2019-09-01 23:44:22 +00:00
|
|
|
|
|
|
|
COMPATIBILTY WARNING:
|
|
|
|
---------------------
|
|
|
|
|
|
|
|
As the result of CVE-2019-6171, it looks like newer Lenovo firmware update
|
|
|
|
files are adding a digital signature. If you upgrade to a version using
|
|
|
|
this, you will not be able to patch your EC.
|
|
|
|
|
2019-09-21 10:09:38 +00:00
|
|
|
| laptop | last good | first locked version | Action |
|
|
|
|
| ------ | --------- | -------------------- | ------ |
|
|
|
|
| t430 | t430 BIOS 2.81 (G1ETC1WW) EC 1.13 (G1HT35WW) | t430 BIOS 2.82 (G1ETC2WW) EC 1.14 (G1HT36WW) | roll back to 2.81 (disable secure rollback prevention) |
|
2019-09-01 23:44:22 +00:00
|
|
|
|
|
|
|
Basically, any BIOS update package where the changelog mentions CVE-2019-6171
|
|
|
|
will have this lockdown.
|
|
|
|
|
2019-09-02 00:51:45 +00:00
|
|
|
Lenovo is tracking their response to this CVE at:
|
|
|
|
https://support.lenovo.com/gb/en/solutions/len-27764
|
2019-09-01 23:44:22 +00:00
|
|
|
|
|
|
|
Intro
|
|
|
|
-----
|
|
|
|
|
2016-04-27 01:43:31 +00:00
|
|
|
The main purpose of this software is to patch the EC on xx30 series thinkpads
|
2016-06-18 02:02:27 +00:00
|
|
|
to make the classic 7-row keyboards work. There are also patches included (but
|
|
|
|
disabled by default) to disable the authentic battery validation check.
|
2016-04-19 08:26:49 +00:00
|
|
|
|
2016-04-27 01:43:31 +00:00
|
|
|
With the patches included here, you can install the classic keyboard
|
|
|
|
hardware on many xx30 series laptops and make almost every key work properly.
|
|
|
|
The only keys that are not working are Fn+F3 (Battery) and Fn+F12 (Hibernate)
|
|
|
|
|
2017-09-05 03:37:23 +00:00
|
|
|
Unfortunately, there are a small number of thinkpads with a model number
|
|
|
|
from the "xx30" series that are using a completely different EC CPU and
|
|
|
|
a different BIOS update strategy. Thus they are not currently able to
|
|
|
|
be patched. This is known to be the case for at least the L430, L530
|
|
|
|
and E330.
|
2017-03-06 08:56:28 +00:00
|
|
|
|
2016-10-16 04:16:23 +00:00
|
|
|
* A full writeup of the hardware modifications needed can be found at:
|
2016-04-27 01:43:31 +00:00
|
|
|
http://www.thinkwiki.org/wiki/Install_Classic_Keyboard_on_xx30_Series_ThinkPads
|
2016-04-23 04:21:12 +00:00
|
|
|
|
2016-10-16 04:16:23 +00:00
|
|
|
* More information for hacking on this can be found in the docs/HACKING.txt
|
|
|
|
file.
|
2016-04-23 04:21:12 +00:00
|
|
|
|
2017-03-06 09:24:43 +00:00
|
|
|
* A video presenting how these thinkpad laptops were hacked is online:
|
|
|
|
https://www.youtube.com/watch?v=Fzmm87oVQ6c
|
|
|
|
|
2016-05-20 01:05:22 +00:00
|
|
|
Step-by-step instructions:
|
|
|
|
--------------------------
|
2016-04-23 04:21:12 +00:00
|
|
|
|
2016-06-06 12:50:54 +00:00
|
|
|
This software expects to be run under Linux. For best results, ensure you
|
|
|
|
have updated your BIOS to a recent version before starting. If there is too
|
|
|
|
large a difference between the BIOS and EC versions then the flash process
|
|
|
|
will not complete.
|
2016-04-23 04:21:12 +00:00
|
|
|
|
2019-08-18 15:45:10 +00:00
|
|
|
A little more detail about the BIOS versions:
|
|
|
|
It is not so much a question about upgrading to a recent BIOS version, but
|
|
|
|
more of ensuring you are using a compatible EC firmware version. For
|
|
|
|
safety, ensure that the EC version you are running is the same as the EC
|
|
|
|
version used by the patched image you build. The version used to build
|
|
|
|
the patch is shown at the end of the build process and during the pre-flash
|
|
|
|
warning message.
