This is a work around patch( I think?): https://github.com/hardenedlinux/intelmetool/commit/ad778fc347b2bb0494abe2186632a072b8ad1a11
./intelmetool -s RCBA at 0x00000000 MEI not hidden on PCI, checking if visible MEI found: [8086:9d3a] Sunrise Point-LP CSME HECI ME Status : 0xa0000245 ME Status 2 : 0x86110306 ME: FW Partition Table : OK ME: Bringup Loader Failure : NO ME: Firmware Init Complete : YES ME: Manufacturing Mode : NO ME: Boot Options Present : NO ME: Update In Progress : NO ME: Current Working State : Normal ME: Current Operation State : M0 with UMA ME: Current Operation Mode : Normal ME: Error Code : No Error ME: Progress Phase : Clean Moff->Mx wake ME: Power Management Event : Pseudo-global reset ME: Progress Phase State : Unknown 0x11 PCI READ [bc] : 0x000000bc ME: Extend Register not valid ME seems okay on this board WRITE [00] : CB: 0x80040007 WRITE [00] : CB: 0x000002ff READ [08] : CB: 0x801c0007 READ [08] : CB: 0x000082ff READ [08] : CB: 0x000b0000 READ [08] : CB: 0x0000049c READ [08] : CB: 0x000b0000 READ [08] : CB: 0x0000049c READ [08] : CB: 0x000b0000 READ [08] : CB: 0x0000049c ME: Firmware Version 11.0.1180.0 (code) 11.0.1180.0 (recovery) 11.0.1180.0 (fitc) WRITE [00] : CB: 0x80080007 WRITE [00] : CB: 0x00000203 WRITE [00] : CB: 0x00000000 READ [08] : CB: 0x800d0007 READ [08] : CB: 0x00008203 READ [08] : CB: 0x00000000 READ [08] : CB: 0x111a4004 READ [08] : CB: 0x00000031 ME Capability: Full Network manageability : OFF ME Capability: Regular Network manageability : OFF ME Capability: Manageability : OFF ME Capability: Small business technology : OFF ME Capability: Level III manageability : OFF ME Capability: IntelR Anti-Theft (AT) : OFF ME Capability: IntelR Capability Licensing Service (CLS) : ON ME Capability: IntelR Power Sharing Technology (MPC) : OFF ME Capability: ICC Over Clocking : ON ME Capability: Protected Audio Video Path (PAVP) : ON ME Capability: IPV6 : OFF ME Capability: KVM Remote Control (KVM) : OFF ME Capability: Outbreak Containment Heuristic (OCH) : OFF ME Capability: Virtual LAN (VLAN) : ON ME Capability: TLS : OFF ME Capability: Wireless LAN (WLAN) : OFF exiting On Fri, Dec 30, 2016 at 11:04 AM, Shawn <[email protected]> wrote: > Hi Zoran, > > Thanks for the info. I added my Device ID into the intelmetool.h: > > diff --git a/intelmetool.h b/intelmetool.h > index d79d6b0..16ca43a 100644 > --- a/intelmetool.h > +++ b/intelmetool.h > @@ -225,6 +225,7 @@ > #define PCI_DEVICE_ID_INTEL_ICH9DO 0x2914 > #define PCI_DEVICE_ID_INTEL_ICH9R 0x2916 > #define PCI_DEVICE_ID_INTEL_ICH9 0x2918 > +#define PCI_DEVICE_ID_INTEL_SUNRISE 0x9d3a > > #define PCI_DEV_CAN_DISABLE_ME_IF_PRESENT(x) ( \ > ( (x) == PCI_DEVICE_ID_INTEL_ICH8 ) || \ > @@ -232,6 +233,7 @@ > ( (x) == PCI_DEVICE_ID_INTEL_ICH9DH ) || \ > ( (x) == PCI_DEVICE_ID_INTEL_ICH9DO ) || \ > ( (x) == PCI_DEVICE_ID_INTEL_ICH9R ) || \ > + ( (x) == PCI_DEVICE_ID_INTEL_SUNRISE ) || \ > ( (x) == PCI_DEVICE_ID_INTEL_ICH9 )) > > // Not sure at all > > This one should be the ME? > +-16.0 Intel Corporation Sunrise Point-LP CSME HECI [8086:9d3a] > > #./intelmetool -s > Not sure if ME hardware is present because you have a `Sunrise > Point-LP CSME HECI`, but it is possible to disable it if you do, > continuing... > RCBA at 0x00000000 > MEI not hidden on PCI, checking if visible > MEI device not found, huh? > exiting > > > > On Thu, Dec 29, 2016 at 12:50 AM, Zoran Stojsavljevic > <[email protected]> wrote: >>>> I'm not sure if intelmetool support Skylake as well. >> >> Investigated more. The coreboot intelmetool is the latest one, as I >> understood (comparing one from github and coreboot). >> >> And Sunrise Point is NOT supported (look into latest coreboot's >> coreboot/util/intelmetool/intelmetool.h). You can try to add it (as Device >> ID), manually, peek around the C code, and see if this can help you. >> >> Zoran >> >> On Wed, Dec 28, 2016 at 5:26 PM, Zoran Stojsavljevic >> <[email protected]> wrote: >>> >>> Hello Shawn, >>> >>> Please, follow my CLI transcript from my Future Fedora 26 VM over WIN10 >>> (now rawhide) with Fedora 4.8.15 kernel implanted (kernel 4.10.0-rc0 gives >>> me lot of griefs, I do not trust it, so I eliminated it for now): >>> >>> [zoran@localhost ~]$ cd projects/ >>> [zoran@localhost projects]$ mkdir intelmetool >>> [zoran@localhost projects]$ cd intelmetool/ >>> [zoran@localhost intelmetool]$ pwd >>> /home/zoran/projects/intelmetool >>> [zoran@localhost intelmetool]$ uname -r >>> 4.8.15-300.fc25.x86_64 >>> [zoran@localhost intelmetool]$ git clone >>> https://github.com/zamaudio/intelmetool.git >>> Cloning into 'intelmetool'... >>> remote: Counting objects: 214, done. >>> remote: Total 214 (delta 0), reused 0 (delta 0), pack-reused 214 >>> Receiving objects: 100% (214/214), 72.42 KiB | 0 bytes/s, done. >>> Resolving deltas: 100% (125/125), done. >>> [zoran@localhost intelmetool]$ ls -al >>> total 12 >>> drwxrwxr-x. 3 zoran zoran 4096 Dec 28 17:06 . >>> drwxrwxr-x. 10 zoran zoran 4096 Dec 28 17:05 .. >>> drwxrwxr-x. 3 zoran zoran 4096 Dec 28 17:06 intelmetool >>> [zoran@localhost intelmetool]$ cd intelmetool/ >>> [zoran@localhost intelmetool]$ ls -al >>> total 100 >>> drwxrwxr-x. 3 zoran zoran 4096 Dec 28 17:06 . >>> drwxrwxr-x. 3 zoran zoran 4096 Dec 28 17:06 .. >>> drwxrwxr-x. 8 zoran zoran 4096 Dec 28 17:06 .git >>> -rw-rw-r--. 1 zoran zoran 16 Dec 28 17:06 .gitignore >>> -rw-rw-r--. 1 zoran zoran 8956 Dec 28 17:06 intelmetool.c >>> -rw-rw-r--. 1 zoran zoran 9783 Dec 28 17:06 intelmetool.h >>> -rw-rw-r--. 1 zoran zoran 532 Dec 28 17:06 LICENSE >>> -rw-rw-r--. 1 zoran zoran 351 Dec 28 17:06 Makefile >>> -rw-rw-r--. 1 zoran zoran 16810 Dec 28 17:06 me.c >>> -rw-rw-r--. 1 zoran zoran 10622 Dec 28 17:06 me.h >>> -rw-rw-r--. 1 zoran zoran 7246 Dec 28 17:06 me_status.c >>> -rw-rw-r--. 1 zoran zoran 1109 Dec 28 17:06 mmap.c >>> -rw-rw-r--. 1 zoran zoran 224 Dec 28 17:06 mmap.h >>> -rw-rw-r--. 