Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Intel Management Engine Deep Dive

media.ccc.de via YouTube

Overview

Dive deep into the Intel Management Engine (ME) in this comprehensive conference talk from the 36th Chaos Communication Congress. Explore the reverse engineering process of a system on a chip, the development of an emulator, and the knowledge required to create a replacement for one of the most controversial binary blobs in modern PCs. Gain insights into the ME's role as the root of trust for various platform security features, its impact on firmware signing, and its background management capabilities. Learn about custom tools for manipulating firmware images, emulating ME firmware modules, and replicating unpublished exploits. Discover methods for analyzing ME version 11.x, found in 6th and 7th generation chipsets, and understand its hardware components, firmware partitions, code verification chain, and communication protocols. Delve into topics such as memory management, hardware access, cryptographic accelerators, and the host boot process. Examine the potential for developing an open-source replacement firmware for the Management Engine and explore future goals in this field.

Syllabus

Intro
Outline
About the ME
About ME
Working with ME firmware images
Understanding the ME: Firmware Partitions
Understanding the ME: Code partitions
Understanding the ME: Metadata
Code verification chain
ME shared libraries
Analysing a simple module
Data sections
Example driver main() function
Trace output: SVEN
ME driver overview device files
Accessing hardware
Message Passing: Basics
Memory Grants: Indirect Grants
DMA Locks
Understanding the address space
The bus driver: busdrv
The table in human readable form
Processor
Custom host bridge: Minute IA System Agent
Hardware Cryptographic Accelerator IP blocks (partial)
Crypto: DMA Engines
Host-Embedded Controller Interface (HECI)
Primary Address Translation Table
Root spaces
Sideband Fabric
Developing an exploit for CVE-2017-5705,6,7
meloader: WINE for the ME
meloader as a debugger
Getting JTAG access
ME Boot Process
Host Boot Process: Boot Guard
The Power Management Controller
Host Initialization: ME tasks
Getting to the minimal viable implementation
Boot Guard Configuration
Future goals
Acknowledgements

Taught by

media.ccc.de

Reviews

Start your review of Intel Management Engine Deep Dive

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.