me_cleaner status about me_cleaner HOT 457 OPEN

Working on:

• Intel Core i5-2520M
• Sandy Bridge
• Lenovo Thinkpad X220
• coreboot
• both with and without the -S flag

Working for more than a month now. Everything works perfectly, and the MEI device has disappeared from the PCI bus.

from me_cleaner.

• Intel Core i7 4790k
• Haswell
• Desktop, ASRock Z97 Extreme6
• Modded bios -- see #3 (comment)
• ffe60d8

BIOS file name must be same as Instant Flash bios name, or else instant flash in bios does not detect it. In this case, Z97Ex62.70

/dev/mei0 does not exist, intelmetool reports it doesnt support my system (maybe it doesn't?), mei/mei_me modules still required by some ASRock Intel ME pci listing

Of note, Intel's own "Intel® Management Engine Verification Utility" in windows is perpetually spinning, which I should have tested beforehand. Looks like that only works if your cpu supports vPro. Tested on another Intel based machine with ME still in bios.

But everything seems to be working properly so far.

Full image detected

The ME region goes from 0x3000 to 0x1fffff

Found FPT header at 0x3010

Found 20 partition(s)
ME firmware version 9.1.10.1000
Found FTPR header: FTPR partition spans from 0x4a000 to 0xd2000
Removing extra partitions...
Removing extra partition entries in FPT...
Removing EFFS presence flag...
Reading FTPR modules list...
Wiping LZMA section (0xaa680 - 0xd2000)
 UPDATE          : removed (0xaa680 - 0xaa8aa)
 ROMP            : removal of Huffman modules is not supported yet, skipping
 BUP             : removal of Huffman modules is not supported yet, skipping
 KERNEL          : removal of Huffman modules is not supported yet, skipping
 POLICY          : removal of Huffman modules is not supported yet, skipping
 HOSTCOMM        : removed (0xaa8aa - 0xb2bb5)
 TDT             : removed (0xb2bb5 - 0xb7f71)
 FPF             : removed (0xb7f71 - 0xb9a77)
Correcting checksum (0xea)...
Done! Good luck!

from me_cleaner.

from me_cleaner.

Working on:

• Intel Core i5-2520M
• Sandy Bridge
• Lenovo Thinkpad X220
• Coreboot with SeaBIOS and CPU microcode updates
• 0ac4b4b

Here is the me_cleaner output:

ME/TXE image detected
Found FPT header at 0x10
Found 19 partition(s)
Found FTPR header: FTPR partition spans from 0xcc000 to 0x142000
ME/TXE firmware version 7.1.20.1119
Removing extra partitions...
Removing extra partition entries in FPT...
Removing EFFS presence flag...
Correcting checksum (0xed)...
Reading FTPR modules list...
 UPDATE           (LZMA   , 0x1101c5 - 0x110257): removed
 BUP              (Huffman, fragmented data    ): NOT removed, essential
 KERNEL           (Huffman, fragmented data    ): removed
 POLICY           (Huffman, fragmented data    ): removed
 HOSTCOMM         (LZMA   , 0x110257 - 0x11580c): removed
 RSA              (LZMA   , 0x11580c - 0x11a2bd): removed
 CLS              (LZMA   , 0x11a2bd - 0x11eccf): removed
 TDT              (LZMA   , 0x11eccf - 0x124e7a): removed
 FTCS             (Huffman, fragmented data    ): removed
The ME minimum size should be 917504 bytes (0xe0000 bytes)
Checking FTPR RSA signature... VALID
Done! Good luck!

Working very well since a few days. The only issue I've noticed is that resume from suspend stopped to turn the LCD back on in Debian GNU/Linux 9. Since I switched directly from factory BIOS to Coreboot+Seabios (git master) with a cleaned ME I don't know which component caused the regression. I've worked around the issue by using pm-suspend --quirk-dpms-on together with acpid.

Update: I rebuilt coreboot without enabling "Support Intel PCI-e WiFi adapters" and have since no more resume-from-suspend issues.

from me_cleaner.

• SandyBridge
• Intel Core i5 2500K
• Gigabyte Z68A-D3H-B3
• OEM BIOS (UEFI Beta version U1d)
• 0ac4b4b

Using me_cleaner on a BIOS dump file and flashing it using Q-Flash utility (included on Gigabyte boards).

EDIT (2017-03-30): Possible issue: Removing ME disables Intel Turbo Boost. I can't get faster clock than 3.2 GHz on 100% system load. I think that it won't be a problem in my case (Unlocked multiplier).

EDIT (2017-04-02): Turbo Boost issue is not related with the result of me_cleaner. It's a Gigabyte UEFI bug.

Output intelmetool:

sudo ./intelmetool -s
Bad news, you have a `Z68 Express Chipset Family LPC Controller` so you have ME hardware on board and you can't control or disable it, continuing...

MEI was hidden on PCI, now unlocked
MEI found: [8086:1c3a] 6 Series/C200 Series Chipset Family MEI Controller #1

ME Status   : 0x1e003052
ME Status 2 : 0x16320142

ME: FW Partition Table      : OK
ME: Bringup Loader Failure  : NO
ME: Firmware Init Complete  : NO
ME: Manufacturing Mode      : YES
ME: Boot Options Present    : NO
ME: Update In Progress      : NO
ME: Current Working State   : Recovery
ME: Current Operation State : M0 with UMA
ME: Current Operation Mode  : Normal
ME: Error Code              : Image Failure
ME: Progress Phase          : BUP Phase
ME: Power Management Event  : Pseudo-global reset
ME: Progress Phase State    : M0 kernel load

ME: Extend SHA-256: 909157238d4c57219f5d5ce4e3c6697bff1cc6546fe8eec7b7eed76768f25d59

ME: has a broken implementation on your board with this BIOS
ME: failed to become ready
ME: failed to become ready
ME: GET FW VERSION message failed
ME: failed to become ready
ME: failed to become ready
ME: GET FWCAPS message failed
Re-hiding MEI device...done

from me_cleaner.

Working on:

• Architecture: Haswell (x86_64)
• CPU model: Intel i5-4310U
• Motherboard: Dell Latitude E7240
• OEM BIOS: A09 and A20
• Using commit 0ac4b4b

It has a (8+4)MiB spi flash chip configuration similar to that found on lenovo x230.
MEI not showing in lspci.

from me_cleaner.

Working on:

• Westmere/Nehalem-C (x86_64)
• Intel Core i7-640LM (Arrandale)
• Lenovo Thinkpad X201 tablet
• OEM BIOS
• 0ac4b4b

I noted a delay in the boot sequence since I press down the power button till the system starts displaying boot messages. Despite this, the system is working fine beyond the 30-minutes mark. Intelmetool shows a similar dump to this. The command lspci shows the same before and after the cleanning process. Flashed with external programmer ch341a and flashrom v.0.9.9-1954.

from me_cleaner.

Working great on my W530, using a hardware flasher:

• Sandy Bridge
• Intel Core i7-3720QM
• Lenovo Thinkpad W530
• OEM BIOS (Version G5ETA0WW)
• 5184453

I have secure boot enabled and it does not complain.

from me_cleaner.

• Sandy Bridge
• Lenovo Thinkpad X220
• coreboot

I can confirm it works on the Lenovo Thinkpad X220, but coreboot then recognizes only one of my two 8GB RAM modules. I'm currently investigating.

from me_cleaner.

• Intel Celeron 2955U
• Haswell
• Chromebook C720p
• coreboot

Hey there, I build and flashed an image of coreboot for my chromebook (C720p) running a Haswell 2955U.

There is no MEI entry in the lspci list.
Not sure what other tests I can run to see the ME's state, open to running other tests, just tell me.

Passed the 30 minutes mark, seems to work. Thanks

from me_cleaner.

Working on:

• Intel i5-6500
• Skylake
• MSI Bazooka B150M
• Stock AMI Bios
• 61fd606

Everything works, the HECI (formerly MEI) device disapperars, a screen at boot notifies that the ME firmware is corrupted, but pressing F2 lets the boot continue.

from me_cleaner.

• Intel
• Core i5-2540M
• Lenovo Thinkpad X220
• Coreboot
• 48deb6c

^^ Yes that's right, the experimental branch works on this board folks! No lzma modules!

from me_cleaner.

Working on

• Intel Core i5 3320M
• Ivy Bridge
• Lenovo Thinkpad X230
• Coreboot
• d2e2308

from me_cleaner.

Working on

• Intel Core i5 3320M
• Ivy Bridge
• Lenovo Thinkpad X230
• Stock BIOS
• d2e2308

from me_cleaner.

• Intel Core i7 4790k
• Haswell
• Desktop, ASRock Z97 Pro4
• Modded Bios (see below)
• ffe60d8

ASRock's bios packages are all in a proprietary format, but Windows based tools, specifically the UBU pack (http://www.win-raid.com/t154f16-Tool-Guide-News-quot-UEFI-BIOS-Updater-quot-UBU.html), allow them to be extracted and the firmware inside upgraded or downgraded. One may flash this modified file directly from the UEFI settings themselves, as it doesn't validate them.

It is unclear whether or not ME is properly disabled, as the kernel module loads but is not really usable, and the tools to check ME status segfault.

Removing extra partitions...
Removing extra partition entries in FPT...
Removing EFFS presence flag...
Reading FTPR modules list...
Wiping LZMA section (0xa7680 - 0xcf000)
 UPDATE: removed (0xa7680 - 0xa78aa)
 ROMP: removal of Huffman modules is not supported yet, skipping
 BUP: removal of Huffman modules is not supported yet, skipping
 KERNEL: removal of Huffman modules is not supported yet, skipping
 POLICY: removal of Huffman modules is not supported yet, skipping
 HOSTCOMM: removed (0xa78aa - 0xafbb5)
 TDT: removed (0xafbb5 - 0xb4f71)
 FPF: removed (0xb4f71 - 0xb6a77)
Correcting checksum (0xea)...
Done! Good luck!

from me_cleaner.

I can try to cat /dev/mei0 and I get "no such device" as root...so I guess that's good?

On my system that I've never flashed before (I haven't used me_cleaner yet) I get the same message when trying to read from /dev/mei0. It does not mean that the ME is disabled

from me_cleaner.

Working on

• Intel Core i5 2520M
• Sandy Bridge
• Dell Latitude e6220
• OEM BIOS
• ffe60d8

MEI is no more present in lspci output.
However, the ethernet card does not show up anymore on "ip a" output.

dmesg says:

e1000e: Intel(R) PRO/1000 Network Driver - 3.2.6-k
e1000e: Copyright(c) 1999 - 2015 Intel Corporation.
e1000e 0000:00:19.0: Interrupt Throttling Rate (ints/sec) set to dynamic conservative mode
e1000e: probe of 0000:00:19.0 failed with error -e

The problem seems identical to the one reported by this user:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/984404
and as he suggests just rebooting the machine temporarily fixes the problem.
When a power cycle is performed again (power off+power on) the ethernet
card is gone again.

This is the related bug on the ubuntu kernel bug tracker:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1576953

from me_cleaner.

Working on:

• Intel Core i7-3770
• IvyBridge
• Motherboard: GA-B75M-D3V
• OEM BIOS and Coreboot
• ffe60d8f

OEM BIOS: MEI device has disappeared from the PCI bus.
Coreboot: MEI device won't go away and confirmed that ME is broken:

**Bad news, you have a B75 Express Chipset LPC Controller so you have ME hardware on board and you can't control or disable it, continuing...

MEI not hidden on PCI, checking if visible
MEI found: [8086:1e3a] 7 Series/C210 Series Chipset Family MEI Controller #1

ME Status : 0x304181
ME Status 2 : 0x153b0160

ME: FW Partition Table : OK
ME: Bringup Loader Failure : NO
ME: Firmware Init Complete : NO
ME: Manufacturing Mode : NO
ME: Boot Options Present : NO
ME: Update In Progress : NO
ME: Current Working State : Initializing
ME: Current Operation State : Bring up
ME: Current Operation Mode : Normal
ME: Error Code : Debug Failure
ME: Progress Phase : BUP Phase
ME: Power Management Event : Intel ME reset due to exception
ME: Progress Phase State : 0x3b

ME: Extend Register not valid

ME: has a broken implementation on your board with this BIOS
ME: failed to become ready
ME: failed to become ready
ME: GET FW VERSION message failed
ME: failed to become ready
ME: failed to become ready
ME: GET FWCAPS message failed
**

from me_cleaner.

Working on:

• Intel Core i3-2370m
• SandyBridge
• Motherboard: Thinkpad x220i
• OEM BIOS and Coreboot
• ffe60d8f

MEI device has disappeared from the PCI bus.

from me_cleaner.

