y locks out there:
https://twitter.com/citypw/status/1580541897604751361
Is this a bug or a feature that intends not to allow users to disable BIOS lock
(others as well) via Intel' public FSP binary blobs?
Thanks,
regards
Shawn
[1] FSP-S Issues
https://review.coreboot.org/plugins/giti
ng for something with a higher core density
> and overall availability. I know supply issues is a problem for everyone.
>
> Any more info on the hosts you manufactured?
>
> Thanks!
>
>
>
>
> > On Tuesday, Jul 12, 2022 at 10:17 PM, Shawn C
> > wrote:
> &g
n Building Blocks x86 server.
We used a assembly factory in Shenzhen. Sure you can find similar vendors in
other region (Vietnam/Mexico?).
regards
Shawn
On Tuesday, July 12th, 2022 at 11:01 PM, Jeremy Hansen via coreboot
wrote:
> I’ve looked at the list of hardware vendors. I see System76 li
Nice hunt, Arthur! The attack surface in coreboot is lesser than UEFI but the
misconfig during the setup will lead to serious issue. This one is neat and
worth a CVE. Please use CVE-2022-29264 as record:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29264
regards
Shawn
rdenedvault.net/2021/07/16/ciso-seceng_csme.html
regards
Shawn
___
coreboot mailing list -- coreboot@coreboot.org
To unsubscribe send an email to coreboot-le...@coreboot.org
OFTC respect more of user privacy but seems nobody are willing to use. Then
Matrix is a good option. Thanks.
regards
Shawn
___
coreboot mailing list -- coreboot@coreboot.org
To unsubscribe send an email to coreboot-le...@coreboot.org
uesday, January 5, 2021 4:11 PM, Harshit Sharma
wrote:
> Hi Shawn,
>
> I am glad that you found these sanitizers useful. Presently, Ubsan is
> available in ramstage on all platforms whereas ASan is only available on x86
> platforms. You can refer to this page to learn more abo
t. It would be
better if we add those debug features by default during the development which
could possibly kill more bugs in the coreboot and the sanitizers themselves.
Any ideas?
regards
Shawn C___
coreboot mailing list -- coreboot@coreboot.o
...
regards
Shawn
___
coreboot mailing list -- coreboot@coreboot.org
To unsubscribe send an email to coreboot-le...@coreboot.org
) from the drivers so I guess on 4.20 it won't
> crash, but still this cannot work.
> Thanks
> Tomas
--
GNU powered it...
GPL protect it...
God blessing it...
regards
Shawn
___
coreboot mailing list -- coreboot@coreboot.org
To uns
om [mailto:linux-mei-
> > requ...@eclists.intel.com] On Behalf Of Shawn
> > Sent: Tuesday, January 22, 2019 10:30
> > To: linux-...@linux.intel.com; coreboot
> > Subject: [linux-mei] intelmetool crashed mei_me driver
> >
> > Hi,
>
crash log was attached!
--
GNU powered it...
GPL protect it...
God blessing it...
regards
Shawn
Jan 22 16:18:34 hardenedlinux-test kernel: [ 121.932672] mei_me :00:16.0: FW not ready: resetting.
Jan 22 16:18:34 hardenedlinux-test kernel: [ 121.932695] mei_me :00:16.0: unexpected
VERSION message failed
host.buffer_depth and host.buffer_write_ptr having the same values(
0xff) caused it into dark. Seems SPS and ME has some differences here.
Any idea how to fix it?
--
GNU powered it...
GPL protect it...
God blessing it...
regar
ssing it...
regards
Shawn
--
coreboot mailing list: coreboot@coreboot.org
https://mail.coreboot.org/mailman/listinfo/coreboot
On Mon, Jun 25, 2018 at 11:39 PM, ron minnich wrote:
>
>
> On Mon, Jun 25, 2018 at 12:55 AM Shawn wrote:
>>
>> Hi Ron,
>>
>>
>> IIRC, Machine mode in RISC-V is just looking similar to SMM in x86.
>> But it can do more than what SMM does.
>
>
&
On Tue, Jun 26, 2018 at 12:01 AM, Nico Huber wrote:
> On 25.06.2018 09:55, Shawn wrote:> Hi Ron,
>> On Sun, Jun 24, 2018 at 12:55 AM, ron minnich wrote:
>>> On Wed, Jun 20, 2018 at 11:03 PM taii...@gmx.com wrote:
>>>> Whats the deal with SMM? What a shame they
3] Keystone: https://keystone-enclave.org/
--
GNU powered it...
