Hacking Haswell ThinkPads' Firmware
A cheap Craigslist laptop gets its BIOS hacked and Intel Management Engine neutered.
Written .
Updated with updated instructions.
A Brief History of Intel
The x86 ISA has been around since . In the past fifty-plus years, this CISC
architecture has only gotten more and more complicated. It's gotten to the point where a separate
computer needs to prepare the real computer to load an operating system. Starting around
2006, Intel's chipsets (and later, processors) included a separate autonomous
subsystem
known as the Intel
Management Engine. This co-processor runs as long as the main computer is receiving power, even
when the actual computer is turned off. More troubling, the code is obfuscated, which
means that security researchers are largely unable to examine it.
Over the years, other features would be integrated into the Intel ME: Intel Anti-Theft (now discontinued), Intel AMT, Intel vPro, Intel Boot Guard, Protected Audio/Video Path, Serial-over-LAN, Intel Platform Trust Technology, and others — still with the chip and its firmware largely invisible from independent security researchers.
While there is a strong business case for many of these technologies — save for PTT being required to implement an fTPM — the average home user will not need these, especially on this Lenovo ThinkPad T540p that I recently obtained; it has a fourth-generation Intel Core processor, which is not compatible with Windows 11, so I don't need to worry about having a TPM.
The FCC Is Also Involved
In the United States, manufacturers need to have their computers approved by the FCC if they contain any wireless radios (i.e., for Wi-Fi, Bluetooth, NFC, or cellular data). Each separate configuration needs to be certified. To save them time and money, many BIOSes contain an allow-list of permitted Wi-Fi and WWAN cards.
That's understandable, but with Wi-Fi 6 and Wi-Fi 6E out, Wi-Fi 5 — particularly the pre-wave2 stuff — is starting to get a little long in the tooth. Plus, shouldn't we have the freedom to modify our hardware to suit our needs?
About Software Freedom
With all respect to Richard Stallman, the hardware and software you buy should respect the four essentials freedoms of software: to run an app for any purpose, to study how an app works, to change it to make it do what you wish, and to redistribute and make copies to help others.
Thus, let me show you how you can modify your "Intel Inside" laptop or desktop to run whatever code you want it to run, so that it behaves how you want it to behave. (Since this is a firmware modification, it's far safer to show you how to modify yours, rather than give you a binary blob that might have unintended side effects.)
Preparation
You will need a ThinkPad based on the Intel Haswell platform, such as the T440p, T540p, W540, and W541. I'm showing you a T540p. For other models, you'll need to look at the motherboard and find your chips yourself. Before we start, go ahead and download the latest Intel ME and Lenovo UEFI firmwares. You won't be able to update these later without repeating all of these steps!
The Lenovo flashing software will keep modified software far away from the chips. Thus, you will need to purchase a chip programmer. Order a CH341A-based programmer.
While you wait for your new tool to arrive, expose your BIOS and ME chips. I've heard that it's right under the memory access door on the T440p. However, on my T540p, you'll need to completely remove the motherboard from the laptop. Because I wound up with many leftover screws, I won't explain how to do that. Instead, consult Lenovo's Hardware Maintenance Manual and follow their directions. Fortunately, this and the reassembly are the toughest parts of this liberation (as is removing the keyboard without breaking any keycaps).
Be sure to unplug the CMOS battery, too. We need all power removed from the motherboard.
When you get the motherboard free, you'll see two identically-shaped eight-pin chips over by the SIM card slot. The one closest to the business end of the slot is a 64 Mb Macronix 25L6473E chip that contains the Intel Management Engine, the Ethernet PXE option ROM, and other related things. The opposite chip is a 32 Mb Macronix 25L3273E chip that contains the UEFI BIOS partitions.
You should also make sure the flashrom
tool is installed, and you have a working copy
of Python 3. Your operating system's package manager can give you both of these.
Neutering the Intel Management Engine
The Intel ME cannot be removed entirely from any Intel Core platform, as it is required for initializing and booting the computer. However, the three-lettered American intelligence agencies were not okay with a hidden operating system running on their computers, so Intel came up with a special operating mode for the ME. As they stated in a press release:
In response to requests from customers with specialized requirements we sometimes explore the modification or disabling of certain features. In this case, the modifications were made at the request of equipment manufacturers in support of their customer's evaluation of the US government's "High Assurance Platform" program. These modifications underwent a limited validation cycle and are not an officially supported configuration.
