Code Monkey home page Code Monkey logo

thinkpad-bios-software-flashing-guide's Introduction

This document describes known methods of flashing BIOS on Lenovo ThinkPads without external programmer. The main goal is flashing coreboot while running stock BIOS, but it may be used for flashing modified vendor BIOS as well.

Table of Contents

Ivy Bridge series (X230, T430, etc.)

A guide for Ivy Bridge ThinkPads has also been merged to coreboot documentation, see here.

Old versions of stock BIOS for these models have several security issues. In context of this guide, two of them are of interest.

First is the fact the SMM_BWP and BLE are not enabled in BIOS versions released before 2014. I have tested many versions on T430 and X230 and found out that SMM_BWP=1 only since the update, the changelog of which contains following line:

(New) Improved the UEFI BIOS security feature.

Second is S3 Boot Script vulnerability, that was discovered and fixed later.


  • USB drive (in case you need to downgrade BIOS). There were reports that GPT-partitioned drive didn't work and the fix was to change partition table to MBR.
  • Linux install that (can be) loaded in UEFI mode.
  • Recent flashrom. At least version 1.0 is required, older versions of flashrom do not have --ifd option. (Workaround by using layout file is possible, but it's more complicated.)
  • iomem=relaxed kernel parameter for using internal programmer.

BIOS versions

Below is a table of BIOS versions that are vulnerable enough for our goals, per model. The version number means that you need to downgrade to that or earlier version.

Model BIOS version
X230 2.60
X230t 2.58
T430 2.64
T430s 2.59
T530 2.60
W530 2.58

If your BIOS version is equal or lower, skip to the Examining protections section. If not, go through the downgrade process, described next.

Downgrading BIOS

Go to the Lenovo web site and download BIOS Update Bootable CD for your machine of needed version (see above).

Lenovo states that BIOS has "security rollback prevention", meaning once you update it to some version X, you will not be able to downgrade it to pre-X version. That's not true. It seems that this is completely client-side restriction in flashing utilities (both Windows utility and Bootable CD). You just need to call winflash.exe or dosflash.exe directly. Therefore you need to modify the bootable CD image you just downloaded.

Extract an El Torito image:

geteltorito -o ./bios.img g1uj41us.iso

Mount the partition in that image:

sudo mount -t vfat ./bios.img /mnt -o loop,offset=16384

List files, find the AUTOEXEC.BAT file and the FLASH directory:

ls /mnt
ls /mnt/FLASH

Inside the FLASH directory, there should be a directory called G1ET93WW or similar (exact name depends on your ThinkPad model). See what's inside:

ls /mnt/FLASH/G1ET93WW

There must be a file with .FL1 extension called $01D2000.FL1 or something similar.

Now open the AUTOEXEC.BAT file:

sudo vim /mnt/AUTOEXEC.BAT

You will see a list of commands:

cd c:\flash

Replace the last line ( with this (change path to the .FL1 file according to yours):

dosflash.exe /sd /file G1ET93WW\$01D2000.FL1

Save the file, then unmount the partition:

sudo umount /mnt

Write this image to a USB drive (replace /dev/sdX with your USB drive device name):

sudo dd if=./bios.img of=/dev/sdX bs=1M

Now reboot and press F1 to enter BIOS settings. Open the Startup tab and set the startup mode to Legacy (or Both/Legacy First):

Press F10 to save changes and reboot.

Now, before you process, make sure that AC adapter is connected! If your battery will die during the process, you'll likely need external programmer to recover.

Boot from the USB drive (press F12 to select boot device), and BIOS flashing process should begin:

It may reboot a couple of times in the process. Do not interrupt it.

Enabling UEFI mode

When downgrade is completed, go back to the BIOS settings and set startup mode to UEFI (or Both/UEFI First). This is required for vulnerability exploitation.

Then boot to your system and make sure that /sys/firmware/efi or /sys/firmware/efivars exist.

