[SOLVED] How do I fix FIT or insert ffs manually in Hex-Editor to load before microcode?

Hello,

I have an Intel server board which uses .cap UEFI Bios files(different from the Intel-Board thread). I was using the all core turbo exploit (I have this both as .efi as well as .ffs), by masking the existing microcode in the Bios, and then loading the hack via EFI and the actual microcode in Linux (it is important to first apply the "hack" and then a microcode of a certain age).

However, I would like to use a newer Bios that does not boot well without any microcode loaded during the initial boot. I have already found a nice combination of the new Bios and manually replaced old microcode that would work together with the turbo-hack, as long as I applied them in the correct order.

My actual FIT problems:
1. I cannot modify via UEFI Tool because the FIT-table is not correct. I know this can be fixed, but how do I calculate the correct values?
2. I tried the Phoenixtool and structure view and it kind of works, as it rearranges some data, but the resulting image does not boot.
Where and how to insert the ffs
Irrespective of the FIT problem, I could probably do it manually in HEX by replacing some unneeded DXE driver or module (not sure about the terminology, I am not familiar with this) and replacing it with the ffs.

I can look up the addresses in UEFITool, but what would I have to do? Would I replace a DXE driver or the file of an "Other Option ROM in FFS" in the terms of UBU? Would it be sufficient to to fill the original address space with zeros and insert my code at the start or would I need to modify something that it actually gets called? The code is small, but I need to make sure that it gets called as early as possible and before the microcode update.

The table below shows my POST process. Not every "microcode update" is relevant for the CPU, so for example the first line can ignored (probably ME or something, does not break the hack).

00:00.000	0x02	Microcode load begin
00:00.000	0x03	CRAM init begin
00:00.000	0x02	Microcode load begin
00:00.000	0x03	CRAM init begin
00:00.030	0x06	Early CPU init (Sec. phase)
00:00.040	0x06	Early CPU init (Sec. phase)
00:00.160	0xA1	Collect info such as SBSP,Boot Mode,Reset type etc
00:00.160	0xA3	Setup minimum path between SBSP & other sockets
...
00:00.160	0xA7	Topology discovery and route calculation
00:00.160	0xA9	Program final IO SAD settings
...
00:00.160	0xA7	Topology discovery and route calculation
00:00.160	0xA8	Program final route
00:00.160	0xA9	Program final IO SAD settings
...
00:00.160	0xAA	Protocol layer and other uncore settings
...
00:00.160	0xAE	Coherency settings
00:00.160	0xAF	QPI init done
00:00.170	0xB0	Detect DIMM population
00:01.850	0xB1	Set DDR4 frequency
00:01.850	0xB4	Evaluate RAS modes and save rank information
00:01.850	0xB2	Gather remaining SPD data
00:02.020	0xB3	Program registers on the memory controller level
00:02.020	0xB6	Perform the JEDEC defined init sequence
...
00:03.600	0xB7	Train DDR4 ranks
00:03.600	0xB8	Initialize CLTT/OLTT
...
00:03.610	0xB9	Hardware memory test and init
00:23.790	0xBA	Execute software memory init
...
00:34.050	0xBB	Program memory map and interleaving
00:34.050	0xBC	Program RAS configuration
00:34.050	0xBF	MRC done
00:34.190	0x31	Memory installed
00:34.240	0x33	CPU PEIM (Cache Init)
00:36.090	0x4F	DXE IPL Started
00:38.900	0x62	DXE Setup Init
00:52.850	0x78	DXE ACPI Init
00:53.110	0x80	DXE BDS Started
00:53.120	0x81	DXE BDS connect drivers
00:53.130	0x84	DXE PCI Bus enumeration
00:53.130	0x84	DXE PCI Bus enumeration
00:53.150	0x85	DXE PCI Bus resource requested
00:54.980	0xC2	DXE Legacy Option ROM Init
01:04.400	0x89	DXE SIO Init
..
01:11.020	0x02	Microcode load begin
01:11.020	0x00	Clear POST Code
...
01:16.020	0x89	DXE SIO Init
01:16.380	0xC2	DXE Legacy Option ROM Init
01:18.260	0x02	Microcode load begin
01:18.260	0x00	Clear POST Code
01:18.260	0x02	Microcode load begin
...
02:07.910	0x89	DXE SIO Init
03:50.440	0xC7	DXE ACPI enable
03:50.440	0x00	Clear POST Code
 

@serverpanda - Upload your mod BIOS and I can fix FIT for you, or here, I made a guide
[GUIDE] Update CPU Microcode + Fix FIT Using UEFITool / Hex

This can be done easier now with UEFITool NE 55 or above, but I haven’t had time to update the guide yet. So, if this is too involved for you, upload your BIOS you need FIT fixed in and I will fix for you.

As for FFS, I don’t know what you mean, or are doing etc, to me FFS is a BIOS module, so I have no idea what you are using, doing, how or why etc - sorry.
If that is what it is to you as well, like how we would do the NVME mod, upload your FFS too with your BIOS you need FIT fixed in, and I can insert it into the BIOS for you (Usually, for NVME mod, this is after last DXE in main BIOS volume, I’d assume same for what you want, but I have no idea so it’s only a guess)

Thank you. I saw the guide before, but it did not work for me that well. (There are some differences in my Bios, no GUID for FAT, different header)

Anyway, I had a another go at it and understood how it works, rewrote the addresses and added lengths, but it is kind of worthless. On the one hand, the microcodes including architecture are detected in the structure view, but there are more problems to the whole cap.

I had another go with the Phoenixtool and now I understand:
My Bios actually includes several Bios files, that is why it was all mismatched. So first of all, I have to either stick to to pure hexediting or first unpack, use the tools and repack.

My trouble is now knowing where to insert the FFS. The good thing is that by having the four seperate Bios files, I can easily find the GUIDs to look for in Phoenixtool. I will try this way first and see if the Bios boots if I unpack and repack with Phoenix.

UPDATE:
I am marking this as solved. I am now able to alter the Bios contents via Phoenixtool. The resulting image is bootable, unless I replace a file with a wrong type. I was not able to achieve my primary goal yet, but I have to do further reading on UEFI first and then rephrase it as a new question.

UPDATE 2:
The whole idea was stupid, because the microcode is applied before the PEI.