I will let you, dear reader, take their warning at face value.
That being said, let's continue. Here is what needs to happen with this chip:
- Read the Intel ME ROM.
- Run
me_cleaner
to remove unneeded modules and enable the High Assurance Platform mode. - Write back the neutered ROM image.
Let's get started. Position your flash reader clip on the Intel ME chip (the one closest to the
SIM card reader), connect your flash reader to your computer, then run flashrom
to
read the chip:
(Tip: If you're not sure your programmer is attached firmly, read the chip a second time into
upper2.bin
and then diff
the two files. If the files differ, make sure
your clip is firmly connected and try again.)
Fortunately, we won't need to edit this file on our own. Download a copy of me_cleaner
from GitHub. This will set the ME into the High Assurance Platform/AltMeDisable
mode, so that once the bring-up phase is complete and the POST
begins, the ME will safely hang:
That was easy, right? Now, let's write back our cleaned image. This step will take a while, so
don't panic. flashrom
will be reading, writing, and verifying each block.
Congratulations! You can attach the screen, keyboard, and charging port to the motherboard and boot it up now, if you'd like to test. When you go into the BIOS, you'll see that the listed ME Version is now blank.
If that's all you wanted to do, you can stop reading and start re-assembling the laptop.
Removing the PCIe Allow-list and Unlocking More Firmware Options
While we have this thing open, we might as well upgrade it to Wi-Fi 6. Hop on eBay and pick yourself up a newer WLAN card, such as the Intel AX200 (Wi-Fi 6) or AX210 (Wi-Fi 6E). While those have their own proprietary firmwares, they are rock-solid under Linux.
Before we begin this step, here is another reminder to download and install the latest firmware updates from Lenovo. (For the T540p, BIOS version 2.39 is the latest.)
Position your flash reader on the UEFI BIOS chip — the one furthest from the SIM card slot — then dump it:
Just like with the Intel ME, there are pre-made tools to unlock the BIOS.
Read through the patch file. Comment or uncomment any lines that apply or don't apply to your ThinkPad's make and model. Uncomment lines pertaining to your model, and comment ones that don't; otherwise, at best, your patch will be ineffective, or at worst, your computer will beep or not boot (but you can reverse this by repeating these instructions with an unadulterated copy of your BIOS). Save and exit when done, and we'll create a patched image.
While the ThinkPad will work if we flash this file back, it will beep like a madman. We need to sign the BIOS with an RSA key. Fortunately, there is no PKI enforcement, so any key will do, even one that we generate on the fly. Let's bring in another open-source tool:
That was almost too easy. Let's write it back to the chip. Again, this will take a while, so go do something else for a few minutes.
Now, reassemble your laptop and start it up! You'll get an error about the CMOS checksum being and the date/time being invalid. That was because we disconnected the backup battery, not because we decided to rewrite the firmware. If you go into the BIOS, you'll see a plethora of new settings under the new Advanced menu.
Note that this Advanced menu takes the place of the Date/Time menu, so we'll have to boot our operating system and set the clock there.
In Conclusion
You've done it! The spyware located inside the Intel Management Engine is now inoperable. On top of this, you've modified your firmware to let you upgrade and tweak this laptop as much as you want. Hopefully this makes your older ThinkPad last even longer!
Much credit goes to Wolfgang, for his excellent write-up about doing all this to a ThinkPad T440p. I'd also like to thank the developers of the various tools that we've used.
Links
- Positive Technologies: Disabling Intel ME 11 via undocumented mode
- https://PTSecurity.com/ww-en/analytics/disabling-intel-me-11-via-undocumented-mode/
- Free Software Foundation: What is Free Software?
- https://GNU.org/philosophy/free-sw.html
me_cleaner
- https://GitHub.com/corna/me_cleaner
- UEFITool
- https://GitHub.com/LongSoft/UEFITool
- Patch file for Haswell ThinkPads (also, that's quite the domain name)
- https://raw.githubusercontent.com/digmorepaka/thinkpad-firmware-patches/master/xx40_xx50_patches_v7.txt
thinkpad-uefi-sign
- https://GitHub.com/thrimbor/thinkpad-uefi-sign
- Wolfgang's Blog: Removing the Wi-Fi whitelist on Haswell Thinkpads (T440p, W540, T540, etc.)
- https://notthebe.ee/Removing-the-Wi-Fi-Whiteslit-on-Haswell-Thinkpads-T440p-W540-T540-etc.html