I seen and downloaded the descriptor yesterday, sorry I forgot BIOS was in there too. Plus, I wanted new/latest BIOS using the downloader program, so we could get correct tool that normally would be used with it’s BIOS. My bad man, I forgot about that and it was lost in pile of folders with me thinking only the desc.bin was there, I should have looked again!
I was able to get extracted contents, as seen below, zipped it up for you too
Yes, It uses AFUWin so AFUwin or AFUDOS should be fine to use. You may need to find certain versions of the tools though, sometimes older BIOS only work with older versions, new with new etc. You may be able to use the ones zipped above from the BIOS package, but if it does any security check then may be best to find version that works that doesn’t come from Samsung.
FPT should also work for this BIOS, per these FD restrictions (So BIOS region yes, ME no but ME should work ok with ME FW Update tool)
1. which BIOS file should I use for making modifications using AMIBCP: the .cap file that is there in the extracted files which you have shared, or the dumped .rom/.bin file?
I should mention that the .cap file is 3076KB while the other is 3072KB. None of these files have ME (but that is not a problem). Also, if I make any change to the .cap file, I get some message like "Saving unsigned changes" or something of that sort. I will make a small change first, flash it and then try making further changes.
2. which AFU do you suggest to flash the file: AFU current version, or AFU that is there in the extracted files?
If you see the DEBUG log that I shared in post #137, the default BIOS process does certain things before and after running AFU like changing Power Policies etc. So, Windows flashing process looks a bit risky to me. I am more inclined to use AFU (current version) and flash from DOS. What do you say?
And above all, do you suggest that I wait for the external programmer to come before flashing the modded BIOS or it is relatively safe like it was in the other laptop?
Ohh! I thought you figured that all out, and I said OK yes Sorry for not clarifying, I thought you had it!
Use the .cap file, remove the capsule to get BIOS.rom (ie extract body via UEFITool) Edit that and flash via AFU
On rom/bin FPT/AFU, do those match via hex? Neither will match the extracted rom from capsule file, since it wouldn’t have any of the NVRAM or board specifics that may/should be include with the AFU/FPT dumps. If you use AFU/FPT dumps, only use same tool to put back (ie use AFU Dump with AFU, FPT w/ FPT)
Any of the three would be fine, only the capsule/rom extracted from that will be latest BIOS of course. Yes, capsule is 2kb.
Yes, that is common message with AMIBCP/Capsule BIOS. You can use/edit capsule files, but sometimes it’s easier to flash with BIOS extracted from the capsule (capsule is security and signed)
Which AFU to use, I would use the one included with the files first, if it gives you security error or integrity error find it’s version and download similar version non-Samsung. Or yes, you can try AFUDOS first if you want/feel more comfortable with that. The processes mentioned in the log are only to make BIOS flash process safer. Disable safely remove the USB while it’s in use flashing the BIOS, and the powerpolicy is to block power changes while flashing, disabling power switch and lid switch, all standard practices to try and save end user from accident during flash Then all those changes are released/reset and restored back to user access once BIOS flash is done
Dumping and flashing modified BIOS are not related, so no that does not mean it’s a sign that it will flash mod BIOS.
On your final question, you never can tell. If you are worried, and it’s a critical to you system but you still want to go for it, make only a single change and then test. Also, be sure before you flash anything that once you make a mod/change and save that BIOS, open that modified BIOS in as many other tools as you can and the tool you edited it with initially. Do this to make sure all looks OK and same, ie same errors or not same errors as before, like in UEFITool sometimes always error show when open BIOS.
1. I tried flashing with the afu that was included with Samsung files. I got an error:
1e - Error: Secure flash function is not supported on this file.
So, I think it won’t be possible to use the AFU that came with the files. I checked its version. It was v.3.05.03. The AFU version that I have is v3.09.03.1462. I was not able to find a non-Samsung v3.05.03 AFU. But I found AFU v3.06.01, can I use it?