Examining protections (theory)

There are two main ways that Intel platform provides to protect BIOS chip:

  • BIOS_CNTL register of LPC Interface Bridge Registers (accessible via PCI configuration space, offset 0xDC). It has:

    • SMM_BWP (SMM BIOS Write Protect) bit. If set to 1, the BIOS is writable only in SMM. Once set to 1, cannot be changed anymore.
    • BLE (BIOS Lock Enable) bit. If set to 1, setting BIOSWE to 1 will raise SMI. Once set to 1, cannot be changed anymore.
    • BIOSWE (BIOS Write Enable) bit. Controls whether BIOS is writable. This bit is always R/W.
  • SPI Protected Range Registers (PR0-PR4) of SPI Configuration Registers (SPIBAR+0x74 - SPIBAR+0x84). Each register has bits that define protected range, plus WP bit, that defines whether write protection is enabled.

    There's also FLOCKDN bit of HSFS register (SPIBAR+0x04) of SPI Configuration Registers. When set to 1, PR0-PR4 registers cannot be written. Once set to 1, cannot be changed anymore.

To be able to flash, we need SMM_BWP=0, BIOSWE=1, BLE=0, FLOCKDN=0 or SPI protected ranges (PRx) to have a WP bit set to 0.

Let's see what we have. Make sure that you have enabled and booted in UEFI mode, then examine HSFS register:

sudo chipsec_main -m chipsec.modules.common.spi_lock

You should see that FLOCKDN=1:

[x][ =======================================================================
[x][ Module: SPI Flash Controller Configuration Locks
[x][ =======================================================================
[*] HSFS = 0xE009 << Hardware Sequencing Flash Status Register (SPIBAR + 0x4)
    [00] FDONE            = 1 << Flash Cycle Done
    [01] FCERR            = 0 << Flash Cycle Error
    [02] AEL              = 0 << Access Error Log
    [03] BERASE           = 1 << Block/Sector Erase Size
    [05] SCIP             = 0 << SPI cycle in progress
    [13] FDOPSS           = 1 << Flash Descriptor Override Pin-Strap Status
    [14] FDV              = 1 << Flash Descriptor Valid
    [15] FLOCKDN          = 1 << Flash Configuration Lock-Down

Then check BIOS_CNTL and PR0-PR4:

sudo chipsec_main -m common.bios_wp

Good news: on old BIOS versions, SMM_BWP=0 and BLE=0.

Bad news: there are 4 write protected SPI ranges:

[x][ =======================================================================
[x][ Module: BIOS Region Write Protection
[x][ =======================================================================
[*] BC = 0x 8 << BIOS Control (b:d.f 00:31.0 + 0xDC)
    [00] BIOSWE           = 0 << BIOS Write Enable
    [01] BLE              = 0 << BIOS Lock Enable
    [02] SRC              = 2 << SPI Read Configuration
    [04] TSS              = 0 << Top Swap Status
    [05] SMM_BWP          = 0 << SMM BIOS Write Protection
[-] BIOS region write protection is disabled!

[*] BIOS Region: Base = 0x00500000, Limit = 0x00BFFFFF
SPI Protected Ranges
PRx (offset) | Value    | Base     | Limit    | WP? | RP?
PR0 (74)     | 00000000 | 00000000 | 00000000 | 0   | 0
PR1 (78)     | 8BFF0B40 | 00B40000 | 00BFFFFF | 1   | 0
PR2 (7C)     | 8B100B10 | 00B10000 | 00B10FFF | 1   | 0
PR3 (80)     | 8ADE0AD0 | 00AD0000 | 00ADEFFF | 1   | 0
PR4 (84)     | 8AAF0800 | 00800000 | 00AAFFFF | 1   | 0

Other way to examine SPI configuration registers is to just dump SPIBAR:

sudo chipsec_util mmio dump SPIBAR

You will see SPIBAR address (0xFED1F800) and registers (for example, 00000004 is HSFS):

[mmio] MMIO register range [0x00000000FED1F800:0x00000000FED1F800+00000200]:
+00000000: 0BFF0500
+00000004: 0004E009

As you can see, the only thing we need is to unset WP bit on PR0-PR4. But that cannot be done once FLOCKDN is set to 1.

Now the fun part!

