Schrödinger's Trusted Download. Intel Boot Guard

Peb thov kom mus rau theem qis dua thiab tham txog kev ruaj ntseg ntawm firmware rau x86-tshaj computer platforms. Lub sijhawm no, cov khoom tseem ceeb ntawm txoj kev tshawb no yog Intel Boot Guard (tsis yog yuav tsum tsis meej pem nrog Intel BIOS Guard!) - kho vajtse-txhawb kev ntseeg siab BIOS khau raj thev naus laus zis uas lub khoos phis tawj cov neeg muag khoom tuaj yeem ua haujlwm mus tas li lossis lov tes taw ntawm theem tsim khoom. Zoo, daim ntawv qhia kev tshawb fawb yog twb paub lawm rau peb: thinly hlais qhov kev siv ntawm no technology siv rov qab engineering, piav qhia txog nws architecture, sau nws nrog undocumented cov ntsiab lus, lub caij nrog nres vectors mus saj thiab sib tov. Cia peb ntxiv roj rau zaj dab neeg ntawm yuav ua li cas kab laum uas tau cloned rau ntau xyoo hauv kev tsim khoom ntawm ntau tus neeg muag khoom tso cai rau tus neeg tuaj yeem siv cov thev naus laus zis no los tsim cov cuab yeej zais zais hauv lub kaw lus uas tsis tuaj yeem tshem tawm (txawm tias muaj tus programmer).

Los ntawm txoj kev, tsab xov xwm yog raws li cov lus ceeb toom "Rau Guard ntawm Rootkits: Intel BootGuard" los ntawm lub rooj sib tham ZeroNights 2016 thiab 29 lub rooj sib tham DefCon Russia (ob qhov kev nthuav qhia no).

Firmware rau lub computer platform nrog Intel 64 architecture

Ua ntej, cia peb teb cov lus nug: dab tsi yog lub firmware ntawm lub computer niaj hnub platform nrog Intel 64 architecture? Tau kawg, UEFI BIOS. Tab sis cov lus teb zoo li no yuav tsis raug. Cia peb saib ntawm daim duab, uas qhia tau hais tias lub desktop (laptop) version ntawm no architecture.

Lub hauv paus yog qhov txuas:

• Processor (CPU, Central Processing Unit), uas, ntxiv rau lub ntsiab cores, muaj ib tug built-in graphics core (tsis nyob rau hauv tag nrho cov qauv) thiab ib tug nco controller (IMC, Integrated Memory Controller);
• Chipset (PCH, Platform Controller Hub), muaj ntau yam controllers rau interacting nrog peripheral li thiab tswj subsystems. Ntawm lawv yog cov paub zoo Intel Management Engine (ME), uas kuj muaj firmware (Intel ME firmware).

Laptops, ntxiv rau cov saum toj no, yuav tsum muaj ib tug built-in maub los (ACPI EC, Advanced Control thiab Fais fab Interface Embedded Controller), uas yog lub luag hauj lwm rau lub lag luam ntawm lub hwj chim subsystem, touchpad, keyboard, Fn yuam sij (screen brightness, suab ntim. , keyboard backlight, thiab lwm yam) thiab lwm yam. Thiab nws kuj muaj nws tus kheej firmware.

Yog li, tag nrho ntawm cov firmware saum toj no yog lub firmware ntawm lub khoos phis tawj platform (system firmware), uas yog khaws cia rau ntawm SPI flash memory. Yog li ntawd cov neeg siv ntawm lub cim xeeb no tsis txhob tsis meej pem txog qhov twg nws yog, cov ntsiab lus ntawm lub cim xeeb no tau muab faib ua cov cheeb tsam hauv qab no (raws li qhia hauv daim duab):

• UEFI BIOS;
• ACPI EC firmware (ib cheeb tsam sib cais tau tshwm sim nrog Skylake processor microarchitecture (2015), tab sis nyob rau hauv-lub-kub peb tseem tsis tau pom cov piv txwv ntawm nws siv, yog li cov firmware ntawm built-in maub los tseem muaj nyob rau hauv UEFI BIOS) ;
• Intel ME firmware;
• configuration (MAC chaw nyob, thiab lwm yam) ntawm built-in GbE (Gigabit Ethernet) network adapter;
• Flash Descriptors yog thaj chaw tseem ceeb ntawm flash nco uas muaj cov taw qhia rau lwm thaj chaw, nrog rau kev tso cai nkag mus rau lawv.

Tus tswv tsheb npav SPI, tus tswj hwm SPI ua rau hauv lub chipset, los ntawm kev nkag mus rau lub cim xeeb no, yog lub luag haujlwm rau delimiting nkag mus rau cheeb tsam (raws li kev tso cai). Yog tias kev tso cai raug teeb tsa rau Intel qhov kev pom zoo (rau kev ruaj ntseg) qhov tseem ceeb, ces txhua tus neeg siv SPI flash muaj kev nkag tau tag nrho (nyeem / sau) rau lawv thaj av nkaus xwb. Thiab tus so yog nyeem nkaus xwb los yog siv tsis tau. Qhov tseeb paub zoo: ntawm ntau lub tshuab, CPU muaj tag nrho nkag mus rau UEFI BIOS thiab GbE, nyeem nkag mus rau flash piav qhia nkaus xwb, thiab tsis muaj kev nkag mus rau Intel ME cheeb tsam txhua. Vim li cas rau ntau, thiab tsis yog txhua tus? Qhov pom zoo tsis tas yuav tsum tau. Peb mam li qhia rau koj paub ntau ntxiv tom qab hauv tsab xov xwm.

Mechanisms tiv thaiv lub computer platform firmware los ntawm kev hloov kho

Obviously, lub firmware ntawm lub computer platform yuav tsum tau kev tiv thaiv los ntawm tej yam kev puas tsuaj, uas yuav tso cai rau ib tug muaj peev xwm tawm tsam kom tau ib tug foothold nyob rau hauv nws (muaj sia nyob OS hloov tshiab / reinstallations), coj lawv cov cai nyob rau hauv lub feem ntau privileged hom, thiab lwm yam. Thiab txwv tsis pub nkag mus rau SPI flash nco cheeb tsam yog, ntawm chav kawm, tsis txaus. Yog li ntawd, txhawm rau tiv thaiv lub firmware los ntawm kev hloov kho, ntau yam txheej txheem tshwj xeeb rau txhua qhov chaw ua haujlwm tau siv.

