[Request] Unlock BIOS Xiaomi Notebook PRO GTX @8th CPU

Hello, @Lost-N-BIOS
I am the body who asked you for help in this thread: [Guide] Unlock Intel Flash Descriptor Read/Write Access Permissions for SPI Servicing (5)
Thanks for your help, I flashed the 8MF.bin by flash programmer (and SOIC8 test clip).
But it is not working well when I use the FPT to flashing BIOS (fpt -f ‘6M byte bios file.bin’ -bios).
The 6M file is dumped by FPT command ‘fpt -d bios-6.bin -bios’.
Here is the error massage:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
 

D:\BIOS\Intel Tools\Flash Programming Tool\WIN64> .\FPTW64.exe -f bios-6.bin -bios
 
Intel (R) Flash Programming Tool. Version: 11.8.55.3510
Copyright (c) 2007 - 2017, Intel Corporation. All rights reserved.
 
Reading HSFSTS register... Flash Descriptor: Valid
 
--- Flash Devices Found ---
W25Q64FV ID:0xEF4017 Size: 8192KB (65536Kb)
 
GbE Region does not exist.
 
Error 316: Protected Range Registers are currently set by BIOS, preventing flash access.
Please contact the target system BIOS vendor for an option to disable Protected Range Registers.
FPT Operation Failed.
 
 

There is something different is I can dump the full flash image by commend 'fpt -d bios-8.bin'.
-------------------------
I had unzip the 7z package and compare the files, you changed 3 places:
1. Change the Region Descriptor Access to 0xFFF //It may makes me can use FPT dump all flash file.
2. Change a default var FPRR to 0x0 //This error is PRR preventing the access, Is it the same thing?
3. Change the BIOS LOCK default var to 0x0 //I had seen other notebook (Xiaomi Notebook PRO [Not GTX edition]), the BIOS is unlocked when variable is 0x1.see this

I loaded defalut sttings for the BIOS,then I tried command 'fpr -f bios-6.bin -bios', the error code back to 'error 368'.
1
 
 Failed to disable write protection for the BIOS space.
 


I have no idea to fix it , so I need your help again, thanks again.

If this theard in a wrong place, please move it.

@andy7y - Sorry, I only disabled BIOS setting for FPRR, I didn’t edit the module that may also lock FPRR. I will find and edit this tonight for you.

BIOS Lock, or any setting, to 0 is disable, you don’t set 1 to enable. I’m not sure what you linked, but it’s invalid
BIOS Lock, VarStoreInfo (VarOffset/VarName): 0x17, VarStore: 0x5, QuestionId: 0x7A3, Size: 1, Min: 0x0, Max 0x1, Step: 0x0 {05 91 A6 05 A7 05 A3 07 05 00 17 00 10 10 00 01 00}
One Of Option: Disabled, Value (8 bit): 0x0 {09 07 04 00 00 00 00}
One Of Option: Enabled, Value (8 bit): 0x1 (default) {09 07 03 00 30 00 01}

If you set that back to 1, you will get error 368 again (BIOS Lock enabled), as you mentioned above
I changed many things you did not mention, but I don’t need you to check or compare etc, I know what was changed.
All changed are noted in summary at this post #63

I will find and remove FPRR Lock in BIOS module for you tonight, sorry I didn’t before I assumed BIOS setting would be enough.

* Edit -
@andy7y - quick test, be ready to recover with flash programmer.
http://www.filedropper.com/8mf2

If this does not work, I’ll dig more later, or maybe if @CodeRush has a second he can find FPRR lock quicker (BIOS setting disabled at NVRAM and settings did not remove) -
^^ BIOS linked above “Post #63” link in paragraph above this edit so you can see all mentioned previous edits ^^

Sorry, I flashed the 8MF2.bin by programmer, the error still occured.
Error massage still is:

1
2
3
 
Error 316: Protected Range Registers are currently set by BIOS, preventing flash access.
Please contact the target system BIOS vendor for an option to disable Protected Range Registers.
FPT Operation Failed.
 

In this site, https://github.com/daliansky/XiaoMi-Pro-...MT_and_0xE2_fix
The way to unlook BIOS is set PCHsetup offset 0x17 variable to [0x01], but in my BIOS the variable already is [0x01]
The Github Hackintosh Notebook is 'Xiaomi Notebook PRO' (GPU is MX150), and my notebook is 'Xiaomi Notebook PRO GTX' (GPU is GTX1050-maxQ, late than MX150 edition).
I know it is defferent with [quote="Lost_N_BIOS, post:2, topic:33891"] BIOS Lock, or any setting, to 0 is disable, you don\'t set 1 to enable. I\'m not sure what you linked, but it\'s invalid [/quote]
But I don't sure if the manufacturer change the variable's definition.
@CodeRush hello, do you have a second to help me find FPRR lock ?

This is the screenshot

Snipaste_2019-09-19_00-04-55.png

First, as you mentioned, that is not your same system, and second, that is not how BIOS Lock or any of these lock settings work. And no, the manufacturer cannot and would not change enabled to mean disabled, that would be against all rules for many reasons.
As you already know, your BIOS Lock variable was originally 0x1 already (enabled), thus you used to get 368 error. Now, FPRR/PRR lock is the issue, and this is a BIOS setting thing, which I already disabled and also in a BIOS Module, not a setting.
The latter is what I am trying to disable now, this is not always straight forward to do as all BIOS differ where this lock is located (PCHInitDXE, Powermanagement, Powermanagement2 etc)

The page you keep linking has nothing to do with anything we are editing or changing here.

Thanks for your test report of the BIOS I sent 8MF2.bin, I suspected that may not work. Please go ahead and flash back in the original edited BIOS I sent you.

The last edit may be failed be due to it needs edited differently and I have the correct location, or I don’t have correct location at all.
All we can do is keep trying, I will keep looking, maybe CodeRush will stop in (he’s expert on this kind of thing), or we may not be able to get it and you’ll have to either flash by programmer only if you need to flash entire BIOS, or just flash BIOS region via -BIOS, or ME region via -me flag with FPT.
FPRR/PRR lock may also prevent ME region flash too, unsure, but I doubt it would prevent BIOS region flash, you will have to test and find out. You’re FD is now unlocked, since you programmed in unlocked FD, so there is no reason to need to flash entire BIOS anymore via FPT, only do which regions you edit/need to update in the future.
Please test and see if you can flash ME and BIOS regions one by one with FPT

Also, please stop using PoweShell, FPT should be used from Admin CMD Prompt only, this could possibly be the cause of this issue.

Thanks for your patient help. I will follow your suggest and try to fpt me region tonight (UTC +8).


------edit
Yes,I can flash the me region by FPT

@Lost_N_BIOS I can flash the me region by cmd ‘fpt -f me.bin -me’, so I think the ME region is unlocked.
And when I use H20EZE export setup settings, it said that the FPRR already disabled.
as you mentioned,



if you have time, please try it again, I will go on to flash it.
Anyway thanks.

@andy7y - sorry, I lost this thread until just now. Do you still need help, if yes, what’s going on?

Thanks, i’ve been looking for the a while…