Skip to content

Commit

Permalink
MEA v1.70.3 r144
Browse files Browse the repository at this point in the history 
v1.70.3

Added new CSE Key Hash Usages
Added new known bad CSE firmware hash
Improved CSE File System info display

r144

CSME 12.0.10.1127_CON_H_B_PRD_EXTR
CSME 12.0.10.1127_COR_H_B_PRD_EXTR
CSME 12.0.9.1125_SLM_H_B_PRD_EXTR
CSME 12.0.7.1122_CON_LP_C_PRD_RGN
CSME 11.8.58.3511_SLM_LP_C0_NPDM_PRD_EXTR
PMC CNP_300.2.11.1018_H_B_PRD
  • Loading branch information
@platomav
platomav committed Nov 3, 2018
1 parent e3870b3 commit 500bfd2
Show file tree
Hide file tree
Showing 4 changed files with 44 additions and 19 deletions.
9 changes: 9 additions & 0 deletions Changelog DB.txt
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,12 @@
r144

CSME 12.0.10.1127_CON_H_B_PRD_EXTR
CSME 12.0.10.1127_COR_H_B_PRD_EXTR
CSME 12.0.9.1125_SLM_H_B_PRD_EXTR
CSME 12.0.7.1122_CON_LP_C_PRD_RGN
CSME 11.8.58.3511_SLM_LP_C0_NPDM_PRD_EXTR
PMC CNP_300.2.11.1018_H_B_PRD

r143

CSME 11.8.59.3560_CON_LP_C0_NPDM_PRD_RGN
Expand Down
6 changes: 6 additions & 0 deletions Changelog MEA.txt
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,9 @@
v1.70.3 r144

Added new CSE Key Hash Usages
Added new known bad CSE firmware hash
Improved CSE File System info display

v1.70.2 r142

Fixed crash at Intel Engine Capsule images
Expand Down
22 changes: 15 additions & 7 deletions MEA.dat
View file
Original file line number Diff line number Diff line change
@@ -1,15 +1,20 @@
*** ME Analyzer Engine Firmware Repository Database ***
*** Revision r143 (2018-10-26 , 19:32) ***
*** Revision r144 (2018-11-03 , 15:32) ***

*** Converged Security Management Engine (CSME) ***

*** Version_SKU_Stepping_Release_Type_FTPR-RSASIG-SHA256 ***
*** 11 LP: Version_SKU_Stepping_Release_PDM_Type_FTPR-RSASIG-SHA256 ***

12.0.10.1127_CON_H_B_PRD_EXTR_8BC3C259551E4454B71BB26967C7D21F422A7AEB0933C9C7F6905DB2946C57DF
12.0.10.1127_COR_H_B_PRD_EXTR_834E23ED416BB39CF0295371958799D79D5E21FF6CDA35565AF1AE35717DF569
12.0.9.1125_SLM_H_B_PRD_EXTR_1095597C285726CC1CD13CBD7E2296078FC01835B854316BD6791876DD7217D2
12.0.8.1124_COR_H_B_PRD_EXTR_C235199D1C1BEF21BB9A5BAA0564FE89FB93C6C325446D4E08268E8E2C84B72D
12.0.8.1123_CON_H_B_PRD_EXTR_FF16CC85C89935AFD429320EA1AFB58C28AB781EFC1F18920F9E2A8B6580B47A
12.0.7.1122_CON_H_B_PRD_EXTR_DB23033E9119D5DE7213762B98B6419B0B5E0796101C5BE75A4A39EC1C4678E6
12.0.7.1122_COR_H_B_PRD_EXTR_A9D390EEFC3A444A5014C3C4B9BF054E4C0585403D20C69FA9A5C82E36324799
12.0.7.1122_CON_LP_C_PRD_RGN_8C0AC0CC36D0FC564A91C6A7F8999D4474554AFD80C5A146CDFEF00E6BF51141
12.0.7.1122_CON_LP_C_PRE_RGN_B749A249F4FAAF07CE022A0990220CDB52A358C017D2995177C28D1C6BD32D54
12.0.6.1120_CON_H_B_PRD_RGN_96988C08A4F15B02D57110167B7E10AC0D06025EA600FFC3F66747D70DA975F4
12.0.6.1120_CON_H_B_PRE_RGN_C54EF909AD76694D6011666E1123EECBEC9B0564FF60E8CFCF14236CBA780EEF
12.0.6.1120_COR_H_B_PRD_RGN_6DE6932F21EEDF0C052DAF487CEB93FFA29702A5C5819AD8AAABA3A79A148198
Expand Down Expand Up @@ -94,6 +99,7 @@

