Just to let you know, and it is a bit of a surprise move from GigaByte… but they now set bit-15 on MSR (MSR_PKG_CST_CONFIG_CONTROL) so it won’t boot without a PM patch.
Man. What a failure!
Pike's Universum
Great people share their wisdom without asking for anything in return…
Pike's Universum 
so you tried one GA board and think all are locked yet you fail to mention which board you have because only the overclocker boards are locked the rest are all good to go
Hold on. I have six motherboard here for testing, and they are all lock! Even two ultra cheap motherboards and a brand new one so it doesn’t look good.
well none of the ones i was sent are locked it must be just you
That is odd. May I ask when that was? Perhaps they changed the BIOS, because I just checked bit-15 (0x8000) of msr(0xE2) and it is the same story – bit-15 is set in the F2, F3 and the F4 BIOS versions – for the GA-B150M-D3H DDR3 and DDR4 (two boards that I am reviewing right now). Not exactly OC boards.
This is disappointing, I’ve waited for skylake support and wanted to buy the GA-Z170MX-Gaming 5 for my hackintosh build, have you happened to test that board?
No. I have not. Not yet. You can however download the BIOS from Gigabyte and use UEFIPatch to see if it is locked, and can be unlocked with it.
Hello Pike,
I have a Z77 with msr locked and I can’t find coderush’s PMpatch, what’s the solution to unlock?
Wasn’t that long replaced by UEFITool -> https://github.com/LongSoft/UEFITool/tree/master/UEFIPatch
Thanks Pike, I will try remove msr on my asrock
Do you know if GA-Z170X-UD3 is MSR locked?
Yes.
That’s bad news, I downloaded F4 bios and tried UEFI patch like you said in a previous comment but it could not find any patch. I then used UEFI tool and found 2 PowerMgmt things in the BIOS (PowerMgmtSmm – .fbd when extracted and PowerMgmtDxe – .ffs when extracted). PowerMgmtDxe has the same GUID as Haswell patch so I guess this is where the patch needs to be applied. How do you exactly check for MSR lock?
See if bit-15 (0x8000) is set.
Update: I extracted the body of PE32 image (PowerMgmtDxe) and used an online disassembler to get the ASM. I could not find 0xe2 in the asm. Does this mean that F4 is not MSR locked?
MSR 0xe2 is used during the initialising phase of the CPU so you must have missed it.
Thanks, I found it in CpuInitDxe( mov $0xe2,%ecx). Can these boards be flashed with patched UEFI?
Good. Now let’s talk about the value of %ecx so what is that set to?
I don’t know ASM, I mostly work with C++ and Objective-C. From what I read this instruction must be soon followed by 0xf.
Here is part of the code, I hope there is no problem posting it here.
There is and AND and CMP instruction with bit-15 in mind, which is the MSR lock bit (0x8000), so it looks like this BIOS is locked, but this is an assumption, because I haven’t seen the code myself.
Pikeralpha Have you tried the GA-H170N-wifi?.I have the F2 bios but I am not familiar with using UEFITool to check the bios file.Is there a tutorial available.
Thanks
No and not that I know of. Sorry.
can you list models?
also not related to this post but have you working Intel HD 530 (Skylake iGPU) on OSX?
can you upload some GFXBench and Compubench results to compare to Windows driver?
Not right now. The problem is that I am very busy with all sorts of things so I have barely time to reply here.
What about trying KernelPm=true in Clover?
Should work.
The issue should be fixed soon on Gigabyte Z170- got a beta bios today to test. 🙂
Great news .Will this work on the H170?
Thanks
When one BIOS is unlocked, then the rest usually follows a bit later. It may take some time, but things appear to be moving into the right direction.
Thanks to Adrian_DSL and Pike, I’ve found the real code that locks 0xE2 on Skylake platforms, it’s in SiInit module (GUID 299D6F8B-2EC9-4E40-9EC6-DDAA7EBF5FD9) and looks like this:
mov ecx,0xe2
rdmsr
and eax,0xffff7fff
mov DWORD PTR [ebp-0x8],edx
mov DWORD PTR [ebp-0xc],eax
cmp bl,0x1
jne $+8 <– this jump must be patched to jmp
or eax,0x8000
mov DWORD PTR [ebp-0xc],eax
mov edx,DWORD PTR [ebp-0x8]
mov eax,DWORD PTR [ebp-0xc]
mov ecx,0xe2
wrmsr
Please try to add the following lines to the end of patches.txt and rerun UEFIPatch:
# SiInit| Skylake
299D6F8B-2EC9-4E40-9EC6-DDAA7EBF5FD9 12 P:75080D00800000:EB080D00800000
Excellent work, as usual. Thanks!
If type 12 (TE image) patch doesn’t work on your BIOS, try type 10 (PE32 image) patch. Just repace 12 with 10 in the patch string above and try again.
I will add both strings into new UEFIPatch release, if someone confirts that the patch really works.
For my MB Asus X99-S Haswell-E CPU the code is like this
mov ecx, 0E2h ; ‘G’
rdmsr
shl rdx, 20h
or rax, rdx
mov [rsp+38h+arg_0], rax
bts dword ptr [rsp+38h+arg_0], 0Fh
mov rdx, [rsp+38h+arg_0]
mov eax, dword ptr [rsp+38h+arg_0]
shr rdx, 20h
wrmsr
Module is PpmInitialize, patch string:
3FFCAE95-23CF-4967-94F5-16352F68E43B 10 P:7428B9E20000000F3248C1E220480BC2:EB28B9E20000000F3248C1E220480BC2
I have a question i don’t know if i have this problem…
How do i know?
I have a ASRock X99 Extreme 4 with the E5-2658v4 it works very smooth, however with the E5-2683v3 it freezes after some minutes… only when no ssdt file is there it works stable but only at base freqency so no idle and no turbo
No. This issue is not related to a locked MSR 0xE2 register.