S5 rtc wake settings что это в биосе

RTC Wake Up

Опция отвечает за автоматическое включение питания компьютера в определенное время и день (по «будильнику»). Обычно эта возможность не используется (Disabled). Исключение составляют случаи, когда необходимо периодически выполнять те или иные действия в автоматическом режиме — например, ночью запускать проверку компьютера на наличие вирусов. Тогда эту опцию необходимо включить (Enabled).

Расписание задается с помощью нескольких опций, расположенных вслед за рассматриваемой.

ONN Laptop BIOS Exploration

I recently acquired an ONN Laptop. This is a brand of laptop sold exclusively through Walmart in the US.

I decided to investigate this laptop because I had a suspicion it’s BIOS was not particularly locked down. Turns out my suspicion was well founded; this article will describe the various configuration settings made available through BIOS on the ONN Laptop.

I was unable to conduct extensive vulnerability testing with this laptop as by setting a particular BIOS option, through the built-in BIOS Configuration Utility nonetheless, I bricked the laptop. Read the analysis section for more information, where I also list out the various attacker vectors I identified.

Analysis

Through the configuration menus listed below it is possible to enable Intel DCI without making any custom modifications to the BIOS image using a tool such as RU.efi . This means it is possible to enable Intel DCI without disabling and re-enabling Secure Boot. I was able to connect the laptop to a host system running Intel System Debugger (legacy) and successfully halt the laptop’s processor and see the system state, as well as perform some rudimentary debugging at this level.

The interesting functions of the BIOS — specifically the network enabled capabilities, do not seem to function properly. Every time I tried setting a boot URI in the UEFI HTTP IPv4 configuration menu, the option value reset to blank every time I saved the BIOS configuration.

Several other options, such as ASF Support in Advanced / AMT Configuration also displayed this behavior. When I set ASF Support to enabled, saved, and then exited the BIOS, on the very next entry into BIOS the ASF Support option was set to disabled.

I was able to get the WiFi configuration to successfully authenticate to the WiFi network, but the device never responded to ICMP or other IP level messages. It seems like there is some Layer 2 attack surface here in terms of authenticating to the WiFi access point, which may be the only “remote” attack vector. This still would require local proximity to the device.

Other interesting input includes the Cert Enrollment option in the Advanced / TLS Configuration menu. This allows certificates to be loaded from USB storage, which invites some unique opportunities, given physical access.

There of course are the UEFI NVRAM variables as potential vectors to supply malicious input. I did not explore this avenue beyond setting options in the BIOS configuration utility.

Also worth noting is that the Firmware Configuration Menu contains an option for Ignore Policy Update — when I set this to be the configured option, the laptop would no longer boot, not even to BIOS, resulting in a bricked laptop. It looks like the BIOS manufacturer attempted to warn users about setting this option, but it was not clear to me that setting this option as the configured value would have the effect of bricking the laptop.

I might have been able to restore the laptop to a functional state if I had made a back up of the SPI ROM prior to testing; I did not do this, foolishly not thinking that there could be any way to permanently brick the laptop through BIOS shy of powering off the device during a firmware update. Certainly I did not anticipate a configurable option placing the laptop in such a state.

The best advice I can offer users of this laptop is that they set the User Password under the Security Menu — this will require a password to POST as well as access BIOS settings. I’m not convinced that there isn’t a way to bypass this authentication mechanism, but it is better than nothing. Like most devices, physical access to this device essentially means game over in terms of security — by allowing debug capabilities it is possible to manipulate the laptop at the platform level.

Below is a run through of the BIOS Configuration Utility menus. Note that except for one or two special instances, the values in the images for the various settings are the default values.

Main Menu

This is the first screen the user is greeted with upon entering system BIOS. The user can enter the system BIOS by pressing the Delete button at the ONN splash screen. It contains version information for the currently install BIOS image.

There are six total menus:

• Main
• Advanced
• Chipset
• Security
• Boot
• Save & Exit

Advanced Menu

The advanced menu is where most BIOS configuration options are set. This includes the following sub-menus:

• RC ACPI Settings
• Connectivity Settings
• CPU Configuration
• PCH-FW Configuration
• Thermal Configuration
• Platform Settings
• ACPI D3Cold Settings
• Overclocking PErformance Menu
• AMT Configuration
• Intel ICC
• Thunderbolt(TM) Configuration
• Debug Settings
• Trusted Computing
• ACPI Settings
• SMART Settings
• S5 RTC Wake Settings
• Serial Port Console Redirection
• Intel TXT Information
• Acoustic Management Configuration
• Switchable Graphics
• AMI Graphic Output Protocol Policy
• SIO Configuration (Non-functional)
• PCI Subsystem Settings
• USB Configuration
• CSM Configuration
• NVMe Configuration

There are a few additional Networking menus that appear once Network Stack is enabled and the BIOS settings have been saved and the system reset. Those are:

• Wi-Fi Configuration
• VLAN Configuration
• MAC:<MACADDRESS>-IPv4 Network Configuration
• MAC:<MACADDRESS>-HTTP Boot Configuration
• MAC:<MACADDRESS>-IPv6 Network Configuration

We will explore these last five menus near the end of this post.