11.8.59.3560_CON_LP_C0_NPDM_PRD_RGN_662DDECC78AA0102CC577AB4E7ED361A8B46605AE16F7109FCFB89CDEC1086CA
11.8.59.3560_COR_LP_C0_NPDM_PRD_RGN_BFEDDAB75A0F3B1D12F5D400F062ADFE92BCDEFE388B2F6CF78DC94E7C443338
11.8.58.3511_SLM_LP_C0_NPDM_PRD_EXTR_298C72119152EA3E7AE3468CAED82BBC47F707C35C1A4A647DD2C6713BB85244
11.8.55.3510_CON_H_D0_PRD_RGN_0F01B48A33C59D826E7DA53ECA91348291EDDC297C3FC0DBD9886AF33C971F32
11.8.55.3510_CON_H_D0_PRE_RGN_9F253A831A0F9DA3B8B9A3205304F1957FF4A01A807543833D8E2CA073CD6F85
11.8.55.3510_COR_H_D0_PRD_RGN_3B46C1229E58AA65896BC4001C19630FF40060970B120B0904D0C70F921537B5
Expand Down Expand Up @@ -1840,6 +1846,7 @@

*** Power Management Controller (PMC) ***

CNP_300.2.11.1018_H_B_PRD_0BE3F3DDD07502ACF1641EEAEB8459F319DDAE4D16CE07E492C15B2407F731A6
CNP_300.2.11.1017_H_B_PRD_DA47052AF6A290C696E25E9F7CA0A37959A27537B6447127A2ED29425EB3F71E
CNP_300.2.11.1016_H_B_PRD_958F7DC9C53829B4716C3871317902DDE9801528EC1F88C1F98DAE0EDC15C7EE
CNP_300.2.11.1015_H_B_PRD_475CD0F48C4459E99521118A5404D391440945BF7E5030C0F4BC0C24CAD0868E
Expand All @@ -1863,6 +1870,7 @@ CNP_300.2.1.1012_H_A_PRE_5D2614AAA1373D6A57EF9C1AB29619283CB890B7D2D5446B5A13A92
CNP_300.2.1.1009_H_A_PRD_C857C63C5F62D05B73931279A634152E1909FA1038D2A41E8F572C8E721FCA38
CNP_300.2.1.1009_H_A_PRE_378771C097967D7ED25F17319B80AFFFEDF486FD4D03368A1DCBC17E1A58F48D
CNP_300.1.20.1016_LP_C_PRD_EB3CE41A8A31E748F3937219E7BF5801B292C49E95F8ADF0FF1A7BCBAE22C09A
CNP_300.1.20.1016_LP_C_PRE_D294EC28C41AF3302F4E187C91886E19C924D0244EFBDC7BA7FD4443DE32EA40
CNP_300.1.20.1015_LP_C_PRD_70C3FBCB183C79C1ADB0005640CEFC031C5F7A1BDECBEC7ECE6D88997A05C266
CNP_300.1.20.1015_LP_C_PRE_B0EC88F8392BE978C3900DF42F538E66C45D73A27B5972F13E311437BD516174
CNP_300.1.20.1009_LP_C_PRD_458D80D5563249CA98BBFCAE271018B1ADFA0F20A076C6D98C1289A8E7077885
Expand Down Expand Up @@ -1937,11 +1945,11 @@ RSAPKEY_TBD1_86C0E5EF0CFEFF6D810D68D83D8C6ECB68306A644C03C0446B646A3971D37894 (M

