Hello Konrad,
Sunday, January 21, 2018, 3:12:07 PM, you wrote:
KE> You can probably set the DCI enable bit in the PCH softstraps in the KE> descriptor, no need to mess with the BIOS editing. It seems to be bit 17 KE> in strap 0, right next to the HAP bit:
KE> <LayoutEntry name="PchStrapDciEnabled" type="bitfield32" KE> value="0x1" offset="0x0" bitfield_high="17" bitfield_low="17" /> KE> <LayoutEntry name="reserve_hap" type="bitfield32" value="0x0" KE> offset="0x0" bitfield_high="16" bitfield_low="16" />
KE> (xml from the Intel Flash Image Tool).
KE> Interesting. Where can I read about this xml definition of the KE> softstrap. Which tool can I use to modify the PCH softstrap KE> section? Do I need to Intel Flash Image Tool for that, and where can KE> I download that one? I guess there are crcs and I cannot KE> just poke around?
XMLs are stored in compressed format (as Qt resource) inside the FIT binary. You can find one approach of extracting them in Positive Technologies blog:
http://blog.ptsecurity.com/2017/04/intel-me-way-of-static-analysis.html
You can indeed use FIT for setting the strap but you'll have to find it yourself :) Or you can just edit the descriptor directly - it's not protected by any checksums or signatures. Check e.g. how me_cleaner sets the HAP bit:
print("Setting the HAP bit in PCHSTRP0 to disable Intel ME...") fdf.seek(fpsba) pchstrp0 = unpack("<I", fdf.read(4))[0] pchstrp0 |= (1 << 16) fdf.write_to(fpsba, pack("<I", pchstrp0))
KE> I wonder weather DCI is left enabled when the BIOS start KE> initializing and probably I also need a softstrap bit for the KE> Debug Interface enable if I want to connect with DAL later?
This depends on the specific BIOS implementation. I guess it's possible that they turn off DCI if it's not explicitly enabled in settings, but maybe you can intercept this with the debugger.
KE> Why is this stuff so complicated?
It's not complicated to firmware engineers who are familiar with low-level details of the platform and have access to the Intel docs/tools and support... If this is complicated for you, maybe you are looking at the wrong thing.