FLOCKDN may only be cleared by a hardware reset, which includes S3 state. On S3 resume boot path, the chipset configuration has to be restored and it's done by executing so-called S3 Boot Scripts. You can dump these scripts by executing:

sudo chipsec_util uefi s3bootscript

There are many entries. Along them, you can find instructions to write to HSFS (remember, we know that SPIBAR is 0xFED1F800):

Entry at offset 0x2B8F (len = 0x17, header len = 0x0):
02 00 17 02 00 00 00 01 00 00 00 04 f8 d1 fe 00 |
00 00 00 09 e0 04 00                            |
  Opcode : S3_BOOTSCRIPT_MEM_WRITE (0x0002)
  Width  : 0x02 (4 bytes)
  Address: 0xFED1F804
  Count  : 0x1
  Values : 0x0004E009

These scripts are stored in memory. The vulnerability is that we can overwrite this memory, change these instructions and they will be executed on S3 resume. Once we patch that instruction to not set FLOCKDN bit, we will be able to write to PR0-PR4 registers.

Creating a backup

Before you proceed, please create a backup of the bios region. Then, in case something goes wrong, you'll be able to flash it back externally.

The me region is locked due to active ME, so an attempt to create a full dump will fail. But you can back up the bios:

sudo flashrom -p internal -r bios_backup.rom --ifd -i bios


If you will even need to flash it back, use --ifd -i bios as well:

sudo flashrom -p <YOUR_PROGRAMMER> -w bios_backup.rom --ifd -i bios

Important: if you will omit --ifd -i bios for flashing, you will brick your machine, because your backup has FFs in place of fd and me regions. Flash only bios region!

Removing protections (practice)

The original boot script writes 0xE009 to HSFS. FLOCKDN is 15th bit, so let's write 0x6009 instead:

Run this:

sudo chipsec_main -m tools.uefi.s3script_modify -a replace_op,mmio_wr,0xFED1F804,0x6009,0x2

You will get a lot of output and in the end you should see something like this:

[*] Modifying S3 boot script entry at address 0x00000000DAF49B8F..
[mem] 0x00000000DAF49B8F
[*] Original entry:
 2  0 17  2  0  0  0  1  0  0  0  4 f8 d1 fe  0 |
 0  0  0  9 e0  4  0                            |
[mem] buffer len = 0x17 to PA = 0x00000000DAF49B8F
 2  0 17  2  0  0  0  1  0  0  0  4 f8 d1 fe  0 |
 0  0  0  9 60  0  0                            |     `
[mem] 0x00000000DAF49B8F
[*] Modified entry:
 2  0 17  2  0  0  0  1  0  0  0  4 f8 d1 fe  0 |
 0  0  0  9 60  0  0                            |     `
[*] After sleep/resume, check the value of register 0xFED1F804 is 0x6009
[+] PASSED: The script has been modified. Go to sleep..

Now go to S3, then resume and check FLOCKDN. It should be 0:

sudo chipsec_main -m chipsec.modules.common.spi_lock
[x][ =======================================================================
[x][ Module: SPI Flash Controller Configuration Locks
[x][ =======================================================================
[*] HSFS = 0x6008 << Hardware Sequencing Flash Status Register (SPIBAR + 0x4)
    [00] FDONE            = 0 << Flash Cycle Done
    [01] FCERR            = 0 << Flash Cycle Error
    [02] AEL              = 0 << Access Error Log
    [03] BERASE           = 1 << Block/Sector Erase Size
    [05] SCIP             = 0 << SPI cycle in progress
    [13] FDOPSS           = 1 << Flash Descriptor Override Pin-Strap Status
    [14] FDV              = 1 << Flash Descriptor Valid
    [15] FLOCKDN          = 0 << Flash Configuration Lock-Down
[-] SPI Flash Controller configuration is not locked
[-] FAILED: SPI Flash Controller not locked correctly.


sudo setpci -s 00:1f.0 dc.b=09

Remove WP from protected ranges:

sudo chipsec_util mmio write SPIBAR 0x74 0x4 0xAAF0800
sudo chipsec_util mmio write SPIBAR 0x78 0x4 0xADE0AD0
sudo chipsec_util mmio write SPIBAR 0x7C 0x4 0xB100B10
sudo chipsec_util mmio write SPIBAR 0x80 0x4 0xBFF0B40

Verify that it worked:

sudo chipsec_main -m common.bios_wp
[x][ =======================================================================
[x][ Module: BIOS Region Write Protection
[x][ =======================================================================
[*] BC = 0x 9 << BIOS Control (b:d.f 00:31.0 + 0xDC)
    [00] BIOSWE           = 1 << BIOS Write Enable
    [01] BLE              = 0 << BIOS Lock Enable
    [02] SRC              = 2 << SPI Read Configuration
    [04] TSS              = 0 << Top Swap Status
    [05] SMM_BWP          = 0 << SMM BIOS Write Protection
[-] BIOS region write protection is disabled!