1 zoran zoran 90 Dec 28 17:06 README.md >>> [zoran@localhost intelmetool]$ su -m >>> Password: >>> [root@localhost intelmetool]# make >>> gcc -Wall -O0 -g -I. -c me_status.c -o me_status.o >>> gcc -Wall -O0 -g -I. -c me.c -o me.o >>> me.c: In function ‘mei_dump’: >>> me.c:63:18: warning: variable ‘csr’ set but not used >>> [-Wunused-but-set-variable] >>> struct mei_csr *csr; >>> ^~~ >>> gcc -Wall -O0 -g -I. -c mmap.c -o mmap.o >>> mmap.c: In function ‘map_physical_exact’: >>> mmap.c:11:26: warning: passing argument 1 of ‘mmap’ makes pointer from >>> integer without a cast [-Wint-conversion] >>> virt_addr = mmap(mapto, len, PROT_WRITE | PROT_READ, >>> MAP_SHARED|MAP_FIXED, >>> ^~~~~ >>> In file included from mmap.h:4:0, >>> from mmap.c:1: >>> /usr/include/sys/mman.h:57:14: note: expected ‘void *’ but argument is of >>> type ‘uint64_t {aka long unsigned int}’ >>> extern void *mmap (void *__addr, size_t __len, int __prot, >>> ^~~~ >>> gcc -Wall -O0 -g -I. -o intelmetool intelmetool.o me_status.o me.o mmap.o >>> -lpci >>> [root@localhost intelmetool]# date >>> Wed Dec 28 17:07:26 CET 2016 >>> [root@localhost intelmetool]# ls -al >>> total 228 >>> drwxrwxr-x. 3 zoran zoran 4096 Dec 28 17:07 . >>> drwxrwxr-x. 3 zoran zoran 4096 Dec 28 17:06 .. >>> drwxrwxr-x. 8 zoran zoran 4096 Dec 28 17:06 .git >>> -rw-rw-r--. 1 zoran zoran 16 Dec 28 17:06 .gitignore >>> -rwxr-xr-x. 1 root root 47008 Dec 28 17:07 intelmetool >>> -rw-rw-r--. 1 zoran zoran 8956 Dec 28 17:06 intelmetool.c >>> -rw-rw-r--. 1 zoran zoran 9783 Dec 28 17:06 intelmetool.h >>> -rw-rw-r--. 1 zoran zoran 22144 Dec 28 17:06 intelmetool.o >>> -rw-rw-r--. 1 zoran zoran 532 Dec 28 17:06 LICENSE >>> -rw-rw-r--. 1 zoran zoran 351 Dec 28 17:06 Makefile >>> -rw-rw-r--. 1 zoran zoran 16810 Dec 28 17:06 me.c >>> -rw-rw-r--. 1 zoran zoran 10622 Dec 28 17:06 me.h >>> -rw-r--r--. 1 root root 28984 Dec 28 17:07 me.o >>> -rw-rw-r--. 1 zoran zoran 7246 Dec 28 17:06 me_status.c >>> -rw-r--r--. 1 root root 15704 Dec 28 17:07 me_status.o >>> -rw-rw-r--. 1 zoran zoran 1109 Dec 28 17:06 mmap.c >>> -rw-rw-r--. 1 zoran zoran 224 Dec 28 17:06 mmap.h >>> -rw-r--r--. 1 root root 7648 Dec 28 17:07 mmap.o >>> -rw-rw-r--. 1 zoran zoran 90 Dec 28 17:06 README.md >>> [root@localhost intelmetool]# ./intelmetool >>> ME is not present on your board because we found a `82371AB/EB/MB PIIX4 >>> ISA`, you are safe, exiting >>> [root@localhost intelmetool]# >>> _______ >>> >>> Do NOT forget: I run Fedora rawhide on VMWorkstation 12.5.2 Type 2 HYP on >>> the top of WIN10 64 Pro! >>> >>> Please, do the same on Mint18 distro on raw HW, and see if this will give >>> you some different results then what you have presently? >>> >>> Please, let us know! >>> >>> Zoran >>> >>> On Wed, Dec 28, 2016 at 11:06 AM, Shawn <[email protected]> wrote: >>>> >>>> Hi Zoran, >>>> >>>> I created hwdb.bin via: >>>> >>>> # udevadm hwdb --update >>>> >>>> The result is still "segfault". dmesg: >>>> >>>> [ 972.044664] intelmetool[5055]: segfault at 16 ip 000000000040169e >>>> sp 000072ed96a44680 error 4 in intelmetool[400000+6000] >>>> [ 972.044674] grsec: Segmentation fault occurred at 0000000000000016 >>>> in /usr/local/bin/intelmetool[intelmetool:5055] uid/euid:0/0 >>>> gid/egid:0/0, parent /bin/bash[bash:4332] uid/euid:0/0 gid/egid:0/0 >>>> [ 972.044685] grsec: denied resource overstep by requesting 4096 for >>>> RLIMIT_CORE against limit 0 for >>>> /usr/local/bin/intelmetool[intelmetool:5055] uid/euid:0/0 >>>> gid/egid:0/0, parent /bin/bash[bash:4332] uid/euid:0/0 gid/egid:0/0 >>>> >>>> >>>> On Mon, Dec 26, 2016 