Working on:

• Intel Core i7-3770T
• IvyBridge
• Motherboard: GA-B75M-D3H
• Coreboot
• ffe60d8

Sadly I failed to extract a valid OEM BIOS image this time. MEI device has disappeared from the PCI bus initially, but after programming back from the scheme below the MEI reappears and keeps present. ME is confirmed broken.
It seems whether ME remains present on desktop depends on the content of nvram.

from me_cleaner.

Working on:

• Intel Core i7-3770T
• IvyBridge
• Motherboard: GA-B75M-D3H
• Coreboot
• ffe60d8
• Neutralized ME from SnB/IvB laptop (e.g. samsung lumpy's ME image located at 3rdparty/blobs/mainboard/samsung/lumpy/me.bin, with ifd adjusted via modified layout file)

MEI device won't go away and confirmed that ME is broken, and integrated graphic card conpletely ceases to work, and goes away.

from me_cleaner.

Works on:

• Core i5-2520M
• SandyBridge
• Lenovo Thinkpad T420
• OEM BIOS
• ffe60d8

from me_cleaner.

• Intel Core i5-2520M
• Lenovo Thinkpad X220
• Coreboot-4.5
• Seabios 1.9.3
• ffe60d8
• 1.5MiB Management Engine
• SPI replaced with a 128mbit chip, IFD layout changed to span entire chip and give all remaining space to CBFS.

Everything works, but laptop hangs for ~15 seconds after suspend. I also updated coreboot, so not 100% sure this is me_cleaners fault. 100% working now.

from me_cleaner.

Works on:

• Core i5-2520M
• SandyBridge
• Lenovo Thinkpad T420
• Coreboot-4.5
• Seagrub scheme from libreboot
• 1.5MiB Management Engine
• ffe60d8

MEI device has disappeared from the PCI bus. However, the ethernet card needs a warm reboot to be functional.

from me_cleaner.

Working on

• Intel Core i3 2330M
• Sandy Bridge
• Dell Latitude e6220
• OEM BIOS
• ffe60d8

MEI is no more present in lspci output. However, the ethernet card needs a warm reboot to be functional.

from me_cleaner.

Working on:

• T420
• Intel core i7 3632qm
• Ivy Bridge
• Coreboot with seabios payload+windows
  screen goes blank after a while, running a background game app seems to help this somehow.
• X220
• Intel core i5 2540M
• Sandy Bridge
• Coreboot with linux payload+qubes, worked fine, don't remember the blank screen issue.
  using: 48deb6 on both laptops

from me_cleaner.

Working on

• Intel Core i5 2520M
• Sandy Bridge
• HP EliteBook 8460P
• OEM BIOS
• ffe60d8

MEI is no more present in lspci output. However, the ethernet card needs a warm reboot to be functional.

from me_cleaner.

Working on

• Intel Core i5 3320M
• Ivy Bridge
• Lenovo Thinkpad X230
• Coreboot
• ffe60d8

from me_cleaner.

Working on:

• Intel Core i5-3570K (Ivy Bridge)
• Gigabyte GA-Z77X-UD5H
• coreboot with TianoCore UEFI payload
• ffe60d8

The MEI Controller device still appears in lspci. I am unsure of the status of the Intel 82579V Ethernet controller, as I haven't gotten it to work yet (e1000e: probe of 0000:00:19.0 failed with error -3; this remains the same with normal ME or cleaned ME). The ME appears to have been disabled:

[   19.881125] mei_me 0000:00:16.0: wait hw ready failed
[   19.881131] mei_me 0000:00:16.0: hw_start failed ret = -62
[   19.881144] mei_me 0000:00:16.0: H_RST is set = 0x80000015
[   21.929169] mei_me 0000:00:16.0: wait hw ready failed
[   21.929175] mei_me 0000:00:16.0: hw_start failed ret = -62
[   21.929188] mei_me 0000:00:16.0: H_RST is set = 0x80000015
[   23.977227] mei_me 0000:00:16.0: wait hw ready failed
[   23.977233] mei_me 0000:00:16.0: hw_start failed ret = -62
[   23.977236] mei_me 0000:00:16.0: reset: reached maximal consecutive resets: disabling the device
[   23.977238] mei_me 0000:00:16.0: reset failed ret = -19
[   23.977239] mei_me 0000:00:16.0: link layer initialization failed.
[   23.977241] mei_me 0000:00:16.0: init hw failure.
[   23.977366] mei_me 0000:00:16.0: initialization failed.

Bad news, you have a `Z77 Express Chipset LPC Controller` so you have ME hardware on board and it is very difficult to remove, continuing...
RCBA at 0xfed1c000
MEI not hidden on PCI, checking if visible
MEI found: [8086:1e3a] 7 Series/C216 Chipset Family MEI Controller #1

ME Status   : 0x4181
ME Status 2 : 0x163b0160

ME: FW Partition Table      : OK
ME: Bringup Loader Failure  : NO
ME: Firmware Init Complete  : NO
ME: Manufacturing Mode      : NO
ME: Boot Options Present    : NO
ME: Update In Progress      : NO
ME: Current Working State   : Initializing
ME: Current Operation State : Bring up
ME: Current Operation Mode  : Normal
ME: Error Code              : Debug Failure
ME: Progress Phase          : BUP Phase
ME: Power Management Event  : Pseudo-global reset
ME: Progress Phase State    : 0x3b

PCI READ [bc] : 0x000000bc
ME: Extend Register not valid

ME has a broken implementation on your board with this BIOS
ME: failed to become ready
WRITE    [00] : CB: 0x80040007
WRITE    [00] : CB: 0x000002ff
ME: failed to become ready
ME: GET FW VERSION message failed
ME: failed to become ready
WRITE    [00] : CB: 0x80080007
WRITE    [00] : CB: 0x00000203
WRITE    [00] : CB: 0x00000000
ME: failed to become ready
ME: GET FWCAPS message failed
exiting

from me_cleaner.

Working on:

• Intel Core i5-2520M
• Sandy Bridge
• Lenovo Thinkpad X220
• Coreboot
• 4e9fc2e

After the KERNEL module of ME is removed, the integrated NIC works after a COLD reboot now.

from me_cleaner.

• Intel Core i5-2520M
• Sandy Bridge
• Lenovo Thinkpad X220 tablet
• Coreboot
• 4e9fc2e

from me_cleaner.

• i7-3517U (Ivy)
• Intel HM76 / Foxconn NanoPC AT-7700
• OEM
• 4e9fc2e

from me_cleaner.

Working on:

• Intel Core i5-2520M
• Sandy Bridge
• HP EliteBook 8460P
• OEM BIOS
• 4e9fc2e

After the KERNEL module of ME is removed, the integrated NIC works after a COLD reboot now.

from me_cleaner.

• Intel Core i5-2520M
• Sandy Bridge
• Lenovo Thinkpad T420
• Coreboot
• 4e9fc2e

Everything works perfectly for one day now!

from me_cleaner.

Working on:

• Intel Xeon E3-1230 v5
• Skylake
• Motherboard: P10S-M WS
• OEM BIOS
• 4e9fc2e

CSME HECI won't go away but ME is neutralized with no 30-minute-shutdown.

#lspci -vnnt
-[0000:00]-+-00.0  Intel Corporation Sky Lake Host Bridge/DRAM Registers [8086:1918]
           +-01.0-[01]--+-00.0  Advanced Micro Devices, Inc. [AMD/ATI] Tahiti XT [Radeon HD 7970/8970 OEM / R9 280X] [1002:6798]
           |            \-00.1  Advanced Micro Devices, Inc. [AMD/ATI] Tahiti XT HDMI Audio [Radeon HD 7970 Series] [1002:aaa0]
           +-13.0  Intel Corporation Sunrise Point-H Integrated Sensor Hub [8086:a135]
           +-14.0  Intel Corporation Sunrise Point-H USB 3.0 xHCI Controller [8086:a12f]
           +-14.2  Intel Corporation Sunrise Point-H Thermal subsystem [8086:a131]
           +-16.0  Intel Corporation Sunrise Point-H CSME HECI #1 [8086:a13a]
           +-16.1  Intel Corporation Sunrise Point-H CSME HECI #2 [8086:a13b]
           +-17.0  Intel Corporation Device [8086:a102]
           +-1c.0-[02]----00.0  Intel Corporation I210 Gigabit Network Connection [8086:1533]
           +-1c.5-[03]----00.0  Intel Corporation I210 Gigabit Network Connection [8086:1533]
           +-1f.0  Intel Corporation Sunrise Point-H LPC Controller [8086:a149]
           +-1f.2  Intel Corporation Sunrise Point-H PMC [8086:a121]
           +-1f.3  Intel Corporation Sunrise Point-H HD Audio [8086:a170]
           \-1f.4  Intel Corporation Sunrise Point-H SMBus [8086:a123]

#me_cleaner.py factory_p10s-m_ws.rom 
Full image detected
This image does not contains an ME firmware (NR = 0)

#ifdtool -x factory_p10s-m_ws.rom 
File factory_p10s-m_ws.rom is 16777216 bytes
  Flash Region 0 (Flash Descriptor): 00000000 - 00000fff 
  Flash Region 1 (BIOS): 00800000 - 00ffffff 
  Flash Region 2 (Intel ME): 00001000 - 007fffff 
  Flash Region 3 (GbE): 07fff000 - 00000fff (unused)
  Flash Region 4 (Platform Data): 07fff000 - 00000fff (unused)
  Flash Region 5 (Reserved): 07fff000 - 00000fff (unused)
  Flash Region 6 (Reserved): 07fff000 - 00000fff (unused)
  Flash Region 7 (Reserved): 07fff000 - 00000fff (unused)
  Flash Region 8 (EC): 07fff000 - 00000fff (unused)

#me_cleaner.py flashregion_2_intel_me.bin 
ME image detected
Found FPT header at 0x10
Found 15 partition(s)
ME firmware version 4.0.3.75
Found FTPR header: FTPR partition spans from 0xa000 to 0x6a000
Removing extra partitions...
Removing extra partition entries in FPT...
Removing EFFS presence flag...
Correcting checksum (0x3e)...
Modules removal in ME v11 or greater is not yet supported
Done! Good luck!

#intelmetool -s
Bad news, you have a `Sunrise Point-H CSME HECI #2` so you have ME hardware on board and it is very difficult to remove, continuing...
RCBA at 0x00000000
MEI not hidden on PCI, checking if visible
MEI found: [8086:a13b] Sunrise Point-H CSME HECI #2

ME Status   : 0x0
ME Status 2 : 0x0

ME: FW Partition Table      : OK
ME: Bringup Loader Failure  : NO
ME: Firmware Init Complete  : NO
ME: Manufacturing Mode      : NO
ME: Boot Options Present    : NO
ME: Update In Progress      : NO
ME: Current Working State   : Reset
ME: Current Operation State : Preboot
ME: Current Operation Mode  : Normal
ME: Error Code              : No Error
ME: Progress Phase          : ROM Phase
ME: Power Management Event  : Clean Moff->Mx wake
ME: Progress Phase State    : BEGIN

PCI READ [bc] : 0x000000bc
ME: Extend Feature not present

ME seems okay on this board
ME: failed to become ready
WRITE    [00] : CB: 0x80040007
WRITE    [00] : CB: 0x000002ff
ME: failed to become ready
ME: GET FW VERSION message failed
ME: failed to become ready
WRITE    [00] : CB: 0x80080007
WRITE    [00] : CB: 0x00000203
WRITE    [00] : CB: 0x00000000
ME: failed to become ready
ME: GET FWCAPS message failed
exiting

from me_cleaner.

Working on:

• Intel Core i5 3320M (Ivy Bridge)
• Lenovo Thinkpad X230
• coreboot
• 4e9fc2e

Using the ME image from google/link, no issues found.

from me_cleaner.

Working on:

• Intel Celeron 867
• Sandy Bridge
• Samsung Chromebook lumpy
• Coreboot
• 4e9fc2e

MEI device has disappeared from the PCI bus initially, but after programming back from the scheme below the MEI reappears and keeps present. ME is confirmed broken with dmesg:

[ 5.578881] mei_me 0000:00:16.0: wait hw ready failed
[ 5.578944] mei_me 0000:00:16.0: hw_start failed ret = -62
[ 5.579013] mei_me 0000:00:16.0: H_RST is set = 0x80000015
[ 7.594911] mei_me 0000:00:16.0: wait hw ready failed
[ 7.594969] mei_me 0000:00:16.0: hw_start failed ret = -62
[ 7.595058] mei_me 0000:00:16.0: H_RST is set = 0x80000015
[ 9.610945] mei_me 0000:00:16.0: wait hw ready failed
[ 9.611009] mei_me 0000:00:16.0: hw_start failed ret = -62
[ 9.611066] mei_me 0000:00:16.0: reset: reached maximal consecutive resets: disabling the device
[ 9.611128] mei_me 0000:00:16.0: reset failed ret = -19
[ 9.611183] mei_me 0000:00:16.0: link layer initialization failed.
[ 9.611240] mei_me 0000:00:16.0: init hw failure.
[ 9.611449] mei_me 0000:00:16.0: initialization failed.

and
#intelmetool -sd

Bad news, you have a HM65 Express Chipset Family LPC Controller so you have ME hardware on board and you can't control or disable it, continuing...