[*] BIOS Region: Base = 0x00500000, Limit = 0x00BFFFFF
SPI Protected Ranges
PRx (offset) | Value    | Base     | Limit    | WP? | RP?
PR0 (74)     | 0AAF0800 | 00800000 | 00AAF000 | 0   | 0
PR1 (78)     | 0ADE0AD0 | 00AD0000 | 00ADE000 | 0   | 0
PR2 (7C)     | 0B100B10 | 00B10000 | 00B10000 | 0   | 0
PR3 (80)     | 0BFF0B40 | 00B40000 | 00BFF000 | 0   | 0
PR4 (84)     | 00000000 | 00000000 | 00000000 | 0   | 0


Now you can flash coreboot (or anything else) with flashrom.

Remember to flash only bios region (use --ifd -i bios -N). fd and me are still not writable.

Note: if you're flashing coreboot for the first time, you should have an external SPI programmer just in case. It will help you recover if you flash non-working ROM.

About Intel ME

Unlocking PRx doesn't allow you to flash ME or Flash Descriptor, so you cannot use me_cleaner. Both me and fd regions will still be write-protected even if you flash coreboot. For now, the best way to get rid of ME is to flash me_cleaned firmware externally.

As an alternative, you can use Soft Temporary Disable Mode. This is ME's built-in mechanism that BIOS can use to "ask" ME to disable itself on the next boot. In this mode ME doesn't load its kernel and stops at BUP phase. This mode is saved to ME NVRAM and thus preserved between reboots and poweroffs. Working patch for coreboot is available.

Some possible future solutions are described below.

HMRFPO (updated: won't work)

HMRFPO (Host ME Region Flash Protection Override) is a command BIOS can use to unlock ME region on SPI flash for writing. Vendor can disable it during manufacturing. Unfortunately it's disabled on ThinkPads and can't be used.

HDA_SDO (not implemented)

It is possible to make flash descriptor writable for one boot by asserting HDA_SDO pin high on boot. It should be possible to flash unlocked descriptor while in this state, and that should open ability to flash ME afterwards. See here for more info.

Sandy Bridge series (X220, T420, etc.): WIP

S3 Boot Scripts are unprotected on these models too (even on the most recent BIOS versions), but it's not useful, because FLOCKDN and SPI protected ranges are set by LenovoFlashProtectPei UEFI module. It is trivial to patch it, but it resides in protected range, so it can only be flashed externally.

Currently there are no known methods to unlock PRs on these devices internally, but investigation is ongoing.

Penryn and Nehalem series (X200, T400, X201, T410, etc.): WIP

Currently, the only known way to flash these models without external SPI programmer is by using GPIO33. It is not properly documented yet, and no scripts to automate the process were written. There was a success story though: a user from #coreboot/#libreboot IRC channels has successfully corebooted his X201 without touching the SPI chip.

Progress is tracked here.

Common methods


There's known Intel "feature", sometimes called "pinmod": you can make flash descriptor writable for one boot by asserting HDA_SDO pin on the motherboard high (on older platforms, you need to assert GPIO33 pin low) at boot time. Writable flash descriptor sometimes allows to flash whole BIOS region using a couple of neat tricks. I will show this using X220 as an example.

This is SPI flash layout on X220:

00000000:00000fff fd
00500000:007fffff bios
00003000:004fffff me
00001000:00002fff gbe

Lenovo BIOS protects, using PR0 register, only small (but critical) part of it: 0x00780000-0x1ffffff.

PR0 defines the end of protected range as 0x1ffffff, but since it's 8MB chip and bios ends at 0x007fffff, 0x00780000-0x007fffff is what actually is protected. This is the last 512K.

