[coreboot] Disabling Intel ME 11 via undocumented mode

Timothy Pearson tpearson at raptorengineering.com
Wed Dec 13 18:54:04 CET 2017


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

According to Positive Technologies, on Skylake and higher (like the
Purism machines) the kernel loads the BUP, and the HAP bit only disables
the normal userspace processes [1].

What proof do you have that the kernel itself is halted?

[1] http://blog.ptsecurity.com/2017/08/disabling-intel-me.html

On 12/13/2017 11:34 AM, Youness Alaoui wrote:
>> I guess I still disagree with the use of the word "disabled".  If the ME
>> wasn't required for boot, and was actually disabled within a few cycles
>> of its CPU starting, the remaining attack surface simply wouldn't exist.
>>  This is not what happens though, and AFAIK even the ME kernel continues
>> to run since the ME needs to continue handling platform power events.
>> If this many holes are present in even the ROM code, then having the ME
>> kernel running remains a massive security problem.
>>
> 
> I'm just going to answer the bit about the use of the term "disabled".
> I've explained it in my blog post before (here if you missed it :
> https://puri.sm/posts/deep-dive-into-intel-me-disablement/) but I do
> believe the ME is in this case Disabled. What you are thinking about
> is what I called "Removed". The reason it's called disabled is because
> the ME stops running, it's not actively doing anything, it doesn't
> respond to HECI, it doesn't even boot into the kernel. You said that
> "the ME kernel continues to run", but that's not the case. The entire
> ME core stops execution during the bring-up phase, so it's technically
> disabled because it stops itself at some point after boot.
> Having the ME *removed* would be interesting because that would mean
> that even the bring up phase wouldn't get executed and we could remove
> the entire ME firmware from the flash. But that still wouldn't mean
> that nothing runs on the ME core because there is still some small
> code embeded in the ROM.
> Anyways, that's my justification on why using the term "disabled" is
> valid in this case when HAP is enabled. You are free to disagree if
> that didn't convince you.


- -- 
Timothy Pearson
Raptor Engineering
+1 (415) 727-8645 (direct line)
+1 (512) 690-0200 (switchboard)
https://www.raptorengineering.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQEcBAEBAgAGBQJaMWk6AAoJEK+E3vEXDOFbTnkH/30CN22Q0JG0bxxvG7NaRjUX
i4bsAVpdP+rbd9IlmMHDCPtYnmdoBWq81yXZx8iBAzTx5DJrU0lA0Kqr0RzIyNRx
pE4omRU2St342bQS5bf/UsFwT2WKR2vlE8u8NR4YiOXnJNySJ1gSQqzxB4uGwd7I
rcyMnScr4IKEgwiE3GA7HU4vHE2w66M6g0skhYQtquAm3ypajmwLUbFwsgiAp0l1
Azbt9pUFlp7McZTJusuRroWsDv1oOWQit3nH54i0yP6EajGWbZJ4+sAEQJSXVr9Q
6iuVDE8WfZsydARlvfM+hc0TyrGIv08EnLkhNOQjA4bfab6TxK1l2EnNE1STwXc=
=7rNS
-----END PGP SIGNATURE-----



More information about the coreboot mailing list