MEI not hidden on PCI, checking if visible
MEI found: [8086:1c3a] 6 Series/C200 Series Chipset Family MEI ��~�3

ME Status : 0x1e003052
ME Status 2 : 0x16320002

ME: FW Partition Table : OK
ME: Bringup Loader Failure : NO
ME: Firmware Init Complete : NO
ME: Manufacturing Mode : YES
ME: Boot Options Present : NO
ME: Update In Progress : NO
ME: Current Working State : Recovery
ME: Current Operation State : M0 with UMA
ME: Current Operation Mode : Normal
ME: Error Code : Image Failure
ME: Progress Phase : BUP Phase
ME: Power Management Event : Pseudo-global reset
ME: Progress Phase State : M0 kernel load

PCI READ [bc] : 0x000000bc
ME: Extend SHA-256: da64ab79be833b0909c8a5d4214ba413744331d5e50f41bf3927fc53c0bf3b9b

ME: has a broken implementation on your board with this BIOS
ME: failed to become ready
WRITE [00] : CB: 0x80040007
WRITE [00] : CB: 0x000002ff
ME: failed to become ready
ME: GET FW VERSION message failed
ME: failed to become ready
WRITE [00] : CB: 0x80080007
WRITE [00] : CB: 0x00000203
WRITE [00] : CB: 0x00000000
ME: failed to become ready
ME: GET FWCAPS message failed

from me_cleaner.

Working on:

• Intel Core i5 3320M (Ivy Bridge)
• Lenovo Thinkpad X230
• coreboot
• 4e9fc2e
• 1.5MiB Management Engine from Samsung lumpy

MEI device has disappeared from the PCI bus initially, but after programming back from the scheme below the MEI reappears and keeps present. ME is confirmed broken with dmesg:

[ 8.258125] mei_me 0000:00:16.0: wait hw ready failed
[ 8.258178] mei_me 0000:00:16.0: hw_start failed ret = -62
[ 8.258232] mei_me 0000:00:16.0: H_RST is set = 0x80000015
[ 10.274168] mei_me 0000:00:16.0: wait hw ready failed
[ 10.274217] mei_me 0000:00:16.0: hw_start failed ret = -62
[ 10.274268] mei_me 0000:00:16.0: H_RST is set = 0x80000015
[ 12.290189] mei_me 0000:00:16.0: wait hw ready failed
[ 12.290238] mei_me 0000:00:16.0: hw_start failed ret = -62
[ 12.290271] mei_me 0000:00:16.0: reset: reached maximal consecutive resets: disabling the device
[ 12.290318] mei_me 0000:00:16.0: reset failed ret = -19
[ 12.290347] mei_me 0000:00:16.0: link layer initialization failed.
[ 12.290382] mei_me 0000:00:16.0: init hw failure.
[ 12.290544] mei_me 0000:00:16.0: initialization failed.

and
#intelmetool -sd

Bad news, you have a QM77 Express Chipset LPC Controller so you have ME hardware on board and you can't control or disable it, continuing...

MEI not hidden on PCI, checking if visible
MEI found: [8086:1e3a] 8��z�

ME Status : 0x1e003052
ME Status 2 : 0x16320002

ME: FW Partition Table : OK
ME: Bringup Loader Failure : NO
ME: Firmware Init Complete : NO
ME: Manufacturing Mode : YES
ME: Boot Options Present : NO
ME: Update In Progress : NO
ME: Current Working State : Recovery
ME: Current Operation State : M0 with UMA
ME: Current Operation Mode : Normal
ME: Error Code : Image Failure
ME: Progress Phase : BUP Phase
ME: Power Management Event : Pseudo-global reset
ME: Progress Phase State : M0 kernel load

PCI READ [bc] : 0x000000bc
ME: Extend SHA-256: da64ab79be833b0909c8a5d4214ba413744331d5e50f41bf3927fc53c0bf3b9b

ME: has a broken implementation on your board with this BIOS
ME: failed to become ready
WRITE [00] : CB: 0x80040007
WRITE [00] : CB: 0x000002ff
ME: failed to become ready
ME: GET FW VERSION message failed
ME: failed to become ready
WRITE [00] : CB: 0x80080007
WRITE [00] : CB: 0x00000203
WRITE [00] : CB: 0x00000000
ME: failed to become ready
ME: GET FWCAPS message failed

from me_cleaner.

Success

• Ivy Bridge
• 3770k
• Asus P8Z77-V Pro (Panther Point, desktop)
• OEM BIOS
• 4e9fc2e

I tried patching the OEM firmware update and flashing it with the flashback feature, but that apparently didn't work. Ended up figuring out why flashrom wouldn't work (had to boot with iomem=relaxed), dumped, patched and flashed from userspace successfully. Not sure if flashback could have unprotected the ME section or if it's just not protected by default on my board.

No more /dev/mei0, no more ME in lspci, intelmetool from coreboot says it can't find the ME, system appears to work properly.

Edit: after more testing, it looks like some areas are write protected (they fail to erase), but flashrom is smart enough to leave them alone and rewrite only the parts that changed, and the ME section seems to be unprotected which is why I was successful in reflashing a patched dump.

XMP didn't work after the operation, I've flashed the latest BIOS update from Asus (was already running it though), and now it works just fine (update: memory OC functionality is completely lost after poweroff until the CMOS is cleared, with the Huffman modules in, it's working as intended). Not sure whether a simple CMOS reset would have helped with that or not, but the ME cleanup survived, which is a very good thing.

Edit 2: With this patch, I get the following output:

Bad news, you have a `Z77 Express Chipset LPC Controller` so you have ME hardware on board and you can't control or disable it, continuing...

MEI was hidden on PCI, now unlocked
MEI found: [8086:1e3a] 7 Series/C216 Chipset Family MEI Controller #1

ME Status   : 0x1e003052
ME Status 2 : 0x16320152

ME: FW Partition Table      : OK
ME: Bringup Loader Failure  : NO
ME: Firmware Init Complete  : NO
ME: Manufacturing Mode      : YES
ME: Boot Options Present    : NO
ME: Update In Progress      : NO
ME: Current Working State   : Recovery
ME: Current Operation State : M0 with UMA
ME: Current Operation Mode  : Normal
ME: Error Code              : Image Failure
ME: Progress Phase          : BUP Phase
ME: Power Management Event  : Pseudo-global reset
ME: Progress Phase State    : M0 kernel load

ME: Extend SHA-256: 1184469a774dddb5fc671a60339db09bc5441794ea02c5e1731bd1d83cda295e

ME: has a broken implementation on your board with this BIOS
ME: failed to become ready
ME: failed to become ready
ME: GET FW VERSION message failed
ME: failed to become ready
ME: failed to become ready
ME: GET FWCAPS message failed
Re-hiding MEI device...done

from me_cleaner.

• Sandy Bridge
• i5-2520M
• Thinkpad X220
• Coreboot
• 89bbaf2 (42ba8e8)

All good (but it was run over an image that had previously been me_cleaned) (edit: no 30minute timeout either)

ME: FWS2: 0x164e0002
ME:  Bist in progress: 0x0
ME:  ICC Status      : 0x1
ME:  Invoke MEBx     : 0x0
ME:  CPU replaced    : 0x0
ME:  MBP ready       : 0x0
ME:  MFS failure     : 0x0
ME:  Warm reset req  : 0x0
ME:  CPU repl valid  : 0x0
ME:  (Reserved)      : 0x0
ME:  FW update req   : 0x0
ME:  (Reserved)      : 0x0
ME:  Current state   : 0x4e
ME:  Current PM event: 0x6
ME:  Progress code   : 0x1
Waited long enough, or CPU was not replaced, continue...
PASSED! Tell ME that DRAM is ready
ME: FWS2: 0x162c0002
ME:  Bist in progress: 0x0
ME:  ICC Status      : 0x1
ME:  Invoke MEBx     : 0x0
ME:  CPU replaced    : 0x0
ME:  MBP ready       : 0x0
ME:  MFS failure     : 0x0
ME:  Warm reset req  : 0x0
ME:  CPU repl valid  : 0x0
ME:  (Reserved)      : 0x0
ME:  FW update req   : 0x0
ME:  (Reserved)      : 0x0
ME:  Current state   : 0x2c
ME:  Current PM event: 0x6
ME:  Progress code   : 0x1
ME: Requested BIOS Action: Continue to boot

from me_cleaner.

Working on:

• Intel(R) Celeron(R) CPU U3400 (Nehalem)
• Lenovo Thinkpad X201i
• OEM BIOS (Coreboot's native ram init for x201 failed to apply)
• 89bbaf2

MEI device won't go away and confirmed that ME is broken, and the machine survives beyond 30 minutes.

from me_cleaner.

• x86_64
• Core i7 Skylake 6500U
• Laptop, HP Spectre x360 (2015)
• OEM Bios, stripped
• Master

Stripped and flashed, no issues.

from me_cleaner.

Working on:

• Intel Core i7-2640M
• Sandy Bridge
• Lenovo Thinkpad X220
• Coreboot
• 7f21d97

from me_cleaner.

working on:

• Intel Core i5-3320M
• Ivy Bridge
• Lenovo Thinkpad x230
• Coreboot / Heads
• 250b2ec

from me_cleaner.

Working on:

• Intel(R) Core(TM) i3-5005U
• Broadwell
• Laptop/Dell Chromebook 13
• Coreboot (https://mrchromebox.tech ROM BIOS v 20170221)
• me_cleaner on Coreboot head (0da186c3ffb1d9aa7433a5d0d5263aba7a25ad60). This should be equivalent to 250b2ec.

MEI device won't go away and confirmed that ME is broken, and the machine survives beyond 30 minutes.

from me_cleaner.

Working on:

• Intel Core i7-3770
• Ivy Bridge
• Sapphire Pure Platinum H61
• coreboot
• Both with and without the -S flag

from me_cleaner.

Working on:

• Intel Core i5-2500
• Sandy Bridge
• ASUS P8Z77-V LX
• OEM BIOS
• 250b2ec

No Secure Boot or overclocking issues.

from me_cleaner.

Working on:

• Ivy Bridge
• Core i5-3470
• Dell Inspiron 660s
• coreboot
• -S flag

Running me_cleaner on this machine is redundant, seeing as this board has a jumper to disable the ME. When set, all flash regions become unlocked, so I was able to write to the EEPROM without an external programmer.

from me_cleaner.

@Kokokokoka, sorry to ask but have you got TPM/VT-d/SLAT on your X220 with Qubes installed and the new ME firmware? I have a T420s which has full Qubes hardware support that I want to try this on, but I still want full hardware support (which on Qubes requires TXT I believe..).

from me_cleaner.

Working on:

• Intel Core i5-520M
• Westmere
• Lenovo Thinkpad X201
• OEM BIOS
• 2987431

Thanks for your work on this :)

from me_cleaner.

Seems to be working on:

• Intel Core i7-4770K
• Haswell
• Gigabyte GA-Z87X-UD3H
• 2987431

Flashed from OEM F7 to me_cleaned BIOS image of F10b via UEFI settings, no SPI flasher used. Survived 30 minute, nothing in lspci, intelmetools -s returns:

MEI was hidden on PCI, now unlocked
MEI found: [8086:8c3a] 8 Series/C220 Series Chipset Family MEI Controller #1

ME Status   : 0x1e003052
ME Status 2 : 0x16322106

ME: FW Partition Table      : OK
ME: Bringup Loader Failure  : NO
ME: Firmware Init Complete  : NO
ME: Manufacturing Mode      : YES
ME: Boot Options Present    : NO
ME: Update In Progress      : NO
ME: Current Working State   : Recovery
ME: Current Operation State : M0 with UMA
ME: Current Operation Mode  : Normal
ME: Error Code              : Image Failure
ME: Progress Phase          : BUP Phase
ME: Power Management Event  : Pseudo-global reset
ME: Progress Phase State    : M0 kernel load

ME: Extend SHA-256: 393ffb341d635e1b11e5f5d155496bfed996e7435a367e564740b8bb4038796a

ME: has a broken implementation on your board with this BIOS
ME: failed to become ready
ME: failed to become ready
ME: GET FW VERSION message failed
ME: failed to become ready
ME: failed to become ready
ME: GET FWCAPS message failed
Re-hiding MEI device...done

P.S. Update: Had to rollback because of this.

