Disabling Intel ME on Boot Guard computers
The Intel Management Engine (ME) is a "ring -3" system in all modern Intel CPUs. Due to security
concerns, there have been efforts to disable ME as much as possible, such as
Intel Boot Guard is a technology for cryptographically verifying system firmware, including the BIOS and ME firmware. Boot Guard has two primary modes of operation - Measured Boot and Verified Boot. In Verified Boot mode, the system will not boot if the firmware does not verify. This page explains how to check if your system uses Intel Boot Guard.
me_cleaner attempts to remove all non-essential modules from the ME firmware, forcing the ME into a
non-executing error state. This is not possible with Verified Boot, since it involves modifying the ME
In August 2017, it was discovered that an undocumented "Alt ME Disable" mode exists, which can be enabled by setting a bit in the Intel Flash Descriptor. It is possible to activate this mode even in Verified Boot mode, although this is not well-documented, aside from a few reports of successes. I can also confirm this is indeed the case.
You can read about how to apply
me_cleaner here. You must run
me_cleaner.py -s, to only set the "Alt
ME Disable" or "HAP" bit.
In short, these are the steps I performed on my Lenovo ThinkPad T450s. I used a Raspberry Pi 1 Model B to read and write the flash chip, with a Pomona 5250 SOIC-8 clip to connect the SPI flash chip. This is not intended as a guide or tutorial, and I am not responsible for any bricked laptops.
- Enable Wake-on-LAN in ThinkPad BIOS setup. This is required for the laptop to power the flash chip when off. It is potentially dangerous to power the chip with an external power supply, and this is known to destroy some ThinkPad models.
- Locate and connect the flasher to the flash chip. The SPI flash chip on the T450s is located between the RAM slot and the CPU heat pipe. I removed the RAM and peeled back some tape to expose the chip.
- Connect the laptop to AC and plug in an ethernet cable. This will power up the flash chip.
flashrom -p linux_spi:dev=/dev/spidev0.0,spispeed=12800 -r t450s.binTo read the contents of the flash chip. You should do this twice and compare the contents to ensure you have a reliable connection.
ifdtool -f t450s.txt t450s.binto dump the flash layout.
me_cleaner.py -s t450s.bin -O t450s-medisable.bin.
flashrom -p linux_spi:dev=/dev/spidev0.0,spispeed=12800 -l t450s.txt -i ifd -w t450s-medisable.binto write the modified image to the chip.
- Disconnect the flasher and power on the laptop. If it doesn't immediately power off, then you're probably good.
spispeed=12800 to speed up SPI operations. Setting this too high may result in an unstable
If the ME interface e.g.
00:16.0 Communication controller: Intel Corporation Wildcat Point-LP MEI Controller
#1 (rev 03) disappears from the PCI bus, or you see ME communication errors, this indicates that the ME is
disabled. On Linux, you may want to blacklist the
mei_me modules to silence the communication
If all went well, and you can verify the ME is not operational, you should report your success here.