BIOS Updates forum

Happily it worked. $ rdmsr 0x3A 5 That shows bit-2 (0x04) and bit-0 (0x01) of MSR 0x3A are set. bit-2 is the VT enable bit. Loading the Linux KVM modules works and there are no error reports in /var/log/kern.log: $ sudo modprobe kvm-intel $ lsmod | grep kvm kvm_intel 24720 0 kvm 74448 1 kvm_intel If...

Do you have it in your BIOS? If so, in which module? It's a menu entry in the templat0.rom module like any other, only that it seems to be conditional on ESID[3..2], if the help-text can be trusted. I assume you refer to the menu-entry in templat0.rom based on Phoenix BIOS Editor's presentation of ...

I think I've cracked how it all hangs together. The ( Token ) numbers reported in the output of symcmos.exe : A:\ symcmos.exe -Lliteral.txt ( SYMBOLIC CMOS EDITOR - Version 643710-032 ) ( BIOS Version: NAPA0001.86C.0032.D.0702051952 ) CRC = 2786 (0000) [0001] (0003) [0001] (0006) [0001] (0009) [0000...

I'm working through reverse-engineering all of symcmos so I can write a Linux version that can be run from the boot menu rather like memtest86 is. I was looking at bobsmit's comments (over at VMTN) and yours about ESID. I infer that ESID[3:2] = 01b means: "Set bits 3 and 2 to the binary value 01 in ...

In symcmos.exe getModuleAddress() (aka sub_3F3A ) makes a call to the PDM using a slightly different prototype to the one I deduced previously: extern unsigned short dispatchManager(unsigned char, unsigned short, unsigned long, unsigned short); unsigned long getModuleAddress(unsigned short moduleID)...

Yes, I use IDA Pro extensively. I recently used it to reverse-engineer the Sony Notebook Control Windows driver, and am using that as the basis to write a complete implementation for Linux: a kernel-driver (snc.ko) and user-space + Gnome control apps. In real-mode 6CE8h:0E6FE4313h is the address of ...

Just looking through SymCMOS.exe and saw this code. It refers to a CRC not a checksum, so if we can trust that the programmers didn't mix the meanings up, this may point the way to the other check: seg004:0E6E updateCRC proc far ; CODE XREF: sub_4462+B2 seg004:0E6E ; sub_45A6+EA ... seg004:0E6E seg0...

I used the nvram source code as a guide. Writing to the device does indeed call __nvram_set_checksum() but I wanted to make sure of things in developing the utility - not least ensuring I could calculate the same value as the BIOS does. As well as using /dev/mem to grab the actively loaded BIOS page...

I found it pretty easily in BIOSCOD6.rom in the Vaio BIOS. I use $ ndisasm -a -p intel -b 16 input.bin > output.dasm The code looks like this: 0000A855 0FA2 cpuid 0000A857 25FF0F and ax,0xfff 0000A85A 3DE106 cmp ax,0x6e1 0000A85D 722E jc 0xa88d 0000A85F 660FBAE105 bt ecx,0x5 0000A864 7327 jnc 0xa88d...

Hiya rc15003019 . I thought I'd reply to your private-message question here because it is one I get asked frequently and I might as well write it once and let others find it at their leisure :) On your point about the manufacturers restricting features - part of the joy of the open-source world focu...

I'm writing a kernel module to change the setting in NVRAM.

It is based on the PnP BIOS code with some NVRAM-layout specific additions.

Do you have any code to write/read the BIOS NVRAM ? I'm working on a hack for the Phoenix BIOS on a Sony Vaio VGN-FE41Z laptop to enable the VMX capabilities of the Intel Core 2 Duo T7200 CPU. The Sony BIOS doesn't enable VMX, and locks MSR 0x3A so it can't be enabled by the operating system later. ...

Unfortunately what appeared according to WinPlash to be a good BIOS upgrade bricked the Vaio VGN-FE41Z laptop! I had already prepared a bootable Phoenix Crisis Recovery diskette (and CD) so I figured it would be sorted out quickly. However it turns out that either this BIOS doesn't support the boot-...

A quick update to say I bypassed this issue when I got Phoenix BIOS Editor Pro v2.2 working, it even reported the address of the checksum byte.

I'm working on a BIOS for a Sony Vaio VGN-FE41Z, to enable VMX for the Core 2 Duo T7200 CPU, with Phoenix BIOS Editor Pro v2.2. BE Pro v2.2 opens the current R0200J3.WPH file without errors, writing its output to the .\TEMP\ directory. Before I got too carried away with making changes I decided to d...