FM350-GL (installed in ThinkPad P1 Gen 5)
Bjørn Mork
bjorn at mork.no
Thu Sep 7 08:46:22 UTC 2023
Thilo-Alexander Ginkel <thilo at ginkel.com> writes:
> meanwhile I have an idea how the FCC unlock for the FM350-GL works:
>
> 1. Retrieve radio state (only continue iff locked [== 0])
> 2. Get challenge from modem
> via mbim_message_intel_mutual_authentication_fcc_lock_set_new
> 3. Compute a SHA256 hash
> 4. Unlock the modem
> using mbim_message_intel_mutual_authentication_fcc_lock_set_new
> 5. Validate radio state == 1
>
> There is also a dev code from DMI that probably influences the hash
> computation.
Nice! And I assume you have some ideas on how to compute the sha256
hash? Blind guessing would be very hard....
> Is there a way to try this procedure through mbimcli? I am currently
> running libmbim 1.28.4-1.
I guess you need the "Intel Mutual Authentication" service for that,
which looks like it will be in libmbim 1.30
I.e. you need to build a current development version of libmbim to test
it for now.
Bjørn
More information about the ModemManager-devel
mailing list