As you can see, 0x00500000-0x0077ffff part is totally writable.

Since flash descriptor is writable too, here is what we can do:

  • patch flash descriptor:
    • redefine bios as 00500000:0077ffff using ifdtool;
    • define the rest of it (00780000:007fffff) as pd (Platform Data). This is required, otherwise you will not be able to flash it in future;
    • unlock FD and ME regions (ifdtool -u);
  • build and flash (small enough) coreboot ROM to this region (must be careful and make sure that reset vector is at the end of our custom region and not at the end of 8MB ROM; use dd or ifdtool for that);
  • flash modified descriptor;
  • power off (new FD takes effect after cold boot);
  • wait a few seconds and power on.

After this, new FD will be in effect and coreboot will be loaded from 0x00500000-0x0077ffff region, instead of Lenovo BIOS. At this point whole 0x00500000-0x007fffff will be writable and you will be able to flash coreboot again or patched vendor BIOS (don't forget to revert fd changes regarding the bios region).

A user from #coreboot/#libreboot IRC channels was able to flash his X201 internally using the idea described above. However, this is not for mass use yet: we need to write scripts to automate the process, locate HDA_SDO or GPIO33 pins on all motherboards in interest, take their photos and explain, what to do with what.


Rafal Wojtczuk and Corey Kallenberg for discovering the S3 Boot Scripts vulnerability

pgera for the initial research and working solution

Lenovo for fake rollback protection


This document is licensed under CC-BY 4.0 terms.

thinkpad-bios-software-flashing-guide's People


gch1p avatar kladdkaka avatar kratz00 avatar n4ru avatar


 avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar


 avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar

thinkpad-bios-software-flashing-guide's Issues

ERROR: Exception occurred during

I get stuck removing protections. Seems like it has to do with the fact, that chipsec only runs on python3 nowadays. I get " ERROR: Exception occurred during 'ord() expected string of length 1, but int found' ". This might be a chipsec problem, but I'd like to know if there is a workaround for me. Should I use an older chipsec version?

Here is the complete console output without all the hex:

ubuntu@ubuntu:~/chipsec$ sudo python3 -m tools.uefi.s3script_modify -a replace_op mmio_wr 0xFED1F804 0x6009 0x2
##                                                            ##
##  CHIPSEC: Platform Hardware Security Assessment Framework  ##
##                                                            ##
[CHIPSEC] Version 1.6.1
[CHIPSEC] Arguments: -m tools.uefi.s3script_modify -a replace_op mmio_wr 0xFED1F804 0x6009 0x2

****** Chipsec Linux Kernel module is licensed under GPL 2.0
[CHIPSEC] API mode: using CHIPSEC kernel module API
[!]       Unknown PCH: VID = 0x8086, DID = 0x1E55, RID = 0x04; Using Default.
[!]            Results from this system may be incorrect.
[CHIPSEC] OS      : Linux 5.8.0-25-generic #26-Ubuntu SMP Thu Oct 15 10:30:38 UTC 2020 x86_64
[CHIPSEC] Python  : 3.8.6 (64-bit)
[CHIPSEC] Helper  : LinuxHelper (/home/ubuntu/chipsec/chipsec/helper/linux/chipsec.ko)
[CHIPSEC] Platform: Mobile 3rd Generation Core Processor (Ivy Bridge CPU / Panther Point PCH)
[CHIPSEC]      VID: 8086
[CHIPSEC]      DID: 0154
[CHIPSEC]      RID: 09
[CHIPSEC] PCH     : Default PCH
[+] loaded
[*] running loaded modules ..