Advanced / RC ACPI Settings

This seems to be a power management and monitoring subsystem of the chipset. It contains a number of sub-menus:

• PTID Support
• PECI Access Method
• Native PCIE Enable

Lower Power SO Idle Capability

Intel Ready Mode Technology

Advanced / Connectivty Menu

The Advanced / Connectivity Menu is used to configure onboard chip detection for communications chips, such as Bluetooth and WWAN.

Advanced / CPU Configuration Menu

The Advanced / CPU Configuration menu details the L1-L4 cache information, as well as the processor ID and speed. Additioanlly, virtualization can be configured through this menu.

Advanced / Power & Performance Menu

The Power & Performance Menu allows the user to configure CPU and GT power options.

Advanced / PCH Menu

The PCH Menu includes information on Intel ME, including version information. It allows various ME options to be set, including ME debug options.

Advanced / PCH Menu / ME Debug Settings

These are options for debugging Intel Management Engine. They include:

• HECI Timeouts
• Force ME DID Init Status
• CPU Replaced Polling Disable
• ME DID Message
• HECI Retry Disable
• HECI Message check Disable
• MBP HOB Skip
• HECI2 Interface Communication
• KT Device
• End of Post Message
• DOI3 Setting for HECI Disable
• MCTP Broadcast Cycle

Advanced / Thermal Configuration Menu

The Advanced / Thermal Configuration Menu allows thermal configuration of CPU, Platform, and DPTF.

Advanced / Platform Settings Menu

The Advanced / Platform Settings Menu contains the following options:

• UCSI Retry Mechanism
• PS2 Keyboard and Mouse
• Charging Method
• Pmic Vcc IO Level
• Pmic Vddq Level
• Power Sharing Manager
• Enable FFU Support
• Enable PowerMeter
• VTIO
• HID Event Filter Driver
• HEBC value
• Pcie Slot 1 to x4 Mode Rework
• PCIe x16 slot GSPIO_CLK Rework
• PCIe x16 slot GSXDOUT Rework
• System Time and Alarma Source

Advanced / D3Cold Settings Menu

The Advanced / D3 Cold Settings Menu includes the following options:

• ACPI D3Cold Support
• VR Ramp up delay
• PCIE Slot 5 Device Power-on delay in MS
• Audio Delay
• SensorHub
• TouchPad
• TouchPanel
• P-state Capping
• USB Port 1
• USB Port 2
• WWAN
• Sata Port 0
• Sata Port 1
• Sata Port 2
• Sata Port 3
• Sata Port 4
• Sata Port 5
• PCIe Remapped CR1
• PCIe Remapped CR2
• PCIe Remapped CR3

Advanced / Overclocking Configuration Menu

The Advanced / Overclocking Menu allows the ability to enable/disable overclocking on the platform.

Advanced / Intel AMT Menu

The Advanced / Intel AMT Menu contains configuration options for Intel Active Management Technology. We will explore this capability further in the analysis section of this post.

The configuration options for this menu include:

• ASF Support
• USB Provisioning of AMT
• CIRA Configuration
• ASF Configuration
• Secure Erase Configuration
• OEM Flags Settings
• MEBx Resolution Settings

Advanced / Intel ICC Menu

The Advanced / Intel ICC Menu includes the following configuration options:

• ICC/OC Watchdog Timer
• ICC Profile
• ICC PLL Shutdown

The following configuration information is also presented:

• BCLK Clock Settings
• Default Clock Settings
• Frequency Range Limits
• Maximum Spread %
• Spread Mode Adjustments
• Clock Frequency
• Bclk Change Permanent
• Spread %

Advanced / ThunderBolt(TM) Menu

This menu allows the user to enabled/disable ThunderBolt(TM) support.

