thinkpad-firmware-patches
coreboot
thinkpad-firmware-patches | coreboot | |
---|---|---|
21 | 94 | |
280 | 2,261 | |
- | 1.7% | |
6.7 | 9.9 | |
about 2 months ago | 4 days ago | |
C | ||
Do What The F*ck You Want To Public License | GNU General Public License v3.0 only |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
thinkpad-firmware-patches
-
[GUIDE] ThinkPad BIOS: Reading, Patching, and Flashing
"skyra1n" ThinkPad Firmware Patches from digmorepaka's GitHub a list of UEFI patches for ThinkPads, these are the special sauce for adding features to our BIOS. If you have a ThinkPad 30 series device, you do not need to follow this guide for flashing skyra1n, you can flash your BIOS with the internal flashing software.
- Did a few mods on my T480s
- where to find t480 custom bios?
-
T480 Advice ?
I bios unlocked and enabled the custom undervolt menu on 1.44 bios using a ch341 bios programmer. This way I set the undervolt via the bios rather than throttlestop.
-
Disabling Intel AMT on T460s
-thinkpad-firmware-patches;https://github.com/digmorepaka/thinkpad-firmware-patches
-
t14 gen1 AMD BIOS mod?
Hey guys! Have any one tried this BIOS mod on latest firmware?
-
My new T480s
Here's the link to the uefi patches which are used to unlock the bios. https://github.com/digmorepaka/thinkpad-firmware-patches There's a very short and undetailed guide how to apply the patches to your bios. But just know that you need an external bios programmer like ch341a
-
Snagged a cheap Thinkpad T480 i5-8250U, would love some advice on upgrades and distros
First thing is to verify that the thunderbolt firmware is up to date and that both ports are working. Start here https://pcsupport.lenovo.com/br/en/solutions/ht508988. Then, if you want, you can buy these two and use these equipment (Ams1117 3.3v ) > aliexpress.com/item/32838236408.html with my ch341a > aliexpress.com/item/32841448145.html to make the bios mod (this will work for cards of wifi better wifi 6 and hackintosh) the patches are here (https://github.com/digmorepaka/thinkpad-firmware-patches), (it is possible to clean the intel ME) too, if you can't do it, don't risk it, ask help here in the community. I suggest backing up your bios and also the thunderbolt bios. Here is another topic from a colleague in the community and in it there is a pdf of mine where to check the cfg-lock to enable or disable.
-
Thinkpad T480S Bios Error 1802: Unauthorized network card stops bios post
You can try flash this bios mod to remove the whitelist. https://github.com/digmorepaka/thinkpad-firmware-patches
-
Lenovo Expects 30+ Platforms With Linux Support This Year
Pretty sure the whitelist for wifi is long gone, if not, there's always patches. Not for newbs admittedly.
coreboot
-
Authenticated Boot and Disk Encryption on Linux
> Show me a FLOSS implementation of this standard and you will have a point
I've had a point from my first comment and it hasn't changed in validity. It's just taking time to convince you, but I think I'm making progress :)
I referenced several open implementations in my last reply, an a cursory search reveals more [1] [2]. Besides, this still doesn't help you trust the hardware, even if that hardware is entirely open like some sort of RISC chip. Can you verify every step in the supply chain? At every stage of assembly? No? Or, assuming a trusted device, can you be 100% confident something wasn't added, a simple keylogger? Most keyboards can be removed from laptops without leaving a trace, so can screen casings, speakers, batteries, etc. Plenty of places to hide something tiny.
> At the moment, I would have to trust a megacorporation obeying NSA,
That's less likely than the software you use having been compromised, for example by introducing an obfuscated bug, or MitMing as you perform a software update (many software update mechanisms have notoriously weak security, search some defcon talks on the subject).
> Your threat model may vary.
No, what I'm saying applies to all threat models, and I challenge you to name one to disprove that.
Secure boot is an open standard and can be implemented in a trustworthy and secure way, you just need to put in the work to do so. It's entirely possible to do so.
Of course if you are putting in all that work, if you are that at risk, you would need to switch your software stack entirely as well and use something like seL4 as a starting point.
[1] https://github.com/prplfoundation/prpl-secure-boot
[2] https://www.coreboot.org/
- No more boot loader: Please use the kernel instead
-
Chromebooks will get 10 years of automatic updates
Why BIOS (did you mean UEFI?) when it runs the best boot loader, which is Coreboot¹. Many users would love to re-flash their bios/uefi for it, if it’s supported.
1: https://www.coreboot.org/
-
C++ is everywhere, but noone really talks about it. What are people's thoughts?
Coreboot is 0.6% C++.
-
Laptops with best Linux support (latest gen, battery life, performance)?
NovaCustom ; some models come with Dasharo a coreboot distribution.
-
Asus flip c302 last update
You can also use Mr. Chromebox Script to install Coreboot on your chromebook to get a UEFI BIOS on your Chromebook and then you can go an install either a linux distro or even Windows if you want. It's a pretty straightforward process and also reversable if you want to go back to just using ChromeOS.
-
A Linux laptop under 1350€
Some models are available with Dasharo a [coreboot]https://www.coreboot.org/) distribution.
-
why no haswell_ult_dmi_registers for broadwell? in https://github.com/coreboot/coreboot/blob/master/util/inteltool/pcie.c
why no haswell_ult_dmi_registers for broadwell? in https://github.com/coreboot/coreboot/blob/master/util/inteltool/pcie.c
-
Having issues restoring the firmware with u/MrChromebox's utility
use croshfirmware.sh from https://github.com/coreboot/coreboot/tree/master/util/chromeos
-
AMD to move to open source firmware in 2026
There may be other protections to restrict SPI flash access for security reasons (so you might not be able to flash your custom firmware in the OS), but worst case you can use a HW flasher (or maybe USB flashback). Still, this doesn't address the elephant in the room - platform initialization code might be open-sourced, but that isn't everything. You'll still need to figure out the board-specific stuff (the Super I/O chip, chipset GPIOs, other peripherals, etc.). Using coreboot as an example, Intel provides the Firmware Support Package blob to handle platform initialization. I think AGESA is somewhat similar to this, though Intel publicly releases the binaries for use in coreboot/etc. Thanks to the FSP, coreboot has support for recent Intel chipsets. However, there is only support for two recent consumer boards: the MSI PRO Z690-A WiFi DDR4 and DDR5.
What are some alternatives?
UEFITool - UEFI firmware image viewer and editor
1vyrain - LiveUSB Bootable exploit chain to unlock all features of xx30 ThinkPad machines. WiFi Whitelist, Advanced Menu, Overclocking.