Works flawlessly with an -s option though, F10b BIOS! No issues with suspend anymore, intelmetools returns:

sudo intelmetool -s
MEI was hidden on PCI, now unlocked
MEI found: [8086:8c3a] 8 Series/C220 Series Chipset Family MEI Controller #1

ME Status   : 0x1e020191
ME Status 2 : 0x164d2106

ME: FW Partition Table      : OK
ME: Bringup Loader Failure  : NO
ME: Firmware Init Complete  : NO
ME: Manufacturing Mode      : YES
ME: Boot Options Present    : NO
ME: Update In Progress      : NO
ME: Current Working State   : Initializing
ME: Current Operation State : Bring up
ME: Current Operation Mode  : Debug
ME: Error Code              : No Error
ME: Progress Phase          : BUP Phase
ME: Power Management Event  : Pseudo-global reset
ME: Progress Phase State    : 0x4d

ME: Extend SHA-256: 393ffb341d635e1b11e5f5d155496bfed996e7435a367e564740b8bb4038796a

ME: failed to become ready
ME: failed to become ready
ME: GET FW VERSION message failed
ME: failed to become ready
ME: failed to become ready
ME: GET FWCAPS message failed
Re-hiding MEI device...done

from me_cleaner.

Working on:

• Haswell
• Celeron 2955U
• Acer C720P
• coreboot
• -S flag

from me_cleaner.

Working on:

• Architecture: Haswell (x86_64)
• CPU model: Intel i5-4430
• Motherboard: MSI H81I
• OEM BIOS: A.6 (file is E7851IMS.A60)
• Using commit 0ac4b4b
• Flashed using MFlash (BIOS own flashing tool), surprised how easy it was!

from me_cleaner.

Working on:

• Architecture: Broadwell (x86_64)
• CPU model: Intel Xeon E5-2630V4
• Motherboard: ASRock X99M Extreme4
• OEM BIOS: P3.20
• Using commit 0ac4b4b

intelmetool gives the same status as in the example here.

However, the BIOS is now unusually slow, booting takes about 3 minutes, and the BIOS complains about PCI-E and chipset initialisation, however, it seems to just work.

from me_cleaner.

Working on:

• Architecture: Ivy Bridge
• CPU model: Intel i5-3230M
• Motherboard: Lenovo Thinkpad Edge E531
• OEM BIOS

Using commit 0ac4b4b
It has a (8+4)MiB spi flash chip configuration similar to that found on lenovo x230, and the ME+IFD totally occupied the 8MiB chip, the 4MiB chip is fully BIOS.
This board doesn't use the integrated GbE, but used a "Realtek Semiconductor Co., Ltd. RTL8111/8168/8411 PCI Express Gigabit Ethernet Controller" instead.
MEI not showing in lspci.

from me_cleaner.

Working on:

• Intel Core i7-3770
• Ivy Bridge
• Pegatron MB (will update with model when I find)
• OEM Bios
• 0ac4b4b

from me_cleaner.

Working on:

• Ivy Bridge
• Intel Core i3-3217U
• ASUS VivoBook S400CA
• OEM BIOS (ver. 210)
• 0ac4b4b
• External flashing with BeeProg+ programmer using PG4UW software

me_cleaner output

C:\Python27\python.exe me_cleaner.py bios_copy.bin
Full image detected
The ME/TXE region goes from 0x3000 to 0x1ff000
Found FPT header at 0x3010
Found 15 partition(s)
Found FTPR header: FTPR partition spans from 0x96000 to 0x10b000
ME/TXE firmware version 8.1.2.1318
Removing extra partitions...
Removing extra partition entries in FPT...
Removing EFFS presence flag...
Correcting checksum (0xc7)...
Reading FTPR modules list...
UPDATE (LZMA , 0x0e265e - 0x0e281c): removed
ROMP (Huffman, fragmented data ): NOT removed, essential
BUP (Huffman, fragmented data ): NOT removed, essential
KERNEL (Huffman, fragmented data ): removed
POLICY (Huffman, fragmented data ): removed
HOSTCOMM (LZMA , 0x0e281c - 0x0e953c): removed
RSA (LZMA , 0x0e953c - 0x0ee7a2): removed
CLS (LZMA , 0x0ee7a2 - 0x0f3f45): removed
TDT (LZMA , 0x0f3f45 - 0x0fa625): removed
FTCS (Huffman, fragmented data ): removed
ClsPriv (LZMA , 0x0fa625 - 0x0faa05): removed
SESSMGR (LZMA , 0x0faa05 - 0x109302): removed
The ME minimum size should be 696320 bytes (0xaa000 bytes)
The ME region can be reduced up to:
00003000:000acfff me
Checking FTPR RSA signature... VALID
Done! Good luck!

The notebook's BIOS initializes much quickly after removing ME, it takes only 2 seconds to GRUB appear.

However, I get the following output from ./intelmetool -sd, so I am not sure what is going on exactly

Bad news, you have a HM76 Express Chipset LPC Controller so you have ME hardware on board and you can't control or disable it, continuing...

MEI was hidden on PCI, now unlocked
MEI found: [8086:1e3a] 7 Series/C210 Series Chipset Family MEI Controller #1

ME Status : 0x1e003052
ME Status 2 : 0x10320152

ME: FW Partition Table : OK
ME: Bringup Loader Failure : NO
ME: Firmware Init Complete : NO
ME: Manufacturing Mode : YES
ME: Boot Options Present : NO
ME: Update In Progress : NO
ME: Current Working State : Recovery
ME: Current Operation State : M0 with UMA
ME: Current Operation Mode : Normal
ME: Error Code : Image Failure
ME: Progress Phase : BUP Phase
ME: Power Management Event : Clean Moff->Mx wake
ME: Progress Phase State : M0 kernel load

PCI READ [bc] : 0x000000bc
ME: Extend SHA-256: 1184469a774dddb5fc671a60339db09bc5441794ea02c5e1731bd1d83cda295e

ME: has a broken implementation on your board with this BIOS
ME: failed to become ready
WRITE [00] : CB: 0x80040007
WRITE [00] : CB: 0x000002ff
ME: failed to become ready
ME: GET FW VERSION message failed
ME: failed to become ready
WRITE [00] : CB: 0x80080007
WRITE [00] : CB: 0x00000203
WRITE [00] : CB: 0x00000000
ME: failed to become ready
ME: GET FWCAPS message failed
Re-hiding MEI device...done

Intel MEI is not appearing in lspci

from me_cleaner.

Works on:

• Ivy Bridge
• Intel Core i7 3520M
• Lenovo Thinkpad X230 Tablet
• coreboot
• 0ac4b4b

Great work! Everything seems to work perfectly. Flashed externally.

from me_cleaner.

Working on:

• Intel Core i7-2860QM
• Sandy Bridge
• Dell XPS 15 L502X
• My modded BIOS (based on OEM BIOS)
• 0ac4b4b

After few months, I finally make it work and this is awesome :). The system is definitely smoother than with Intel ME (no more full fan speel during both POST and BIOS Setup).
Everything works perfectly, and the MEI device has disappeared from the PCI bus.
Flashed on W25Q32FVSSIG with an external programmer CH341A.

My next project is to do the coreboot port on this Dell laptop, then I will report back.

A huge thanks to Nicola Corna and people who studied on Intel ME.

from me_cleaner.

I tried to escape the backdooor and liberate my 2 motherboards but sadly I bricked both of them.

• Intel i3 2120M Sandybridge
• EVGA P67 SLI Micro
• OEM firmware
• 0ac4b4b

./me_cleaner.py 1E672022.bin
Full image detected
The ME/TXE region goes from 0x1000 to 0x17f000
Found FPT header at 0x1010
Found 15 partition(s)
Found FTPR header: FTPR partition spans from 0x94000 to 0x109000
ME/TXE firmware version 8.0.10.1464
Removing extra partitions...
Removing extra partition entries in FPT...
Removing EFFS presence flag...
Correcting checksum (0x2e)...
Reading FTPR modules list...
UPDATE (LZMA , 0x0dfa9f - 0x0dfc5d): removed
ROMP (Huffman, fragmented data ): NOT removed, essential
BUP (Huffman, fragmented data ): NOT removed, essential
KERNEL (Huffman, fragmented data ): removed
POLICY (Huffman, fragmented data ): removed
HOSTCOMM (LZMA , 0x0dfc5d - 0x0e6980): removed
RSA (LZMA , 0x0e6980 - 0x0ebbf2): removed
CLS (LZMA , 0x0ebbf2 - 0x0f132c): removed
TDT (LZMA , 0x0f132c - 0x0f7a0b): removed
FTCS (Huffman, fragmented data ): removed
ClsPriv (LZMA , 0x0f7a0b - 0x0f7ded): removed
SESSMGR (LZMA , 0x0f7ded - 0x1066f0): removed
The ME minimum size should be 696320 bytes (0xaa000 bytes)
The ME region can be reduced up to:
00001000:000aafff me
Checking FTPR RSA signature... VALID
Done! Good luck!

Initial result look promising, after flashing modified firmware with DOS FPT.exe utiliy, the board rebooted, reinitialized PCIe Gigabit NIC, then put me into UEFI UI. EVGA has Intel ME menu and ME status was 'disabled', so far so good. I navigated the UI to CPU section and it froze there. Upon turning the board back on it beeps 4 times and displays code 55 (related to memory not being installed), Clearing CMOS, taking out battery overnight: none of it helps.

• Intel i7 2600 Sandybridge
• Asus P8P67 Deluxe
• OEM firmware
• 0ac4b4b

./me_cleaner.py P8P67-ASUS-3602.ROM
Full image detected
The ME/TXE region goes from 0x1000 to 0x17f000
Found FPT header at 0x1010
Found 15 partition(s)
Found FTPR header: FTPR partition spans from 0x94000 to 0x109000
ME/TXE firmware version 8.0.2.1410
Removing extra partitions...
Removing extra partition entries in FPT...
Removing EFFS presence flag...
Correcting checksum (0x6c)...
Reading FTPR modules list...
UPDATE (LZMA , 0x0df5c6 - 0x0df6c9): removed
ROMP (Huffman, fragmented data ): NOT removed, essential
BUP (Huffman, fragmented data ): NOT removed, essential
KERNEL (Huffman, fragmented data ): removed
POLICY (Huffman, fragmented data ): removed
HOSTCOMM (LZMA , 0x0df6c9 - 0x0e62d9): removed
RSA (LZMA , 0x0e62d9 - 0x0eb540): removed
CLS (LZMA , 0x0eb540 - 0x0f0c80): removed
TDT (LZMA , 0x0f0c80 - 0x0f736a): removed
FTCS (Huffman, fragmented data ): removed
ClsPriv (LZMA , 0x0f736a - 0x0f774a): removed
SESSMGR (LZMA , 0x0f774a - 0x105ff9): removed
The ME minimum size should be 696320 bytes (0xaa000 bytes)
The ME region can be reduced up to:
00001000:000aafff me
Checking FTPR RSA signature... VALID
Done! Good luck!

Initial results looked promising again. The board power cycled after flashing with FPT.exe and complained about missing boot device. Long behold my JMicron SATA3 controller was gone and the option to re-enable it in UEFI was gone too, so I moved the SATA ports to the 6 ports provided by chipset and went ahead with booting CentOS7, but systemd froze with not much feedback. It was 5AM so I just left it as is. When I got back I tried power cycling. The board turns on but there's no sign of any life, it just displays 00 code.

from me_cleaner.

Working on:

• Intel Core i7-3770

• IvyBridge

• Motherboard: GA-B75M-D3H

• OEM BIOS F15

• me_cleaner: ab871af

• Coreboot: dcc4d43

• Using Strip down the Intel ME/TXE firmware (CONFIG_USE_ME_CLEANER)

lspci -tv +-16.0 Intel Corporation 7 Series/C216 Chipset Family MEI Controller #1

Bad news, you have a B75 Express Chipset LPC Controller so you have ME hardware on board and it is very difficult to remove, continuing...
RCBA at 0xfed1c000
MEI not hidden on PCI, checking if visible
MEI found: [8086:1e3a] 7 Series/C216 Chipset Family MEI Controller #1

ME Status : 0x1e003052
ME Status 2 : 0x1632016a

ME: FW Partition Table : OK
ME: Bringup Loader Failure : NO
ME: Firmware Init Complete : NO
ME: Manufacturing Mode : YES
ME: Boot Options Present : NO
ME: Update In Progress : NO
ME: Current Working State : Recovery
ME: Current Operation State : M0 with UMA
ME: Current Operation Mode : Normal
ME: Error Code : Image Failure
ME: Progress Phase : BUP Phase
ME: Power Management Event : Pseudo-global reset
ME: Progress Phase State : M0 kernel load

PCI READ [bc] : 0x000000bc
ME: Extend SHA-256: f0b1b87824433f0a421ddc0cf152d1cd3d2b5e3ce7a373b3333a70ce98dd821d

ME has a broken implementation on your board with this BIOS
ME: failed to become ready
WRITE [00] : CB: 0x80040007
WRITE [00] : CB: 0x000002ff
ME: failed to become ready
ME: GET FW VERSION message failed
ME: failed to become ready
WRITE [00] : CB: 0x80080007
WRITE [00] : CB: 0x00000203
WRITE [00] : CB: 0x00000000
ME: failed to become ready
ME: GET FWCAPS message failed
exiting

from me_cleaner.