2. Upon comparing dumped bin/rom using HxD, I found they were not 100% same. There was a slight difference. The size of each dump is the same (3072KB) though.
It’s safe to try either AFU you found, even 4 or 5 too. I just thought it would be best to try first ones in the range of the one supplied with the BIOS.
I assumed AFU/FPT were not the same, if you want me to check if I can see what the differences are put both in a zip and I’ll look when I have a chance (leaving right now)
I tried flashing the capsule removed BIOS using AFU v3.06 and it was the same error:
1e - Error: Secure flash function is not supported on this file.
Looks like there is some security enabled somewhere.
I took fresh dumps of the BIOS (bin and rom) and found that the dumps are identical when compared using HxD editor. Perhaps I did something wrong the last time and so, I was seeing differences between the dumps. I have shared the Dumped BIOS files here, for your reference.
Thanks for dumps, I will take a look and see if I can find the locks, if I do I will try to help you with a way around.
In the meantime, can you find out ME version, and download matching Intel System Tools package, then run meinfowin. You may have to guess, either based on current available ME driver version download (Back on early versions, driver more closely matched ME version). Or you may need to try a few Meinfowin versions from different packages until you find one that works, start at 5, 6, 7, 8 etc. Intel Management Engine: Drivers, Firmware & System Tools
And, then from Flash Programming Tools / win/win32/windows etc run FPTw and use these three commands and show full image of each so I can see command entered and success or error output, then upload any files created. fptw.exe -d spi.bin fptw.exe -me -d me.bin fptw.exe -desc -d desc.bin
SMI Lock, BIOS Lock, and GPIO Lock all disabled by default. There is no ME in your backup, so doubt AFU is trying to access/write to the ME section, so I’m not sure what is causing the security lock message. It may be due to AFU versions, did you try any 4 or 5 versions yet? Hopefully the FPT stuff and MEinfo will tell us more, I’m betting you can write to BIOS region with FPT so problem solved anyway since we are not updating ME (and that can likely be done with ME FW update tool later if needed)
ME version is 8.1.65.1586. MEInfo dump has been shared along with the Descriptor region dump and other text files here.
I already tried that previously. As I mentioned in post #133, I get an error message when I try to dump the entire spi image or the ME region. The error message is: Error 26: The host CPU does not have read access to the target flash area. To enable read access for this operation you must modify the descriptor settings to give host access to this region.
I can dump the Descriptor region and the BIOS region with success though. Nevertheless, I tried running these commands again in verbose mode and have captured the complete error and other details in text files. All the text files along with the dump of the Descriptor region dump have been shared in the attachment link above. The Descriptor region rom file was also shared in post #135.
I have not yet tried AFU versions 4 or 5. Which version do you recommend? You told me earlier that matching AFU version as compared to Samsung AFU should be used, so I did not bother trying any higher AFU versions.
Yes, some time back I updated the ME firmware of this laptop.
Sorry man, I didn’t look back or think to look back. Main goal there was so you could choose correct Intel Tools Package to run the FPT stuff. And sorry, we’ve done so much here, now on several models, I forget what’s been done already and where we are So then, fptw.exe -bios -d me.bin Works correctly of course, and that is how you get BIOS FPT dump, derpppp! I remember now, the descriptor, posted image of it inserted into a BIOS above, you can only write to BIOS and GbE
Try both 4+5 AFU, I only mentioned the older ones because that’s the one it came with so best to start there, but I assume 4-5 will give same error.
BIOS is all you want to write to anyway, so FPT can be used for that without issue using this command fptw.exe -bios -f biosfile.bin
No problem. And please don’t apologize for anything. I am much obliged to you for all the help.
I could not find a working link to download AFU 4, but found AFU 5. I checked that AFU 5 is only supported for APTIO 5 BIOS. This laptop has APTIO 4 BIOS, so I guess that it may only cause issues if I use AFU 5. Shall I still try AFU 5?
