Home Software, x86 • Fixing corrupt Dell USH / TPM firmware

Fixing corrupt Dell USH / TPM firmware

 - 

I have an old Dell Latitude E6320 and dates back from 2011. While the machine itself is ancient for IT standards it still functions pretty well and based on it’s 13″ size it is very suitable for traveling and meetings.

The machine came in my possession last year and had never seen any BIOS or other firmware updates so that was the first thing I updated on this laptop. There is also a security device in the laptop (Broadcom USH) which contains the TPM, Fingerprint sensor and smartcard reader devices.

Updating the USH firmware has failed:
When updating the USH firmware the laptop froze at the part where the TPM was flashed. I left the machine alone for around a couple of hours but nothing responded anymore. I deciced to hard reset the machine and that is where the issues started on the machine.

Symptoms:
With the firmware update that was only half-processed and a TPM chip that was not working anymore (due to the failed update the BIOS did not see the TPM anymore…) other problems started to occur as well. When powering on the laptop or when booting Windows it would randomly shutdown. The fan starts blowing at full speed and the status leds left of the keyboard started showing a diagnostic pattern (as is usual with Dell’s). The pattern was:

HDD: Blinking
Battery: Solid
WIFI: Solid

Based on the technical documentation from Dell this is described as “A possible processor failure”. What causes it are some obvious symptoms as overheating, CPU not seated well in it’s socket and other symptoms. But as the CPU is soldered on the mainboard in the E6320 this could not be it and had to be related to the failed firmware update.

Also in the BIOS, the TPM cannot be activated. The checkbox for “Clear” is permanently checked and therefore prohibits you from using the TPM and will not advertise it to the system / OS.

Fixing the issue:
It took a while before I saw that the firmware update that you run on Windows can also be used for DOS. So I created a FreeDOS bootable USB-stick and copied the whole update folder to the USB-stick and rebooted into FreeDOS.

From there I ran the “DOSUPDATE.BAT” script and the script starts spewing out alot of information about the progress. The BMC update may take 2 to 3 minutes to complete, after that the TPM was flashed (with succes in this case!) and returns to the prompt.

When I rebooted the machine and went back into the BIOS I could activate the TPM again and the “Clear” box was not checked anymore and Windows saw the TPM device again! Also the strange behaviour with the random shutdown was fixed!

At the end of the update I got an error about the PBA that could not be updated. You will see a notice stating that you neet to clear the CV Admin and try again. The PBA (Pre Boot Authentication, a feature that sets a password on the boot process) is not a feature that I use and is not enabled on my system so I did not bother to check that out.

Author:langerak

Leave a Reply

Your email address will not be published. Required fields are marked*

*

*

This site uses Akismet to reduce spam. Learn how your comment data is processed.