- How to make sure the SPD EEPROM chip is not write-protected.
Publication 1.0 / November 4, 2015
As you are probably aware, SK Hynix, Samsung, Nanya Technology, Micron Technology, Crucial Technology and some other DIMM manufacturers are used to write-protecting the first 128 SPD bytes of EEPROM chip from being reprogramming by end-users. They have been practicing this restriction for at least 5 years since the end of 2010 by using Reversible Software Write Protection which cannot be removed within Windows environment. Besides, in 2013 Intel launched the 8 Series Chipset Family Platform Controller Hub with a dirty trick. The so-call “SPD Write Disable” bit was introduced to force the SMBus Host Controller of the chipset to disregard write commands to addresses 50h – 57h being related to SPD EEPROM. Motherboard’s BIOS sets this bit to enabled at POST. Thus the whole SPD array of 256 bytes of 2 Kbit chip becomes write-protected. Moreover, the annoying disable bit has been found a use in all subsequent Intel chipsets. This is the official relation of the company to SPD reprogramming. A reasonable question is: what the hell they do that for? SPD changing was the only way of over-clocking memory subsystem on notebooks and servers, fixing a large variety of compatibility bugs, etc. I, the author of Thaiphoon Burner software, hate to be limited to anything. Thanks to one man a good solution has been successfully found, but it does not work on Intel 100 Series Family Chipset PCH so far. So, it is definitely a shame on Intel and such motherboard manufacturers as MSI, Gigabyte, ASRock, ASUS that keep on dancing to Intel’s tune.
In order not to be fooled by DIMM manufacturer and to take benefit from a purchased license for Thaiphoon Burner software an idea of SPD Data Protection Test has been implemented in version 126.96.36.199. The purpose of this test is to check for any possible write-protection on SPD EEPROM with a capacity of 2 Kbit. Devices with this capacity are related to 24C02 and 34C02 classes and soldered on PCB of PC SDRAM, DDR SDRAM, DDR2 SDRAM, FB-DIMM and DDR3 SDRAM modules. Through making changes of the two typically unused SPD bytes with offsets 70h and A0h the Data Protection Test can determine three types of protection: Reversible Software Write Protection, Permanent Software Write Protection and Hardware Protection (via WP pin). Once the content of these SPD bytes has been changed to EEh the program restores it to the initial state. Otherwise, on failed attempts at change the program makes up a conclusion about a type of set protection.
To call the Data Protection Test dialog box select the Data Protection Test command under the EEPROM main menu of Thaiphoon Burner. Before calling it is strongly recommended to make a backup of SPD of all the DIMMs. If the control SPD bytes 70h and A0h are not restored normally you will refer to backups to know their initial values. To create backups just enable the Background Backup feature which is active by default and available under the Backup main menu. Read SPD data of each your DIMM.
In the list of available SPD EEPROM devices the only Location field is filled at start up. Click on the Test button to run the test which may take about 1 second to complete.
After the test is complete you will see test results in the columns Bytes 00h-7Fh and Bytes 80h-FFh. If one of the halves of SPD array is not protected the Not protected label is displayed in the corresponding column. If it is protected either with Permanent Software Write Protection or Reversible Software Write Protection the PSWP or RSWP label is displayed accordingly. The 24C02 class EEPROM provides only hardware write protection via WP-pin to protect all 256 SPD bytes. So, HWP is displayed in both the columns simultaneously if the protection has been determined.
Keep in mind that there may be rare occasions when the control SPD bytes 70h and A0h could not be restored to the initial state due to some kind of SMBus issues, e.g. SMBus deadlock or collision. Issues may happen when you have any temperature or voltage monitoring software running on the background. So, after testing you are required to check for the content of these bytes through the HEX Editor to ensure it is not set to EEh.
Under the Emergency main menu there is the Restore Control Bytes command that adds two new columns to the list of SPD EEPROM devices. Through these columns a user has a chance to manually restore the control bytes to their initial state. This is allowed even by the DEMO version of Thaiphoon Burner.
Enter the initial values to the corresponding fields of the columns and click on the Write button to program them.