Advanced / Debug Settings Menu

This menu allows a user to configure Intel DCI, amongst other platform configuration options. The sub options in this menu are:

• Kernel Debug Serial Port
• Platform Debug Consent
• Advanced Debug Settings

Advanced / Debug Settings Menu / Platform Debug Consent:

The options in this menu include:

• Disable
• Enabled (DCI OOB+[DbC])
• Enabled (DCI OOB)
• Enabled (USB3 DbC)
• Enabled (USB3 DbC)
• Enabled (XDP/MIPI60)

I have set this option to Enabled (DCI OOB) so we can use DCI to debug the platform. More information on this will be provided in the analysis section.

Advanced / Debug Settings Menu / Advanced Debug Menu

The Advanced / Debug Settings Menu / Advanced Debug Menu options are:

• USB 3 Type-C UFP2DFP Kernel/Platform Debug Support
• SLP_SO# Override
• SOix Override Settings
• USB Overcurrent Override for DbC
• CPU Run Control
• CPU Run Control Lock
• PCH Trace Hub Enable Mode
• PCH TH Mem Buffer Size 0
• PCH TH Mem Buffer Size 1
• Processor trace memory allocation
• JTAG C10 Power Gate
• Three Strikes Counter
• CrashLog Feature
• CrashLog On All Reset
• PMC Debug MEssage Enable
• CPU Wakeup Timer
• Delayed Authentication Mode

Advanced / Trusted Computing Menu

The Advanced / Trusted Computing Menu contains TPM information as well as the following options:

• Security Device Support
• SHA-1 PCR Bank
• SHA256 PCR Bank
• Pending Operation
• Platform Hierarchy
• Storage Hierarchy
• Endorsement Hierarchy
• TPM2.0 UEFI Spec Version
• Physical Presence Spec Version
• TPM 20 InterfaceType
• Device Select

Advanced / ACPI Menu

The Advanced / ACPI Menu contains the following configuration options:

• Enable ACPI Auto Configuration
• Enable Hibernation
• ACPI Sleep State
• Lock Legacy Resources
• S3 Video Repost

Advanced / S5 Menu

The Advanced / S5 menu allows the user to enable / disable Wake From S5.

Advanced / SMART Menu

The Advanced / SMART Menu allows the user to enable / disable SMART.

Advanced / Serial Port Console Redirection Menu

The Advanced / Serial Port Console Redirection Menu has the following options:

• Console Redirection
• Legacy Console Redirection Settings
• Windows Emergency Management Services Console Redirection

Advanced / Acoustic Management Configuration

The Advanced / Acoustic Mangement Configuration Menu allows the user to enable / disable acoustic management of a given SATA device.

Advanced / Switchable Graphics Menu

Advanced / AMT Graphics Menu

The Advanced / AMT Graphics Menu allows the user to set the output for AMT Graphics.

Advanced / PCI Settings Menu

The Advanced / PCI Settings Menu allows BME DMA Mitigation to be enabled / disabled.

Advanced / USB Settings Menu

The Advanced / USB Settings menu contains the following configuration options:

• Legacy USB Support
• XHCI Hand-Off
• USB Mass Storage Driver Support
• USB transfer time-out
• Device reset time-out
• Device power-up delay

Advanced / CSM Menu

Advanced / NVMe Menu

Advanced / SDIO Menu

Advanced / RAM Disk Menu

Advanced / Networking Stack Menu

Advanced / Networking Options Menus

These next few networking stack-related options are only visible if networking has been enabled.

Advanced / VLAN Menu

Advanced / Ethernet Interface Menu

Advanced / UEFI HTTP Boot Menu

Advanced / Ethernet Menu

Advanced / WiFi Menu

Chipset Menu

The chipset menu contains a few additional platform configuration options. The sub-menu’s available here are:

• Firmware Configuration
• Type C Support
• System Agent Configuration
• PCH-IO Configuration

Note that by default, the Firmware Configuration is set to [Test] .

Additional options for Firmware Configuration include:

• Ignore Policy Update
• Production
• Test

Chipset / Graphics Configuration

The following options are availabe for primary display:

• Auto
• IGFX
• PCI
• SG

I set this option to PCI to work with my HDMI capture card. By default it is set to auto .

Security Menu

The Security menu allows the user to set an Administrator Password or a User Password . The Administrator Password allows access to BIOS Setup, while the User Password allows POST and access to BIOS Setup.

Additionally, Secure Boot can be configured in this menu.

Security / Secure Boot Menu

There are two options for Secure Boot Mode:

• Standard
• Custom

Note the Secure Boot is enabeld by default.

Boot Menu

The Boot Menu presents the user with options as to boot device order.