at 9:49 PM, Zoran Stojsavljevic >>>> <[email protected]> wrote: >>>> > Not sure if your strace log has anything to do with intelmetool. >>>> > >>>> > I did on your strace log the following (and in RED is possible cause of >>>> > your >>>> > problems): >>>> > >>>> > [zoran@localhost projects]$ cat crash.log | grep ENOENT >>>> > access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or >>>> > directory) >>>> > access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or >>>> > directory) >>>> > access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or >>>> > directory) >>>> > access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or >>>> > directory) >>>> > access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or >>>> > directory) >>>> > access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or >>>> > directory) >>>> > access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or >>>> > directory) >>>> > access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or >>>> > directory) >>>> > access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or >>>> > directory) >>>> > open("/usr/share/misc/pci.ids.gz", O_RDONLY) = -1 ENOENT (No such file >>>> > or >>>> > directory) >>>> > connect(4, {sa_family=AF_LOCAL, sun_path="/var/run/nscd/socket"}, 110) >>>> > = -1 >>>> > ENOENT (No such file or directory) >>>> > connect(4, {sa_family=AF_LOCAL, sun_path="/var/run/nscd/socket"}, 110) >>>> > = -1 >>>> > ENOENT (No such file or directory) >>>> > access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or >>>> > directory) >>>> > access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or >>>> > directory) >>>> > access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or >>>> > directory) >>>> > access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or >>>> > directory) >>>> > open("/root/.pciids-cache", O_RDONLY) = -1 ENOENT (No such file or >>>> > directory) >>>> > open("/etc/systemd/hwdb/hwdb.bin", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No >>>> > such >>>> > file or directory) >>>> > open("/etc/udev/hwdb.bin", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such >>>> > file or >>>> > directory) >>>> > open("/usr/lib/systemd/hwdb/hwdb.bin", O_RDONLY|O_CLOEXEC) = -1 ENOENT >>>> > (No >>>> > such file or directory) >>>> > open("/lib/systemd/hwdb/hwdb.bin", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No >>>> > such >>>> > file or directory) >>>> > [zoran@localhost projects]$ >>>> > >>>> > I guess, you have one very important missing file in your Linux >>>> > configuration, this one: /etc/systemd/hwdb/hwdb.bin... >>>> > /etc/udev/hwdb.bin ?! >>>> > >>>> > Here is good read: >>>> > https://www.freedesktop.org/software/systemd/man/hwdb.html >>>> > >>>> > http://www.dsm.fordham.edu/cgi-bin/man-cgi.pl?topic=systemd-hwdb&sect=8 >>>> > >>>> > Have no idea who is creating this file, but you can check your Linux >>>> > distro >>>> > / tree with the following paths to find hwdb.bin: >>>> > >>>> > /etc/systemd/hwdb/hwdb.bin >>>> > /etc/udev/hwdb.bin <<======= In my Fedora rawhide VM >>>> > (future Fedora 26) I have here hwdb.bin ======= >>>> > /usr/lib/systemd/hwdb/hwdb.bin >>>> > /lib/systemd/hwdb/hwdb.bin >>>> > >>>> > If you don't have in any, please, create one with the following link: >>>> > >>>> > http://www.dsm.fordham.edu/cgi-bin/man-cgi.pl?topic=systemd-hwdb&sect=8 >>>> > >>>> > Please, let us know! >>>> > >>>> > Zoran >>>> > >>>> > On Mon, Dec 26, 2016 at 3:42 PM, Shawn <[email protected]> wrote: >>>> >> >>>> >> Hi, >>>> >> >>>> >> intelmetool occurs "segfault" on my laptop running Mint 18 with >>>> >> PaX/Grsecurity 4.7.10. The PCI info: >>>> >> >>>> >> -[0000:00]-+-00.0 Intel Corporation Sky Lake Host Bridge/DRAM >>>> >> Registers [8086:1904] >>>> >> +-02.0 Intel Corporation Sky Lake Integrated Graphics >>>> >> [8086:1916] >>>> >> +-04.0 Intel Corporation Skylake Processor Thermal >>>> >> Subsystem [8086:1903] >>>> >> +-14.0 Intel Corporation Sunrise Point-LP USB 3.0 xHCI >>>> >> Controller [8086:9d2f] >>>> >> +-14.2 Intel Corporation Sunrise Point-LP Thermal >>>> >> subsystem [8086:9d31] >>>> >> +-15.0 Intel Corporation Sunrise Point-LP Serial IO I2C >>>> >> Controller [8086:9d60] >>>> >> +-15.1 Intel Corporation Sunrise Point-LP Serial IO I2C >>>> >> Controller [8086:9d61] >>>> >> +-16.0 Intel Corporation Sunrise Point-LP CSME HECI >>>> >> [8086:9d3a] >>>> >> +-1c.0-[01]----00.0 NVIDIA Corporation GM107M [GeForce GTX >>>> >> 960M] [10de:139b] >>>> >> +-1c.4-[02]----00.0 Samsung Electronics Co Ltd NVMe SSD >>>> >> Controller [144d:a802] >>>> >> +-1c.6-[03]----00.0 Qualcomm Atheros Killer E2400 Gigabit >>>> >> Ethernet Controller [1969:e0a1] >>>> >> +-1c.7-[04]----00.0 Qualcomm Atheros QCA6174 802.11ac >>>> >> Wireless Network Adapter [168c:003e] >>>> >> +-1d.0-[05]----00.0 Samsung Electronics Co Ltd NVMe SSD >>>> >> Controller [144d:a802] >>>> >> +-1d.2-[06-3e]-- >>>> >> +-1f.0 Intel Corporation Sunrise Point-LP LPC Controller >>>> >> [8086:9d48] >>>> >> +-1f.2 Intel Corporation Sunrise Point-LP PMC [8086:9d21] >>>> >> +-1f.3 Intel Corporation Sunrise Point-LP HD Audio >>>> >> [8086:9d70] >>>> >> \-1f.4 Intel Corporation Sunrise Point-LP SMBus >>>> >> [8086:9d23] >>>> >> >>>> >> The crash log was attached! I'm not sure if intelmetool support >>>> >> Skylake as well. One tiny feature of PaX/Grsecurity prevent the ioperm >>>> >> for killing the potential threats in case which >>>> >> the adversary re-flash the SPI ROM once they get the root priv. It >>>> >> does affect flashrom but intelmetool. I also ran intelmetool on the >>>> >> distro( Mint 18) kernel and got the same result. >>>> >> >>>> >> >>>> >> -- >>>> >> GNU powered it... >>>> >> GPL protect it... >>>> >> God blessing it... >>>> >> >>>> >> regards >>>> >> Shawn >>>> >> >>>> >> -- >>>> >> coreboot mailing list: [email protected] >>>> >> https://www.coreboot.org/mailman/listinfo/coreboot >>>> > >>>> > >>>> >>>> >>>> >>>> -- >>>> GNU powered it... >>>> GPL protect it... >>>> God blessing it... >>>> >>>> regards >>>> Shawn >>> >>> >> > > > > -- > GNU powered it... > GPL protect it... > God blessing it... > > regards > Shawn -- GNU powered it... GPL protect it... God blessing it... regards Shawn -- coreboot mailing list: [email protected] https://www.coreboot.org/mailman/listinfo/coreboot
