Intel Management Engine: Difference between revisions
Jump to navigation
Jump to search
Line 89: | Line 89: | ||
== Why there is no replacement for it yet == | == Why there is no replacement for it yet == | ||
Replacing the ME firmware is not that easy because: | Replacing the ME firmware is not that easy because: | ||
* | * The ME bootrom checks the firmware signature. | ||
* On recent chipset its RAM reagion is locked while it is allocated. | * On recent chipset its RAM reagion is locked while it is allocated. | ||
Revision as of 18:53, 13 August 2014
Uses of the Management Engine
The management engine(Often abreviated ME) is a CPU which permits Out of band management of the computer. See the Wikipedia AMT article for example use cases.
Freedom and security issues
- The code that is running inside the management engine is proprietary and signed
- The management engine CPU has access to a lot of things, see "ME physical capabilities" for more details.
Where
Board | Firmware | Microarchitecture | ME location and physical capabilities | ME restrictions |
---|---|---|---|---|
Lenovo x201 | AMT | Nehalem |
The ME is inside the PCH, it:
|
|
Packard Bell EasyNote LM85 (MS2290) | AMT? | |||
Samsung Series 5 550 Chromebook | me.bin | Sandy Bridge |
The ME is inside the PCH, it:
|
|
Samsung Series 3 Chromebox | me.bin | |||
Lenovo t520 | AMT | |||
Google/HP Pavilion Chromebook 14 | me.bin | Ivy Bridge |
The ME is inside the PCH, it:
|
|
Google Chromebook Pixel | me.bin | |||
Google/Acer C7 Chromebook | me.bin | |||
Google/Lenovo Thinkpad X131e Chromebook | me.bin | |||
Lenovo t530 | AMT | |||
Lenovo x230 | AMT | |||
Kotron KTQM77/mITX | AMT? | |||
Google/Acer C720 Chromebook | ? | Haswell |
The ME is inside the PCH, it:
|
|
Google/HP Chromebook 14 | ? |
Why there is no replacement for it yet
Replacing the ME firmware is not that easy because:
- The ME bootrom checks the firmware signature.
- On recent chipset its RAM reagion is locked while it is allocated.
So even if some people partially documented some ME firmware format, there is very few probability of having a free software replacement for it one day.
Coreboot also support other systems than the ones with recent intel CPU/chipsets. The List of supported mainboard list some of them.