> > > XMLs are stored in compressed format (as Qt resource) inside the FIT > binary. You can find one approach of extracting them in Positive > Technologies blog: > > http://blog.ptsecurity.com/2017/04/intel-me-way-of-static-analysis.html > > You can indeed use FIT for setting the strap but you'll have to find it > yourself :) Or you > can just edit the descriptor directly - it's not protected by any > checksums or signatures. Check e.g. how me_cleaner sets the HAP bit: > > print("Setting the HAP bit in PCHSTRP0 to disable Intel ME...") > fdf.seek(fpsba) > pchstrp0 = unpack("<I", fdf.read(4))[0] > pchstrp0 |= (1 << 16) > fdf.write_to(fpsba, pack("<I", pchstrp0)) > > > Hi Igor, I know your work and I want to give kudos to you. However without being kritical (it is just like that) I want to note the tips you read i.e. at winraid.com really make you just more confused - eather they are refering to programmes that are unavailabe or are from different contexts of Bios versions etc, or require you to handle weapongrade security bypasses.
Now I spent a whole weekend trying to enable DCI on the Brix. I managed it in the end using only Ru.efi. Because maybe coreboot people without the money to buy a SystemStudio and XDP hardware for $5000 might find it interesting ther is a writeup here: https://gist.github.com/eiselekd/d235b52a1615c79d3c6b3912731ab9 b2#file-enabledci-txt I think this method is reasonably easy and the board is cheap ($400). // Greetings Konrad
-- coreboot mailing list: [email protected] https://mail.coreboot.org/mailman/listinfo/coreboot