Yog li, Intel ME firmware tau kos npe los tswj kev ncaj ncees thiab qhov tseeb, thiab raug tshuaj xyuas los ntawm ME maub los txhua zaus nws thauj mus rau hauv ME UMA nco. Cov txheej txheem pov thawj no twb tau tham los ntawm peb hauv ib qho ntawm cov ntawv, mob siab rau Intel ME subsystem.

Thiab ACPI EC firmware, raws li txoj cai, tsuas yog kuaj xyuas kev ncaj ncees. Txawm li cas los xij, vim qhov tseeb tias qhov binary no suav nrog hauv UEFI BIOS, nws yuav luag ib txwm raug rau tib txoj kev tiv thaiv uas UEFI BIOS siv. Wb tham txog lawv.

Cov txheej txheem no tuaj yeem muab faib ua ob pawg.

Sau kev tiv thaiv hauv cheeb tsam UEFI BIOS

1. Kev tiv thaiv lub cev ntawm cov ntsiab lus ntawm SPI flash nco nrog sau-tiv thaiv jumper;
2. Tiv thaiv qhov projection ntawm UEFI BIOS cheeb tsam hauv qhov chaw nyob CPU siv PRx chipset sau npe;
3. Thaiv kev sim sau ntawv mus rau UEFI BIOS cheeb tsam los ntawm kev tsim thiab ua cov sib txuas SMI cuam tshuam los ntawm kev teeb tsa BIOS_WE/BLE thiab SMM_BWP cov khoom hauv chipset sau npe;
4. Ib qho kev tshaj lij ntawm kev tiv thaiv no yog Intel BIOS Guard (PFAT).

Ntxiv rau cov txheej txheem no, cov neeg muag khoom tuaj yeem tsim thiab siv lawv tus kheej kev ruaj ntseg ntsuas (piv txwv li, kos npe tshuaj ntsiav nrog UEFI BIOS hloov tshiab).

Nws yog ib qho tseem ceeb uas yuav tsum nco ntsoov tias ntawm ib qho system tshwj xeeb (nyob ntawm tus neeg muag khoom), tsis yog tag nrho cov txheej txheem tiv thaiv saum toj no yuav raug siv, lawv yuav tsis raug siv tag nrho, lossis lawv yuav raug siv rau hauv qhov tsis zoo. Koj tuaj yeem nyeem ntxiv txog cov txheej txheem no thiab qhov xwm txheej nrog lawv cov kev siv hauv qhov no tsab xov xwm. Rau cov neeg nyiam, peb xav kom koj nyeem tag nrho cov kab lus ntawm UEFI BIOS kev ruaj ntseg los ntawm CodeRush.

UEFI BIOS authentication

Thaum peb tham txog kev ntseeg siab khau raj, thawj yam uas los rau hauv siab yog Secure Boot. Txawm li cas los xij, architecturally nws yog tsim los xyuas qhov tseeb ntawm cov khoom sab nraud rau UEFI BIOS (tsav tsheb, bootloaders, thiab lwm yam), thiab tsis yog lub firmware nws tus kheej.

Yog li ntawd, Intel, hauv SoCs nrog Bay Trail microarchitecture (2012), tau siv cov khoom siv uas tsis yog neeg xiam oob qhab Secure Boot (Verified Boot), uas tsis muaj ib yam dab tsi nrog rau saum toj no hais txog Secure Boot thev naus laus zis. Tom qab ntawd (2013), qhov txheej txheem no tau txhim kho thiab tso tawm raws li lub npe Intel Boot Guard rau desktops nrog Haswell microarchitecture.

Ua ntej piav txog Intel Boot Guard, cia peb saib qhov kev ua haujlwm ib puag ncig hauv Intel 64 architecture, uas, ua ke, yog cov hauv paus ntawm kev ntseeg siab rau qhov kev ntseeg siab khau raj no.

Intel CPU

Cap qhia tias tus processor yog qhov chaw ua haujlwm tseem ceeb hauv Intel 64 architecture. Vim li cas nws yog lub hauv paus ntawm kev ntseeg siab? Nws hloov tawm tias dab tsi ua rau nws zoo li yog muaj cov hauv qab no:

• Microcode ROM yog qhov tsis hloov pauv, tsis yog rov sau dua lub cim xeeb rau khaws cia microcode. Nws ntseeg tau tias microcode yog qhov kev siv ntawm processor hais kom ua siv cov lus qhia yooj yim tshaj plaws. Nws tshwm sim hauv microcode ib yam nkaus kab. Yog li hauv BIOS koj tuaj yeem pom binaries nrog microcode hloov tshiab (overlaid thaum khau raj, vim ROM tsis tuaj yeem sau dua). Cov ntsiab lus ntawm cov binaries no yog encrypted, uas cuam tshuam rau kev tsom xam (yog li ntawd, cov ntsiab lus tshwj xeeb ntawm microcode tsuas yog paub rau cov neeg uas tsim nws), thiab kos npe los tswj kev ncaj ncees thiab qhov tseeb;
• AES tus yuam sij rau decrypting cov ntsiab lus ntawm microcode hloov tshiab;
• hash ntawm RSA pej xeem tus yuam sij siv los txheeb xyuas qhov kos npe ntawm microcode hloov tshiab;
• RSA pej xeem tseem ceeb hash, uas txheeb xyuas qhov kos npe ntawm Intel-tsim ACM (Authenticated Code Module) code modules, uas CPU tuaj yeem tso ua ntej BIOS tua (nyob zoo microcode) lossis thaum lub sijhawm ua haujlwm, thaum qee yam xwm txheej tshwm sim.

Intel ME

Peb qhov blog tau mob siab rau qhov kev ua haujlwm subsystem no ob lus. Cia peb nco qab tias qhov chaw ua haujlwm no yog ua raws li microcontroller ua rau hauv lub chipset thiab yog qhov zais thiab muaj cai tshaj plaws hauv lub cev.

Txawm hais tias nws tsis pub leej twg paub, Intel ME kuj yog lub hauv paus ntawm kev ntseeg vim nws muaj:

• ME ROM - uas tsis yog-volatile, tsis-rewritable nco (tsis muaj kev hloov tshiab yog muab) uas muaj cov pib code, raws li zoo raws li lub SHA256 hash ntawm RSA pej xeem key, uas txheeb xyuas qhov kos npe ntawm Intel ME firmware;
• AES tus yuam sij rau khaws cov ntaub ntawv zais cia;
• nkag mus rau ib txheej ntawm fuses (FPFs, Field Programmable Fuses) kev koom ua ke rau hauv lub chipset rau kev khaws cia ntawm qee cov ntaub ntawv, suav nrog cov uas tau teev tseg los ntawm lub khoos phis tawj muag khoom.

