I have an Optiplex 7010 Micro (2023 version) with ME code 8 (ESSEN/ISM). It is vPro capable but I’m assuming full AMT is disabled in bios.
I can access MBEX and provision, but it is limited to ISM, so no KVM.
I couldn’t find any me servicing jumper pins. I also couldn’t find the Realtek HD audio chip on the motherboard.
I downloaded the FPT and MFIT tools from this post. I dumped the bios with fpt -d bios.bin -bios, opened it up in UEFITool, extracted the body of the Setup UI, opened it up with ifrextractor, and found the VarOffset (0x3) for “ME FW Image Re-Flash”. I booted up an EFI shell and set it to enabled: setup_var 0x3 0x01.
After rebooting, I tried dumping the full spi/bios fpt -d spi.bin but it still gives me the error
Error 185: FCERR is set. Hardware sequencing failed. Make sure that you have access to target flash area.
FPT Operation Failed.
I also just tried dumping and reflashing only the ME region fpt -d me.bin -mefpt -f me.bin -me but it seems like it’s still locked. I booted into the EFI shell again to see if the ME FW Re-Flash offset got reset or not, but it’s still set to 0x1.
Also, when I try to run the ME dump through MFIT, I get an error
I ended up getting myself a programmer and dumped the first chip. The system has dual-chips, with the second one containing just the BIOS region. The second is a WSON so I would rather not try to desolder/solder it.
I extracted the BIOS region from a Dell firmware update and glued it to the dumped file as a placeholder. Without it, MFIT can’t build and UEFITool gives an error.
I opened the file in MFIT and enabled the AMT settings, then built the image. I plan on flashing this tomorrow with flashrom, using the file descriptor flag to only flash the ME region.
Am I missing anything? As far as I know, this was the way to do it for CSME versions <16.
Sounds OK, but I never did a partial flash with a programmer and I don’t use flashrom, so no idea if this might work (no idea why one would try not to flash a complete chip, either).
After flashing and booting into MEBx, it still only shows Standard Manageability.
I tried a partial flash, full flash, and using NeoProgrammer as well. If I dump the image after the computer has gone through a reboot, I can see that parts of the ME region have changed from what was flashed. Specifically, these portions when seen in UEFITool:
So it seems like it is resetting the ME settings when it boots and detects they are different from what they were originally (possibly by comparing to parts of the BIOS region?).
The amt_enabled was the first attempt after changing the settings in MFIT. The latest flashed image (the one before after_reboot) had some additional changes in MFIT to try to get it to stick.
There’s a lot of more or less meaningfull changes but none of these configurations has AMT enabled! Seems you mixed some configurations / dumps in addition with different hardware configurations (these settings are most probably saved in FD):
I recommend just to have the files that are needed in the MFIT directory, and to delete all other files and folders in …\Modular Flash Image Tool\WIN32.
In addition run the files you flash through MFIT, save config as xml and compare to config for backup!
