Image of Beginning Google Maps API 3
Image of Modern Operating Systems (3rd Edition)
Image of Android Wireless Application Development
Image of RHCE Red Hat Certified Engineer Linux Study Guide (Exam RH302) (Certification Press)

Has Intel ME Analysis Tool Development Petered Out?

Recently I decided to upgrade the Intel Management Engine (ME) firmware on my Lenovo T450 laptop as Lenovo had released a new version of the firmware ( in May 2017. The ME firmware upgrade went smoothly and no problems were encountered. After the upgrade was completed, I decided to review my knowledge of ME firmware internals using the ME firmware binary that I had just installed as I had last looked at ME firmware in early 2015. For readers who are not familiar with the Intel Management Engine, I suggest you first read this Wikipedia article on Intel Active Management

Using PCI.IDS Database to Show PCI Vendor and Device Information in UEFI Shell

The UEFI Shell has a built-in command called pci for enumerating PCI (Peripheral Component Interconnect) devices. Here is what is outputted for a Lenovo T450 using this command: fs1:> pci Seg Bus Dev Func — — — —- 00 00 00 00 ==> Bridge Device – Host/PCI bridge Vendor 8086 Device 1604 Prog Interface 0 00 00 02 00 ==> Display Controller – VGA/8514 controller Vendor 8086 Device 1616 Prog Interface 0 00 00 03 00 ==> Multimedia Device – Mixed mode device Vendor 8086 Device 160C Prog Interface 0 00 00 14 00 ==> Serial Bus Controllers – USB

Using the EFI_SHELL_PROTOCOL To Read a File

In this post, I provide the source code for a working UEFI shell application which displays the contents of an ASCII file using functionality provided by the EFI_SHELL_PROTOCOL protocol. The current version of the EFI_SHELL_PROTOCOL is 2.1 and here are the exposed protocol interfaces: typedef struct _EFI_SHELL_PROTOCOL { EFI_SHELL_EXECUTE Execute; EFI_SHELL_GET_ENV GetEnv; EFI_SHELL_SET_ENV SetEnv; EFI_SHELL_GET_ALIAS GetAlias; EFI_SHELL_SET_ALIAS SetAlias; EFI_SHELL_GET_HELP_TEXT GetHelpText; EFI_SHELL_GET_DEVICE_PATH_FROM_MAP GetDevicePathFromMap; EFI_SHELL_GET_MAP_FROM_DEVICE_PATH GetMapFromDevicePath; EFI_SHELL_GET_DEVICE_PATH_FROM_FILE_PATH GetDevicePathFromFilePath; EFI_SHELL_GET_FILE_PATH_FROM_DEVICE_PATH GetFilePathFromDevicePath; EFI_SHELL_SET_MAP SetMap; EFI_SHELL_GET_CUR_DIR GetCurDir; EFI_SHELL_SET_CUR_DIR SetCurDir; EFI_SHELL_OPEN_FILE_LIST OpenFileList; EFI_SHELL_FREE_FILE_LIST FreeFileList; EFI_SHELL_REMOVE_DUP_IN_FILE_LIST RemoveDupInFileList; EFI_SHELL_BATCH_IS_ACTIVE BatchIsActive; EFI_SHELL_IS_ROOT_SHELL IsRootShell; EFI_SHELL_ENABLE_PAGE_BREAK EnablePageBreak; EFI_SHELL_DISABLE_PAGE_BREAK DisablePageBreak; EFI_SHELL_GET_PAGE_BREAK GetPageBreak; EFI_SHELL_GET_DEVICE_NAME GetDeviceName; EFI_SHELL_GET_FILE_INFO GetFileInfo; EFI_SHELL_SET_FILE_INFO SetFileInfo; EFI_SHELL_OPEN_FILE_BY_NAME OpenFileByName; EFI_SHELL_CLOSE_FILE CloseFile;

UEFI Utility to Read TPM 2.0 PCRs

In a previous post, I discussed how to retrieve Platform Configuration Register (PCR) values from a discrete TPM (Trusted Platform Module) 1.2 chip (dTPM 1.2) and provided source code for a UEFI shell utility to display the digests from the first 16 PCRs. In this post, I discuss a number of key TPM 2.0 features and provide the source code for a UEFI shell utility to display the digests from the first 24 PCRs of a TPM 2.0 implementation. What is driving the move to TPM 2.0? Simple, TPM 1.2 ((ISO/IEC 11889) only supports one hash algorithm, i.e. SHA1, and

UEFI Utility to Read TPM 1.2 PCRs

A Trusted Platform Module (TPM) supports many security functions including a number of special registers called Platform Configuration Registers (PCRs) which can hold data in a shielded location in a manner that prevents tampering or spoofing. A PCR is a 20-byte register. which incidentally is the length of a SHA-1 (Secure Hash Algorithm) hash. Most modern TPMs have 24 or even more PCRs; older ones have 16 PCRs. The TPM 1.2 specification, developed by the Trusted Computing Group (TCG) only requires 16 PCRs. Typically PCRs are used to store measurements. Measurements can be of code, data structures, configuration, information, or