076000 total bytes): NOT removed
NFTP (0x00142000 - 0x0004fd000, 0x003bb000 total bytes): removed
Removing partition entries in FPT…
Removing EFFS presence flag…
Correcting checksum (0xed)…
Reading FTPR modules list…
UPDATE (LZMA , 0x110a5a - 0x110aec ): removed
BUP (Huffman, fragmented data, ~48 KiB ): NOT removed, essential
KERNEL (Huffman, fragmented data, ~122 KiB ): removed
POLICY (Huffman, fragmented data, ~86 KiB ): removed
HOSTCOMM (LZMA , 0x110aec - 0x116082 ): removed
RSA (LZMA , 0x116082 - 0x11ab3f ): removed
CLS (LZMA , 0x11ab3f - 0x11f551 ): removed
TDT (LZMA , 0x11f551 - 0x1256fc ): removed
FTCS (Huffman, fragmented data, ~15 KiB ): removed
The ME minimum size should be 921600 bytes (0xe1000 bytes)
The ME region can be reduced up to:
00003000:000e3fff me
Setting the AltMeDisable bit in PCHSTRP10 to disable Intel ME…
Checking the FTPR RSA signature… VALID
Done! Good luck!
[arch@x220b me_cleaner-master]$ sudo flashrom -w mecleaned.bin -p ch341a_spi -c “MX25L6436E/MX25L6445E/MX25L6465E/MX25L6473E”
flashrom v1.0 on Linux 4.18.9-arch1-1-ARCH (x86_64)
flashrom is free software, get the source code at https://flashrom.org
flashrom was built with libpci 3.5.6, GCC 7.2.1 20171224, little endian
Command line (7 args): flashrom -w mecleaned.bin -V -p ch341a_spi -c MX25L6436E/MX25L6445E/MX25L6465E/MX25L6473E
Using clock_gettime for delay loops (clk_id: 1, resolution: 1ns).
Initializing ch341a_spi programmer
Device revision is 3.0.4
The following protocols are supported: SPI.
Probing for Macronix MX25L6436E/MX25L6445E/MX25L6465E/MX25L6473E, 8192 kB: probe_spi_rdid_generic: id1 0xc2, id2 0x2017
Found Macronix flash chip “MX25L6436E/MX25L6445E/MX25L6465E/MX25L6473E” (8192 kB, SPI) on ch341a_spi.
Chip status register is 0x00.
Chip status register: Status Register Write Disable (SRWD, SRP, …) is not set
Chip status register: Bit 6 is not set
Chip status register: Block Protect 3 (BP3) is not set
Chip status register: Block Protect 2 (BP2) is not set
Chip status register: Block Protect 1 (BP1) is not set
Chip status register: Block Protect 0 (BP0) is not set
Chip status register: Write Enable Latch (WEL) is not set
Chip status register: Write In Progress (WIP/BUSY) is not set
This chip may contain one-time programmable memory. flashrom cannot read
and may never be able to write it, hence it may not be able to completely
clone the contents of this chip (see man page for details).
Reading old flash chip contents… done.
Erasing and writing flash chip… Trying erase function 0… Erase/write done.
Verifying flash… VERIFIED.
[arch@x220b ~]$ sudo intelmetool -S
Bad news, you have a QM67 Express Chipset Family LPC Controller
so you have ME hardware on board and it is very difficult to remove, continuing…
RCBA at 0xfed1c000
MEI was hidden on PCI, now unlocked
MEI found: [8086:1c3a] 6 Series/C200 Series Chipset Family MEI Controller #1
ME Status : 0x20191
ME Status 2 : 0x160a0000
ME: FW Partition Table : OK
ME: Bringup Loader Failure : NO
ME: Firmware Init Complete : NO
ME: Manufacturing Mode : YES
ME: Boot Options Present : NO
ME: Update In Progress : NO
ME: Current Working State : Initializing
ME: Current Operation State : Bring up
ME: Current Operation Mode : Debug
ME: Error Code : No Error
ME: Progress Phase : BUP Phase
ME: Power Management Event : Pseudo-global reset
ME: Progress Phase State : Check to see if straps say ME DISABLED
PCI READ [bc] : 0x000000bc
ME: Extend SHA-256: …
ME seems okay on this board
ME: failed to become ready
WRITE [00] : CB: 0x80040007
WRITE [00] : CB: 0x000002ff
ME: failed to become ready
ME: GET FW VERSION message failed
ME: failed to become ready
WRITE [00] : CB: 0x80080007
WRITE [00] : CB: 0x00000203
WRITE [00] : CB: 0x00000000
ME: failed to become ready
ME: GET FWCAPS message failed
Re-hiding MEI device…done, exiting
Source
https://thiccpad.blogspot.com/2018/12/neuter-intel-me-with-mecleaner.html
Hello.
If I want to remove Intel ME with me_cleaner.
Can I do it directly on the bios file bin ? Is the ME on the bios File ?
My Laptop is a 7Y30 KabyLake.
Thank you.
EDIT : I did it on my bios.bin I ended up using the HAP method (-s) it should be the most transparent way of doing it.
I mean do I have less chance to brick with only 1 bit change ?
Here is the result :
2
3
4
5
6
7
8
9
Full image detected
Found FPT header at 0x1010
Found 11 partition(s)
Found FTPR header: FTPR partition spans from 0x1000 to 0xa8000
Found FTPR manifest at 0x1448
ME/TXE firmware version 11.6.0.1121 (generation 3)
Public key match: Intel ME, firmware versions 11.x.x.x
The HAP bit is SET
Checking the FTPR RSA signature... VALID
is me_cleaner still the way to go?
I’ve a ASRock H77 Pro4-M Mainboard and a Thinkpad E130. I didn’t find any stuff according to coreboot, so OEM stripping is the way to go, if it helps to get rid of it?
Hello, I was wondering if anyone would mind helping me with an issue I’m running into with flashrom on a dell xps 15 9550. The dell has a 16 mbyte Winbond W25Q128.V bios chip on it. I’m using flash rom on a raspberry pi 4 but when I read this chip with a soic8 test clip, it seems to read successfully. However, when checking to see if the checksum of the reads I do are identical, they always come up as different values. The other two bios chips however read with the same checksums every time. I am attempting to use intel me cleaner to set the hap bit and disable intel me without repartitioning or cleaning anything on the chip as intel boot guard is enabled. ME Cleaner is able to read the file and say the hap bit has been successfully set. However, when writing the modified image, I get the error through flash rom verifying flash…failed, your flash chip is in an unknown state. The laptop will no longer boot and the power light comes on for a moment before turning off. I suspect either flash rom is not compatible with this chip or something about this chip prevents it from being read by flash rom. Using this guide: darajnish/dell5577medisable on GitHub (sorry can’t post links yet). It seems as though a select few people have been able to set the hap bit by using the command soft-disable-only. Even when I try re-flashing the original read bios image however, the laptop still does not boot. I read somewhere that my chip has flash descriptors locked, but since other people have had success I’m not sure why I can’t get it to work properly. Any advice would be much appreciated!
----------------------
Also, I’m not sure if it matters but most forums mention having to use usb spi programmer, so I’m not sure if this is an issue with the software I’m using (spi_dev on raspberry pi using arch linux) or what is going on
@Nickhostess
If you want me_cleaner help you should post at its github page. I have moved your thread here to keep all of these in one place as I don’t look into me_cleaner related inquiries.