@H2KChicken do you have that error message displayed at every boot? Is there some timeout that makes it automatically proceed with the boot or does it actually prevents the system from boot without manual interference? I'm curious because I have just the same hardware.

from me_cleaner.

@H2KChicken That's encouraging! Thank you.

from me_cleaner.

Working fine on x230 laptop, though I found the ME was on the 8MB BIOS chip (MX25L6406E), not the 4MB one as I have seen in several guides.
Disappears from lspci output and intelmetool tells me "ME: has a broken implementation on your board with this BIOS" after cleaning. :-)

• Sandy Bridge
• Intel Core i5-3320
• x230
• OEM BIOS

from me_cleaner.

Works nicely on Gigabyte H77 motherboard

• Ivy Bridge
• Intel Core i7-3770
• GA-H77M-D3H motherboard
• OEM BIOS (F12 version)

ME Tool before/after comparison says ME has stopped working

from me_cleaner.

• Haswell
• Intel i5-4670K
• ASRock Z87 Extreme4
• P3.40

Successfully removed:

MEI was hidden on PCI, now unlocked
MEI found: [8086:8c3a] 8 Series/C220 Series Chipset Family MEI Controller #1

ME Status   : 0x1e003052
ME Status 2 : 0x16322142

ME: FW Partition Table      : OK
ME: Bringup Loader Failure  : NO
ME: Firmware Init Complete  : NO
ME: Manufacturing Mode      : YES
ME: Boot Options Present    : NO
ME: Update In Progress      : NO
ME: Current Working State   : Recovery
ME: Current Operation State : M0 with UMA
ME: Current Operation Mode  : Normal
ME: Error Code              : Image Failure
ME: Progress Phase          : BUP Phase
ME: Power Management Event  : Pseudo-global reset
ME: Progress Phase State    : M0 kernel load

ME: Extend SHA-256: <hash>

ME: has a broken implementation on your board with this BIOS
ME: failed to become ready
ME: failed to become ready
ME: GET FW VERSION message failed
ME: failed to become ready
ME: failed to become ready
ME: GET FWCAPS message failed
Re-hiding MEI device...done

However a new option popped-up in the BIOS - CIR Controller (Windows and Linux recognize it as Nuvoton CIR Controller); now the BIOS can't read any temperature sensor (temps are being reported as negative) on the board and the FANs are blasting at full speed (reporting 65535 RPM).

This board is definitely not a good candidate for ME removal, the following functionality is affected:

• Voltage detection
• Fan speed detection
• Temperature detection
• Sleep (S3,S4,S5)

from me_cleaner.

Working on:

• Intel Core i7-3667U CPU
• Ivy Bridge
• Lenovo X1 Carbon Gen1
• OEM BIOS

from me_cleaner.

Working on Lenovo X230 with stock bios.

from me_cleaner.

Working on:

• Intel Core i3-6300T
• Skylake
• MSI H110M ECO
• OEM BIOS
• f4e3d14 (ME 11 modules removed)

from me_cleaner.

Unclear if it's working:

Intel Core i7-6600
Skylake
Asrock H170M-Pro4
OEM BIOS flash (It did the ME firmware update first)
f4e3d14 (ME 11 modules removed)

`sudo ./intelmetool -sd (08-04 23:01)
Hardware unsupported by intelmetool, exiting

lspci (08-04 23:01)
00:00.0 Host bridge: Intel Corporation Skylake Host Bridge/DRAM Registers (rev 07)
00:01.0 PCI bridge: Intel Corporation Skylake PCIe Controller (x16) (rev 07)
00:14.0 USB controller: Intel Corporation Sunrise Point-H USB 3.0 xHCI Controller (rev 31)
00:14.2 Signal processing controller: Intel Corporation Sunrise Point-H Thermal subsystem (rev 31)
00:17.0 SATA controller: Intel Corporation Sunrise Point-H SATA controller [AHCI mode] (rev 31)
00:1b.0 PCI bridge: Intel Corporation Sunrise Point-H PCI Root Port #19 (rev f1)
00:1c.0 PCI bridge: Intel Corporation Sunrise Point-H PCI Express Root Port #3 (rev f1)
00:1c.4 PCI bridge: Intel Corporation Sunrise Point-H PCI Express Root Port #5 (rev f1)
00:1d.0 PCI bridge: Intel Corporation Sunrise Point-H PCI Express Root Port #9 (rev f1)
00:1f.0 ISA bridge: Intel Corporation Sunrise Point-H LPC Controller (rev 31)
00:1f.2 Memory controller: Intel Corporation Sunrise Point-H PMC (rev 31)
00:1f.4 SMBus: Intel Corporation Sunrise Point-H SMBus (rev 31)
00:1f.6 Ethernet controller: Intel Corporation Ethernet Connection (2) I219-V (rev 31)

However when I boot into the UEFI menu it states that the ME firmware version is: 0.0.0.0. So that's probably a good thing.

from me_cleaner.

Intel Core i5-6500
Skylake
Jetway NF592-Q170 (Q170 chipset)
OEM BIOS flash (It did the ME firmware update first)
ME/TXE firmware version 11.6.27.3264
ME 11 modules removed

BIOS showed ME version 0.0.0.0
Also there were MEBX message with prompt to enter ME menu(by Ctrl+P), now option remains enabled in BIOS, but prompt to ME menu is gone. And also in BIOS ME mode is written "ME temporary disabled"

Didn't check how it works in Linux and also didn't understand how to apply -t (truncate) option. Any hints how to truncate the empty part ?

Full image detected
The ME/TXE region goes from 0x3000 to 0x9ff000
Found FPT header at 0x3010
Found 1 partition(s)
Found FTPR header: FTPR partition spans from 0x4000 to 0x133000
Found FTPR manifest at 0x4448
ME/TXE firmware version 11.6.27.3264
Removing extra partitions...
Removing extra partition entries in FPT...
Removing EFFS presence flag...
Correcting checksum (0xad)...
Reading FTPR modules list...
FTPR.man (uncompressed, 0x004448 - 0x005180): NOT removed, partition manif.
rbe.met (uncompressed, 0x005180 - 0x005216): NOT removed, module metadata
kernel.met (uncompressed, 0x005216 - 0x0052a4): NOT removed, module metadata
syslib.met (uncompressed, 0x0052a4 - 0x005308): NOT removed, module metadata
bup.met (uncompressed, 0x005308 - 0x0058b2): NOT removed, module metadata
pm.met (uncompressed, 0x0058b2 - 0x005960): NOT removed, module metadata
vfs.met (uncompressed, 0x005960 - 0x0063f8): NOT removed, module metadata
evtdisp.met (uncompressed, 0x0063f8 - 0x006586): NOT removed, module metadata
loadmgr.met (uncompressed, 0x006586 - 0x0066ae): NOT removed, module metadata
busdrv.met (uncompressed, 0x0066ae - 0x006a54): NOT removed, module metadata
gpio.met (uncompressed, 0x006a54 - 0x006b9e): NOT removed, module metadata
prtc.met (uncompressed, 0x006b9e - 0x006d4e): NOT removed, module metadata
policy.met (uncompressed, 0x006d4e - 0x006f12): NOT removed, module metadata
crypto.met (uncompressed, 0x006f12 - 0x00709c): NOT removed, module metadata
heci.met (uncompressed, 0x00709c - 0x007268): NOT removed, module metadata
storage.met (uncompressed, 0x007268 - 0x007564): NOT removed, module metadata
pmdrv.met (uncompressed, 0x007564 - 0x007688): NOT removed, module metadata
maestro.met (uncompressed, 0x007688 - 0x007772): NOT removed, module metadata
fpf.met (uncompressed, 0x007772 - 0x00787e): NOT removed, module metadata
hci.met (uncompressed, 0x00787e - 0x007980): NOT removed, module metadata
fwupdate.met (uncompressed, 0x007980 - 0x007a8a): NOT removed, module metadata
ptt.met (uncompressed, 0x007a8a - 0x007b96): NOT removed, module metadata
touch_fw.met (uncompressed, 0x007b96 - 0x007cc0): NOT removed, module metadata
rbe (Huffman , 0x007cc0 - 0x00a380): NOT removed, essential
kernel (Huffman , 0x00a380 - 0x019fc0): NOT removed, essential
syslib (Huffman , 0x019fc0 - 0x02cfc0): NOT removed, essential
bup (Huffman , 0x02cfc0 - 0x055c40): NOT removed, essential
pm (Huffman , 0x055c40 - 0x059640): removed
vfs (Huffman , 0x059640 - 0x066700): removed
evtdisp (Huffman , 0x066700 - 0x069180): removed
loadmgr (Huffman , 0x069180 - 0x06dd00): removed
busdrv (Huffman , 0x06dd00 - 0x071540): removed
gpio (Huffman , 0x071540 - 0x073700): removed
prtc (Huffman , 0x073700 - 0x074a40): removed
policy (Huffman , 0x074a40 - 0x07f880): removed
crypto (Huffman , 0x07f880 - 0x09a500): removed
heci (LZMA/uncomp., 0x09a500 - 0x09e400): removed
storage (Huffman , 0x09e400 - 0x0a4980): removed
pmdrv (Huffman , 0x0a4980 - 0x0a6540): removed
maestro (Huffman , 0x0a6540 - 0x0ab440): removed
fpf (Huffman , 0x0ab440 - 0x0adb80): removed
hci (LZMA/uncomp., 0x0adb80 - 0x0ae440): removed
fwupdate (LZMA/uncomp., 0x0ae440 - 0x0b2f80): removed
ptt (LZMA/uncomp., 0x0b2f80 - 0x0c8100): removed
touch_fw (LZMA/uncomp., 0x0c8100 - 0x133000): removed
Relocating FTPR from 0x4000 - 0x133000 to 0x3400 - 0x132400...
Adjusting FPT entry...
Moving data...
The ME minimum size should be 356352 bytes (0x57000 bytes)
The ME region can be reduced up to:
00003000:00059fff me
Checking FTPR RSA signature... VALID
Done! Good luck!

Check firmware (-c option)

Full image detected
The ME/TXE region goes from 0x3000 to 0x9ff000
Found FPT header at 0x3010
Found 1 partition(s)
Found FTPR header: FTPR partition spans from 0x4000 to 0x133000
Found FTPR manifest at 0x4448
ME/TXE firmware version 11.6.27.3264
Checking FTPR RSA signature... VALID

from me_cleaner.

Working well. Thanks for your work on this!
Lenovo x220 i5-2540M
Coreboot: 5cb2263
me_cleaner: f4e3d14
ME is hidden and non functioning using intelmetool
ME does not show up using lspci

from me_cleaner.

working on:

Intel Core i5-3320M
Ivy Bridge
Lenovo Thinkpad t430s
Coreboot: b08d73b
me_cleaner: 2e8761e
ME is hidden and non functioning using intelmetool
ME does not show up using lspci

from me_cleaner.

• Asus P8H61 motherboard Bios version 4306
  me_cleaner: 2e8761e
  does NOT boots anymore
  P8H61-ASUS-4306.zip

from me_cleaner.

Working on:

Intel Core i3-5005U CPU
Broadwell
Acer C910
MrChromebox UEFI Bios with ME_Cleaner applied
OpenBSD 6.1

from me_cleaner.

Willing to test on

Intel Celeron J1900
Bay Trail
Mitac PD10BI / Intel DN2800MT2
Win7 x64

But not willing to brick the system. So any read outs, outputs or diagnose I can perform to check and validate up front, let me know.

from me_cleaner.

If you use a hardware flasher you can always flash back the old bios.

from me_cleaner.

Fails on an Open Compute Platform winterfell node. We're still trying to see why.

from me_cleaner.

Shows warning about "ME FW functioning abnormally" at boot but works just fine and survives 30 minutes.

• 7700k (Kabylake)
• MSI Z170A M7
• OEM BIOS ( 7976v1I )
• 2e8761e

intelmetool: not hidden, not found
lspci: CSME HECI disappeared

from me_cleaner.