Intel Boot Guard 1.x

Kev lees paub me me. Intel Boot Guard thev naus laus zis version tus lej peb siv hauv kab lus no yog qhov tsis txaus ntseeg thiab yuav tsis muaj dab tsi cuam tshuam nrog tus lej siv hauv Intel cov ntaub ntawv sab hauv. Tsis tas li ntawd, cov ntaub ntawv muab ntawm no hais txog kev siv cov thev naus laus zis no tau txais thaum lub sijhawm rov qab engineering, thiab tej zaum yuav muaj qhov tsis raug piv rau cov lus qhia rau Intel Boot Guard, uas tsis zoo li yuav tsum tau tshaj tawm.

Yog li, Intel Boot Guard (BG) yog kho vajtse txhawb UEFI BIOS authentication verification technology. Kev txiav txim siab los ntawm nws cov lus piav qhia luv luv hauv phau ntawv [Platform Embedded Security Technology Revealed, tshooj khau raj nrog kev ncaj ncees, lossis tsis khau raj], nws ua haujlwm raws li kev ntseeg siab khau raj. Thiab thawj qhov txuas hauv nws yog khau raj code (microcode) hauv CPU, uas yog tshwm sim los ntawm qhov kev tshwm sim RESET (tsis txhob tsis meej pem nrog RESET vector hauv BIOS!). CPU pom cov code module tsim thiab kos npe los ntawm Intel (Intel BG startup ACM) ntawm SPI flash nco, thauj nws mus rau hauv nws lub cache, txheeb xyuas (nws twb tau sau tseg saum toj no tias CPU muaj hash ntawm pej xeem tus yuam sij uas txheeb xyuas ACM. kos npe) thiab pib.

Cov qauv code no yog lub luag haujlwm rau kev txheeb xyuas qhov pib me me ntawm UEFI BIOS - Initial Boot Block (IBB), uas, dhau los, muaj kev ua haujlwm rau kev txheeb xyuas qhov tseem ceeb ntawm UEFI BIOS. Yog li, Intel BG tso cai rau koj txheeb xyuas qhov tseeb ntawm BIOS ua ntej thauj khoom OS (uas tuaj yeem ua tau raws li kev saib xyuas ntawm Secure Boot technology).

Intel BG thev naus laus zis muab ob hom kev ua haujlwm (thiab ib qho tsis cuam tshuam nrog lwm tus, piv txwv li ob hom tuaj yeem qhib rau ntawm lub cev, lossis ob qho tib si tuaj yeem ua tsis taus).

Ntsuas khau raj

Hauv Measured Boot (MB) hom, txhua qhov kev tiv thaiv khau raj (pib nrog CPU khau raj ROM) " ntsuas" tus tom ntej siv lub peev xwm ntawm TPM (Trusted Platform Module). Rau cov uas tsis paub, cia kuv piav qhia.

TPM muaj PCRs (Platform Configuration Registers), uas qhov tshwm sim ntawm kev ua haujlwm hashing yog sau raws li cov qauv:

Cov. Tus nqi PCR tam sim no nyob ntawm qhov dhau los, thiab cov ntawv sau npe no tsuas yog rov pib dua thaum lub kaw lus RESET.

Yog li, hauv MB hom, ntawm qee lub sijhawm, PCRs qhia txog qhov tshwj xeeb (hauv lub peev xwm ntawm kev ua haujlwm hashing) tus lej ntawm cov lej lossis cov ntaub ntawv uas tau " ntsuas." PCR qhov tseem ceeb tuaj yeem siv rau hauv qee cov ntaub ntawv encryption (TPM_Seal) ua haujlwm. Tom qab no, lawv decryption (TPM_Unseal) yuav ua tau tsuas yog yog hais tias tus PCR qhov tseem ceeb tsis hloov raws li ib tug tshwm sim ntawm loading (piv txwv li, tsis yog ib qho "tseem" tivthaiv tau hloov).

VerifiedBoot

Qhov phem tshaj plaws rau cov neeg uas nyiam hloov kho UEFI BIOS yog Verified Boot (VB) hom, nyob rau hauv uas txhua lub khau raj tivthaiv cryptographically txheeb xyuas qhov ncaj ncees thiab qhov tseeb ntawm qhov tom ntej. Thiab nyob rau hauv cov ntaub ntawv ntawm kev pov thawj yuam kev, (ib ntawm) tshwm sim:

• kaw los ntawm lub sij hawm los ntawm 1 feeb mus rau 30 feeb (kom tus neeg siv muaj sij hawm los nkag siab tias yog vim li cas nws lub computer tsis khau raj, thiab, yog hais tias ua tau, sim rov qab BIOS);
• kev kaw tam sim ntawd (kom tus neeg siv tsis muaj sijhawm los nkag siab, tsawg dua ua, dab tsi);
• txuas ntxiv mus ua haujlwm nrog kev hais lus ntsiag to (qhov ntawd thaum tsis muaj sijhawm rau kev nyab xeeb, vim tias muaj ntau yam tseem ceeb ua).

Qhov kev xaiv ntawm kev nqis tes ua yog nyob ntawm qhov kev teeb tsa Intel BG uas tau teev tseg (xws li, ntawm txoj cai hu ua kev tswj hwm), uas tau sau tseg tas li los ntawm lub khoos phis tawj platform neeg muag khoom hauv qhov tshwj xeeb tsim cia - chipset fuses (FPFs). Peb yuav nyob ntawm qhov no hauv kev nthuav dav ntxiv tom qab.

Ntxiv rau qhov kev teeb tsa, tus neeg muag khoom tsim ob lub RSA 2048 yuam sij thiab tsim ob cov ntaub ntawv qauv (pom hauv daim duab):

1. Tus neeg muag khoom lub hauv paus tseem ceeb manifest (KEYM, OEM Root Key Manifest), uas muaj SVN (Security Version Number) ntawm no manifesto, SHA256 hash ntawm pej xeem tus yuam sij ntawm lub manifesto tom ntej, RSA pej xeem key (piv txwv li cov pej xeem ib feem ntawm lub tus neeg muag khoom tus yuam sij hauv paus) txhawm rau txheeb xyuas qhov kos npe ntawm daim ntawv qhia no thiab kos npe nws tus kheej;
2. IBB Manifest (IBBM, Initial Boot Block Manifest), uas muaj SVN ntawm no manifesto, SHA256 hash ntawm IBB, pej xeem tus yuam sij rau kev txheeb xyuas qhov kos npe ntawm daim ntawv qhia no thiab kos npe nws tus kheej.

