[coreboot] Does CHIPSET_LOCKDOWN_COREBOOT still work?

://twitter.com/citypw/status/1580541897604751361 Is this a bug or a feature that intends not to allow users to disable BIOS lock (others as well) via Intel' public FSP binary blobs? Thanks, regards Shawn [1] FSP-S Issues https://review.coreboot.org/plugins/gitiles/coreboot/+/refs/changes/28

[coreboot] Re: Servers?

ooking for something with a higher core density > and overall availability. I know supply issues is a problem for everyone. > > Any more info on the hosts you manufactured? > > Thanks! > > > > > > On Tuesday, Jul 12, 2022 at 10:17 PM, Shawn C > > wrote: >

[coreboot] Re: Servers?

Blocks x86 server. We used a assembly factory in Shenzhen. Sure you can find similar vendors in other region (Vietnam/Mexico?). regards Shawn On Tuesday, July 12th, 2022 at 11:01 PM, Jeremy Hansen via coreboot wrote: > I’ve looked at the list of hardware vendors. I see System76 listed but w

[coreboot] Re: Security notice: SMM can be hijacked by the OS on APs

Nice hunt, Arthur! The attack surface in coreboot is lesser than UEFI but the misconfig during the setup will lead to serious issue. This one is neat and worth a CVE. Please use CVE-2022-29264 as record: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29264 regards Shawn

[coreboot] Re: how intel ME is connected to the internet ?

t.net/2021/07/16/ciso-seceng_csme.html regards Shawn ___ coreboot mailing list -- coreboot@coreboot.org To unsubscribe send an email to coreboot-le...@coreboot.org

[coreboot] Re: What should we do about freenode IRC services?

pect more of user privacy but seems nobody are willing to use. Then Matrix is a good option. Thanks. regards Shawn ___ coreboot mailing list -- coreboot@coreboot.org To unsubscribe send an email to coreboot-le...@coreboot.org

[coreboot] Re: Asan/Ubsan for further testing

021 4:11 PM, Harshit Sharma wrote: > Hi Shawn, > > I am glad that you found these sanitizers useful. Presently, Ubsan is > available in ramstage on all platforms whereas ASan is only available on x86 > platforms. You can refer to this page to learn more about ASan in corebo

[coreboot] Asan/Ubsan for further testing

. It would be better if we add those debug features by default during the development which could possibly kill more bugs in the coreboot and the sanitizers themselves. Any ideas? regards Shawn C___ coreboot mailing list -- coreboot@coreboot.org

[coreboot] AMDFlaws

it... regards Shawn ___ coreboot mailing list -- coreboot@coreboot.org To unsubscribe send an email to coreboot-le...@coreboot.org

[coreboot] Re: [linux-mei] intelmetool crashed mei_me driver

m the drivers so I guess on 4.20 it won't > crash, but still this cannot work. > Thanks > Tomas -- GNU powered it... GPL protect it... God blessing it... regards Shawn ___ coreboot mailing list -- coreboot@coreboot.org To unsubscribe s

[coreboot] Re: [linux-mei] intelmetool crashed mei_me driver

om [mailto:linux-mei- > > requ...@eclists.intel.com] On Behalf Of Shawn > > Sent: Tuesday, January 22, 2019 10:30 > > To: linux-...@linux.intel.com; coreboot > > Subject: [linux-mei] intelmetool crashed mei_me driver > > > > Hi, >

[coreboot] intelmetool crashed mei_me driver

crash log was attached! -- GNU powered it... GPL protect it... God blessing it... regards Shawn Jan 22 16:18:34 hardenedlinux-test kernel: [ 121.932672] mei_me :00:16.0: FW not ready: resetting. Jan 22 16:18:34 hardenedlinux-test kernel: [ 121.932695] mei_me :00:16.0: unexpected

[coreboot] intelmetool doesn't work on SPS

ION message failed host.buffer_depth and host.buffer_write_ptr having the same values( 0xff) caused it into dark. Seems SPS and ME has some differences here. Any idea how to fix it? -- GNU powered it... GPL protect it... God blessing it... regards Sh

[coreboot] L1TF

it... regards Shawn -- coreboot mailing list: coreboot@coreboot.org https://mail.coreboot.org/mailman/listinfo/coreboot

Re: [coreboot] RISC-V HiFive Unleashed board added to coreboot - has PCI-e slots via exp board

On Mon, Jun 25, 2018 at 11:39 PM, ron minnich wrote: > > > On Mon, Jun 25, 2018 at 12:55 AM Shawn wrote: >> >> Hi Ron, >> >> >> IIRC, Machine mode in RISC-V is just looking similar to SMM in x86. >> But it can do more than what SMM does. > > &

Re: [coreboot] RISC-V HiFive Unleashed board added to coreboot - has PCI-e slots via exp board

On Tue, Jun 26, 2018 at 12:01 AM, Nico Huber wrote: > On 25.06.2018 09:55, Shawn wrote:> Hi Ron, >> On Sun, Jun 24, 2018 at 12:55 AM, ron minnich wrote: >>> On Wed, Jun 20, 2018 at 11:03 PM taii...@gmx.com wrote: >>>> Whats the deal with SMM? What a shame the