I tried both the commands that you shared. I am surprised that the flashing went successful, but the changes made in the BIOS file do not reflect. I disabled HPET and forced visibility of CPU Configuration in Advanced Menu. After flashing, I found that HPET was still there in device manager and CPU Configuration did not get exposed. I opened the flashed BIOS file to see if the changes were saved correctly and they were. Any idea what could be wrong?
I try to move too fast sometimes, when I should look back little bit is all. You’ve got a PM. I am not sure about 5 only supports Aptio 5, if you read that then it’s probably true
Setting “User” is not always the only way to enable a menu or sub-section, often that may not even help at all, or may only be needed on top of another method. On HPET, not sure maybe same bug as your other BIOS too. Was that one in hidden section too that you disabled? I see HPET in PCH-IO root section, so maybe best to put hidden one back to default and then disable that one, if fails then disable them both and see if that fixes it.
I will look at the menu stuff and let you know what method I would use, as you seen previously sometimes you need to try a few before you figure out which works. You did enable “User” on root section (Advanced) that contains CPU config correct? If not, do that now, you have to enable root section before any sub-section could be visible. I did a quick check and there is no 46 02 leading the usual hidden root menu entries in setup, so this one will be either 0100001 to 010101 type change to enable root menu sections, or that on top of setting User at root areas in AMIBCP too. For me to give best advice, I need to see current visible menu sections (Just what all main/root sections there is), along with what advanced looks like and what boot, security and save & exit looks like as well.
I tried AFU 4 by dumping BIOS first. The system hanged. It does not support APTIO 4 BIOS.
HPET is in two places. One in the hidden unnamed folder (like in the other laptop BIOS) and the other in PCH-IO root section. I tried all combinations: Enabled in hidden section and disabled in PCH-IO, Disabled in both, and Disabled in hidden section and enabled in PCH-IO
There was no change. I should also mention that after flashing it gives a message that the data is identical. Looks like it is not flashing the entire BIOS region and selectively flashing those areas where I made no changes.
I was also thinking that if I take the original .cap file that came with the Samsung BIOS installation files, make changes, save it as unsigned cap file and then flash it with Samsung AFU, it may work as desired. Does that sound risky?
Sounds like maybe a bug like your other boards BIOS then, this is common issue (BIOS bugs), and not many disable this often so probably doesn’t get reported too much. Please send me your BIOS edited, that has it disabled at all locations and I will see if then it’s disabled in default setup module via IFR output, if not I will show you how to disable there too. We tried this in your other board first though, on the older BIOS and this along with hidden setting had no effect, but then on new BIOS version this was not required since changing hidden section disabled it by itself.
That is how FPT works, it’s comparing at the end step current BIOS/region contents and the file used in the command, kinda like saying “Verified, job done” To eliminate your concern about only writing certain places where changes are made (Which is all that’s needed, since rest remains same) you can always use the -rewrite switch and that rewrites the entire region by erasing first and then rewriting.
No, what you mention about .cap is not risky, it will either flash or not. Capsule by design is a security measure/signed, so usually if you edit it will fail to flash is all (If signature./security checked by the flashing process=usually)
I will check your images, and the BIOS tonight, and show you where to make these changes to enable menu. Sometimes it may take a try or two to find exact spot, but not always
There is a difference, as I described, in the way it flashes (not in the outcome of BIOS changes) I am not sure if you can use -verbose, but maybe that would show you more detail.
Your BIOS is flashing in fine, hence the FPT operation passed each time, no need to keep flashing. It’s a failed mod is all, as in not doing what you intended, it’s not failing to flash in there.
Thanks for BIOS, I will look and let you know tonight when I have more time where to enable the menu’s at, and check the setup module High precision setting too But like I said, we did all this last time on HPET, bugged BIOS did not make difference how it was disabled, seems same here since hidden didn’t disable it right away like your new latest BIOS for the other system. So you may have to give up on that one, or push them for a fixed BIOS. I can do the setup module edit for High Precision Timer right now, doesn’t take too long, so will be attaching BIOS for that here in a little bit. Will get on the menus later tonight when I’ll have more time to take many images and do slow to show you how to do this.