[*] running module:
[*] Module arguments (5):
['replace_op', 'mmio_wr', '0xFED1F804', '0x6009', '0x2']
[uefi] searching for EFI variable(s): ['AcpiGlobalVariable']
[uefi] found: AcpiGlobalVariable {af9ffd67-ec10-488a-9dfc-6cbf5ee22c2e} NV+BS+RT variable
[uefi] AcpiGlobalVariable variable data:
00 A0 E9 DA 00 00 00 00                         |         
[uefi] Pointer to ACPI Global Data structure: 0x00000000DAE9A000
[uefi] Decoding ACPI Global Data structure..
[uefi] AcpiVariableSet structure:
00 70 EF DA 00 00 00 00 00 00 05 00 00 00 00 00 |  p              
40 08 0E 00 00 00 00 00 00 70 F4 DA 00 00 00 00 | @        p      
00 80 E3 DA 00 00 00 00 00 A0 F5 DA 00 00 00 00 |                 
00 00 00 DB 00 00 00 00 00 00 00 00 00 00 00 00 |                 
00 00 00 00 00 00 00 00                         |         
[uefi] ACPI Boot-Script table base = 0x00000000DAF47000
[uefi] Found 1 S3 resume boot-scripts
[uefi] S3 resume boot-script at 0x00000000DAF47000
[uefi] Decoding S3 Resume Boot-Script..
S3 Boot Script AA Parser
[uefi] S3 Resume Boot-Script size: 0x3580

[uefi] [++++++++++ S3 Resume Boot-Script Buffer ++++++++++]
[x][ =======================================================================
[x][ Module: S3 Resume Boot-Script Testing
[x][ =======================================================================
[*] Looking for 0x2 opcode in the script at 0x00000000DAF47000..
[+] Found opcode at offset 0x2C02
Entry at offset 0x2C02 (len = 0x17, header len = 0x0):
02 00 17 02 00 00 00 01 00 00 00 04 F8 D1 FE 00 |                 
00 00 00 09 E0 04 00                            |        Decoded:
  Opcode : S3_BOOTSCRIPT_MEM_WRITE (0x0002)
  Width  : 0x02 (4 bytes)
  Address: 0xFED1F804
  Count  : 0x1
  Values : 0x0004E009

[*] Modifying S3 boot script entry at address 0x00000000DAF49C02..
[mem] 0x00000000DAF49C02
[*] Original entry:
ERROR: Exception occurred during 'ord() expected string of length 1, but int found'

[CHIPSEC] ***************************  SUMMARY  ***************************
[CHIPSEC] Time elapsed            0.183
[CHIPSEC] Modules total           1
[CHIPSEC] Modules failed to run   1:
[CHIPSEC] Modules passed          0:
[CHIPSEC] Modules information     0:
[CHIPSEC] Modules failed          0:
[CHIPSEC] Modules with warnings   0:
[CHIPSEC] Modules not implemented 0:
[CHIPSEC] Modules not applicable  0:
[CHIPSEC] Modules with exceptions 1:
[CHIPSEC] *****************************************************************

Add license information


Could you please add information about license of this repository — is it allowed to copy, change and use the code and documentation in any purpose?
It would be great to see any popular open source license.
As I see, you have 11 forks — I think they all will be happy.

Much easier way to downgrade, no El Torito acrobatics needed

To bypass autoexec.bat, just spam F5 during DOS boot.


  1. Download the BIOS update .ISO from Lenovo
  2. Write it to bootable media (in my case, I'm just loading it on an iodd)
  3. Boot from it using F12 to pick a temporary start device
  4. Immediately after hitting enter to select the boot device, mash the f5 key
  5. You should see "Starting PC-DOS...." and then immediately get a command prompt
  6. cd flash
  7. dir /s
  8. dosflash /sd /file g4eta0ww\$01d5100.fl1

30-year-stale DOS super-powers, activate!

x230 UEFI BIOS 1.13


is it safe to try to unlock BIOS on x230 model with uefi bios 1.13?


Error on BIOS backup

I have T430 with BIOS version 2.82. Should BIOS backup command work?

$ sudo flashrom -p internal -r bios_backup.rom --ifd -i bios
[sudo] password for lieta:
flashrom on Linux 5.3.0-26-generic (x86_64)
flashrom is free software, get the source code at
Using clock_gettime for delay loops (clk_id: 1, resolution: 1ns).
WARNING! You seem to be running flashrom on an unsupported laptop.
Laptops, notebooks and netbooks are difficult to support and we
recommend to use the vendor flashing utility. The embedded controller
(EC) in these machines often interacts badly with flashing.
See the manpage and for details.
If flash is shared with the EC, erase is guaranteed to brick your laptop
and write may brick your laptop.
Read and probe may irritate your EC and cause fan failure, backlight
failure and sudden poweroff.
You have been warned.
Error: Programmer initialization failed.