Save & Exit Menu

The Save & Exit Menu presents the user with options to save BIOS configuration settings as well as to override the boot settings

Update 10/13/2021

@RockerFernando reached out to me with some additional details. Apparently there are Gateway-branded laptops that have the same BIOS as the ONN-branded laptop. Like me, he had bricked his laptop by setting the same BIOS option. I was pretty sure that by resetting the NVRAM we could restore our laptops to a usable state, and @RockerFernando went and figured out how to do this. If you open the chassis and disconnect the battery, or simply wait a few months until the battery is totally dead, and then hold down the power button for about a minute, you should be able to reset NVRAM thus clearing the faulty configuration value. Thanks @RockerFernando for the tip!

4 s5 rtc wake settings, 1 s5 rtc wake settings, 2 wake system with fixed time – Kontron CP3002 uEFI User Manual

Page 17: 3 wake system with dynamic time, S5 rtc wake settings, Wake system with fixed time, Wake-up hour, wake-up minute, wake-up second, Wake system with dynamic time, Cp3002/-rc/-ra uefi bios main setup

CP3002/-RC/-RA uEFI BIOS

ID 1042-8946, Rev. 3.0

P R E L I M I N A R Y

S5 RTC Wake Settings

This screen provides functions for specifying the S5 RTC Wake Settings.

S5 RTC Wake Settings

This function defines the RTC wake-up settings to allow the system to wake up from the S5
(soft off) state.

Wake System with Fixed Time

This function allows the system to wake up from S5 state at a specified time.

Default setting: Disabled

Wake-Up Hour, Wake-Up Minute, Wake-Up Second

This function is used to specify the hour (0-23), the minute (0-59) and the second (0-59) when
the system is to wake up from S5 state.

This function is available only when the function “Wake System with Fixed Time” is
set to Enabled.

Wake System with Dynamic Time

This function is intended for debugging purposes only and is therefore locked.

A p t i o S e t u p U t i l i t y — C o p y r i g h t ( C ) 2 0 0 9 A m e r i c a n M e g a t r e n d s , I n c .

Wake Up On Lan

Другие идентичные по назначению параметры: Wake on LAN from S5, MAC Resume From S3/S4, Power Up By Onboard LAN, Resume By WOL.

Опция Wake Up On Lan предназначена для включения или выключения технологии, позволяющей осуществлять пробуждение компьютера после сигнала, полученного из сети. Опция, как правило, может принимать всего лишь два значения – Enabled или Disabled.

Принцип работы

Большинству пользователей хорошо известно о том, что компьютер можно включить при помощи специальной кнопки на корпусе системного блока. Многие из читателей, наверняка знают также, что в том случае, если ПК находится в спящем режиме, то его можно включить, точнее говоря, перевести в состояние нормального энергопотребления при помощи нажатия клавиши клавиатуры, кнопки мыши или движения самой мыши – в зависимости от пользовательских настроек.

Но, наверное, далеко не все знают о том, что ПК можно пробудить извне, послав соответствующий сигнал по сети. Для этой цели используется специальный блок данных, который называется «магическим пакетом» (magic packet).

Протекает подобная разновидность пробуждения компьютера следующим образом. Поскольку во время пребывания компьютера в состоянии сна не все его компоненты полностью выключаются, то сетевая карта имеет возможность работать и отслеживать весь поступающий в компьютер сетевой трафик, однако при этом она не отвечает на сетевые запросы. В том же случае, если сетевая карта распознает набор байтов, составляющих «магический пакет», то сетевой адаптер посылает сигнал в BIOS и компьютер выходит из энергосберегающего режима.

Подобная технология называется Wake On LAN (пробуждение по сети). Для того, чтобы компьютер мог бы автоматически включаться при получении сетевого сигнала, должно соблюдаться несколько условий. Во-первых, BIOS ПК, а также сетевая карта, установленная в нем, должны поддерживать данную возможность. Само собой разумеется, что компьютер должен быть подключен к сети. Кроме того, данная технология должна быть включена в BIOS.

Описываемая опция как раз и предназначена для включения технологии сетевого пробуждения ПК. Обычными значениями опции являются Enabled и Disabled, первое из которых задействует технологию, а второе – позволяет ее выключить. Кроме того, в некоторых BIOS опция может носить и другие названия, например, MAC Resume From S3/S4, Resume By WOL, WOL (PME#) From Soft-Off, MACPME Power Up Control.

Стоит ли включать опцию?

Для большинства пользователей домашних компьютеров нет особой необходимости во включении технологии Wake On LAN, поэтому данную опцию можно оставить выключенной. Однако в ряде случаев, например, у системных администраторов, возникает необходимость в периодическом удаленном запуске компьютера для выполнения служебных задач. Для этой цели может пригодиться включение опции пробуждения компьютера по сети.