Very good presentation from Dmitry Sklyarov. Despite there are some inaccuracies, the work done by his team on ME 11 is impressive. :-)
Here, I am just thinking loud...
Interesting... ME 11 has some new HW concepts, introduced by INTEL for SKL onward. Knowing the EGO trips of the leading INTEL people, I would not be surprised to see that ARC/SPARC is actually swapped with quark (shrinked PENTIUM on 22nm), introduced as serious challenge to ARM in IOT space by BK, CEO of INTEL, when BK was just a TMG leader (Y2013). Quark is his beloved baby, crown of his technical career (leading him to be CEO).
Actually, quark is pushed into very serious designs all over the place, from 3 years ago, fast forwarded in Time. So quark could be the replacement. AS additional justification for BK's decisions, dated more than 3 years ago.
Looking what MINIX3 itself is, it kinda confirms my thoughts: http://www.minix3.org/ *MINIX 3 is a free, open-source, operating system designed to be highly reliable, flexible, and secure. It is based on a tiny microkernel running in kernel mode with the rest of the operating system running as a number of isolated, protected, processes in user mode.*
The another interesting fact I did not know is that ME is taking minimum 2x of consecutive 16MB of DRAM (this I new already), but that this DRAM is not accessible by OS, running on CPU. Thus, Since I know that these 32MB of memory are very close to TOM (on the first 4GB of memory), and reserved by the time HECI I/F starts synchronising BIOS and ME engines, by 99.999% users while BIOS executes, but for more Coreboot knowledgeable people right after MRC algorithm is done/executed), it forces me to think that there is another INTEL HW extension, hidden, which assures that this memory is NOT accessible. Or, perhaps, one of variable MTRR definitions is used for this purpose (procedure embedded in BIOS). I need to investigate more on this topic.
MINIX3 on the top of quark is viable design. Especially that there is superuser mode, there are discovered UNIX FS definitions (user/group/world permissions on extensions), and modular packages (all modern Linux distros have this concept). And... Notion of ring0 and ring3, introducing additional layer of ME protection (not available by RTOS ThreadX, my best guess).
Very interesting presentation, indeed. But I need to watch it several times, to let additional ideas to pop in my mind... ;-)
Thank you (Dmitry especially), Zoran
On Wed, Apr 26, 2017 at 10:57 PM, Patrick Georgi via coreboot < coreboot@coreboot.org> wrote:
Fun tidbit: The ME is running MINIX3 (confirmed by a file in the Google cache: http://webcache.googleusercontent.com/search? q=cache:tCcU0NRwTnQJ:ftp://ftp.supermicro.com/CDR-X11-UP_ 1.10_for_Intel_X11_UP_platform/Intel/ME/Other_ Licenses/Minix3_License.txt+&cd=1&hl=de&ct=clnk&gl=de&lr=lang_de%7Clang_en )
2017-04-26 22:47 GMT+02:00 Youness Alaoui <kakaroto@kakaroto.homelinux.net
: Thanks for the links. This is the article that I had seen : http://blog.ptsecurity.com/2017/04/intel-me-way-of-static-analysis.html
On Tue, Apr 25, 2017 at 10:38 AM, Shawn citypw@gmail.com wrote:
slide: https://www.troopers.de/downloads/troopers17/TR17_ME11_Static.pdf
video: https://www.youtube.com/watch?v=2_aokrfcoUk
-- coreboot mailing list: coreboot@coreboot.org https://mail.coreboot.org/mailman/listinfo/coreboot
-- coreboot mailing list: coreboot@coreboot.org https://mail.coreboot.org/mailman/listinfo/coreboot
-- Google Germany GmbH, ABC-Str. 19, 20354 Hamburg Registergericht und -nummer: Hamburg, HRB 86891, Sitz der Gesellschaft: Hamburg Geschäftsführer: Matthew Scott Sucherman, Paul Terence Manicle
-- coreboot mailing list: coreboot@coreboot.org https://mail.coreboot.org/mailman/listinfo/coreboot