Thank you for making this!

I was mostly interested just in the downgrading BIOS section for an X230. Do you know if there should be any challenge to go from 2.77 (the latest) down to 2.75/2.74? Following the list, my USB / X230 will just sit display Lenovo Group Limited but never commence flashing.



Which distribution have you been using for this ?

I tried with ArchLinux and I cannot load the chipsec kernel module (error -22 every time).


Whence to get the BIOS firmware

Downgrading BIOS
Go to the Lenovo web site and download BIOS Update Bootable CD for your machine of needed version

Heh, if that was just go and download!
I landed at
but only the most recent version is offered there. I searched for oldies to no avail.

I've left a message on the Lenovo forum about it:

Update: Older versions actually are there, click on the "Details" icon:

Still, it may not be readily clear where to find those downloads, so a hint in your guide would be welcome. Moreover, Lenovo only offers checksums for the latest release, that would be awesome if you could compensate for it with checksums in your guide.

The rest of my initial issue appeal:

A third-party internet page gave me a link with a list of BIOS versions for T430:
which clued me to substitute the release number in download links. But this way of obtaining downgrades requires some brainwork and luck.
Would you be so kind to

Open the BIOS download page:

Find a link to ReadMe for BIOS Update (Bootable CD):

open it and find Version 2.77.

Type lower release number (40 instead of 41) in the link, open it and check Version:
Version 2.76

This way, find the desired version and release number:
Version 2.60

Substitute uc.txt with us.iso:

You should get your iso.

Checksums are unknown this way though.
The g4uj23us.iso I got has checksums:
sha256 6ff0745b304f19d80f8de5485cb9e4483850144e9b3b755b90fe888decda1bc8
sha1 6d8648a204d0784ad7b5f2b0b3b68759fff26332
md5 d61492983d8dc0b97ebf3a4a95f1c794

  • or even might you be so kind to download those BIOS versions:
    X230 | 2.60
    X230t | 2.58
    T430 | 2.64
    T430s | 2.59
    T530 | 2.60
    W530 | 2.58
    and store them in a folder along with checksums…

Thank you

UEFI mode not booting, not seing EFI folders x230

Hi, I've done the Bios 2.60 flashing of my x230 and I chose EUFI only in booting option but the laptop's not booting. So I had to choose both methods, EUFI first. Thing is that directories /sys/firmware/efi or /sys/firmware/efivars do not exist.
Is that a problem to keep on with the flashing process?
Thanks for your help.


Would that manual download method work oh a T440p?

Minor clarifications / info?

So I just made it through the guide (massive thanks for making it!) and thought I might share some notes on my experience might help future users or inform future updates:

  • First, the USB I used for flashing the downgrade BIOS onto was apparently GPT partitioned, which made it refuse to boot when in Legacy Mode. After changing the partition table to MBR and re-dd'ing the image, everything worked fine. Maybe a warning or a command for making the USB's table MBR could be added to the guide?

  • My Linux distro (BunsenLabs Helium, based on Debian Stretch) had a flashrom version older than 1.0, meaning it lacked the --ifd flag used in the backup command in the guide. To get around this, I ended up doing a whole song-and-dance with linuxbrew and compiling from source to get it to work. A note about this, and a recommendation of a distro that has a new enough flashrom version, would be helpful here. Also, even after compiling a working flashrom, it wouldn't work on my system until I rebooted and added iomem=relaxed to my kernel arguments with GRUB when booting, since apparently that's needed sometimes.

  • CHIPSEC worked largely fine, but the chipsec_main and chipsec_util commands in the guide didn't work unmodified for me (gave me a "command not found" error): to fix, I just subbed in python and python (respectively) and it all worked fine.

  • On my system, I'd inadvertently installed Linux in legacy boot mode so /sys/firmware/efi didn't exist and I wasn't sure how to fix it. The workaround here was to take my BIOS-downgrade USB, re-partition as GPT, and install the rEFInd boot manager to it. After booting from that (it detected my linux install automatically), the folder was present and all the BIOS patches worked smoothly.

Hope this is helpful!

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.