SandyBridge
Intel 2500K
ASUS P8P67 PRO 3.1
OEM BIOS P8P67-PRO-REV31-ASUS-3602
commit 72fff7a

./me_cleaner.py -O new.rom P8P67-PRO-REV31-ASUS-3602.ROM
Full image detected
The ME/TXE region goes from 0x3000 to 0x180000
Found FPT header at 0x3010
Found 15 partition(s)
Found FTPR header: FTPR partition spans from 0x96000 to 0x10b000
ME/TXE firmware version 8.0.2.1410
Removing extra partitions...
Removing extra partition entries in FPT...
Removing EFFS presence flag...
Correcting checksum (0x6c)...
Reading FTPR modules list...
UPDATE (LZMA , 0x0e15c6 - 0x0e16c9): removed
ROMP (Huffman, fragmented data ): NOT removed, essential
BUP (Huffman, fragmented data ): NOT removed, essential
KERNEL (Huffman, fragmented data ): removed
POLICY (Huffman, fragmented data ): removed
HOSTCOMM (LZMA , 0x0e16c9 - 0x0e82d9): removed
RSA (LZMA , 0x0e82d9 - 0x0ed540): removed
CLS (LZMA , 0x0ed540 - 0x0f2c80): removed
TDT (LZMA , 0x0f2c80 - 0x0f936a): removed
FTCS (Huffman, fragmented data ): removed
ClsPriv (LZMA , 0x0f936a - 0x0f974a): removed
SESSMGR (LZMA , 0x0f974a - 0x107ff9): removed
The ME minimum size should be 696320 bytes (0xaa000 bytes)
The ME region can be reduced up to:
00003000:000acfff me
Setting the AltMeDisable bit in PCHSTRP10 to disable Intel ME...
Checking the FTPR RSA signature... VALID
Done! Good luck!

./intelmetool -s
Bad news, you have a P67 Express Chipset Family LPC Controller so you have ME hardware on board and you can't control or disable it, continuing...

MEI not hidden on PCI, checking if visible
MEI found: [8086:1c3a] 6 Series/C200 Series Chipset Family MEI Controller #1

ME Status : 0x1e000255
ME Status 2 : 0x66000106

ME: FW Partition Table : OK
ME: Bringup Loader Failure : NO
ME: Firmware Init Complete : YES
ME: Manufacturing Mode : YES
ME: Boot Options Present : NO
ME: Update In Progress : NO
ME: Current Working State : Normal
ME: Current Operation State : M0 with UMA
ME: Current Operation Mode : Normal
ME: Error Code : No Error
ME: Progress Phase : Host Communication
ME: Power Management Event : Pseudo-global reset
ME: Progress Phase State : Host communication established
...
Programming with ASUS EzBios doesn't work.
Had to use raspberry pi to program the flash and now the MEI is gone.

./intelmetool -s
Bad news, you have a P67 Express Chipset Family LPC Controller so you have ME hardware on board and you can't control or disable it, continuing...

MEI was hidden on PCI, now unlocked
MEI found: [8086:1c3a] 6 Series/C200 Series Chipset Family MEI Controller #1

ME Status : 0x1c020191
ME Status 2 : 0x120a0150

ME: FW Partition Table : OK
ME: Bringup Loader Failure : NO
ME: Firmware Init Complete : NO
ME: Manufacturing Mode : YES
ME: Boot Options Present : NO
ME: Update In Progress : NO
ME: Current Working State : Initializing
ME: Current Operation State : Bring up
ME: Current Operation Mode : Debug
ME: Error Code : No Error
ME: Progress Phase : BUP Phase
ME: Power Management Event : Clean global reset
ME: Progress Phase State : Check to see if straps say ME DISABLED

ME: Extend SHA-256: fcf867b12599c9a59e661ee6c20fa9c22b5b9e0a513bb21791cec49b33570ce5

ME: failed to become ready

ME: failed to become ready
ME: GET FW VERSION message failed
ME: failed to become ready
ME: failed to become ready
ME: GET FWCAPS message failed
Re-hiding MEI device...done

from me_cleaner.

Working on:

Xeon E5-2683 v3
Haswell-EP
MSI MS-7885/X99S
OEM BIOS

Core i3-4130T
Haswell
Gigabyte H81N-D2H
OEM BIOS

No errors or messages in bios, no more /dev/mei0 :)

from me_cleaner.

Working on:

Core i7-4765T
Haswell
Gigabyte Z87N
OEM BIOS

from me_cleaner.

Works on Laptop Lenovo Y70-70 touch:
Intel Core i7-4710HQ
Mobile Intel HM86 Express
OEM BIOS
Flashed externally with a banana pro board:

ivan@robomonitor:~/flashrom$ sudo ./flashrom -p linux_spi:dev=/dev/spidev0.0 -w modified_image.rom
flashrom v0.9.9-r1954 on Linux 3.4.111-bananian (armv7l)
flashrom is free software, get the source code at https://flashrom.org

Calibrating delay loop... OK.
Found GigaDevice flash chip "GD25Q64(B)" (8192 kB, SPI) on linux_spi.
Reading old flash chip contents... done.
Erasing and writing flash chip... Erase/write done.
Verifying flash... VERIFIED.

The outcome is ME: Error Code : Image Failure
ME: Current Operation Mode : Normal
ME: Progress Phase : BUP Phase

From the BIOS menu the ME completely disappeared.
The laptop is working normally

from me_cleaner.

Working on:

• Intel Core i7-5820K
• Haswell-E
• ASUS Rampage V Extreme
• OEM BIOS (Rampage V Extreme BIOS 3701)
• d5705b6

from me_cleaner.

Working on:

• Ivy Bridge-E
• Intel Core i7-4820k
• Gigabyte GA-X79-UP4
• OEM BIOS (version F7)
• d5705b6

ME remains on PCI bus but intelmetool -s shows it as neutered:

MEI not hidden on PCI, checking if visible
MEI found: [8086:1d3a] C600/X79 series chipset MEI Controller #1

ME Status   : 0x1e003052
ME Status 2 : 0x16320160

ME: FW Partition Table      : OK
ME: Bringup Loader Failure  : NO
ME: Firmware Init Complete  : NO
ME: Manufacturing Mode      : YES
ME: Boot Options Present    : NO
ME: Update In Progress      : NO
ME: Current Working State   : Recovery
ME: Current Operation State : M0 with UMA
ME: Current Operation Mode  : Normal
ME: Error Code              : Image Failure
ME: Progress Phase          : BUP Phase
ME: Power Management Event  : Pseudo-global reset
ME: Progress Phase State    : M0 kernel load

ME: Extend SHA-256: a650034e59436c46f79fea55d68e28d01ce3ff762bca9fc9edb70bd5e74505ea

ME: has a broken implementation on your board with this BIOS
ME: failed to become ready
ME: failed to become ready
ME: GET FW VERSION message failed
ME: failed to become ready
ME: failed to become ready
ME: GET FWCAPS message failed

The machine works normally, except it seems that when rebooting from BIOS setup, the machine powers off and then turns back on shortly. No big deal, though!

from me_cleaner.

Partially working (no shutdown etc.) on:

• Intel(R) Celeron(R) CPU 3955U @ 2.00GHz
• Skylake family
• Gigabyte GB-BSCEH-3955 (rev. 1.0)

Screenshot after clean-up -- no ME FW version available:

However, network adapter (Ethernet controller: Intel Corporation Ethernet Connection I219-V (rev 21)) disappears.

me_cleaner log:

Full image detected
The ME/TXE region goes from 0x3000 to 0x200000
Found FPT header at 0x3010
Found 11 partition(s)
Found FTPR header: FTPR partition spans from 0x4000 to 0xab000
Found FTPR manifest at 0x4478
ME/TXE firmware version 11.0.25.3001
Removing extra partitions...
Removing extra partition entries in FPT...
Removing EFFS presence flag...
Correcting checksum (0xbd)...
Reading FTPR modules list...
 FTPR.man     (uncompressed, 0x004478 - 0x00507c): NOT removed, partition manif.
 rbe.met      (uncompressed, 0x00507c - 0x005112): NOT removed, module metadata
 kernel.met   (uncompressed, 0x005112 - 0x0051a0): NOT removed, module metadata
 syslib.met   (uncompressed, 0x0051a0 - 0x005204): NOT removed, module metadata
 bup.met      (uncompressed, 0x005204 - 0x0056a4): NOT removed, module metadata
 pm.met       (uncompressed, 0x0056a4 - 0x005752): NOT removed, module metadata
 syncman.met  (uncompressed, 0x005752 - 0x0057e8): NOT removed, module metadata
 vfs.met      (uncompressed, 0x0057e8 - 0x006148): NOT removed, module metadata
 evtdisp.met  (uncompressed, 0x006148 - 0x0062d6): NOT removed, module metadata
 loadmgr.met  (uncompressed, 0x0062d6 - 0x0063fe): NOT removed, module metadata
 busdrv.met   (uncompressed, 0x0063fe - 0x0067b0): NOT removed, module metadata
 gpio.met     (uncompressed, 0x0067b0 - 0x0068bc): NOT removed, module metadata
 prtc.met     (uncompressed, 0x0068bc - 0x006a6c): NOT removed, module metadata
 policy.met   (uncompressed, 0x006a6c - 0x006c36): NOT removed, module metadata
 crypto.met   (uncompressed, 0x006c36 - 0x006dc0): NOT removed, module metadata
 heci.met     (uncompressed, 0x006dc0 - 0x006f74): NOT removed, module metadata
 storage.met  (uncompressed, 0x006f74 - 0x007258): NOT removed, module metadata
 pmdrv.met    (uncompressed, 0x007258 - 0x00737c): NOT removed, module metadata
 maestro.met  (uncompressed, 0x00737c - 0x007466): NOT removed, module metadata
 fpf.met      (uncompressed, 0x007466 - 0x00755a): NOT removed, module metadata
 hci.met      (uncompressed, 0x00755a - 0x007704): NOT removed, module metadata
 fwupdate.met (uncompressed, 0x007704 - 0x00780c): NOT removed, module metadata
 ptt.met      (uncompressed, 0x00780c - 0x0078fe): NOT removed, module metadata
 touch_fw.met (uncompressed, 0x0078fe - 0x007a40): NOT removed, module metadata
 rbe          (Huffman     , 0x007a40 - 0x00a0c0): NOT removed, essential
 kernel       (Huffman     , 0x00a0c0 - 0x018dc0): NOT removed, essential
 syslib       (Huffman     , 0x018dc0 - 0x02ba00): NOT removed, essential
 bup          (Huffman     , 0x02ba00 - 0x054b80): NOT removed, essential
 pm           (LZMA/uncomp., 0x054b80 - 0x057500): removed
 syncman      (LZMA/uncomp., 0x057500 - 0x057a40): removed
 vfs          (LZMA/uncomp., 0x057a40 - 0x05f880): removed
 evtdisp      (LZMA/uncomp., 0x05f880 - 0x061300): removed
 loadmgr      (LZMA/uncomp., 0x061300 - 0x064140): removed
 busdrv       (LZMA/uncomp., 0x064140 - 0x066f40): removed
 gpio         (LZMA/uncomp., 0x066f40 - 0x0683c0): removed
 prtc         (LZMA/uncomp., 0x0683c0 - 0x069180): removed
 policy       (LZMA/uncomp., 0x069180 - 0x06f840): removed
 crypto       (LZMA/uncomp., 0x06f840 - 0x07f3c0): removed
 heci         (LZMA/uncomp., 0x07f3c0 - 0x083480): removed
 storage      (LZMA/uncomp., 0x083480 - 0x087cc0): removed
 pmdrv        (LZMA/uncomp., 0x087cc0 - 0x0894c0): removed
 maestro      (LZMA/uncomp., 0x0894c0 - 0x08c3c0): removed
 fpf          (LZMA/uncomp., 0x08c3c0 - 0x08ddc0): removed
 hci          (LZMA/uncomp., 0x08ddc0 - 0x08e640): removed
 fwupdate     (LZMA/uncomp., 0x08e640 - 0x092ec0): removed
 ptt          (LZMA/uncomp., 0x092ec0 - 0x0a7000): removed
 touch_fw     (LZMA/uncomp., 0x0a7000 - 0x0ab000): removed
The ME minimum size should be 352256 bytes (0x56000 bytes)
The ME region can be reduced up to:
 00003000:00058fff me
Checking the FTPR RSA signature... VALID
Done! Good luck!

from me_cleaner.

Working on:
Intel i7-3520m (Thinkpad x230)
Ivy Bridge
OEM Bios

from me_cleaner.

Seems to work on my setup!

Kaby Lake (Sunrise Point)
i5 7600k
MSI H110I PRO
OEM firmware E7995IMS.390
Commit is d5705b6

There's a warning about "ME FW" on boot but everything works.
I used the setting -S and flashed from the OEM flash utility

from me_cleaner.

I have several T470s with i7-7600U, I'd be willing to test if someone would be available on IRC to walk me through it.

from me_cleaner.

Working on:

• Dell Inspiron 15 5567 laptop
• Intel i7-7500U (Kaby Lake)
• Dell BIOS v1.1.1
• me_cleaner commit 312ef02
• External flashing using flashrom and RPi3 running 64-bit Gentoo, Pomona 5250 clip
• Flash chip is a Winbond W25Q128FV, easily accessible by removing bottom cover

Pin mapping:

After flashing, had to restart machine a few times to get it to come back to a BIOS settings recovery screen, but once that was done and RTC reset etc., everything appears to work fine. 30min threshold passed. /dev/mei0 has gone, intelmeitool can't see an ME device anymore. I used the -S setting.