Lub SHA256 hash ntawm OEM Root Key pej xeem tus yuam sij raug kaw tas li hauv chipset fuses (FPFs), ib yam li Intel BG teeb tsa. Yog tias Intel BG configuration muab rau kev suav nrog cov thev naus laus zis no, txij li tam sim no tsuas yog tus tswv ntawm qhov ntiag tug ntawm OEM Root Key tuaj yeem hloov kho BIOS ntawm qhov system no (piv txwv li, tuaj yeem suav cov kev qhia no), i.e. tus neeg muag khoom.

Thaum saib daim duab, kev tsis ntseeg tam sim ntawd tshwm sim txog qhov xav tau ntawm cov saw hlau pov thawj ntev - lawv tuaj yeem siv ib qho kev tshwm sim. Vim li cas thiaj nyuaj rau tej yam?

Qhov tseeb, Intel yog li muab cov neeg muag khoom nrog lub sijhawm los siv cov yuam sij IBB sib txawv rau cov kab sib txawv ntawm nws cov khoom thiab ib qho ua tus yuam sij hauv paus. Yog hais tias tus kheej ib feem ntawm tus yuam sij IBB (nrog rau qhov thib ob manifest tau kos npe) xau, qhov xwm txheej yuav cuam tshuam tsuas yog ib qho khoom lag luam thiab tsuas yog kom txog thaum tus neeg muag khoom tsim ib khub tshiab thiab suav nrog cov lus qhia rov qab hauv BIOS hloov tshiab tom ntej.

Tab sis yog tias tus yuam sij hauv paus (nrog rau thawj qhov tshwm sim tau kos npe) raug cuam tshuam, nws yuav tsis tuaj yeem hloov pauv tau; tsis muaj cov txheej txheem tshem tawm. lub hash ntawm pej xeem ib feem ntawm tus yuam sij no yog programmed rau hauv FPFs ib zaug thiab rau tag nrho.

Intel Boot Guard Configuration

Tam sim no cia peb saib ze dua ntawm Intel BG teeb tsa thiab cov txheej txheem tsim nws. Yog tias koj saib ntawm qhov sib thooj tab hauv GUI ntawm Flash Image Tool siv hluav taws xob los ntawm Intel System Tool Kit (STK), koj yuav pom tias Intel BG teeb tsa suav nrog cov hash ntawm pej xeem ib feem ntawm tus neeg muag khoom lub hauv paus tseem ceeb, ob peb ntawm. tsis meej qhov tseem ceeb, thiab lwm yam. Intel BG profile.

Cov qauv ntawm qhov profile no:

typedef struct BG_PROFILE
{
	unsigned long Force_Boot_Guard_ACM : 1;
	unsigned long Verified_Boot : 1;
	unsigned long Measured_Boot : 1;
	unsigned long Protect_BIOS_Environment : 1;
	unsigned long Enforcement_Policy : 2; // 00b – do nothing
                                              // 01b – shutdown with timeout
                                              // 11b – immediate shutdown
	unsigned long : 26;
};

Feem ntau, Intel BG teeb tsa yog qhov chaw hloov tau yooj yim. Xav txog, piv txwv li, tus chij Force_Boot_Guard_ACM. Thaum nws raug tshem tawm, yog BG startup ACM module ntawm SPI flash tsis pom, tsis muaj kev ntseeg siab khau raj yuav tshwm sim. Nws yuav tsis ntseeg.

Peb twb tau sau saum toj no tias txoj cai tswjfwm rau VB hom tuaj yeem teeb tsa kom yog tias muaj kev pov thawj yuam kev, qhov tsis ntseeg siab yuav tshwm sim.

Tso cov khoom no ntawm kev txiav txim siab ntawm cov neeg muag khoom ...

GUI qhov hluav taws xob muab cov hauv qab no "npaj-ua" profiles:

Tooj
Hom
piav qhia

0
No_FVME
Intel BG thev naus laus zis tsis ua haujlwm

1
VE
VB hom yog enabled, kaw los ntawm timeout

2
VME
ob hom yog enabled (VB thiab MB), kaw los ntawm timeout

3
VM
ob hom yog enabled, tsis txhob tua lub system

4
FVE
VB hom enabled, kaw tam sim

5
FVME
ob hom enabled, kaw tam sim ntawd

Raws li twb tau hais lawm, Intel BG teeb tsa yuav tsum tau sau ib zaug thiab rau tag nrho los ntawm tus neeg muag khoom rau hauv chipset fuses (FPFs) - me me (raws li cov ntaub ntawv tsis tau lees paub, tsuas yog 256 bytes) kho vajtse khaws cov ntaub ntawv hauv chipset, uas tuaj yeem ua haujlwm tau. sab nraum Intel cov chaw tsim khoom (yog vim li cas raws nraim Field Programmable Fuses).

Nws yog qhov zoo rau khaws cia configuration vim:

• muaj ib lub sij hawm-programmable cheeb tsam rau khaws cia cov ntaub ntawv (raws li qhov twg Intel BG configuration yog sau);
• Tsuas yog Intel ME tuaj yeem nyeem thiab ua haujlwm rau nws.

Yog li, txhawm rau teeb tsa kev teeb tsa rau Intel BG thev naus laus zis ntawm qhov tshwj xeeb, tus neeg muag khoom ua cov hauv qab no thaum lub sijhawm tsim khoom:

1. Siv cov cuab yeej siv Flash Image Tool (los ntawm Intel STK), nws tsim cov duab firmware nrog rau Intel BG teeb tsa hauv daim ntawv ntawm cov hloov pauv hauv thaj av Intel ME (lub npe hu ua daim iav ib ntus rau FPFs);
2. Siv Flash Programming Tool utility (los ntawm Intel STK), nws sau cov duab no rau lub kaw lus SPI flash nco thiab kaw qhov hu ua. hom kev tsim khoom (hauv qhov no, cov lus txib raug xa mus rau Intel ME).

Raws li qhov tshwm sim ntawm cov haujlwm no, Intel ME yuav ua raws li qhov tseem ceeb ntawm daim iav rau FPFs hauv cheeb tsam ME mus rau FPFs, teeb tsa cov kev daws teeb meem hauv SPI flash descriptors rau cov txiaj ntsig tau pom zoo los ntawm Intel (piav qhia thaum pib ntawm lub tsab xov xwm) thiab ua qhov system RESET.