|
|
|
|
|
2016-08-27 05:04:17 +00:00
|
|
|
1. Ensure you have installed the prerequisite packages
|
2019-07-30 01:03:43 +00:00
|
|
|
On Debian, this can be done with:
|
2016-04-26 14:43:48 +00:00
|
|
|
|
2019-07-30 00:50:03 +00:00
|
|
|
```
|
2019-10-12 03:22:41 +00:00
|
|
|
sudo apt-get update
|
2018-02-06 13:40:43 +00:00
|
|
|
sudo apt-get install build-essential git mtools libssl-dev
|
2019-07-30 00:50:03 +00:00
|
|
|
```
|
2016-04-27 01:43:31 +00:00
|
|
|
|
2019-07-30 01:03:43 +00:00
|
|
|
On Fedora, you could install it with dnf:
|
|
|
|
|
|
|
|
```
|
2019-10-01 04:38:22 +00:00
|
|
|
sudo dnf install git mtools openssl-devel
|
2019-07-30 01:03:43 +00:00
|
|
|
sudo dnf group install "C Development Tools and Libraries"
|
|
|
|
```
|
|
|
|
|
2016-04-27 01:43:31 +00:00
|
|
|
|
2016-08-27 05:04:17 +00:00
|
|
|
2. Clone a copy of this repo on to your computer:
|
2016-04-26 14:43:48 +00:00
|
|
|
|
2019-07-30 00:50:03 +00:00
|
|
|
```
|
2016-05-20 01:05:22 +00:00
|
|
|
git clone https://github.com/hamishcoleman/thinkpad-ec
|
2019-07-30 00:50:03 +00:00
|
|
|
```
|
2016-04-26 14:43:48 +00:00
|
|
|
|
2016-08-27 05:04:17 +00:00
|
|
|
3. Change to the directory created by the clone:
|
2016-04-26 14:43:48 +00:00
|
|
|
|
2019-07-30 00:50:03 +00:00
|
|
|
```
|
2016-05-20 01:05:22 +00:00
|
|
|
cd thinkpad-ec
|
2019-07-30 00:50:03 +00:00
|
|
|
```
|
2016-04-27 01:43:31 +00:00
|
|
|
|
2016-08-27 05:04:17 +00:00
|
|
|
4. Show the list of laptops and USB image file names:
|
2016-04-27 01:43:31 +00:00
|
|
|
|
2019-07-30 00:50:03 +00:00
|
|
|
```
|
2016-05-20 01:24:23 +00:00
|
|
|
make list_laptops
|
2019-07-30 00:50:03 +00:00
|
|
|
```
|
2016-04-23 04:21:12 +00:00
|
|
|
|
2017-03-19 03:34:51 +00:00
|
|
|
5. Choose your laptop model name from the list shown.
|
|
|
|
E.G. "patched.x230.img" for a x230 laptop.
|
2016-04-23 04:21:12 +00:00
|
|
|
|
2017-03-19 03:34:51 +00:00
|
|
|
6. Using the name chosen in the previous step, make the fully
|
|
|
|
patched image for this laptop (this will download the original
|
|
|
|
file from Lenovo and patch it):
|
2016-04-23 04:21:12 +00:00
|
|
|
|
2019-07-30 00:50:03 +00:00
|
|
|
```
|
2016-05-20 03:15:18 +00:00
|
|
|
make patched.x230.img
|
2019-07-30 00:50:03 +00:00
|
|
|
```
|
2016-04-23 04:21:12 +00:00
|
|
|
|
2016-08-27 05:04:17 +00:00
|
|
|
7. Insert your USB stick and determine what device name it has.
|
2017-03-19 03:39:07 +00:00
|
|
|
(Note: chose a USB stick with nothing important on it, it will
|
|
|
|
be erased in the next step) This command should help you find the
|
|
|
|
right device:
|
2016-04-23 04:21:12 +00:00
|
|
|
|
2019-07-30 00:50:03 +00:00
|
|
|
```
|
2016-06-18 02:02:27 +00:00
|
|
|
lsblk -d -o NAME,SIZE,LABEL
|
2019-07-30 00:50:03 +00:00
|
|
|
```
|
2016-05-20 01:05:22 +00:00
|
|
|
|
2017-03-19 03:39:07 +00:00
|
|
|
8. Write the bootable patched image onto the USB stick device (replace
|
|
|
|
the "sdx" in this command with the correct name for your usb stick)
|
2016-05-20 03:15:18 +00:00
|
|
|
|
|
|
|
WARNING: if you do not have the right device name, you might overwrite
|
|
|
|
your hard drive!
|
|
|
|
|
2019-07-30 00:50:03 +00:00
|
|
|
```
|
2019-08-09 00:44:27 +00:00
|
|
|
sudo dd if=patched.x230.img of=/dev/sdx bs=4M status=progress conv=fsync
|
2019-07-30 00:50:03 +00:00
|
|
|
```
|
2016-05-20 01:05:22 +00:00
|
|
|
|
2016-05-20 03:15:18 +00:00
|
|
|
Your USB stick is now ready to boot and install the patched firmware.
