thinkpad-firmware-patches icon indicating copy to clipboard operation
thinkpad-firmware-patches copied to clipboard

Published 20 hours ago verified publisher icon digmorepaka

WWAN whitelist removal not working on T480s

Open TitoBournet opened this issue 3 years ago • 16 comments
trafficstars

Model T480s
Patchset xx70_xx80_patches_v6.txt (only advance menu and wwan whitelist selected)
TPM MFG state
Notes I have the advanced menu in the BIOS, although the WWAN whitelist is still there.

Hello everyone!
I'm trying to remove the WWAN whitelist on my T480s.

I've applied the patches "enable advance menu" and "remove wwan whitelist" in xx70_xx80_patches_v6.txt
To disable tamper protection I've replaced 4C 4E 56 42 42 53 45 43 FB with 4C 4E 56 42 42 53 45 43 FF in a hex editor, and after flashing it back, I have the advanced menu in the BIOS, but the WWAN whitelist is still there. If I leave the WWAN card inserted, I get error 1802:

1802: Unauthorized network card is plugged in - Power off and remove the network card
System is halted

TPM was previously disabled, but after the patch, it was in "MFG" state.

Should I use a different script on my T480s?
Could someone help me to remove the WWAN whitelist?

Thank you very much!

TitoBournet avatar Apr 03 '22 19:04 TitoBournet

I'll take a look, could you post your dump?

digmorepaka avatar Apr 19 '22 07:04 digmorepaka

Hi Daniel,

Here is a dump of my original BIOS ROM:

Thanks in advance, Pablo

TitoBournet avatar Apr 21 '22 18:04 TitoBournet

I see absolutely zero why the regular patches wouldn't work, nonetheless, here's a manually modified version only containing the wwan whitelist bypass. http://0x0.st/oARB.bin md5:e3737ff1846f47aebc346df0d4f0cfde T480s-patched-UEFI.bin

digmorepaka avatar May 05 '22 23:05 digmorepaka

woops

digmorepaka avatar May 05 '22 23:05 digmorepaka

Hi Daniel, thank you very much!

I'll try it as soon as I get a chance (sometime over the weekend I estimate) and let you know.

Best regards, Tito

TitoBournet avatar May 06 '22 13:05 TitoBournet

Hi, I flashed back the BIOS MOD that Daniel (@digmorepaka) did and I still get the same behavior as doing it through the scripts, i.e. if I leave the WWLAN card plugged, I get error 1802:

1802: Unauthorized network card is plugged in - Power off and remove the network card System is halted

Even the behavior of the TPM was the same (from disabled to MFG state).

What other test could I perform?

Thanks a lot, Tito

TitoBournet avatar May 08 '22 18:05 TitoBournet

The module looks exactly the same as the one in the T480 UEFI, for some reason the pattern isn't automatically found - ok found it manually. But it does not work, might need a second module patched too. If I get around to it, I will post it here. Currently working on a couple other projects so sorry if I take a while to do it.

digmorepaka avatar May 11 '22 23:05 digmorepaka

OK Daniel, thank you very much for taking the time. There's no rush, so I'll wait until you get a chance to see it. Best regards, Tito

TitoBournet avatar May 12 '22 12:05 TitoBournet

The module looks exactly the same as the one in the T480 UEFI, for some reason the pattern isn't automatically found - ok found it manually. But it does not work, might need a second module patched too. If I get around to it, I will post it here. Currently working on a couple other projects so sorry if I take a while to do it.

I'd hate to disturb anyone, but I'd love to know if you've managed to find time to look at this. I'd love to be able to plug in one of these.

debdrup avatar Mar 01 '23 21:03 debdrup

hey @digmorepaka, I have the same issue on my T480s after applying Advanced menu and WWAN whitelist removal patches: Advanced menu appears and is usable, but WWAN whitelist is still there. any chance you could fix this with now three of us encountering this exact problem? I can send my original and current BIOS dumps if you need them

k1gen avatar May 22 '23 12:05 k1gen

@digmorepaka? you there?

k1gen avatar Jul 08 '23 12:07 k1gen

Just noticed that this specific error message is not from the LenovoWmaPolicy module, but from the BdsMilestone module. Still have no clue how to properly patch this.

Attaching the extracted efi file in case anyone would like to take a stab at it: Section_PE32_image_BdsMilestone_BdsMilestone_body.efi.zip

maz3max avatar Jul 25 '23 00:07 maz3max

Maybe the line 6A628EFE-3682-4FDC-A31E-C635BDF18CC8 10 P:803D1CDE0000000F841102:803D1CDE000000E9120200 could fix it. No guarantee though, I need to wait for hardware to test it. Assume that this damages your system.

maz3max avatar Jul 25 '23 22:07 maz3max

Just noticed that I don't need to mod the bios of my X1C5 to install an AX210 card, so I won't pursue this further.

maz3max avatar Jul 26 '23 15:07 maz3max

I still want @digmorepaka or someone else to fix this, because for now any adequately-priced WWAN card won't work in my T480s

k1gen avatar Jul 26 '23 15:07 k1gen

I can't make universal patch, but here is what works for me for 1.57 bios https://gitlab.com/repos-holder/thinkpad-firmware-patches/-/blob/master/xx70_xx80_patches_v7.txt?ref_type=heads Its not hard to adjust it for specific bios version with ida pro (ghidra crashed for me). these notes https://gitlab.com/repos-holder/thinkpad-firmware-patches/-/blob/master/notes.txt?ref_type=heads may help

dukzcry2 avatar Apr 09 '24 06:04 dukzcry2