Kev tshuaj xyuas ntawm Intel Boot Guard kev siv

Txhawm rau txheeb xyuas qhov kev siv ntawm cov thev naus laus zis no siv cov piv txwv tshwj xeeb, peb tau tshawb xyuas cov kab ke hauv qab no rau cov cim ntawm Intel BG thev naus laus zis:

system
Примечание

Gigabyte GA-H170-D3H
Skylake, muaj kev txhawb nqa

Gigabyte GA-Q170-D3H
Skylake, muaj kev txhawb nqa

Gigabyte GA-B150-HD3
Skylake, muaj kev txhawb nqa

MSI H170A Gaming Pro
Skylake, tsis muaj kev txhawb nqa

Lenovo ThinkPad 460
Skylake, txhawb nqa, technology enabled

Lenovo Yoga 2 Pro
Haswell, tsis muaj kev txhawb nqa

Lenovo U330p
Haswell, tsis muaj kev txhawb nqa

Los ntawm "kev txhawb nqa" peb txhais tau tias muaj Intel BG startup ACM module, cov lus qhia tau hais los saum toj no thiab cov lej sib txuas hauv BIOS, piv txwv li. kev siv rau kev tsom xam.

Ua piv txwv, cia peb coj tus rub tawm los ntawm chaw ua haujlwm. tus neeg muag khoom lub vev xaib duab ntawm SPI flash nco rau Gigabyte GA-H170-D3H (version F4).

Intel CPU khau raj ROM

Ua ntej tshaj plaws, cia peb tham txog qhov ua haujlwm ntawm lub processor yog Intel BG thev naus laus zis tau qhib.

Nws tsis tuaj yeem pom cov qauv ntawm decrypted microcode, yog li yuav ua li cas cov kev ua tau piav qhia hauv qab no yog siv (hauv microcode lossis kho vajtse) yog cov lus nug qhib. Txawm li cas los xij, nws yog qhov tseeb tias niaj hnub Intel processors "muaj peev xwm" ua cov haujlwm no.

Tom qab tawm hauv lub xeev RESET, lub processor (cov ntsiab lus ntawm lub cim xeeb flash twb tau teeb tsa rau hauv qhov chaw nyob) pom FIT (Firmware Interface Table) lub rooj. Nws yooj yim mus nrhiav; tus taw tes rau nws yog sau ntawm qhov chaw nyob FFFF FFC0h.

Hauv qhov piv txwv hauv kev xav, tus nqi FFD6 9500h nyob ntawm qhov chaw nyob no. Los ntawm kev nkag mus rau qhov chaw nyob no, tus processor pom FIT lub rooj, cov ntsiab lus uas tau muab faib ua cov ntaub ntawv. Thawj qhov nkag yog header ntawm cov qauv hauv qab no:

typedef struct FIT_HEADER
{
	char           Tag[8];     // ‘_FIT_   ’
	unsigned long  NumEntries; // including FIT header entry
	unsigned short Version;    // 1.0
	unsigned char  EntryType;  // 0
	unsigned char  Checksum;
};

Rau qee qhov laj thawj tsis paub, lub checksum tsis yog ib txwm suav hauv cov ntxhuav no (teb teb yog xoom).

Cov kev nkag mus ntxiv taw qhia rau ntau yam binaries uas yuav tsum tau parsed / tua ua ntej lub BIOS raug tua, i.e. ua ntej hloov mus rau qhov qub RESET vector (FFFF FFF0h). Cov qauv ntawm txhua qhov nkag yog raws li hauv qab no:

typedef struct FIT_ENTRY
{
	unsigned long  BaseAddress;
	unsigned long  : 32;
	unsigned long  Size;
	unsigned short Version;     // 1.0
	unsigned char  EntryType;
	unsigned char  Checksum;
};

Daim teb EntryType qhia koj hom thaiv qhov nkag nkag rau. Peb paub ntau hom:

enum FIT_ENTRY_TYPES
{
	FIT_HEADER = 0,
	MICROCODE_UPDATE,
	BG_ACM,
	BIOS_INIT = 7,
	TPM_POLICY,
	BIOS_POLICY,
	TXT_POLICY,
	BG_KEYM,
	BG_IBBM
};

Tam sim no nws pom tseeb tias ib qho ntawm cov ntawv nkag mus rau qhov chaw ntawm Intel BG startup ACM binary. Lub header qauv ntawm no binary yog ib yam rau code modules tsim los ntawm Intel (ACMs, microcode tshiab, Intel ME code seem, ...).

typedef struct BG_ACM_HEADER
{
	unsigned short ModuleType;     // 2
	unsigned short ModuleSubType;  // 3
	unsigned long  HeaderLength;   // in dwords
	unsigned long  : 32;
	unsigned long  : 32;
	unsigned long  ModuleVendor;   // 8086h
	unsigned long  Date;           // in BCD format
	unsigned long  TotalSize;      // in dwords
	unsigned long  unknown1[6];
	unsigned long  EntryPoint;
	unsigned long  unknown2[16];
	unsigned long  RsaKeySize;     // in dwords
	unsigned long  ScratchSize;    // in dwords
	unsigned char  RsaPubMod[256];
	unsigned long  RsaPubExp;
	unsigned char  RsaSig[256];
};

Lub processor thauj cov binary no rau hauv nws lub cache, txheeb xyuas nws thiab khiav nws.

Intel BG pib ACM

Raws li kev txheeb xyuas cov haujlwm ntawm ACM no, nws tau pom tseeb tias nws ua raws li hauv qab no:

• tau txais Intel BG teeb tsa los ntawm Intel ME, sau rau hauv chipset fuses (FPFs);
• pom KEYM thiab IBBM manifests thiab txheeb xyuas lawv.

Txhawm rau nrhiav pom cov ntawv no, ACM kuj siv FIT lub rooj, uas muaj ob hom kev nkag los qhia cov ntaub ntawv qauv (saib FIT_ENTRY_TYPES saum toj no).

