Can You Use A POST Card With A Modern BIOS?

[Alessandro Carminati] spends the day hacking Linux kernels, and to such an end needed a decent compilation machine to chew through the builds. One day, this machine refused to boot leaving some head-scratching to do, and remembering the motherboard diagnostics procedures of old, realized that wasn’t going to work for this modern board. You see, older ISA-based systems were much simpler, with diagnostic POST codes accessible by sniffing the bus with an appropriate card inserted, but the modern motherboard doesn’t even export the same bus anymore.

See “out 0x80, al” in there? That’s a POST code being written

Do modern machines even run a POST test at all, or are there other standards? After firing up a Linux machine and dumping the first meg of memory address space, it clearly contained some of the BIOS code. [Alessandro] looked at a disassembly of the BIOS update image and saw a similar structure, with POST code data sent to port 0x80 just like machines of old.

But instead of an ISA CPU bus, we have the Low Pin Count (LPC) bus which is used to hook up the ‘super IO’ functions, controlling things such as fans, temp sensors, and other system management functions. It also serves as the connection for the TPM feature, which usually appears as one of the motherboard connectors intended to be user-accessible. It turns out that POST codes can be accessed from this point with an appropriate POST card that can talk LPC.

Continue reading “Can You Use A POST Card With A Modern BIOS?”

Bringing Up An Old Motherboard Is A Delicate Process

If you were around for the early days of the personal computer revolution, you’ll no doubt recall the excitement every time IBM announced a new version of its beige boxes. For a lot of us, the excitement was purely vicarious, for despite the “personal” moniker, mere mortals could rarely afford a branded IBM machine. But it was still cool to keep track of the latest releases, and dream of the days when cheap clones would make it possible to play.

[Anders Nielsen]’s recent find of an original IBM Model 5160 motherboard sort of echoes that long-ago excitement, but in a different way. This board, from a PC XT built in 1984, was in unknown condition upon arrival, so [Anders] set about a careful process to try to bring the board back to life. A quick visual inspection leaves one with a sense of both how much things have changed, and how much they’ve stayed the same. Aside from the big 40-pin DIP 8088 CPU and the BIOS ROMs, the board is almost completely populated with discrete logic chips, but at the same time, the basic footprint of a motherboard has changed very little.

The bring-up process in the video below includes checks of all the power rails for shorts, which ended up being a good call — drat those tantalums. After fixing that issue, [Anders] had a bit of trouble getting the board to POST, and eventually resorted to dumping the BIOS ROMs and inspecting the contents. One of the chips had picked up a case of the scramblies at some point, which was easy enough to fix thanks to images of the 5160 ROMs available online. We thought the trick of using a 64k ROM and just writing the BIOS image twice was pretty clever.

In the end, the board came up, although without video or keyboard — that’s for another day. Can’t find your own PC XT motherboard to play with? Then maybe you can just build one.

Continue reading “Bringing Up An Old Motherboard Is A Delicate Process”

Screenshot of the EFI shell, showing doom.wad and doom.efi in 'ls' command output, and then doom.efi being loaded

DOOM? In Your BIOS? More Likely Than You Think!

We’ve seen hackers run DOOM on a variety of appliances, from desk phones to pregnancy tests. Now, the final frontier has been conquered – we got DOOM to run on an x86 machine. Of course, making sure we utilize your PC hardware to its fullest, we have to forego an OS. Here are two ways you can run the classic shooter without the burden of gigabytes of bloated code in the background.

[nic3-14159] implemented this first version as a payload for coreboot, which is an open-source BIOS/UEFI replacement for x86 machines. Some might say it’s imperfect — it has no sound support, only works with PS/2 keyboards, and exiting the game makes your computer freeze. However, it’s playable, and it fits into your BIOS flash chip.

But what if your computer hasn’t yet been blessed with a free BIOS replacement? You might like this UEFI module DOOM port instead, originally made by [Warfish] and then built upon by [Cacodemon345]. To play this, you only need to compile the binary and an UEFI shell, then use the “Load EFI Shell” option in your UEFI menu – something that’s widely encountered nowadays. This version also lacks sound, but is a bit more fully featured due to all the facilities that UEFI provides for its payloads.

Of course there’s far more efficient ways to slay demons on your computer, but even if they aren’t necessarily practical from a gaming standpoint, these two projects serve as decent examples of Coreboot and UEFI payloads. BIOS replacements like coreboot take up so little space, we’ve even seen Windows 3.1 fit alongside coreboot in the BIOS chip. Wondering what UEFI is, even? Here’s a primer for you. And, if you don’t mind the exceptional bloat of a stripped-down Linux install, here’s a Linux image built from the ground up to run DOOM specifically.

Continue reading DOOM? In Your BIOS? More Likely Than You Think!”

A CH341 programmer dongle with a stack of adapters on top (one for 1.8V and one for clip connection), and a test clip to the right of it

BIOS Flashing Journey Writeup Puts Tutorials To Shame

A couple of weeks ago, [Doug Brown] bought a Ryzen motherboard, advertised as “non-working” and discounted accordingly. He noticed that the seller didn’t test it with any CPUs old enough to be supported by the board’s stock BIOS revision, and decided to take a gamble with upgrading it.