GPL protect it...
God blessing it...
regards
Shawn
--
coreboot mailing list: coreboot@coreboot.org
https://mail.coreboot.org/mailman/listinfo/coreboot
unleashed/1334/3)
>
Thanks, seems our only option is to reversing.
--
GNU powered it...
GPL protect it...
God blessing it...
regards
Shawn
--
coreboot mailing list: coreboot@coreboot.org
https://mail.coreboot.org/mailman/listinfo/coreboot
On Fri, Jun 22, 2018 at 7:01 PM, Jonathan Neuschäfer
wrote:
> On Fri, Jun 22, 2018 at 03:04:06PM +0800, Shawn wrote:
>> Hi Jonathan,
>>
>> On Thu, Jun 21, 2018 at 7:48 PM, Jonathan Neuschäfer
> [...]
>> > With the unfinished coreboot port, I want it to look li
not
> actively working on that, for a few months):
>
> MSEL (ROM0) -> ZSBL (ROM1) -> coreboot (+bbl?) -> Linux, or
> MSEL (ROM0) -> coreboot (+bbl?) -> Linux
>
> ZSBL can be skipped, so you don't need to run closed source ROM code, at
> least as far as the h
https://github.com/ptresearch/IntelME-Crypto/blob/master/Intel%20ME%20Security%20keys%20Genealogy%2C%20Obfuscation%20and%20other%20Magic.pdf
--
coreboot mailing list: coreboot@coreboot.org
https://mail.coreboot.org/mailman/listinfo/coreboot
t;
>> From: rspang...@google.com [mailto:rspang...@google.com] On Behalf Of
>> Randall Spangler
>> Sent: Friday, December 01, 2017 7:02 PM
>> To: Vadim Bendebury
>> Cc: Аладышев Константин; Coreboot; Shawn N
>> Subject: Re: [coreboot] Embedded Controller (EC)
>
Hi Ron,
On Thu, Sep 7, 2017 at 12:30 PM, ron minnich wrote:
>
>
> On Wed, Sep 6, 2017 at 8:07 PM Shawn wrote:
>>
>>
>> IMOHO, RISC-V will be the long-term solution in the future;-)
>>
>
> people need to stop saying that. It's not that simple. And,
l-hardening( I could be
wrong if it weren't). Or feel free to ask question on coreboot's
mailinglist: coreboot@coreboot.org
--
GNU powered it...
GPL protect it...
God blessing it...
regards
Shawn
--
coreboot mailing list: coreboot@coreboot.org
https://mail.coreboot.org/mailman/listinfo/coreboot
files/blob/master/scripts/harbian_fw/fw_hardening_runtime.py
--
GNU powered it...
GPL protect it...
God blessing it...
regards
Shawn
--
coreboot mailing list: coreboot@coreboot.org
https://mail.coreboot.org/mailman/listinfo/coreboot
https://github.com/hardenedlinux/Debian-GNU-Linux-Profiles/blob/master/docs/harbian_fw/harbian_chipsec.md#hardening-the-coreboot
Have fun!
--
GNU powered it...
GPL protect it...
God blessing it...
regards
Shawn
--
coreboot mailing list: coreboot@coreboot.org
https://mail.coreboot.org/mailman
unME11 is released by the speaker:
https://github.com/ptresearch/unME11
On Tue, Apr 25, 2017 at 10:38 PM, Shawn wrote:
> slide:
> https://www.troopers.de/downloads/troopers17/TR17_ME11_Static.pdf
>
> video:
> https://www.youtube.com/watch?v=2_aokrfcoUk
--
GNU powered it...
file:
https://github.com/hardenedlinux/firmware-anatomy/blob/master/hack_ME/me_info.md
--
GNU powered it...
GPL protect it...
God blessing it...
regards
Shawn
--
coreboot mailing list: coreboot@coreboot.org
https://mail.coreboot.org/mailman/listinfo/coreboot
https://semiaccurate.com/2017/05/01/remote-security-exploit-2008-intel-platforms/
--
coreboot mailing list: coreboot@coreboot.org
https://mail.coreboot.org/mailman/listinfo/coreboot
slide:
https://www.troopers.de/downloads/troopers17/TR17_ME11_Static.pdf
video:
https://www.youtube.com/watch?v=2_aokrfcoUk
--
coreboot mailing list: coreboot@coreboot.org
https://mail.coreboot.org/mailman/listinfo/coreboot
Sunrise Point-H & Sunrise Point-LP can be supported by intelmetool:
https://github.com/zamaudio/intelmetool
Tested it on Alienware 13R2 & P10S-M WS and it's working perfectly.