Cia peb saib ze dua ntawm manifestos. Nyob rau hauv cov qauv ntawm thawj manifest, peb pom ob peb yam tsis meej pem, ib tug hash ntawm pej xeem tus yuam sij los ntawm qhov thib ob manifest, thiab pej xeem OEM Root Key kos npe raws li ib tug nested qauv:

typedef struct KEY_MANIFEST
{
	char           Tag[8];          // ‘__KEYM__’
	unsigned char  : 8;             // 10h
	unsigned char  : 8;             // 10h
	unsigned char  : 8;             // 0
	unsigned char  : 8;             // 1
	unsigned short : 16;            // 0Bh
	unsigned short : 16;            // 20h == hash size?
	unsigned char  IbbmKeyHash[32]; // SHA256 of an IBBM public key
	BG_RSA_ENTRY   OemRootKey;
};

typedef struct BG_RSA_ENTRY
{
	unsigned char  : 8;             // 10h
	unsigned short : 16;            // 1
	unsigned char  : 8;             // 10h
	unsigned short RsaPubKeySize;   // 800h
	unsigned long  RsaPubExp;
	unsigned char  RsaPubKey[256];
	unsigned short : 16;            // 14
	unsigned char  : 8;             // 10h
	unsigned short RsaSigSize;      // 800h
	unsigned short : 16;            // 0Bh
	unsigned char  RsaSig[256];
};

Txhawm rau txheeb xyuas OEM Root Key pej xeem tus yuam sij, peb nco qab tias peb siv SHA256 hash ntawm fuses, uas tam sim no tau txais los ntawm Intel ME.

Cia peb mus rau qhov thib ob manifesto. Nws muaj peb yam qauv:

typedef struct IBB_MANIFEST
{
	ACBP Acbp;         // Boot policies
	IBBS Ibbs;         // IBB description
	IBB_DESCRIPTORS[];
	PMSG Pmsg;         // IBBM signature
};

Thawj muaj qee qhov tsis tu ncua:

typedef struct ACBP
{
	char           Tag[8];          // ‘__ACBP__’
	unsigned char  : 8;             // 10h
	unsigned char  : 8;             // 1
	unsigned char  : 8;             // 10h
	unsigned char  : 8;             // 0
	unsigned short : 16;            // x & F0h = 0
	unsigned short : 16;            // 0 < x <= 400h
};

Qhov thib ob muaj SHA256 hash ntawm IBB thiab tus naj npawb ntawm cov lus piav qhia txog cov ntsiab lus ntawm IBB (piv txwv li, qhov hash yog xam los ntawm):

typedef struct IBBS
{
	char           Tag[8];            // ‘__IBBS__’
	unsigned char  : 8;               // 10h
	unsigned char  : 8;               // 0
	unsigned char  : 8;               // 0
	unsigned char  : 8;               // x <= 0Fh
	unsigned long  : 32;              // x & FFFFFFF8h = 0
	unsigned long  Unknown[20];
	unsigned short : 16;              // 0Bh
	unsigned short : 16;              // 20h == hash size ?
	unsigned char  IbbHash[32];       // SHA256 of an IBB
	unsigned char  NumIbbDescriptors;
};

Cov neeg piav qhia IBB ua raws li cov qauv no, ib qho tom qab lwm qhov. Lawv cov ntsiab lus muaj cov qauv hauv qab no:

typedef struct IBB_DESCRIPTOR
{
	unsigned long  : 32;
	unsigned long  BaseAddress;
	unsigned long  Size;
};

Nws yooj yim: txhua tus piav qhia muaj qhov chaw nyob / qhov loj ntawm IBB chunk. Yog li, kev sib txuas ntawm cov blocks taw qhia los ntawm cov neeg piav qhia (hauv qhov kev txiav txim ntawm tus neeg piav qhia lawv tus kheej) yog IBB. Thiab, raws li txoj cai, IBB yog qhov sau los ntawm tag nrho cov qauv ntawm SEC thiab PEI theem.

Qhov thib ob manifest yog ua tiav los ntawm cov qauv uas muaj IBB pej xeem tus yuam sij (tsim los ntawm SHA256 hash los ntawm thawj manifest) thiab kos npe ntawm qhov manifest:

typedef struct PMSG
{
	char           Tag[8];            // ‘__PMSG__’
	unsigned char  : 8;               // 10h
	BG_RSA_ENTRY   IbbKey;
};

Yog li, txawm tias ua ntej UEFI BIOS pib ua haujlwm, processor yuav tso ACM, uas yuav txheeb xyuas qhov tseeb ntawm cov ntsiab lus ntawm ntu nrog SEC thiab PEI theem code. Tom ntej no, tus processor tawm ACM, ua raws li RESET vector thiab pib ua tiav BIOS.

Cov kev muab pov thawj PEI yuav tsum muaj cov qauv uas yuav kuaj xyuas qhov seem ntawm BIOS (DXE code). Cov qauv no twb tau tsim los ntawm IBV (Independent BIOS Vendor) lossis tus neeg muag khoom nws tus kheej. Vim Tsuas yog Lenovo thiab Gigabyte systems tau nyob ntawm peb qhov kev pov tseg thiab muaj Intel BG kev txhawb nqa; cia peb saib cov cai muab rho tawm los ntawm cov tshuab no.

UEFI BIOS module LenovoVerifiedBootPei

Nyob rau hauv rooj plaub ntawm Lenovo, nws tau tig los ua LenovoVerifiedBootPei module {B9F2AC77-54C7-4075-B42E-C36325A9468D}, tsim los ntawm Lenovo.

Nws txoj haujlwm yog saib (los ntawm GUID) lub rooj hash rau DXE thiab txheeb xyuas DXE.

if (EFI_PEI_SERVICES->GetBootMode() != BOOT_ON_S3_RESUME)
{
	if (!FindHashTable())
		return EFI_NOT_FOUND;
	if (!VerifyDxe())
		return EFI_SECURITY_VIOLATION;
}

Хеш таблица {389CC6F2-1EA8-467B-AB8A-78E769AE2A15} имеет следующий формат:

typedef struct HASH_TABLE
{
	char          Tag[8];            // ‘$HASHTBL’
	unsigned long NumDxeDescriptors;
	DXE_DESCRIPTORS[];
};

typedef struct DXE_DESCRIPTOR
{
	unsigned char BlockHash[32];     // SHA256
	unsigned long Offset;
	unsigned long Size;
};

UEFI BIOS module BootGuardPei

Nyob rau hauv rooj plaub ntawm Gigabyte, nws tau dhau los ua lub BootGuardPei module {B41956E1-7CA2-42DB-9562-168389F0F066}, tsim los ntawm AMI, yog li ntawd, tam sim no hauv AMI BIOS nrog Intel BG kev txhawb nqa.

