Image of Android Wireless Application Development
Image of RHCE Red Hat Certified Engineer Linux Study Guide (Exam RH302) (Certification Press)
Image of Linux Kernel Development (3rd Edition)
Image of Operating System Concepts

Has Intel ME Analysis Tool Development Petered Out?

Recently I decided to upgrade the Intel Management Engine (ME) firmware on my Lenovo T450 laptop as Lenovo had released a new version of the firmware ( in May 2017. The ME firmware upgrade went smoothly and no problems were encountered. After the upgrade was completed, I decided to review my knowledge of ME firmware internals using the ME firmware binary that I had just installed as I had last looked at ME firmware in early 2015. For readers who are not familiar with the Intel Management Engine, I suggest you first read this Wikipedia article on Intel Active Management

UEFI Utility to Read TPM 2.0 PCRs

In a previous post, I discussed how to retrieve Platform Configuration Register (PCR) values from a discrete TPM (Trusted Platform Module) 1.2 chip (dTPM 1.2) and provided source code for a UEFI shell utility to display the digests from the first 16 PCRs. In this post, I discuss a number of key TPM 2.0 features and provide the source code for a UEFI shell utility to display the digests from the first 24 PCRs of a TPM 2.0 implementation. What is driving the move to TPM 2.0? Simple, TPM 1.2 ((ISO/IEC 11889) only supports one hash algorithm, i.e. SHA1, and

UEFI Utility to Read TPM 1.2 PCRs

A Trusted Platform Module (TPM) supports many security functions including a number of special registers called Platform Configuration Registers (PCRs) which can hold data in a shielded location in a manner that prevents tampering or spoofing. A PCR is a 20-byte register. which incidentally is the length of a SHA-1 (Secure Hash Algorithm) hash. Most modern TPMs have 24 or even more PCRs; older ones have 16 PCRs. The TPM 1.2 specification, developed by the Trusted Computing Group (TCG) only requires 16 PCRs. Typically PCRs are used to store measurements. Measurements can be of code, data structures, configuration, information, or

Examining TPM2 ACPI Table

The Advanced Configuration and Power Interface (ACPI) specification was developed to establish industry common interfaces enabling robust operating system directed motherboard device configuration and power management of both devices and entire platforms. This specification has gone from strength to strength over the years and is now maintained by the UEFI Forum. The current version is 6.1. Over the years, the Trusted Computing Group (TCG) has developed various specifications defining an ACPI table and basic methods for use on a TCG compliant platform. The goal is that the ACPI table and ACPI namespace objects provide sufficient information to an operating system

Accessing TPM Functionality From UEFI Shell - Part 1

A Trusted Platform Module (TPM) is, traditionally, a hardware device (chip) designed to enable commodity computing platforms (think laptop or personal computer) to achieve greater levels of security than non-TPM equipped platform. There are over 600 million installed TPMs, mostly in high-end laptops made by Lenovo, HP, Dell, Toshiba and others. TPMs are manufactured by many chip producers including Atmel, STMicroelectronics and Toshiba. Via it’s Trusted Execution Technology (TXT), Intel now incorporates TPM functionality in many of its current processors. TPM technology is specified by the Trusted Computing Group (TCG), an industry consortium that includes Intel, Microsoft, AMD, IBM, HP,