On Thu, Jan 5, 2017 at 3:20 PM, Zoran Stojsavljevic
wrote:
> Hello Shawn,
>
> Happy New Year
semble the
> laptop without being noticed.
> [2] The laptop could be on, off, or in suspend-to-ram.
> If the laptop is on or suspended, the attacker might have better
> chances trying to bypass the screensaver for instance.
>
> Denis.
>
> --
> coreboot mailing list: coreboot@coreboot.org
> https://www.coreboot.org/mailman/listinfo/coreboot
--
GNU powered it...
GPL protect it...
God blessing it...
regards
Shawn
--
coreboot mailing list: coreboot@coreboot.org
https://www.coreboot.org/mailman/listinfo/coreboot
coreboot supported mainboards on neutralizing
ME( I'm afarid your hardware isn't on the list-_-):
https://github.com/hardenedlinux/hardenedlinux_profiles/tree/master/coreboot
On Wed, Jan 4, 2017 at 8:28 PM, Zoran Stojsavljevic
wrote:
> Hello Shawn,
>
> I am late, I apologize... Ne
LAN (VLAN) : ON
ME Capability: TLS: OFF
ME Capability: Wireless LAN (WLAN): OFF
exiting
On Fri, Dec 30, 2016 at 11:04 AM, Shawn wrote:
> Hi Zoran,
>
> Thanks for the info. I added my Device ID into the i
t is NOT supported (look into latest coreboot's
> coreboot/util/intelmetool/intelmetool.h). You can try to add it (as Device
> ID), manually, peek around the C code, and see if this can help you.
>
> Zoran
>
> On Wed, Dec 28, 2016 at 5:26 PM, Zoran Stojsavljevic
>
g this file, but you can check your Linux distro
> / tree with the following paths to find hwdb.bin:
>
> /etc/systemd/hwdb/hwdb.bin
> /etc/udev/hwdb.bin<<=== In my Fedora rawhide VM
> (future Fedora 26) I have here hwdb.bin ===
> /usr/lib/systemd/hwdb/
ersary re-flash the SPI ROM once they get the root priv. It
does affect flashrom but intelmetool. I also ran intelmetool on the
distro( Mint 18) kernel and got the same result.
--
GNU powered it...
GPL protect it...
God blessing it...
regards
Shawn
execve("./intelmetool", ["./in
haps one of you kind souls could
pick the essential parts for me on that site, with me adding some
specs and guidelines, and I'd compensate for your time. I've checked
around many places to see if a tech could build something for me and
mostly I am met with silence, no one seems to know what
Just curious if anybody could put me in touch with someone in the USA
who would be willing to build me a desktop pc with coreboot, upon
which I could install my own Linux OS?
Thanks,
Sean
--
coreboot mailing list: coreboot@coreboot.org
http://www.coreboot.org/mailman/listinfo/coreboot
http://homeschoolwedo.com/wp-admin/css/xkijzcks.php
--
coreboot mailing list: coreboot@coreboot.org
http://www.coreboot.org/mailman/listinfo/coreboot
Hi,folks,
I searched for 'acpi_tables.c' in directory 'mainboard', and 49 entries
come.They are as follows, but not all listed here,just for your reference.
coreboot\src\mainboard\advansus\a785e-i\acpi_tables.ccoreboot\src\mainboard\amd\bimini_fam10\acpi_tables.ccoreboot\src\mainboard\amd\dbm69
: <1305787073.4377.7.camel@mattotaupa>
> Content-Type: text/plain; charset="utf-8"
>
> Dear Shawn,
>
>
> Am Donnerstag, den 19.05.2011, 03:45 + schrieb shawn Bai:
> > Hello, guys,
>
> ? and girls.
>
> > I am very pleased to have the ch
Hello, guys,
I am very pleased to have the chance to talk with you.
I hope I do not bother you.
My name is Shawn Bai, and you can call me Shawn, it's OK.
I am very interested both in the low-level in embedded system, and in
BIOS level in desktop computer or server.
43 matches
Mail list logo