Nws kev khiav hauj lwm algorithm yog txawv me ntsis, txawm li cas los xij, nws boils mus rau tib yam:

int bootMode = EFI_PEI_SERVICES->GetBootMode();

if (bootMode != BOOT_ON_S3_RESUME &&
    bootMode != BOOT_ON_FLASH_UPDATE &&
    bootMode != BOOT_IN_RECOVERY_MODE)
{
	HOB* h = CreateHob();
	if (!FindHashTable())
		return EFI_NOT_FOUND;
	WriteHob(&h, VerifyDxe());
	return h;
}

Lub rooj hash {389CC6F2-1EA8-467B-AB8A-78E769AE2A15} nws tab tom nrhiav rau muaj hom hauv qab no:

typedef HASH_TABLE DXE_DESCRIPTORS[];

typedef struct DXE_DESCRIPTOR
{
	unsigned char BlockHash[32];     // SHA256
	unsigned long BaseAddress;
	unsigned long Size;
};

Intel Boot Guard 2.x

Cia peb tham luv luv txog lwm qhov kev siv ntawm Intel Boot Guard, uas tau pom nyob rau hauv cov txheej txheem tshiab raws li Intel SoC nrog Apollo Lake microarchitecture - ASRock J4205-IT.

Txawm hais tias qhov version no tsuas yog siv rau hauv SoCs (cov tshuab tshiab nrog Kaby Lake processor microarchitecture txuas ntxiv siv Intel Boot Guard 1.x), nws yog qhov txaus siab rau kev kawm cov kev xaiv tshiab architecture rau Intel SoC platforms, uas tau pom cov kev hloov pauv tseem ceeb, piv txwv:

• BIOS thiab Intel ME cheeb tsam (lossis Intel TXE, raws li cov lus siv rau Intel SoC) tam sim no yog ib cheeb tsam IFWI;
• Txawm hais tias Intel BG tau qhib rau ntawm lub platform, cov qauv xws li FIT, KEYM, IBBM tsis pom hauv flash nco;
• Ntxiv rau TXE thiab ISH cores (x86), ib qho tseem ceeb thib peb tau ntxiv rau lub chipset (ARC dua, los ntawm txoj kev) - PMC (Power Management Controller), uas cuam tshuam nrog kev ua haujlwm ntawm lub zog subsystem thiab kev saib xyuas kev ua haujlwm.

Cov ntsiab lus ntawm thaj av IFWI tshiab yog cov txheej txheem hauv qab no:

Ntxim ntxub
lub npe
piav qhia

0000h ib
SMIP
ib lub platform configuration, kos npe los ntawm tus neeg muag khoom

0000h ib
RBEP
Intel TXE firmware code section, x86, signed Intel

0001h ib
PMCP
Intel PMC firmware code seem, ARC, kos npe Intel

0002h ib
FTPR
Intel TXE firmware code section, x86, signed Intel

0007b000h ib
UCOD
microcode hloov tshiab rau CPU, kos npe los ntawm Intel

0008h ib
IBP
UEFI BIOS, SEC/PEI theem, x86, kos npe los ntawm tus neeg muag khoom

0021h ib
ISHC
Intel ISH firmware code seem, x86, kos npe los ntawm tus neeg muag khoom

0025h ib
NFTP
Intel TXE firmware code section, x86, signed Intel

0036h ib
IUNP
yog tsis paub

0038h ib
OBBP
UEFI BIOS, DXE theem, x86, tsis tau kos npe

Thaum lub sij hawm tsom xam ntawm TXE firmware, nws tau pom tseeb tias tom qab RESET, TXE khaws cov processor hauv lub xeev no kom txog thaum nws npaj cov ntsiab lus tseem ceeb ntawm qhov chaw nyob rau CPU (FIT, ACM, RESET vector ...). Ntxiv mus, TXE muab cov ntaub ntawv no tso rau hauv nws cov SRAM, tom qab ntawd nws muab cov processor nkag mus ib ntus thiab "tso tawm" nws los ntawm RESET.

Nyob tiv thaiv rootkits

Zoo, tam sim no cia peb mus rau qhov "kub" khoom. Peb ib zaug pom tias ntawm ntau lub tshuab, SPI flash descriptors muaj kev tso cai nkag mus rau thaj tsam ntawm SPI flash nco kom txhua tus neeg siv ntawm lub cim xeeb no tuaj yeem sau thiab nyeem txhua cheeb tsam. Cov. tsis muaj txoj kev.

Tom qab kuaj xyuas nrog MEinfo cov nqi hluav taws xob (los ntawm Intel STK), peb pom tias hom kev tsim khoom ntawm cov tshuab no tsis raug kaw, yog li ntawd, cov chipset fuses (FPFs) tau tso rau hauv lub xeev tsis tau teev tseg. Yog lawm, Intel BG tsis tau qhib lossis kaw hauv cov xwm txheej zoo li no.

Peb tab tom tham txog cov kab ke hauv qab no (nrog rau Intel BG thiab dab tsi yuav piav qhia hauv qab no hauv tsab xov xwm, peb yuav tham txog cov tshuab nrog Haswell processor microarchitecture thiab siab dua):

• tag nrho cov khoom Gigabyte;
• tag nrho cov khoom MSI;
• 21 qauv ntawm Lenovo laptops thiab 4 qauv ntawm Lenovo servers.

Tau kawg, peb tau tshaj tawm qhov kev tshawb pom rau cov neeg muag khoom no, nrog rau Intel.

Cov tshuaj tiv thaiv txaus tsuas yog los ntawm Lenovoleej twg paub qhov teeb meem thiab tso tawm ib thaj.

Gigabyte Lawv zoo li lees txais cov ntaub ntawv hais txog qhov muaj qhov tsis zoo, tab sis tsis tau hais tawm txhua txoj hauv kev.

Kev sib txuas lus nrog MSI tag nrho ntawm peb qhov kev thov kom xa koj tus yuam sij PGP pej xeem (kom xa lawv cov lus qhia txog kev nyab xeeb hauv daim ntawv encrypted). Lawv tau hais tias lawv "yog cov chaw tsim khoom kho vajtse thiab tsis tsim PGP yuam sij."

Tab sis cia peb mus rau lub ntsiab lus. Txij li thaum cov fuses tau tso rau hauv lub xeev tsis tau teev tseg, tus neeg siv (lossis tus neeg tawm tsam) tuaj yeem ua haujlwm rau lawv tus kheej (qhov nyuaj tshaj plaws yog nrhiav Intel STK). Txhawm rau ua qhov no, koj yuav tsum ua tiav cov kauj ruam hauv qab no.

1. Khau raj rau hauv Windows OS (feem ntau, cov kev ua tau piav qhia hauv qab no kuj tuaj yeem ua tiav hauv Linux, yog tias koj tsim ib qho analogue ntawm Intel STK rau OS xav tau). Siv cov khoom siv hluav taws xob MEinfo, xyuas kom tseeb tias cov fuses tsis tau programmed ntawm qhov system no.