|
|
|
|
|
2019-07-30 00:50:03 +00:00
|
|
|
|
2016-05-20 03:15:18 +00:00
|
|
|
Notes:
|
2016-10-16 04:16:23 +00:00
|
|
|
------
|
2016-05-20 01:05:22 +00:00
|
|
|
|
2016-05-20 03:15:18 +00:00
|
|
|
* You can also create a bootable CDROM image for burning to a disk
|
2017-03-09 08:34:23 +00:00
|
|
|
by asking for a ".iso" file instead of the ".img" in step 6 above.
|
2016-08-27 05:04:17 +00:00
|
|
|
Then you can use your normal CDROM burning tools to put this image on
|
2017-03-09 08:31:42 +00:00
|
|
|
a blank cd and boot it up, skipping steps 7 and 8.
|
2016-05-20 01:05:22 +00:00
|
|
|
|
2017-01-31 05:50:58 +00:00
|
|
|
* To include the battery validation patch or to make a build that
|
|
|
|
reverts any EC changes, read the docs/CONFIG.txt and follow
|
2017-03-16 04:40:02 +00:00
|
|
|
the configuration instructions in it before running step 6.
|
2016-10-16 04:16:23 +00:00
|
|
|
|
|
|
|
|
|
|
|
Booting the stick and flashing the firmware:
|
|
|
|
--------------------------------------------
|
|
|
|
|
|
|
|
While flashing the firmware is as simple as booting the USB stick
|
|
|
|
created above, there are a couple of steps that can help the process.
|
|
|
|
This is more a list of issues that the community has discovered as the
|
|
|
|
patch was applied in different circumstances than a hard and fast set
|
|
|
|
of requirements.
|
|
|
|
|
2019-05-05 12:03:50 +00:00
|
|
|
The flashing process takes place in two distinct steps (these are outlined
|
|
|
|
below, but explained in more detail in docs/firmware_flashing.txt)
|
|
|
|
|
|
|
|
1. Booting the USB stick:
|
|
|
|
* First shows a page with information about the patch, including
|
|
|
|
which laptop type it was built for.
|
|
|
|
* Then it hands the new EC update to the BIOS, "staging" it for
|
|
|
|
a future flashing into the EC hardware
|
|
|
|
* Finally it reboots the system.
|
|
|
|
|
|
|
|
1. Under the BIOS control, during a bootup:
|
|
|
|
* During the boot, the BIOS notices that it has a new EC update staged
|
|
|
|
* It then checks if it is safe to flash this update to the EC.
|
|
|
|
* If everything is safe, it will show a screen saying "Flashing EC"
|
|
|
|
* The system will bootup normally with the new EC code running.
|
|
|
|
|
|
|
|
If you don't see this second screen with the "Flashing EC" message,
|
|
|
|
your EC has not been flashed, and you should continue reading below to
|
|
|
|
see what steps you can take to ensure the EC is properly flashed with
|
|
|
|
the patched firmware. In this cases everything might look like it was
|
|
|
|
successful but after the reboot the keys are not remapped.
|
2018-11-24 04:10:42 +00:00
|
|
|
|
2018-02-05 05:15:44 +00:00
|
|
|
* For best results, ensure you have the power charger plugged in during
|
|
|
|
the flashing process.
|
|
|
|
|
2019-05-05 12:03:50 +00:00
|
|
|
* Some chargers seem to have issues with actually performing the flashing
|
|
|
|
procedure after the flash process reboots. So, if you have - or can
|
|
|
|
borrow - other chargers, try that.
|
2018-11-16 14:43:56 +00:00
|
|
|
|
2016-10-16 04:16:23 +00:00
|
|
|
* The firmware flash process generally requires you to have a charged
|
2019-05-05 12:03:50 +00:00
|
|
|
battery plugged in to the laptop before it will complete.
|
|
|
|
|
|
|
|
* It may be possible to bypass the requirement for a charged battery
|
|
|
|
if you unplug the battery completely.
|
|
|
|
* Alternatively, it might be simply looking for any battery /and/
|
|
|
|
the power charger plugged in.
|
|
|
|
|
|
|
|
Yes, this is contradictory, but it is worth trying both options.
|
2018-05-28 01:58:37 +00:00
|
|
|
|
|
|
|
* An ultrabay battery is not considered by the update mechanism to be
|
|
|
|
a suitable source of power - when trying different battery options,
|
|
|
|
ensure you are trying batteries in the main battery slot.
|
2016-10-16 04:16:23 +00:00
|
|
|
|
|
|
|
* Ensure your BIOS has been configured to boot from "Legacy" and not
|
|
|
|
"UEFI" before trying to boot.
|
|
|
|
|
|
|
|
* If you do normally use UEFI boot, there has been at least one case where
|
|
|
|
the EC does not get flashed until the BIOS is switched back into UEFI
|
|
|
|
mode - after which the EC was automatically flashed on the next reboot.
|