Acer Aspire E5 EFI Vars Write Protected

Discussion in 'BIOS Mods' started by austinghoward, May 25, 2018.

  1. austinghoward

    austinghoward MDL Novice

    May 25, 2018
    1
    0
    0
    Hello all! I've been scouring the internet over the last couple of weeks looking into how to turn on hardware virtualization for my Acer Aspire E5-553G. As with many other Acer laptops this one comes with the Insyde H20, I believe the setup utility calls it v5.0, but dmidecode lists it as v 1.13.

    Anyway I have Arch linux installed on it and that boots fine from EFI, and auto mounts the efivarfs to `/sys/firmware/efi/efivars`. Through various sources, I've uncovered that the variable resides at address 0xee and needs to be flipped to 0x1. Easy enough, copy the `/sys/firmware/efi/efivars/Setup-a04a27f4-df00-4d42-b552-39511302113d`, modify the appropriate byte and write the file back, right? This is where I ran into some issues, after modifying the file, I can't write it back. I get the following error:

    cp: error writing '/sys/firmware/efi/efivars/Setup-a04a27f4-df00-4d42-b552-39511302113d': Read-only file system

    So I check the mount listing to make sure it's not mounted readonly and I find this:

    efivarfs on /sys/firmware/efi/efivars type efivarfs (rw,relatime)

    That looks fine to me. A little digging on the arch wiki and I find mention of rebooting with the kernel option `efi_no_storage_paranoia`. Tried this, and it seems to make no difference.

    I went back to the drawing board and decided to compile a UEFI bootable image from the grub sources with a custom command built-in to write to the Setup UEFI variables. After some googling and coding the module, I have bootable image, reboot to it and it fails writing to the variable as well. The error code that it returns indicates that the variable is write-protected as well.

    At this point I'm stumped. Surely this area is not write-protected in the hardware somehow, right? Is there something I am missing that I should have performed prior to writing the variable that may have "unlocked" write mode for that memory?

    Thanks for any tips!