mh
/
lc-coreboot
1
0
Fork 0
Code Releases 28 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
316 Commits
4 Branches
1.8 MiB
Tree: 31332120b6
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '31332120b6'
${ noResults }
lc-coreboot/util/me_cleaner/man/me_cleaner.md

166 lines
5.0 KiB
Raw Normal View History

add util/me_cleaner from me_cleaner-1.2 release archive
6 years ago
 
  1. [//]: # (Use md2man to generate the man page from this Markdown)
  2. [//]: # (https://github.com/sunaku/md2man)
  3. 

  4. me_cleaner 1 "MARCH 2018"
  5. =======================================
  6. 

  7. me\_cleaner
  8. ----
  9. 

  10. me\_cleaner -  Tool for partial deblobbing of Intel ME/TXE firmware images 
  11. 

  12. SYNOPSIS
  13. --------
  14. 

  15. `me_cleaner.py` [-h] [-v] [-O output\_file] [-S | -s] [-r] [-k]
  16. [-w whitelist | -b blacklist] [-d] [-t] [-c] [-D output\_descriptor]
  17. [-M output\_me\_image] *file*
  18. 

  19. DESCRIPTION
  20. -----------
  21. 

  22. `me_cleaner` is a tool able to disable parts of Intel ME/TXE by:
  23. 

  24.  * removing most of the code from its firmware
  25.  * setting a special bit to force it to disable itself after the hardware
  26. initialization
  27. 

  28. Using both the modes seems to be the most reliable way on many platforms.
  29. 

  30. The resulting modified firmware needs to be flashed (in most of the cases) with
  31. an external programmer, often a dedicated SPI programmer or a Linux board with
  32. a SPI master interface.
  33. 

  34. `me_cleaner` works at least from Nehalem to Coffee Lake (for Intel ME) and on
  35. Braswell/Cherry Trail (for Intel TXE), but may work as well on newer or
  36. different architectures.
  37. 

  38. While `me_cleaner` have been tested on a great number of platforms, fiddling
  39. with the Intel ME/TXE firmware is *very dangerous* and can easily lead to a
  40. dead PC.
  41. 

  42. *YOU HAVE BEEN WARNED.*
  43. 

  44. POSITIONAL ARGUMENTS
  45. --------------------
  46. 

  47. `file`
  48.   ME/TXE image or full dump.
  49. 

  50. OPTIONAL ARGUMENTS
  51. ------------------
  52. 

  53. `-h`, `--help`
  54.   Show the help message and exit.
  55. 

  56. `-v`, `--version`
  57.   Show program's version number and exit.
  58. 

  59. `-O`, `--output`
  60.   Save the modified image in a separate file, instead of modifying the
  61.   original file.
  62. 

  63. `-S`, `--soft-disable`
  64.   In addition to the usual operations on the ME/TXE firmware, set the
  65.   MeAltDisable bit or the HAP bit to ask Intel ME/TXE to disable itself after
  66.   the hardware initialization (requires a full dump).
  67. 

  68. `-s`, `--soft-disable-only`
  69.   Instead of the usual operations on the ME/TXE firmware, just set the
  70.   MeAltDisable bit or the HAP bit to ask Intel ME/TXE to disable itself after
  71.   the hardware initialization (requires a full dump).
  72. 

  73. `-r`, `--relocate`
  74.   Relocate the FTPR partition to the top of the ME region to save even more
  75.   space.
  76. 

  77. `-t`, `--truncate`
  78.   Truncate the empty part of the firmware (requires a separated ME/TXE image or
  79.   `--extract-me`).
  80. 

  81. `-k`, `--keep-modules`
  82.   Don't remove the FTPR modules, even when possible.
  83. 

  84. `-w`, `--whitelist`
  85.   Comma separated list of additional partitions to keep in the final image.
  86.   This can be used to specify the MFS partition for example, which stores PCIe
  87.   and clock settings.
  88. 

  89. `-b`, `--blacklist`
  90.   Comma separated list of partitions to remove from the image. This option
  91.   overrides the default removal list.
  92. 

  93. `-d`, `--descriptor`
  94.   Remove the ME/TXE Read/Write permissions to the other regions on the flash
  95.   from the Intel Flash Descriptor (requires a full dump).
  96. 

  97. `-D`, `--extract-descriptor`
  98.   Extract the flash descriptor from a full dump; when used with `--truncate`
  99.   save a descriptor with adjusted regions start and end.
  100. 

  101. `-M`, `--extract-me`
  102.   Extract the ME firmware from a full dump; when used with `--truncate` save a
  103.   truncated ME/TXE image.
  104. 

  105. `-c`, `--check`
  106.   Verify the integrity of the fundamental parts of the firmware and exit.
  107. 

  108. SUPPORTED PLATFORMS
  109. -------------------
  110. 

  111. Currently `me_cleaner` has been tested on the following platforms:
  112. 

  113. | PCH               | CPU               | ME   | SKU      |
  114. |:-----------------:|:-----------------:|:----:|:--------:|
  115. | Ibex Peak *       | Nehalem/Westmere  | 6.0  | Ignition |
  116. | Ibex Peak *       | Nehalem/Westmere  | 6.x  | 1.5/5 MB |
  117. | Cougar Point      | Sandy Bridge      | 7.x  | 1.5/5 MB |
  118. | Panther Point     | Ivy Bridge        | 8.x  | 1.5/5 MB |
  119. | Lynx/Wildcat Point| Haswell/Broadwell | 9.x  | 1.5/5 MB |
  120. | Wildcat  Point LP | Broadwell Mobile	| 10.0 | 1.5/5 MB |
  121. | Sunrise Point     | Skylake/Kabylake	| 11.x | CON/COR  |
  122. | Union Point       | Kabylake	        | 11.x | CON/COR  |
  123. 

  124. | SoC                   | TXE | SKU      |
  125. |:---------------------:|:---:|:--------:|
  126. | Braswell/Cherry Trail | 2.x | 1.375 MB |
  127. 

  128. \* Not working on coreboot
  129. 

  130. All the reports are available on the [project's GitHub page](
  131. https://github.com/corna/me_cleaner/issues/3).
  132. 

  133. EXAMPLES
  134. --------
  135. 

  136. Check whether the provided image has a valid structure and signature:
  137. 

  138.   `me_cleaner.py -c dumped_firmware.bin`
  139. 

  140. Remove most of the Intel ME firmware modules but don't set the HAP/AltMeDisable
  141. bit:
  142. 

  143.   `me_cleaner.py -S -O modified_me_firmware.bin dumped_firmware.bin`
  144. 

  145. Remove most of the Intel ME firmware modules and set the HAP/AltMeDisable bit,
  146. disable the Read/Write access of Intel ME to the other flash region, then
  147. relocate the code to the top of the image and truncate it, extracting a modified
  148. descriptor and ME image:
  149. 

  150.   `me_cleaner.py -S -r -t -d -D ifd_shrinked.bin -M me_shrinked.bin -O modified_firmware.bin full_dumped_firmware.bin`
  151. 

  152. BUGS
  153. ----
  154. 

  155. Bugs should be reported on the [project's GitHub page](
  156. https://github.com/corna/me_cleaner).
  157. 

  158. AUTHOR
  159. ------
  160. 

  161. Nicola Corna <nicola@corna.info>
  162. 

  163. SEE ALSO
  164. --------
  165. 

  166. flashrom(8), [me\_cleaner's Wiki](https://github.com/corna/me_cleaner/wiki)