Not having a supported CPU in hand either, he decided to go the “external programmer” route, which succeeded and gave this board a new life. This is not why we’re writing this up, however. The reason this article caught our eye is because [Doug]’s research leaves no stone unturned, and it’s all there to learn from. Whether through careful observation or thorough research, this article covers all the important points and more, serving as an example to follow for anyone looking to program their BIOS.

For instance, [Doug] correctly points out a design issue with these common programmers resulting in 5 V getting onto the 3.3 V data lines, and fixes it by rewiring the board. Going through all the letters in the ICs part number, something that many of us would dismiss, [Doug] notices that the flash chip is 1.8 V-only and procures a 1.8 V adapter to avoid the possibility of frying his motherboard. After finding out that the 1.8 V adapters don’t work for some people, he reverse-engineers the adapter’s schematics and confirms that it, indeed, ought to work with the specific parts on adapter he received.

Noting another letter in the part number implying the flash chip might be configured for quad-SPI operation, he adds series resistors to make sure there’s no chance of the programmer damaging the BIOS chip with its hardwired pinout. This is just an example of the insights in [Doug]’s article, there’s way more that we can’t mention for brevity, and we encourage you to check it out for yourself.

With this level of care put into the process, it’s no surprise that the modification was successful. The kind of inquisitiveness shared here is worth aspiring to, and writeups like this often surpass general-purpose tutorials in their insights and usefulness. What’s your “successfully making use of something sold as non-working” story?

If you’re looking for other insightful BIOS stories, we’ve covered someone reverse-engineering their BIOS to remove miniPCIe card whitelisting. We’ve typically covered BIOS modification stories in laptops, since there’s more incentives to modify these, but a lot of laptop BIOS articles will apply to desktop motherboards too, such as this supervisor password removal story or this LibreBoot installation journey by our own [Tom Nardi].

Thank you [Sidney] for sharing this with us!

What’s The Deal With UEFI?

It seems like there are two camps, the small group of people who care about UEFI and everyone else who doesn’t really notice or care as long as their computer works. So let’s talk about what UEFI is, how it came to be, what it’s suitable for, and why you should (or shouldn’t) care.

Continue reading “What’s The Deal With UEFI?”

School Surplus Laptop BIOS Hacked To Remove Hardware Restrictions

Why did [Hales] end up hacking the BIOS on a 10 year old laptop left over from an Australian education program? When your BIOS starts telling you you’re not allowed to use a particular type of hardware, you don’t have much of a choice.

Originally [Hales] planned on purchasing a used Lenovo X260 to replace his dying laptop, but his plans were wrecked. A pandemic-induced surge in demand that even the used laptop market caused prices to bloat. The need for a small and affordable laptop with a built in Ethernet port led to the purchase of a Lenovo Thinkpad x131e. Although the laptop was older than he liked, [Hales] was determined to make it work. Little did he know the right-to-repair journey he was about to embark on.

Problems first arose when the Broadcom WiFi adapter stopped working reliably. He replaced it, but the coaxial antenna cable was found to be damaged. Even after replacing the damaged cabling, the WiFi adapter was still operating very poorly. Recalling past problems with fickle Broadcom WiFi adapters, it was decided that an Intel mPCIe WiFi adapter would take its place. When power was re-applied, [Hales] was shocked to find the following message:

Unauthorized network card is plugged in – Power off and remove the miniPCI network card

And this is where things got interesting. With off the shelf SOIC8 clips and a CH340 programmer, [Hales] dumped the BIOS from the laptop’s flash chip to another computer and started hacking away. After countless hours of researching, prodding, hacking, and reverse engineering, the laptop was useful once again with the new Intel WiFi adapter. His site documents in great detail how he was able to reverse engineer the BIOS over the course of several days.

But that’s not all! [Hales] was also able to modify the hardware so that his slightly more modern mPCIe WiFi adapter would come back on after the computer had been put in Hibernation. It’s an elegant hack, and be sure to check [Hales’] site to get the full details. And at the end, there’s a nice Easter egg for anybody who’s ever wanted to make their laptop boot up with their own logo.

We applaud [Hales] for his fine efforts to keep working equipment out of the landfill. We’ve covered many hacks that had similar goals in the past. Do you have a hack you’d like to share? Submit it via the Tips Line.

Removing Supervisor Passwords And Learning Python

When learning a new programming language, it’s best to have a goal in mind and work towards it. [Timo] thought it was about time to learn python, and he also had a project in mind: removing the BIOS supervisor password from his old Thinkpad. From there it was just a few keystrokes (and some soldering) and he was able to change the BIOS password of this black box from the outside.

The build utilizes a BeagleBone to communicate with the laptop’s EEPROM via the I2C bus. An oscilloscope also monitors the bus to look for a specific window every four-seconds when the computer is not accessing the bus. During that short period, the EEPROM can be read and written to. Once the window opens, the BeagleBone executes the Python script, which attempts to read the EEPROM and can also perform actions such as removing or changing the BIOS supervisor password.

Of course, tinkering with the EEPROM on a laptop has a high risk of bricking the device, and not all laptops use the same security measures or even memory addresses for things like this, so documentation and precision are key. Also, with Thinkpads of this vintage it’s possible to replace the firmware on these chips entirely with a FOSS version called libreboot, and even though the process is difficult, it’s definitely recommended.

Continue reading “Removing Supervisor Passwords And Learning Python”