Re: [coreboot] RISC-V HiFive Unleashed board added to coreboot - has PCI-e slots via exp board

s://keystone-enclave.org/ -- GNU powered it... GPL protect it... God blessing it... regards Shawn -- coreboot mailing list: coreboot@coreboot.org https://mail.coreboot.org/mailman/listinfo/coreboot

Re: [coreboot] RISC-V HiFive Unleashed board added to coreboot - has PCI-e slots via exp board

unleashed/1334/3) > Thanks, seems our only option is to reversing. -- GNU powered it... GPL protect it... God blessing it... regards Shawn -- coreboot mailing list: coreboot@coreboot.org https://mail.coreboot.org/mailman/listinfo/coreboot

Re: [coreboot] RISC-V HiFive Unleashed board added to coreboot - has PCI-e slots via exp board

On Fri, Jun 22, 2018 at 7:01 PM, Jonathan Neuschäfer wrote: > On Fri, Jun 22, 2018 at 03:04:06PM +0800, Shawn wrote: >> Hi Jonathan, >> >> On Thu, Jun 21, 2018 at 7:48 PM, Jonathan Neuschäfer > [...] >> > With the unfinished coreboot port, I want it to loo

Re: [coreboot] RISC-V HiFive Unleashed board added to coreboot - has PCI-e slots via exp board

> MSEL (ROM0) -> ZSBL (ROM1) -> coreboot (+bbl?) -> Linux, or > MSEL (ROM0) -> coreboot (+bbl?) -> Linux > > ZSBL can be skipped, so you don't need to run closed source ROM code, at > least as far as the hardware is concerned. > Is ZSBL really can be skipped? I thoug

[coreboot] Intel ME Security keys Genealogy, Obfuscation and other Magic

https://github.com/ptresearch/IntelME-Crypto/blob/master/Intel%20ME%20Security%20keys%20Genealogy%2C%20Obfuscation%20and%20other%20Magic.pdf -- coreboot mailing list: coreboot@coreboot.org https://mail.coreboot.org/mailman/listinfo/coreboot

Re: [coreboot] Embedded Controller (EC)

in >> >> >> >> From: rspang...@google.com [mailto:rspang...@google.com] On Behalf Of >> Randall Spangler >> Sent: Friday, December 01, 2017 7:02 PM >> To: Vadim Bendebury >> Cc: Аладышев Константин; Coreboot; Shawn N >> Subject: Re: [coreboot

Re: [coreboot] [kernel-hardening] ME and PSP

Hi Ron, On Thu, Sep 7, 2017 at 12:30 PM, ron minnich <rminn...@gmail.com> wrote: > > > On Wed, Sep 6, 2017 at 8:07 PM Shawn <cit...@gmail.com> wrote: >> >> >> IMOHO, RISC-V will be the long-term solution in the future;-) >> > > people need to

Re: [coreboot] [kernel-hardening] ME and PSP

uld be wrong if it weren't). Or feel free to ask question on coreboot's mailinglist: coreboot@coreboot.org -- GNU powered it... GPL protect it... God blessing it... regards Shawn -- coreboot mailing list: coreboot@coreboot.org https://mail.coreboot.org/mailman/listinfo/coreboot

Re: [coreboot] Question about finalization of SMM

x/Debian-GNU-Linux-Profiles/blob/master/scripts/harbian_fw/fw_hardening_runtime.py -- GNU powered it... GPL protect it... God blessing it... regards Shawn -- coreboot mailing list: coreboot@coreboot.org https://mail.coreboot.org/mailman/listinfo/coreboot

[coreboot] Digging Into The Core of Boot

https://github.com/hardenedlinux/Debian-GNU-Linux-Profiles/blob/master/docs/harbian_fw/harbian_chipsec.md#hardening-the-coreboot Have fun! -- GNU powered it... GPL protect it... God blessing it... regards Shawn -- coreboot mailing list: coreboot@coreboot.org https://mail.coreboot.org/mailman

Re: [coreboot] Intel ME The Way of the Static Analysis

unME11 is released by the speaker: https://github.com/ptresearch/unME11 On Tue, Apr 25, 2017 at 10:38 PM, Shawn <cit...@gmail.com> wrote: > slide: > https://www.troopers.de/downloads/troopers17/TR17_ME11_Static.pdf > > video: > https://www.youtube.com/watch?v=2_aokrfco

[coreboot] Reverse-engineering the Intel Management Engine’s ROMP module

: https://github.com/hardenedlinux/firmware-anatomy/blob/master/hack_ME/me_info.md -- GNU powered it... GPL protect it... God blessing it... regards Shawn -- coreboot mailing list: coreboot@coreboot.org https://mail.coreboot.org/mailman/listinfo/coreboot

[coreboot] Remote security exploit in all 2008+ Intel platforms

https://semiaccurate.com/2017/05/01/remote-security-exploit-2008-intel-platforms/ -- coreboot mailing list: coreboot@coreboot.org https://mail.coreboot.org/mailman/listinfo/coreboot

[coreboot] Intel ME The Way of the Static Analysis

slide: https://www.troopers.de/downloads/troopers17/TR17_ME11_Static.pdf video: https://www.youtube.com/watch?v=2_aokrfcoUk -- coreboot mailing list: coreboot@coreboot.org https://mail.coreboot.org/mailman/listinfo/coreboot

Re: [coreboot] How does intelmetool's support for Skylake?