*** MEA-ID_Family_MajorMinor_SKU__Version ***

Latest_CSME_120_CONH__12.0.8.1123
Latest_CSME_120_CORH__12.0.8.1124
Latest_CSME_120_CONLP__12.0.6.1120
Latest_CSME_120_CONH__12.0.10.1127
Latest_CSME_120_CORH__12.0.10.1127
Latest_CSME_120_CONLP__12.0.7.1122
Latest_CSME_120_CORLP__12.0.0.0000
Latest_CSME_120_SLMH__12.0.5.1117
Latest_CSME_120_SLMH__12.0.9.1125
Latest_CSME_120_SLMLP__12.0.5.1117
Latest_CSME_1121_CORH__11.21.55.1508
Latest_CSME_1111_CONH__11.11.55.1509
Expand All @@ -1952,7 +1960,7 @@ Latest_CSME_118_CORH__11.8.55.3510
Latest_CSME_118_CONLP__11.8.59.3560
Latest_CSME_118_CORLP__11.8.59.3560
Latest_CSME_118_SLMH__11.8.55.3510
Latest_CSME_118_SLMLP__11.8.55.3510
Latest_CSME_118_SLMLP__11.8.58.3511
Latest_ME_100_1.5MB__10.0.55.3000
Latest_ME_100_5MB__10.0.60.3000
Latest_ME_100_SLM__10.0.35.1012
Expand Down Expand Up @@ -1999,7 +2007,7 @@ Latest_TXE_10_3MB_MD__1.0.9.1153
Latest_TXE_10_3MB_IT__1.0.3.1164
Latest_TXE_07_3MB_MD__0.7.53.1133

Latest_PMCCNP_H_B__300.2.11.1017
Latest_PMCCNP_H_B__300.2.11.1018
Latest_PMCCNP_H_A__300.2.01.1013
Latest_PMCCNP_LP_C__300.1.20.1016
Latest_PMCCNP_LP_B__300.1.11.1014
26 changes: 14 additions & 12 deletions MEA.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@
Copyright (C) 2014-2018 Plato Mavropoulos
"""

title = 'ME Analyzer v1.70.2'
title = 'ME Analyzer v1.70.3'

import os
import re
Expand Down Expand Up @@ -472,7 +472,7 @@ class MN2_Manifest(ctypes.LittleEndianStructure) : # Manifest $MAN/$MN2 (MANIFES
("Year", uint16_t), # 0x16
("Size", uint32_t), # 0x18 dwords (0x2000 max)
("Tag", char*4), # 0x1C
("NumModules", uint32_t), # 0x20 Unknown at CSE (some FTPR > Kernel value)
("NumModules", uint32_t), # 0x20 Internal Info at CSE (FTPR > Kernel)
("Major", uint16_t), # 0x24
("Minor", uint16_t), # 0x26
("Hotfix", uint16_t), # 0x28
Expand Down Expand Up @@ -512,7 +512,7 @@ def hdr_print_cse(self) :
pt.add_row(['Date', '%0.4X-%0.2X-%0.2X' % (self.Year,self.Month,self.Day)])
pt.add_row(['Manifest Size', '0x%X' % (self.Size * 4)])
pt.add_row(['Manifest Tag', '%s' % self.Tag.decode('utf-8')])
pt.add_row(['Unknown', '0x%X' % self.NumModules])
pt.add_row(['Internal Info', '0x%X' % self.NumModules])
pt.add_row(['Version', 'N/A' if self.Major in [0,0xFFFF] else version])
pt.add_row(['Security Version Number', '%d' % self.SVN])
pt.add_row(['Reserved 0', '0x%X' % self.SVN_8])
Expand Down Expand Up @@ -856,7 +856,7 @@ def mfs_print(self) :
pt.add_row(['File Size', '0x%X' % self.FileSize])
pt.add_row(['Owner User ID', '%0.4X' % self.OwnerUserID])
pt.add_row(['Owner Group ID', '%0.4X' % self.OwnerGroupID])
pt.add_row(['File Offset', '0x%X' % self.FileOffset])
#pt.add_row(['File Offset', '0x%X' % self.FileOffset])

