bios

30 Articles

Screenshot of the EFI shell, showing doom.wad and doom.efi in 'ls' command output, and then doom.efi being loaded

DOOM? In Your BIOS? More Likely Than You Think!

June 12, 2022 by 25 Comments

We’ve seen hackers run DOOM on a variety of appliances, from desk phones to pregnancy tests. Now, the final frontier has been conquered – we got DOOM to run on an x86 machine. Of course, making sure we utilize your PC hardware to its fullest, we have to forego an OS. Here are two ways you can run the classic shooter without the burden of gigabytes of bloated code in the background.

[nic3-14159] implemented this first version as a payload for coreboot, which is an open-source BIOS/UEFI replacement for x86 machines. Some might say it’s imperfect — it has no sound support, only works with PS/2 keyboards, and exiting the game makes your computer freeze. However, it’s playable, and it fits into your BIOS flash chip.

But what if your computer hasn’t yet been blessed with a free BIOS replacement? You might like this UEFI module DOOM port instead, originally made by [Warfish] and then built upon by [Cacodemon345]. To play this, you only need to compile the binary and an UEFI shell, then use the “Load EFI Shell” option in your UEFI menu – something that’s widely encountered nowadays. This version also lacks sound, but is a bit more fully featured due to all the facilities that UEFI provides for its payloads.

Of course there’s far more efficient ways to slay demons on your computer, but even if they aren’t necessarily practical from a gaming standpoint, these two projects serve as decent examples of Coreboot and UEFI payloads. BIOS replacements like coreboot take up so little space, we’ve even seen Windows 3.1 fit alongside coreboot in the BIOS chip. Wondering what UEFI is, even? Here’s a primer for you. And, if you don’t mind the exceptional bloat of a stripped-down Linux install, here’s a Linux image built from the ground up to run DOOM specifically.

Continue reading DOOM? In Your BIOS? More Likely Than You Think!”

A CH341 programmer dongle with a stack of adapters on top (one for 1.8V and one for clip connection), and a test clip to the right of it

BIOS Flashing Journey Writeup Puts Tutorials To Shame

December 26, 2021 by 18 Comments

A couple of weeks ago, [Doug Brown] bought a Ryzen motherboard, advertised as “non-working” and discounted accordingly. He noticed that the seller didn’t test it with any CPUs old enough to be supported by the board’s stock BIOS revision, and decided to take a gamble with upgrading it.

Not having a supported CPU in hand either, he decided to go the “external programmer” route, which succeeded and gave this board a new life. This is not why we’re writing this up, however. The reason this article caught our eye is because [Doug]’s research leaves no stone unturned, and it’s all there to learn from. Whether through careful observation or thorough research, this article covers all the important points and more, serving as an example to follow for anyone looking to program their BIOS.

For instance, [Doug] correctly points out a design issue with these common programmers resulting in 5 V getting onto the 3.3 V data lines, and fixes it by rewiring the board. Going through all the letters in the ICs part number, something that many of us would dismiss, [Doug] notices that the flash chip is 1.8 V-only and procures a 1.8 V adapter to avoid the possibility of frying his motherboard. After finding out that the 1.8 V adapters don’t work for some people, he reverse-engineers the adapter’s schematics and confirms that it, indeed, ought to work with the specific parts on adapter he received.

Noting another letter in the part number implying the flash chip might be configured for quad-SPI operation, he adds series resistors to make sure there’s no chance of the programmer damaging the BIOS chip with its hardwired pinout. This is just an example of the insights in [Doug]’s article, there’s way more that we can’t mention for brevity, and we encourage you to check it out for yourself.

With this level of care put into the process, it’s no surprise that the modification was successful. The kind of inquisitiveness shared here is worth aspiring to, and writeups like this often surpass general-purpose tutorials in their insights and usefulness. What’s your “successfully making use of something sold as non-working” story?

If you’re looking for other insightful BIOS stories, we’ve covered someone reverse-engineering their BIOS to remove miniPCIe card whitelisting. We’ve typically covered BIOS modification stories in laptops, since there’s more incentives to modify these, but a lot of laptop BIOS articles will apply to desktop motherboards too, such as this supervisor password removal story or this LibreBoot installation journey by our own [Tom Nardi].

Thank you [Sidney] for sharing this with us!

What’s The Deal With UEFI?

November 30, 2021 by 98 Comments

It seems like there are two camps, the small group of people who care about UEFI and everyone else who doesn’t really notice or care as long as their computer works. So let’s talk about what UEFI is, how it came to be, what it’s suitable for, and why you should (or shouldn’t) care.

Continue reading “What’s The Deal With UEFI?”

School Surplus Laptop BIOS Hacked To Remove Hardware Restrictions

August 23, 2021 by 50 Comments

Why did [Hales] end up hacking the BIOS on a 10 year old laptop left over from an Australian education program? When your BIOS starts telling you you’re not allowed to use a particular type of hardware, you don’t have much of a choice.

Originally [Hales] planned on purchasing a used Lenovo X260 to replace his dying laptop, but his plans were wrecked. A pandemic-induced surge in demand that even the used laptop market caused prices to bloat. The need for a small and affordable laptop with a built in Ethernet port led to the purchase of a Lenovo Thinkpad x131e. Although the laptop was older than he liked, [Hales] was determined to make it work. Little did he know the right-to-repair journey he was about to embark on.