2. Nyeem cov ntsiab lus ntawm flash nco siv Flash Programming Tool.

3. Qhib cov duab nyeem siv ib qho UEFI BIOS kho cov cuab yeej, ua qhov tsim nyog hloov pauv (qhia ib lub hauv paus, piv txwv li), tsim / kho KEYM thiab IBBM cov qauv uas twb muaj lawm hauv cheeb tsam ME.

Daim duab qhia txog cov pej xeem ib feem ntawm RSA tus yuam sij, qhov hash ntawm uas yuav tau programmed rau hauv chipset fuses nrog rau lwm qhov ntawm Intel BG configuration.

4. Siv Flash Image Tool, tsim cov duab firmware tshiab (los ntawm kev teeb tsa Intel BG teeb tsa).

5. Sau cov duab tshiab rau flash nco siv Flash Programming Tool, thiab tshawb xyuas siv MEinfo tias thaj tsam ME tam sim no muaj Intel BG teeb tsa.

6. Siv Flash Programming Tool los kaw hom kev tsim khoom.

7. Lub kaw lus yuav rov pib dua, tom qab ntawd koj tuaj yeem siv MEinfo los xyuas kom meej tias FPFs tam sim no programmed.

Cov kev ua no mus ib txhis pab Intel BG ntawm qhov system no. Qhov kev txiav txim tsis tuaj yeem thim rov qab, uas txhais tau tias:

• Tsuas yog tus tswv ntawm qhov ntiag tug ntawm lub hauv paus tseem ceeb (piv txwv li, tus uas tau qhib Intel BG) yuav tuaj yeem hloov kho UEFI BIOS ntawm qhov system no;
• Yog tias koj xa rov qab tus thawj firmware rau qhov system no, piv txwv li, siv tus programmer, nws yuav tsis txawm tig rau (ib qho txiaj ntsig ntawm txoj cai tswjfwm thaum muaj kev pov thawj yuam kev);
• Txhawm rau tshem tawm xws li UEFI BIOS, koj yuav tsum hloov lub chipset nrog programmed FPFs nrog "huv" ib qho (piv txwv li, resolder lub chipset yog tias koj tau nkag mus rau qhov chaw nres tsheb infrared tus nqi ntawm lub tsheb, lossis tsuas yog hloov lub motherboard. ).

Txhawm rau nkag siab tias lub hauv paus no tuaj yeem ua li cas, koj yuav tsum ntsuas qhov ua rau nws ua tau kom ua tiav koj cov cai hauv UEFI BIOS ib puag ncig. Wb hais tias, nyob rau hauv lub feem ntau tsim nyog processor hom - SMM. Xws li ib tug rootkit yuav muaj cov khoom nram qab no:

• tua nyob rau hauv parallel nrog OS (koj tuaj yeem teeb tsa kev ua haujlwm los tsim kev cuam tshuam SMI, uas yuav tshwm sim los ntawm lub sijhawm);
• muaj tag nrho cov txiaj ntsig ntawm kev nyob hauv SMM hom (tag nrho nkag mus rau cov ntsiab lus ntawm RAM thiab cov khoom siv kho vajtse, kev zais ntawm OS);
• Lub rootkit's program code tuaj yeem raug encrypted thiab decrypted thaum pib hauv SMM hom. Txhua cov ntaub ntawv muaj tsuas yog hauv SMM hom tuaj yeem siv los ua tus yuam sij encryption. Piv txwv li, ib qho hash los ntawm cov chaw nyob hauv SMRAM. Yuav kom tau txais tus yuam sij no, koj yuav tsum nkag mus rau hauv SMM. Thiab qhov no tuaj yeem ua tau ob txoj hauv kev. Nrhiav RCE hauv SMM code thiab siv nws, lossis ntxiv koj tus kheej SMM module rau BIOS, uas yog tsis yooj yim sua txij li thaum peb qhib Boot Guard.

Yog li, qhov tsis zoo no tso cai rau tus neeg tawm tsam:

• tsim ib tug zais, undeletable rootkit ntawm tsis paub lub hom phiaj nyob rau hauv lub system;
• Ua koj cov cai ntawm ib qho ntawm cov chipset cores hauv Intel SoC, uas yog, ntawm Intel ISH (ua tib zoo saib ntawm daim duab).

Txawm hais tias lub peev xwm ntawm Intel ISH subsystem tseem tsis tau tshawb nrhiav, nws zoo li yog qhov nthuav tawm vector rau Intel ME.

tshawb pom

1. Txoj kev tshawb no tau ua kom tau txais cov lus piav qhia txog kev ua haujlwm ntawm Intel Boot Guard thev naus laus zis. Tshem tawm ob peb qhov zais cia hauv Intel kev ruaj ntseg los ntawm cov qauv tsis meej.
2. Ib qho xwm txheej tawm tsam tau nthuav tawm uas tso cai rau koj los tsim ib qho uninstallable rootkit hauv qhov system.
3. Peb pom tias cov txheej txheem Intel niaj hnub no muaj peev xwm ua tiav ntau tus tswv code txawm tias ua ntej BIOS pib khiav.
4. Cov platforms nrog Intel 64 architecture tau dhau los ua tsawg dua thiab tsis tsim nyog rau kev khiav haujlwm dawb software: kho vajtse pov thawj, nce tus naj npawb ntawm cov cuab yeej cuab tam thiab cov txheej txheem subsystems (peb cores hauv SoC chipset: x86 ME, x86 ISH thiab ARC PMC).

Kev txo qis

Cov neeg muag khoom uas txhob txwm tawm ntawm kev tsim khoom qhib yuav tsum nco ntsoov kaw nws. Txog tam sim no, tsuas yog lawv lub qhov muag raug kaw, thiab Kaby Lake systems tshiab qhia qhov no.

Cov neeg siv tuaj yeem lov tes taw Intel BG ntawm lawv lub tshuab (uas muaj qhov cuam tshuam rau qhov tau piav qhia qhov tsis zoo) los ntawm kev khiav lub Flash Programming Tool nrog -closemnf parameter. Ua ntej, koj yuav tsum xyuas kom meej (siv MEinfo) tias Intel BG teeb tsa hauv cheeb tsam ME muab rau kev tua cov thev naus laus zis no tom qab kev ua haujlwm hauv FPFs.

Tau qhov twg los: www.hab.com