Hi, could someone please unhide Trusted Computing in the bios and enable PTT in the *(CS)ME.
I’ve been trying to do it for the past 8-12 hours, and I’m finally giving up, I flashed a dump of a bios from a Fujitsu P758, trusted computing option became available in the bios but it says no tpm device was found and in ME settings it says ME version is 0.0.0.0.
dump.zip (8.7 MB)
The system uses Intel 300 series (Q370) with ME FW v12, it should have PPT by FW requiring no mods at all… but not a system with corrupted firmware like you have, 0.0.0.0, evidence of corruption in CSME firmware region of the system.
Follow the guide and repair it.
Additional info/guidance/relevant
ME Analyzer: Intel Engine Firmware Analysis Tool Discussion - Special Topics / Intel Management Engine - Win-Raid Forum
It came out of factory with trusted computing disabled, there’s a sticker on the motherboard that says NO TPM.
When I use the original bios that came with the PC (CS)ME works, but trusted computing option is fully hidden.
I extracted the IFR data and I used setup_var to try to make the bios show Trusted Computing sub-menu, but it didn’t work.
The P738 bios was taken from a known working PC on which TPM and (CS)ME work.
This is what MEInfo gives me on the “modded” PC.
I think CS(ME) is not corrupt, but I might need to use a different version to make it work?
I’ve ran MEInfo with the original bios, it showed that PTT is enabled, but the PTT initialized at start-up was set to disabled, could that be causing the Trusted Computing sub-menu to not be available?
I see…
So the dump is from a working D738 or P758 as you mentioned, mistake?
Sorry but CSME advanced debug is out of my league, open both images with FIT tool and check settings, you can build final image with adjusted settings or maybe even trying to swap CSME firmware region, still only logical from my PoV, i’m not the best for guide you on this.
Not fully understood when do you got ME disable (0.0.0.0.)…
Sorry for not explaining well.
With the original bios that came from the factory on the pc (CS)ME works, but TPM options are fully hidden in the bios.
I tried flashing a bios from a Fujitsu P758 (the motherboards look physically the same on both computers, and they work with the same bios update), and the computer works with it, but then I get ME disable (0.0.0.0) .
I’ll try to get a bios file from the latest bios update, and just add-in the NIC MAC address, is there anything else I should change?
I’m confused about how it knows what model number and motherboard serial number it has.
So the linked file “Dump.zip” is from a P758?
Official one, the 1.38…? If normal update you don’t need to add/edit MAC…
The firmware update package will read and identify the system board original data DMI/WMI, prior to performing any action.
And yes, seems the P758 uses same board D3601 with Q370 but almost sure the package for it has other settings and the CSME should be factory configured differently.
Why not contact FSP/Kontron
Fsas Technologies Support pages EUROPE
The dump is the original bios that came from the factory.
It’s not a normal update, I’m using a CH341 to flash the bios.
I downloaded the original bios from fujitsu (V5.0.0.13 - R1.38.0 (22/10/2024)), there was a D3601-A1x.R1.38.0.bup file, i used 7zip to extract it’s contents, and I got a D3601-A1.UPD file, but it’s size is around 28MB, while my flash is only 16MB.
I put D3601-A1.UPD into FIT and then I saved it from there, I got a 16MB bin file out of it and then I used CoffeeTime to manually add NIC MAC address and I disabled bios lock etc. in there.
I flashed that image but now the pc just spins the fan for 2 seconds and shuts down.
I’ll try to shoot them a message, thank you for the link.
Your mixing things up… and yes, the FSC .bup files are not ready ones to use in CH341A… take a break and read more, most of these files are updates of regions and need to be combined/swap with the original dumps that are “expanded” images with readable regions, like the original dump.
Besides it looks a “regular” image its not and must be cut.
Select block top to 0x1000000, resulting in 16384k
Now, by using this method, all the board system data must be transferred.
Not sure where this is but, looks like the 1rst pad and 2nd NVram volume should be considered.
Thank you for being so patient with me. I’m a begginer and it means a lot.
I’ll finish the orders for today and I’ll read over the guides.
I think I just need to swap (CS)ME with enabled PTT into the original dump in order to enable trusted computing in the bios.
Yes… as trivial as it may look, sometimes it’s just like that (not always of course), you got a programmer and it seems not your primary system so nothing to lose. Good luck.