Problems first arose when the Broadcom WiFi adapter stopped working reliably. He replaced it, but the coaxial antenna cable was found to be damaged. Even after replacing the damaged cabling, the WiFi adapter was still operating very poorly. Recalling past problems with fickle Broadcom WiFi adapters, it was decided that an Intel mPCIe WiFi adapter would take its place. When power was re-applied, [Hales] was shocked to find the following message:

Unauthorized network card is plugged in – Power off and remove the miniPCI network card

And this is where things got interesting. With off the shelf SOIC8 clips and a CH340 programmer, [Hales] dumped the BIOS from the laptop’s flash chip to another computer and started hacking away. After countless hours of researching, prodding, hacking, and reverse engineering, the laptop was useful once again with the new Intel WiFi adapter. His site documents in great detail how he was able to reverse engineer the BIOS over the course of several days.

But that’s not all! [Hales] was also able to modify the hardware so that his slightly more modern mPCIe WiFi adapter would come back on after the computer had been put in Hibernation. It’s an elegant hack, and be sure to check [Hales’] site to get the full details. And at the end, there’s a nice Easter egg for anybody who’s ever wanted to make their laptop boot up with their own logo.

We applaud [Hales] for his fine efforts to keep working equipment out of the landfill. We’ve covered many hacks that had similar goals in the past. Do you have a hack you’d like to share? Submit it via the Tips Line.

Removing Supervisor Passwords And Learning Python

March 24, 2021 by 15 Comments

When learning a new programming language, it’s best to have a goal in mind and work towards it. [Timo] thought it was about time to learn python, and he also had a project in mind: removing the BIOS supervisor password from his old Thinkpad. From there it was just a few keystrokes (and some soldering) and he was able to change the BIOS password of this black box from the outside.

The build utilizes a BeagleBone to communicate with the laptop’s EEPROM via the I2C bus. An oscilloscope also monitors the bus to look for a specific window every four-seconds when the computer is not accessing the bus. During that short period, the EEPROM can be read and written to. Once the window opens, the BeagleBone executes the Python script, which attempts to read the EEPROM and can also perform actions such as removing or changing the BIOS supervisor password.

Of course, tinkering with the EEPROM on a laptop has a high risk of bricking the device, and not all laptops use the same security measures or even memory addresses for things like this, so documentation and precision are key. Also, with Thinkpads of this vintage it’s possible to replace the firmware on these chips entirely with a FOSS version called libreboot, and even though the process is difficult, it’s definitely recommended.

Continue reading “Removing Supervisor Passwords And Learning Python”

Arduino Gets Old PC Booted And Back Into Action

October 11, 2020 by 47 Comments

How many people still have a PS/2 keyboard kicking around in 2020? Admittedly asking such a question of the Hackaday audience is probably cheating (there’s a decent chance one of you will type a comment on one just to prove a point), but even the most pedantic reader has to admit that it’s a long dead standard. So we’re hardly surprised to hear that [Turbaned Engineer] didn’t have one handy when he tried to boot a motherboard so old that he couldn’t access the BIOS with a USB keyboard.

But rather than waiting for an adapter to show up in the mail, he decided to rig up an Arduino Nano to mimic a PS/2 keyboard just long enough for him to navigate the system configuration. Since that basically meant he only needed the arrow keys and Enter, he was able to rig up a handful of momentary buttons to serve as input. We wouldn’t recommend typing out your memoirs with such a spartan board, but it’s certainly good enough to juggle around the order of boot devices.

The fun didn’t stop there, though. [Turbaned Engineer] also had to clean some corrosion and fix a blown resistor on a bank of RAM to drag this old soldier over the finish line. He didn’t have a case handy, so he made a free-form one using the polycarbonate packaging that ICs ship in. The final machine isn’t exactly a sleeper, but it’s good enough to play Super Mario Bros. 3 on the TV.

At the end of the day, the minimal input device [Turbaned Engineer] put together isn’t so far removed from other homebrew keyboards we’ve seen recently. It seems that QMK even has some basic support for the PS/2 interface. Not that it would come up very often, but a “retro” mode might be an interesting addition to your next custom keyboard build.

Unlocking Hidden Potential In IvyBridge ThinkPads

February 3, 2020 by 37 Comments

Upgrading the BIOS in older computers is a great way to get a few more years of life out of old hardware or improve its performance. ThinkPads are a popular choice around these parts, but often flashing new firmware involves directly programming the chips themselves. Luckily, there’s a new flashing tool for some older Thinkpads that is much simpler.

The ThinkPads involved are the xx30 models with IvyBridge processors built around 2012, and a tool called 1vyrain now allows unlocking the bios without disassembling your computer. This means that there’s support for custom BIOS images such as coreboot, and in certain computers this also allows for overclocking, replacing WLAN hardware, and a number of other customizations. It will also allow you to disable the Intel management engine, which is not something we tire of talking about.

If you have one of these older computers floating around, some new RAM, an SSD, and this update will get you well on your way to a computer that feels brand new at virtually no cost, and the upgrades to the BIOS that you can easily make now only add to that. ThinkPads are a popular choice, especially for their hardware, but you do need to make sure that the software on them is trustworthy too.

Header image: Ashley Pomeroy [CC BY-SA 4.0].