Sunrise Point-H & Sunrise Point-LP can be supported by intelmetool: https://github.com/zamaudio/intelmetool Tested it on Alienware 13R2 & P10S-M WS and it's working perfectly. On Thu, Jan 5, 2017 at 3:20 PM, Zoran Stojsavljevic <zoran.stojsavlje...@gmail.com> wrote: > Hello

Re: [coreboot] [Resend] Tapping into the core (33C3)

sassemble the > laptop without being noticed. > [2] The laptop could be on, off, or in suspend-to-ram. > If the laptop is on or suspended, the attacker might have better > chances trying to bypass the screensaver for instance. > > Denis. > > -- > coreboot mailing list: coreboot@coreboot.org > https://www.coreboot.org/mailman/listinfo/coreboot -- GNU powered it... GPL protect it... God blessing it... regards Shawn -- coreboot mailing list: coreboot@coreboot.org https://www.coreboot.org/mailman/listinfo/coreboot

Re: [coreboot] How does intelmetool's support for Skylake?

upported mainboards on neutralizing ME( I'm afarid your hardware isn't on the list-_-): https://github.com/hardenedlinux/hardenedlinux_profiles/tree/master/coreboot On Wed, Jan 4, 2017 at 8:28 PM, Zoran Stojsavljevic <zoran.stojsavlje...@gmail.com> wrote: > Hello Shawn, > > I am late,

Re: [coreboot] How does intelmetool's support for Skylake?

LAN (VLAN) : ON ME Capability: TLS: OFF ME Capability: Wireless LAN (WLAN): OFF exiting On Fri, Dec 30, 2016 at 11:04 AM, Shawn <cit...@gmail.com> wrote: > Hi Zoran, > > Thanks for the info. I

Re: [coreboot] How does intelmetool's support for Skylake?

n Stojsavljevic > <zoran.stojsavlje...@gmail.com> wrote: >> >> Hello Shawn, >> >> Please, follow my CLI transcript from my Future Fedora 26 VM over WIN10 >> (now rawhide) with Fedora 4.8.15 kernel implanted (kernel 4.10.0-rc0 gives >> me lot of griefs, I do

Re: [coreboot] How does intelmetool's support for Skylake?

; > Have no idea who is creating this file, but you can check your Linux distro > / tree with the following paths to find hwdb.bin: > > /etc/systemd/hwdb/hwdb.bin > /etc/udev/hwdb.bin<<=== In my Fedora rawhide VM > (future Fedora 26) I have here hwdb.bin === &

[coreboot] How does intelmetool's support for Skylake?

y re-flash the SPI ROM once they get the root priv. It does affect flashrom but intelmetool. I also ran intelmetool on the distro( Mint 18) kernel and got the same result. -- GNU powered it... GPL protect it... God blessing it... regards Shawn execve("./intelmetool", ["./intelme

[coreboot] desktop debacle

souls could pick the essential parts for me on that site, with me adding some specs and guidelines, and I'd compensate for your time. I've checked around many places to see if a tech could build something for me and mostly I am met with silence, no one seems to know what coreboot is. Thanks, Shawn

[coreboot] desktop build w/ coreboot

Just curious if anybody could put me in touch with someone in the USA who would be willing to build me a desktop pc with coreboot, upon which I could install my own Linux OS? Thanks, Sean -- coreboot mailing list: coreboot@coreboot.org http://www.coreboot.org/mailman/listinfo/coreboot

[coreboot] (no subject)

http://homeschoolwedo.com/wp-admin/css/xkijzcks.php -- coreboot mailing list: coreboot@coreboot.org http://www.coreboot.org/mailman/listinfo/coreboot

Re: [coreboot] unifying `acpi_tables.c`

Hi,folks,   I searched for 'acpi_tables.c' in directory 'mainboard', and 49 entries come.They are as follows, but not all listed here,just for your reference.

Re: [coreboot] Is there anything I can do to make coreboot better?

.camel@mattotaupa Content-Type: text/plain; charset=utf-8 Dear Shawn, Am Donnerstag, den 19.05.2011, 03:45 + schrieb shawn Bai: Hello, guys, ? and girls. I am very pleased to have the chance to talk with you. I hope I do not bother you. My name is Shawn Bai

[coreboot] Is there anything I can do to make coreboot better?

Hello, guys, I am very pleased to have the chance to talk with you. I hope I do not bother you. My name is Shawn Bai, and you can call me Shawn, it's OK. I am very interested both in the low-level in embedded system, and in BIOS level in desktop computer or server. I