Log:

root@pi64 ~ # flashrom -p linux_spi:dev=/dev/spidev0.0,spispeed=8000 -c W25Q128.V -r original.rom
flashrom v0.9.9-r1955 on Linux 4.10.17-v8-9411792647f6+ (aarch64)
flashrom is free software, get the source code at https://flashrom.org

Calibrating delay loop... OK.
Found Winbond flash chip "W25Q128.V" (16384 kB, SPI) on linux_spi.
Reading flash... done.

root@pi64 ~ # flashrom -p linux_spi:dev=/dev/spidev0.0,spispeed=8000 -c W25Q128.V -r original2.rom
flashrom v0.9.9-r1955 on Linux 4.10.17-v8-9411792647f6+ (aarch64)
flashrom is free software, get the source code at https://flashrom.org

Calibrating delay loop... OK.
Found Winbond flash chip "W25Q128.V" (16384 kB, SPI) on linux_spi.
Reading flash... done.

root@pi64 ~ # diff original.rom original2.rom 

root@pi64 ~ # python me_cleaner/me_cleaner.py -S original2.rom -O modified2.rom
Full image detected
The ME/TXE region goes from 0x1000 to 0x700000
Found FPT header at 0x1010
Found 11 partition(s)
Found FTPR header: FTPR partition spans from 0x2000 to 0xa9000
Found FTPR manifest at 0x2448
ME/TXE firmware version 11.6.0.1126
Removing extra partitions...
Removing extra partition entries in FPT...
Removing EFFS presence flag...
Correcting checksum (0x2a)...
Reading FTPR modules list...
 FTPR.man     (uncompressed, 0x002448 - 0x003018): NOT removed, partition manif.
 rbe.met      (uncompressed, 0x003018 - 0x0030ae): NOT removed, module metadata
 kernel.met   (uncompressed, 0x0030ae - 0x00313c): NOT removed, module metadata
 syslib.met   (uncompressed, 0x00313c - 0x0031a0): NOT removed, module metadata
 bup.met      (uncompressed, 0x0031a0 - 0x00374a): NOT removed, module metadata
 pm.met       (uncompressed, 0x00374a - 0x0037f8): NOT removed, module metadata
 vfs.met      (uncompressed, 0x0037f8 - 0x004158): NOT removed, module metadata
 evtdisp.met  (uncompressed, 0x004158 - 0x0042e6): NOT removed, module metadata
 loadmgr.met  (uncompressed, 0x0042e6 - 0x00440e): NOT removed, module metadata
 busdrv.met   (uncompressed, 0x00440e - 0x0047b4): NOT removed, module metadata
 gpio.met     (uncompressed, 0x0047b4 - 0x0048fe): NOT removed, module metadata
 prtc.met     (uncompressed, 0x0048fe - 0x004aae): NOT removed, module metadata
 policy.met   (uncompressed, 0x004aae - 0x004c72): NOT removed, module metadata
 crypto.met   (uncompressed, 0x004c72 - 0x004dfc): NOT removed, module metadata
 heci.met     (uncompressed, 0x004dfc - 0x004fc8): NOT removed, module metadata
 storage.met  (uncompressed, 0x004fc8 - 0x0052c4): NOT removed, module metadata
 pmdrv.met    (uncompressed, 0x0052c4 - 0x0053e8): NOT removed, module metadata
 maestro.met  (uncompressed, 0x0053e8 - 0x0054d2): NOT removed, module metadata
 fpf.met      (uncompressed, 0x0054d2 - 0x0055de): NOT removed, module metadata
 hci.met      (uncompressed, 0x0055de - 0x0056e0): NOT removed, module metadata
 fwupdate.met (uncompressed, 0x0056e0 - 0x0057ea): NOT removed, module metadata
 ptt.met      (uncompressed, 0x0057ea - 0x0058f6): NOT removed, module metadata
 touch_fw.met (uncompressed, 0x0058f6 - 0x005a40): NOT removed, module metadata
 rbe          (Huffman     , 0x005a40 - 0x008100): NOT removed, essential
 kernel       (Huffman     , 0x008100 - 0x017d00): NOT removed, essential
 syslib       (Huffman     , 0x017d00 - 0x029d00): NOT removed, essential
 bup          (Huffman     , 0x029d00 - 0x051440): NOT removed, essential
 pm           (LZMA/uncomp., 0x051440 - 0x053a40): removed
 vfs          (LZMA/uncomp., 0x053a40 - 0x05b740): removed
 evtdisp      (LZMA/uncomp., 0x05b740 - 0x05d140): removed
 loadmgr      (LZMA/uncomp., 0x05d140 - 0x05fec0): removed
 busdrv       (LZMA/uncomp., 0x05fec0 - 0x061780): removed
 gpio         (LZMA/uncomp., 0x061780 - 0x062a00): removed
 prtc         (LZMA/uncomp., 0x062a00 - 0x0635c0): removed
 policy       (LZMA/uncomp., 0x0635c0 - 0x068200): removed
 crypto       (LZMA/uncomp., 0x068200 - 0x075d80): removed
 heci         (LZMA/uncomp., 0x075d80 - 0x079c80): removed
 storage      (LZMA/uncomp., 0x079c80 - 0x07e200): removed
 pmdrv        (LZMA/uncomp., 0x07e200 - 0x07f340): removed
 maestro      (LZMA/uncomp., 0x07f340 - 0x0810c0): removed
 fpf          (LZMA/uncomp., 0x0810c0 - 0x082940): removed
 hci          (LZMA/uncomp., 0x082940 - 0x083200): removed
 fwupdate     (LZMA/uncomp., 0x083200 - 0x087d40): removed
 ptt          (LZMA/uncomp., 0x087d40 - 0x09cd80): removed
 touch_fw     (LZMA/uncomp., 0x09cd80 - 0x0a9000): removed
The ME minimum size should be 348160 bytes (0x55000 bytes)
The ME region can be reduced up to:
 00001000:00055fff me
Setting the HAP bit in PCHSTRP0 to disable Intel ME...
Checking the FTPR RSA signature... VALID
Done! Good luck!

root@pi64 ~ # flashrom -p linux_spi:dev=/dev/spidev0.0,spispeed=8000 -c W25Q128.V -w modified2.rom 
flashrom v0.9.9-r1955 on Linux 4.10.17-v8-9411792647f6+ (aarch64)
flashrom is free software, get the source code at https://flashrom.org

Calibrating delay loop... OK.
Found Winbond flash chip "W25Q128.V" (16384 kB, SPI) on linux_spi.
Reading old flash chip contents... done.
Erasing and writing flash chip... Erase/write done.
Verifying flash... VERIFIED.

from me_cleaner.

@storrgie Try to follow the guides; if you need help feel free to open an issue. Please don't reply on this thread, it is only for the success reports.

from me_cleaner.

@storrgie You may want to first check if Boot Guard is enabled on your laptop. I think most (if not all) of the recent ThinkPads have Boot Guard enabled.

from me_cleaner.

Working on:

• Panasonic CF-AX3 laptop (the one used in this guide; not sure it was ever sold outside Japan)
• Intel i7-4500U (Haswell)
• AMT BIOS v1.00L12
• me_cleaner commit 312ef02
• External flashing using flashrom and RPi3 running 64-bit Gentoo, Pomona 5250 clip (as above)
• Flash chip is a Winbond W25Q64FV, easily accessible by removing bottom cover

I used the same RPi3 <-> flash chip pin mapping as for the Dell Inspiron 15 5567 above.

There was no need to remove the CMOS button battery to flash in-circuit, once the laptop's two main batteries and PSU were disconnected. No issues on restart; secure boot etc. still working. 30min threshold passed. /dev/mei0 has gone. I used the -S setting. In the AMT BIOS it now shows Intel(R) ME Firmware N/A.

Main part of log:

root@pi64 ~ # python me_cleaner/me_cleaner.py -S original4.rom -O modified4.rom
Full image detected
The ME/TXE region goes from 0x3000 to 0x280000
Found FPT header at 0x3010
Found 21 partition(s)
Found FTPR header: FTPR partition spans from 0x4e000 to 0xd4000
ME/TXE firmware version 9.5.3.1520
Removing extra partitions...
Removing extra partition entries in FPT...
Removing EFFS presence flag...
Correcting checksum (0xe3)...
Reading FTPR modules list...
 UPDATE           (LZMA   , 0x0b1e05 - 0x0b1f0f): removed
 ROMP             (Huffman, fragmented data    ): NOT removed, essential
 BUP              (Huffman, fragmented data    ): NOT removed, essential
 KERNEL           (Huffman, fragmented data    ): removed
 POLICY           (Huffman, fragmented data    ): removed
 FTPM             (LZMA   , 0x0b1f0f - 0x0bfbe1): removed
 HOSTCOMM         (LZMA   , 0x0bfbe1 - 0x0c81af): removed
 TDT              (LZMA   , 0x0c81af - 0x0cd4ed): removed
 FPF              (LZMA   , 0x0cd4ed - 0x0ceff8): removed
The ME minimum size should be 430080 bytes (0x69000 bytes)
The ME region can be reduced up to:
 00003000:0006bfff me
Setting the AltMeDisable bit in PCHSTRP10 to disable Intel ME...
Checking the FTPR RSA signature... VALID
Done! Good luck!

Output of intelmetool --show:

Bad news, you have a `8 Series LPC Controller` so you have ME hardware on board
and you can't control or disable it, continuing...

MEI was hidden on PCI, now unlocked
MEI found: [8086:9c3a] 8 Series HECI #0

ME Status   : 0x1e020191
ME Status 2 : 0x104d0142

ME: FW Partition Table      : OK
ME: Bringup Loader Failure  : NO
ME: Firmware Init Complete  : NO
ME: Manufacturing Mode      : YES
ME: Boot Options Present    : NO
ME: Update In Progress      : NO
ME: Current Working State   : Initializing
ME: Current Operation State : Bring up
ME: Current Operation Mode  : Debug
ME: Error Code              : No Error
ME: Progress Phase          : BUP Phase
ME: Power Management Event  : Clean Moff->Mx wake
ME: Progress Phase State    : 0x4d

ME: Extend SHA-256: <hash>

ME: failed to become ready
ME: failed to become ready
ME: GET FW VERSION message failed
ME: failed to become ready
ME: failed to become ready
ME: GET FWCAPS message failed
Re-hiding MEI device...done

As I've got this working on two different laptops now, I'm going to add a short section to my Gentoo EFI Install Guide covering the process of running me_cleaner with external flashing.

Update 9 Oct 2017: this addendum is now available; please see here.

from me_cleaner.

Working on:

• ASUS Z10PE-D8 WS motherboard
• Dual Intel Xeon E5-2696 v4 (Broadwell EP)
• AMT BIOS, revision 3304 x64 (5.011 core, build date 6/22/2016) (downloadable here)
• me_cleaner commit 312ef02
• External flashing using flashrom and RPi3 running 64-bit Gentoo, wired directly to chip on breadboard (socketed DIP-8)
• Flash chip is a Winbond W25Q128FV

Update 9 Oct 2017: Also works with the 3407 BIOS from Asus (latest for this board at time of writing) and both with and without the -S flag.

I used the same RPi3 <-> flash chip pin mapping as for the Dell Inspiron 15 5567 above.

No issues on restart (other than that pre-existing custom entries in the EFI boot list were lost), secure boot still working etc. 30 min threshold passed. BIOS "Server ME Configuration" now shows Operational Firmware Version 00:0.0.0.0.

Output of intelmetool:

root@buildserver intelmetool # ./intelmetool -s
MEI was hidden on PCI, now unlocked
MEI found: [8086:8d3a] C610/X99 series chipset MEI Controller #1

ME Status   : 0xf0382
ME Status 2 : 0x90403008

ME: FW Partition Table      : OK
ME: Bringup Loader Failure  : NO
ME: Firmware Init Complete  : YES
ME: Manufacturing Mode      : NO
ME: Boot Options Present    : NO
ME: Update In Progress      : NO
ME: Current Working State   : Recovery
ME: Current Operation State : Bring up
ME: Current Operation Mode  : (null)
ME: Error Code              : No Error
ME: Progress Phase          : Moff->Mx wake after an error
ME: Power Management Event  : Clean Moff->Mx wake
ME: Progress Phase State    : Unknown 0x40

ME: Extend Register not valid

ME: timeout waiting for data: expected 8, available 6
ME: GET FW VERSION message failed
ME: timeout waiting for data: expected 5, available 0
ME: GET FWCAPS message failed
Re-hiding MEI device...done

Output from me_cleaner:

root@pi64 ~ # python me_cleaner/me_cleaner.py -S original6.rom -O modified6.rom
Full image detected
The ME/TXE region goes from 0x1000 to 0x800000
Found FPT header at 0x1010
Found 6 partition(s)
Found FTPR header: FTPR partition spans from 0x22000 to 0x42000
ME/TXE firmware version 3.1.3.30
Removing extra partitions...
Removing extra partition entries in FPT...
Removing EFFS presence flag...
Correcting checksum (0x4b)...
Reading FTPR modules list...
 BUP              (uncomp., 0x02235c - 0x03935c): NOT removed, essential
The ME minimum size should be 249856 bytes (0x3d000 bytes)
The ME region can be reduced up to:
 00001000:0003dfff me
Setting the AltMeDisable bit in PCHSTRP10 to disable Intel ME...
Checking the FTPR RSA signature... VALID
Done! Good luck!

root@pi64 ~ # cmp -l original6.rom modified6.rom | wc -l
1048321

from me_cleaner.