* Edit I’m sorry if this is confusing, but it seemed simplest way to show this mod without having time to make a step by step guide. This is changing the default setup module setting for High Precision Timer, via IFR extraction and hex edit, from Enabled to Disabled (And yes, it was still enabled)
I’m sorry if I went about posting this wrong, as I’m new to the forum. I’m looking for some help with unlocking the hidden menus in my bios. I’ve been working at it for about a week now and can’t seem to get it figured out. The bios is a uefi ami aptio4. Thanks
@mikeshutte - that BIOS is built incorrectly, against well known and documented for years AMI BIOS rules, I checked A03 and A05 both same, so they probably did this on purpose to prevent modifications. Because of this, which I’m sure you’ve noticed, there is an error “some BIOS strings exceed 400 character limit” so setup tab is not shown in AMIBCP, so any edit has to be blind edit in a non-GUI environment.
Due to that, I cannot even easily at a glance see what menus are there, not there, hidden etc. I can look at it textually or in Hex, but that is not ideal/feasible for making lots of changes, one or a few no problem but 20-50+ you might want with a mod like that is just not possible due to everything having to be done in a non-GUI setting. I can try blindly enabling root menu’s for you, but that’s about all I can do without spending hours and hours tediously making changes one at a time and then having you test.
What have you been doing with the BIOS, or what have you found over the week you mentioned?
Here, I updated all CPU microcodes in A05 for you I include exe, and in case that fails to flash for you, also .rom file. I think the exe will be OK!
Which of these menus can you see? I assume 1-6 (First main, through exit), correct? It’s too bad we can’t see in AMIBCP, sometimes second boot or second security is the one shown, and seeing these in BIOS vs AMIBCP helps narrow down where to enable in hex if possible. If you cannot see one of the items in 1-6 here, that may help, but without being able to visually compare in AMIBCP vs images of your BIOS it may not be possible. Do you have flash programmer in case recovery is needed? Main Advanced Intel Security Boot Exit Main Advanced Chipset Boot Security
And for Advanced, security, and boot are there several items shown in each one or only a small few?
By the way, I tried flashing the edited .cap file using AFU and it failed again.
As the nofile.io server has been down, I could not download your modded BIOS and so, I followed the process shown in the image and could create a modded BIOS myself with HPET disabled. Therefore, no need to create a step by step guide for this one. Thanks!
Just one thing, I used "Replace as is" to insert the file. I was not supposed to use "Insert before" or "Insert after", right?
Even with the IFR edit process, HPET did not get disabled.
Yes, sorry, nofile is bad sometimes, usually file is gone but today I see server down a lot. It’s up right now, I just checked link.
No, there is no insert before or after used in this process. You must extract the exact part shown, as-is or body and then insert as-is or body (insert back always same way you extracted, for this as-is is good) Yes, what you described is all the same I went through when trying to help you disable it way back on the 314 BIOS for the other system, bugged BIOS. You did verify after you hex edited, saved, and made a new IFR to then re-check that it was changed to disabled? If yes, then bugged BIOS like your other older one.
Yes, got the file from nofile.io now. Although I had already flashed a mod with HPET disabled using IFR method, I flashed this too and again there was no change. It is for sure a buggy BIOS.
There is no "insert as is" when I use the UEFITool on my system. Please see the attached screenshot here.
Yes, I did the verification properly. This BIOS is buggy like you said. In the given scenario, I think the only thing we can do is attempt to unlock the BIOS using the other method. If we are able to unlock all/most settings, HPET should also be visible. There is a chance, toggling it then may actually disable it.
Sorry for not clarifying, I thought you had it!
I include exe, and in case that fails to flash for you, also .rom file. I think the exe will be OK!