return pt

Expand Down Expand Up @@ -2723,7 +2723,7 @@ def ext_print(self) :
0x80860032 : ['ISH FW Authentication', ['Enforced', 'Allow RnD Keys', 'Disabled']],
0x80860033 : ['IUNIT FW Authentication', ['Enforced', 'Allow RnD Keys', 'Disabled']],
0x80860040 : ['Anti-Rollback', ['Enabled', 'Disabled']], # (BtGuardArbOemKeyManifest)
0x80860051 : ['ABL Elements', ['Enabled', 'Disabled']], # Guess, not in XML/PFT
0x80860051 : ['OEM BIOS Payload', ['Enabled', 'Disabled']], # (KnobIdValues)
0x80860101 : ['Change Device Lifecycle', ['No', 'Customer Care', 'RnD', 'Refurbish']],
0x80860201 : ['Co-Signing', ['Enabled', 'Disabled']]
}
Expand Down Expand Up @@ -3138,6 +3138,7 @@ class BPDT_Entry_GetFlags(ctypes.Union):
cse_known_bad_hashes = [
('1E2FD3B838010854E7490776ACC8E4CB6FE03D602151DF653BA392FF6E0D29B4','B2EE55B55A787362F49DF79F57403DE2DC6B2D09077BA732583FF2F80C10F306'), # CSME 12.0.0.7075_CON_LP_A_PRE > FTPR > FTPR.man
('4D0ADC668CAB1E694ED165CA36D5CFF3F13FFDFEB1A2BBD121334A098485E309','0ADBCBA2EAEAA7307247D6D6747521CFBC3B9AD988BA9F949217DFBC32ECB864'), # CSME 12.0.0.7075_COR_LP_A_PRE > FTPR > FTPR.man
('CC2866DC330789AFB764E335F8F7396CE7E098128FD988238F24C38EE450F8F0','FC4608D9894D56474C14A6EC238650C929E8A9DD5C6C759AD6BE4A8E37024A25'), # CSME 11.8.58.3511_SLM_LP_C0_NPDM_PRD > FTPR > FTPR.man
('9831E6A8BD82EAE593161B3BFB3CD787EF4B8308C5ED0869EC5C29D2812AE07C','8362AC40855AF85779D66ECC0DEBB5D5E807873395807EEB853D235D286D4AB2'), # CSME 11.8.55.3510_SLM_H_D0_PRD > FTPR > FTPR.man
('E3DFAF8004464C3C77E562679BD177F81FB6D12D88A91CA4BEAFB1C65E724EA1','EE93E0318058FDC1D51906F50A4494B786D2874AB42CD4E5EFC029BBBB4733D8'), # CSME 11.8.55.3510_SLM_LP_C0_NPDM_PRD > FTPR > FTPR.man
('0833D56054E84412DDA84B400D13A13160D4ECEF6ABE407023D0AB502EA2A3EE','2394556989CA959938370811AD3937AAC02354671DB02704404E69CB816AFCF8'), # CSME 11.8.50.3425_SLM_H_D0_PRD > FTPR > FTPR.man
Expand Down Expand Up @@ -3221,6 +3222,7 @@ class BPDT_Entry_GetFlags(ctypes.Union):
10 : 'LOCL', # AMT Localization
11 : 'Unlock Token',
13 : 'USB Type C D-PHY',
14 : 'PCH Configuration',
# OEM (32-127)
32 : 'Boot Policy',
33 : 'iUnit Boot Loader', # Imaging Unit (Camera)
Expand All @@ -3241,6 +3243,7 @@ class BPDT_Entry_GetFlags(ctypes.Union):
48 : 'OEM DAL', # Dynamic Application Loader
49 : 'OEM DNX IFWI R1', # XML v1.0 (Download and Execute v1)
53 : 'OEM DNX IFWI R2', # XML v2.4 (Download and Execute v2)
57 : 'OEM Descriptor',
}

