XMLs are stored in compressed format (as Qt resource) inside the FIT
binary. You can find one approach of extracting them in Positive
Technologies blog:

http://blog.ptsecurity.com/2017/04/intel-me-way-of-static-analysis.html

You can indeed use FIT for setting the strap but you'll have to find it yourself :) Or you
can just edit the descriptor directly - it's not protected by any
checksums or signatures. Check e.g. how me_cleaner sets the HAP bit:

print("Setting the HAP bit in PCHSTRP0 to disable Intel ME...")
fdf.seek(fpsba)
pchstrp0 = unpack("<I", fdf.read(4))[0]
pchstrp0 |= (1 << 16)
fdf.write_to(fpsba, pack("<I", pchstrp0))

Hi Igor, I know your work and I want to give kudos to you. However without being

kritical (it is just like that) I want to note the tips you read i.e. at winraid.com

really make you just more confused - eather they are refering to programmes that

are unavailabe or are from different contexts of Bios versions etc, or require you

to handle weapongrade security bypasses.

Now I spent a whole weekend trying to enable DCI on the Brix. I managed it

in the end using only Ru.efi.

Because maybe coreboot people without the money to buy a SystemStudio and XDP

hardware for $5000 might find it interesting ther is a writeup here:

https://gist.github.com/eiselekd/d235b52a1615c79d3c6b3912731ab9b2#file-enabledci-txt

I think this method is reasonably easy and the board is cheap ($400).

// Greetings Konrad