Extending EOL by modding intel power attributes
I came across this while looking around at spectre side channels and cache fences. Apparently Coffee Lake CPU's power attributes can be reset by overriding the management engine on Skylake MB's. http://www.overclock.net/forum/8-intel-general/1665657-coffeelake-completely... The descriptions come in three parts. Here's a quote from the think tank. "(Do not mind the BS intel put out about pinout incompatibility, close look reveals there is no big issue in that - you can just pop the CFL cpu in board without a problem or risk of damage.)" Here's a peek at the patch thread. "All MSI LGA1151 boards can work with 6-core cpu. Use Intel Flash Image Tool and decomp original BIOS image. Then extract vbios and upgrade to 1054. For coffee lake 6-core,you need change sku (at the top of Flash Image Tool window )to Z370. And ME FW Version is not important here. Replace BIOS Region.bin to a MSI Z370 one.And replace Z370's vbios to the one we upgraded. Build image and flash via SPI Programmer( may be need to change 8M Flash chip to 16M) Last isolate 2 pins on cpu and you can power on." Keeping stuff away from the dustbin with a few select attribute modifications. These guys do all the groundwork and you can poke it in for free. Gotta like that. -- Russell
On Tue, Mar 6, 2018 at 7:44 AM, Russell via talk <talk@gtalug.org> wrote:
I came across this while looking around at spectre side channels and cache fences.
Apparently Coffee Lake CPU's power attributes can be reset by overriding the management engine on Skylake MB's.
http://www.overclock.net/forum/8-intel-general/1665657- coffeelake-completely-working-100-200-series-chipsets.html#/topics/1665657
The descriptions come in three parts. Here's a quote from the think tank.
"(Do not mind the BS intel put out about pinout incompatibility, close look reveals there is no big issue in that - you can just pop the CFL cpu in board without a problem or risk of damage.)"
Here's a peek at the patch thread.
"All MSI LGA1151 boards can work with 6-core cpu. Use Intel Flash Image Tool and decomp original BIOS image. Then extract vbios and upgrade to 1054. For coffee lake 6-core,you need change sku (at the top of Flash Image Tool window )to Z370. And ME FW Version is not important here. Replace BIOS Region.bin to a MSI Z370 one.And replace Z370's vbios to the one we upgraded. Build image and flash via SPI Programmer( may be need to change 8M Flash chip to 16M) Last isolate 2 pins on cpu and you can power on."
Keeping stuff away from the dustbin with a few select attribute modifications. These guys do all the groundwork and you can poke it in for free.
Gotta like that.
Thank you Russell for this info!!! Your quoted info seems specifically for a MSI product. As they are only one of more than a few mobo suppliers I'm wondering as to the possibility of using this on other manufacturer's products. Ideas, thoughts please? Dee
| From: o1bigtenor via talk <talk@gtalug.org> | | On Tue, Mar 6, 2018 at 7:44 AM, Russell via talk <talk@gtalug.org> wrote: | | > Apparently Coffee Lake CPU's power attributes can be reset by overriding | > the management engine on Skylake MB's. | > | > http://www.overclock.net/forum/8-intel-general/1665657- | > coffeelake-completely-working-100-200-series-chipsets.html#/topics/1665657 This is definitely interesting. Peering into a box intended to be black. Why would Intel intentionally obsolete a bunch of boards? It would seem to reduce the number of CPU sales. Perhaps there is something inferior about a system where the two pins are ignored (or whatever happens to the two pins after the hack). Intel might sell more support chips this way. But they have to split the proceeds of a motherboard sale with the motherboard manufacturer while they get all the proceeds from a processor sale. I assume that the motherboards in question were meant for Kaby Lake CPUs (Kaby Lake preceded Coffee Lake). After the firmware hack, could you still use a Kaby Lake processor? | Your quoted info seems specifically for a MSI product. As they are only one | of more than a few mobo suppliers I'm wondering as to the possibility of | using this on other manufacturer's products. My guess is that this blob within the firmware is supplied by Intel and is the same for all motherboards. Except that Intel may make changes over time but the copy in a particular firmware may not be the latest. But I would not want to act on a guess. If I were trying this on another board, I'd first verify that that board's initial blob exactly matched MSI's initial blob. | Ideas, thoughts please? Why would you actually do this hack? - this is from reverse engineering, not specification. There is no guarantee that it is 100% functional. - hacking firmware is the last thing you should try UNLESS you find it a fun challenge. It isn't usually an optimal route if there are simpler choices. For example, buying a new motherboard and selling your old motherboard and old processor is simpler and may not be expensive. - if a new firmware is released, you have to ignore it or hack it all over again, with a new set of risks.
On March 6, 2018 1:33:54 PM EST, "D. Hugh Redelmeier via talk" <talk@gtalug.org> wrote:
| From: o1bigtenor via talk <talk@gtalug.org> | | On Tue, Mar 6, 2018 at 7:44 AM, Russell via talk <talk@gtalug.org> wrote: | | > Apparently Coffee Lake CPU's power attributes can be reset by overriding | > the management engine on Skylake MB's. | > | > http://www.overclock.net/forum/8-intel-general/1665657- | > coffeelake-completely-working-100-200-series-chipsets.html#/topics/1665657
This is definitely interesting. Peering into a box intended to be black.
That's what piqued my interest. From my recent reading. I can't remember the exact number of undocumented intel features but I believe the count was 60-70.
Why would Intel intentionally obsolete a bunch of boards? It would seem to reduce the number of CPU sales. Perhaps there is something inferior about a system where the two pins are ignored (or whatever happens to the two pins after the hack).
Intel might sell more support chips this way. But they have to split the proceeds of a motherboard sale with the motherboard manufacturer while they get all the proceeds from a processor sale.
I assume that the motherboards in question were meant for Kaby Lake CPUs (Kaby Lake preceded Coffee Lake). After the firmware hack, could you still use a Kaby Lake processor?
Good question. It seems to be primarily a voltage hack, perhaps the overclockable K series could withstand the burn?
| Your quoted info seems specifically for a MSI product. As they are only one | of more than a few mobo suppliers I'm wondering as to the possibility of | using this on other manufacturer's products.
I haven't read the entire thread yet but I believe others have worked.
My guess is that this blob within the firmware is supplied by Intel and is the same for all motherboards. Except that Intel may make changes over time but the copy in a particular firmware may not be the latest. But I would not want to act on a guess. If I were trying this on another board, I'd first verify that that board's initial blob exactly matched MSI's initial blob.
| Ideas, thoughts please?
Why would you actually do this hack?
Personally I like tinkering and extending the life of the tech I use. At this point its more about the possibility of frankensteining something when prices bottom out and new old stock makes the rounds.
- this is from reverse engineering, not specification. There is no guarantee that it is 100% functional.
There are warnings about the possibility of burning the cpu. So not for prime time or the faint of heart.
- hacking firmware is the last thing you should try UNLESS you find it a fun challenge. It isn't usually an optimal route if there are simpler choices.
For example, buying a new motherboard and selling your old motherboard and old processor is simpler and may not be expensive.
- if a new firmware is released, you have to ignore it or hack it all over again, with a new set of risks.
This hack wouldn't be a production choice for any real enterprise. I just like the mix and match possibilities when the stuff hits salvage pricing. Definitely it's an end of life hail mary pass.
--- Talk Mailing List talk@gtalug.org https://gtalug.org/mailman/listinfo/talk
-- Russell
participants (3)
-
D. Hugh Redelmeier -
o1bigtenor -
Russell