Works on Laptop Lenovo Y70-70 touch:
Intel Core i7-4710HQ
Mobile Intel HM86 Express
OEM BIOS
Flashed externally with a banana pro board:
After not using the -s -S options I decided to apply it with the -S option and the output of intelmetool is:

MEI was hidden on PCI, now unlocked
MEI found: [8086:8c3a] 8 Series/C220 Series Chipset Family MEI Controller #1

ME Status : 0x1e020191
ME Status 2 : 0x104d2142

ME: FW Partition Table : OK
ME: Bringup Loader Failure : NO
ME: Firmware Init Complete : NO
ME: Manufacturing Mode : YES
ME: Boot Options Present : NO
ME: Update In Progress : NO
ME: Current Working State : Initializing
ME: Current Operation State : Bring up
ME: Current Operation Mode : Debug
ME: Error Code : No Error
ME: Progress Phase : BUP Phase
ME: Power Management Event : Clean Moff->Mx wake
ME: Progress Phase State : 0x4d

ME: Extend SHA-256: ######

ME: failed to become ready
ME: failed to become ready
ME: GET FW VERSION message failed
ME: failed to become ready
ME: failed to become ready
ME: GET FWCAPS message failed
Re-hiding MEI device...done

This time no error code reported

from me_cleaner.

• Intel Core i5 3320M
• Ivy Bridge
• Lenovo Thinkpad X230
• Coreboot
• -S option
• 312ef02

# intelmetool -s
Bad news, you have a `QM77 Express Chipset LPC Controller` so you have ME hardware on board and you can't control or disable it, continuing...

MEI not hidden on PCI, checking if visible
MEI found: [8086:1e3a] 7 Series/C210 Series Chipset Family MEI Controller #1

ME Status   : 0x1e020191
ME Status 2 : 0x100a0140

ME: FW Partition Table      : OK
ME: Bringup Loader Failure  : NO
ME: Firmware Init Complete  : NO
ME: Manufacturing Mode      : YES
ME: Boot Options Present    : NO
ME: Update In Progress      : NO
ME: Current Working State   : Initializing
ME: Current Operation State : Bring up
ME: Current Operation Mode  : Debug
ME: Error Code              : No Error
ME: Progress Phase          : BUP Phase
ME: Power Management Event  : Clean Moff->Mx wake
ME: Progress Phase State    : Check to see if straps say ME DISABLED

ME: Extend SHA-256: deadbeef

ME: failed to become ready
ME: failed to become ready
ME: GET FW VERSION message failed
ME: failed to become ready
ME: failed to become ready
ME: GET FWCAPS message failed

from me_cleaner.

@kentaurest - I'm not sure your ME has been disabled, given the output you posted from intelmetool -s?

from me_cleaner.

Thank you for your work.

Using commit 72fff7a
ASUS Z170-PRO Gaming (Sunrise Point-H) with i7-6700k
OEM Bios Version 3501 (2017/06/30 update).

HAP bit set and non essential partitions removed.

./me_cleaner.py -O cleaned.rom original.rom 
Full image detected
The ME/TXE region goes from 0x3000 to 0x280000
Found FPT header at 0x3010
Found 11 partition(s)
Found FTPR header: FTPR partition spans from 0x4000 to 0xab000
Found FTPR manifest at 0x4448
ME/TXE firmware version 11.6.10.1196
Removing extra partitions...
Removing extra partition entries in FPT...
Removing EFFS presence flag...
Correcting checksum (0xda)...
Reading FTPR modules list...
 FTPR.man     (uncompressed, 0x004448 - 0x005018): NOT removed, partition manif.
 rbe.met      (uncompressed, 0x005018 - 0x0050ae): NOT removed, module metadata
 kernel.met   (uncompressed, 0x0050ae - 0x00513c): NOT removed, module metadata
 syslib.met   (uncompressed, 0x00513c - 0x0051a0): NOT removed, module metadata
 bup.met      (uncompressed, 0x0051a0 - 0x00574a): NOT removed, module metadata
 pm.met       (uncompressed, 0x00574a - 0x0057f8): NOT removed, module metadata
 vfs.met      (uncompressed, 0x0057f8 - 0x006158): NOT removed, module metadata
 evtdisp.met  (uncompressed, 0x006158 - 0x0062e6): NOT removed, module metadata
 loadmgr.met  (uncompressed, 0x0062e6 - 0x00640e): NOT removed, module metadata
 busdrv.met   (uncompressed, 0x00640e - 0x0067b4): NOT removed, module metadata
 gpio.met     (uncompressed, 0x0067b4 - 0x0068fe): NOT removed, module metadata
 prtc.met     (uncompressed, 0x0068fe - 0x006aae): NOT removed, module metadata
 policy.met   (uncompressed, 0x006aae - 0x006c72): NOT removed, module metadata
 crypto.met   (uncompressed, 0x006c72 - 0x006dfc): NOT removed, module metadata
 heci.met     (uncompressed, 0x006dfc - 0x006fc8): NOT removed, module metadata
 storage.met  (uncompressed, 0x006fc8 - 0x0072c4): NOT removed, module metadata
 pmdrv.met    (uncompressed, 0x0072c4 - 0x0073e8): NOT removed, module metadata
 maestro.met  (uncompressed, 0x0073e8 - 0x0074d2): NOT removed, module metadata
 fpf.met      (uncompressed, 0x0074d2 - 0x0075de): NOT removed, module metadata
 hci.met      (uncompressed, 0x0075de - 0x0076e0): NOT removed, module metadata
 fwupdate.met (uncompressed, 0x0076e0 - 0x0077ea): NOT removed, module metadata
 ptt.met      (uncompressed, 0x0077ea - 0x0078f6): NOT removed, module metadata
 touch_fw.met (uncompressed, 0x0078f6 - 0x007a40): NOT removed, module metadata
 rbe          (Huffman     , 0x007a40 - 0x00a100): NOT removed, essential
 kernel       (Huffman     , 0x00a100 - 0x019d00): NOT removed, essential
 syslib       (Huffman     , 0x019d00 - 0x02bbc0): NOT removed, essential
 bup          (Huffman     , 0x02bbc0 - 0x053a80): NOT removed, essential
 pm           (LZMA/uncomp., 0x053a80 - 0x056080): removed
 vfs          (LZMA/uncomp., 0x056080 - 0x05dd80): removed
 evtdisp      (LZMA/uncomp., 0x05dd80 - 0x05f780): removed
 loadmgr      (LZMA/uncomp., 0x05f780 - 0x062500): removed
 busdrv       (LZMA/uncomp., 0x062500 - 0x063dc0): removed
 gpio         (LZMA/uncomp., 0x063dc0 - 0x065040): removed
 prtc         (LZMA/uncomp., 0x065040 - 0x065c00): removed
 policy       (LZMA/uncomp., 0x065c00 - 0x06a840): removed
 crypto       (LZMA/uncomp., 0x06a840 - 0x0783c0): removed
 heci         (LZMA/uncomp., 0x0783c0 - 0x07c2c0): removed
 storage      (LZMA/uncomp., 0x07c2c0 - 0x080840): removed
 pmdrv        (LZMA/uncomp., 0x080840 - 0x0819c0): removed
 maestro      (LZMA/uncomp., 0x0819c0 - 0x083740): removed
 fpf          (LZMA/uncomp., 0x083740 - 0x084fc0): removed
 hci          (LZMA/uncomp., 0x084fc0 - 0x085880): removed
 fwupdate     (LZMA/uncomp., 0x085880 - 0x08a3c0): removed
 ptt          (LZMA/uncomp., 0x08a3c0 - 0x09f4c0): removed
 touch_fw     (LZMA/uncomp., 0x09f4c0 - 0x0ab000): removed
The ME minimum size should be 348160 bytes (0x55000 bytes)
The ME region can be reduced up to:
 00003000:00057fff me
Setting the HAP bit in PCHSTRP0 to disable Intel ME...
Checking the FTPR RSA signature... VALID
Done! Good luck!

Externally flashed DIP-8 chip (Winbond W25Q128FV) with flashrom.
Had to use a version of intelmetool that supports Sunrise Point

diff --git a/util/intelmetool/intelmetool.h b/util/intelmetool/intelmetool.h
index 491ab5fb6f..ea60d3d9c4 100644
--- a/util/intelmetool/intelmetool.h
+++ b/util/intelmetool/intelmetool.h
@@ -116,6 +116,9 @@ extern int debug;
 #define PCI_DEVICE_ID_INTEL_LYNXPOINT_LP_BASE	0x9c45
 #define PCI_DEVICE_ID_INTEL_WILDCATPOINT_LP	0x9cc5
 #define PCI_DEVICE_ID_INTEL_X99			0x8d47
+#define PCI_DEVICE_ID_INTEL_SUNRISE 	0x9d3a
+#define PCI_DEVICE_ID_INTEL_SUNRISE_H1	0xa13a
+#define PCI_DEVICE_ID_INTEL_SUNRISE_H2	0xa13b
 
 #define PCI_DEV_HAS_ME_DIFFICULT(x) ( \
 	( (x) == PCI_DEVICE_ID_INTEL_ICH10R ) || \
@@ -172,6 +175,9 @@ extern int debug;
 	( (x) == PCI_DEVICE_ID_INTEL_LYNXPOINT_LP_PREM	) || \
 	( (x) == PCI_DEVICE_ID_INTEL_LYNXPOINT_LP_BASE	) || \
 	( (x) == PCI_DEVICE_ID_INTEL_WILDCATPOINT_LP	) || \
+	( (x) == PCI_DEVICE_ID_INTEL_SUNRISE) || \
+	( (x) == PCI_DEVICE_ID_INTEL_SUNRISE_H1) || \
+	( (x) == PCI_DEVICE_ID_INTEL_SUNRISE_H2) || \
 	( (x) == PCI_DEVICE_ID_INTEL_X99	))
 
 // Not sure if ME present, but should be able to disable it easily
@@ -276,5 +282,8 @@ extern int debug;
 	( (x) ==  PCI_DEVICE_ID_INTEL_LYNXPOINT_2 ) || \
 	( (x) ==  PCI_DEVICE_ID_INTEL_LYNXPOINT_3 ) || \
 	( (x) ==  PCI_DEVICE_ID_INTEL_LYNXPOINT_4 ) || \
+	( (x) ==  PCI_DEVICE_ID_INTEL_SUNRISE ) || \
+	( (x) ==  PCI_DEVICE_ID_INTEL_SUNRISE_H1 ) || \
+	( (x) ==  PCI_DEVICE_ID_INTEL_SUNRISE_H2 ) || \
 	( (x) ==  PCI_DEVICE_ID_INTEL_WILDCAT_1 ) || \
 	( (x) ==  PCI_DEVICE_ID_INTEL_WILDCAT_2))
-- 

Before me cleaning intelmetool's output was "normal". After me cleaning:

MEI not hidden on PCI, checking if visible
MEI device not found

The PCI device completely disappeared.
cat /proc/bus/pci/devices | grep a13a shows no ME device.

System is completely functional.
No ME related warnings or anything similar during boot.
ME version displayed in BIOS is 0.0.0.0

from me_cleaner.

• Ivy Bridge
• Core i5 3320m
• Lenovo Thinkpad x230 Tablet
• coreboot with SeaBIOS payload
• no -s/-S flag was used

Also to note that the vgabios/oprom provided with the original UEFI firmware works as intended, can fully boot windows. 45 min and up burn-in completed without an issue. Thanks so much for the software!

from me_cleaner.

Works on:

• Haswell refresh
• Core i7-4790k
• Gigabyte GA-B85M-D3H
• OEM BIOS (F14) - used the DOS flash tool after booting into freedos
• Used -S flag

Note: the machine will automatically reboot a bunch of times after flashing the BIOS, and you'll have to go back into the BIOS and reconfigure some of your settings

from me_cleaner.