XMLs are stored in compressed format (as Qt resource) inside the FIT binary. You can find one approach of extracting them in Positive Technologies blog:
http://blog.ptsecurity.com/2017/04/intel-me-way-of-static-analysis.html
You can indeed use FIT for setting the strap but you'll have to find it yourself :) Or you can just edit the descriptor directly - it's not protected by any checksums or signatures. Check e.g. how me_cleaner sets the HAP bit:
print("Setting the HAP bit in PCHSTRP0 to disable Intel ME...") fdf.seek(fpsba) pchstrp0 = unpack("<I", fdf.read(4))[0] pchstrp0 |= (1 << 16) fdf.write_to(fpsba, pack("<I", pchstrp0))
Hi Igor, I know your work and I want to give kudos to you. However without being kritical (it is just like that) I want to note the tips you read i.e. at winraid.com really make you just more confused - eather they are refering to programmes that are unavailabe or are from different contexts of Bios versions etc, or require you to handle weapongrade security bypasses.
Now I spent a whole weekend trying to enable DCI on the Brix. I managed it in the end using only Ru.efi.
Because maybe coreboot people without the money to buy a SystemStudio and XDP hardware for $5000 might find it interesting ther is a writeup here: https://gist.github.com/eiselekd/d235b52a1615c79d3c6b3912731ab9 b2#file-enabledci-txt I think this method is reasonably easy and the board is cheap ($400).
// Greetings Konrad