# Unpack Engine CSE firmware
Expand Down Expand Up @@ -4949,8 +4952,7 @@ def mfs_home_anl(mfs_files, file_buffer, file_records, root_folder, home_rec_siz
def mfs_cfg_anl(buffer, rec_folder, root_folder, config_rec_size) :
# Generate MFS Configuration Records Log
mfs_pt = ext_table([col_y + 'Name' + col_e, col_y + 'Type' + col_e, col_y + 'Size' + col_e, col_y + 'Integrity' + col_e, col_y + 'Encryption' + col_e,
col_y + 'Anti-Replay' + col_e, col_y + 'Rights' + col_e, col_y + 'OEM' + col_e, col_y + 'MCA' + col_e, col_y + 'Access Unknown' + col_e,
col_y + 'Options Unknown' + col_e, col_y + 'Path' + col_e], True, 1)
col_y + 'Anti-Replay' + col_e, col_y + 'Rights' + col_e, col_y + 'OEM' + col_e, col_y + 'MCA' + col_e, col_y + 'Unknown' + col_e, col_y + 'Path' + col_e], True, 1)
mfs_pt.title = col_y + 'MFS Configuration Records' + col_e

rec_count = int.from_bytes(buffer[:4], 'little') # MFS Configuration Records Count
Expand Down Expand Up @@ -4978,7 +4980,7 @@ def mfs_cfg_anl(buffer, rec_folder, root_folder, config_rec_size) :

# Append MFS Configuration Record Info to Log
mfs_pt.add_row([rec_name, ['File','Folder'][record_type], '0x%X' % rec_size, ['No','Yes'][integrity], ['No','Yes'][encryption], ['No','Yes'][anti_replay],
''.join(map(str, rec_hdr.get_rights(unix_rights))), ['No','Yes'][fitc_cfg], ['No','Yes'][mca_upd], '{0:03b}b'.format(acc_unk), '{0:014b}b'.format(opt_unk), local_mfs_path])
''.join(map(str, rec_hdr.get_rights(unix_rights))), ['No','Yes'][fitc_cfg], ['No','Yes'][mca_upd], '{0:03b}b'.format(acc_unk) + ' {0:014b}b'.format(opt_unk), local_mfs_path])

mfs_txt(mfs_pt, root_folder, os.path.join(root_folder + 'home_records'), 'w') # Store/Print MFS Configuration Records Log

Expand Down Expand Up @@ -7833,9 +7835,9 @@ def mass_scan(f_path) :
if pmc_mn2_signed == 'Production' and (variant == 'CSME' and major >= 12) :
msg_pt.add_row(['PMC Latest', [col_g + 'Yes' + col_e, col_r + 'No' + col_e][pmcp_upd_found]])

if ((variant == 'CSME' and major >= 12) or (variant == 'CSTXE' and major >= 3)) and not wcod_found :
msg_pt.add_row(['OEM Configuration', ['No','Yes'][int(oem_config)]])
msg_pt.add_row(['OEM RSA Signature', ['No','Yes'][int(oem_signed or oemp_found)]])
if variant == 'CSTXE' and major >= 3 and not wcod_found : msg_pt.add_row(['OEM Configuration', ['No','Yes'][int(oem_config)]])

if variant in ('CSME','CSTXE','CSSPS') and not wcod_found : msg_pt.add_row(['OEM RSA Signature', ['No','Yes'][int(oem_signed or oemp_found)]])

if (rgn_exist or ifwi_exist) and variant in ('CSME','CSTXE','CSSPS','TXE') : msg_pt.add_row(['OEM Unlock Token', ['No','Yes'][int(utok_found)]])

Expand Down Expand Up @@ -7884,7 +7886,7 @@ def mass_scan(f_path) :

if fpt_num_fail : gen_msg(warn_stor, col_m + 'Warning: Wrong $FPT entry count %s, expected %s!' % (fpt_num_file,fpt_num_calc) + col_e, True)

if pmc_not_comp : gen_msg(warn_stor, col_m + 'Warning: Incompatible PMC %s firmware detected!' % pmc_platform + col_e, True)
if pmc_not_comp : gen_msg(warn_stor, col_m + 'Warning: Incompatible PMC %s firmware detected!' % pmc_platform + col_e, False)

if fuj_rgn_exist : gen_msg(warn_stor, col_m + 'Warning: Fujitsu Intel Engine firmware detected!' + col_e, False)

Expand Down

0 comments on commit 500bfd2

Please sign in to comment.