heads/blobs/xx80/README

The ME blobs dumped in this directory come from the following link: https://dl.dell.com/FOLDER04573471M/1/Inspiron_5468_1.3.0.exe

This provides ME version 11.6.0.1126. In this version CVE-2017-5705 has not yet been fixed.
See https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00086.html
Therefore, Bootguard can be disabled by deguard with a patched ME.

1.0.0:Automatically extract, neuter and deguard me.bin
download_clean_me.sh : Downloads vulnerable ME from Dell verify checksum, extract ME, neuters ME, relocate and trim it, then apply deguard patch and place it into me.bin

sha256sum:
1990b42df67ba70292f4f6e2660efb909917452dcb9bd4b65ea2f86402cfa16b  me.bin

1.0.1: Extract blobs from original rom:
extract.sh: takes backup, unlocks ifd, apply me_cleaner to neuter, relocate, trim and deguard it, modify BIOS and ME region of IFD and place output files into this dir.

sha256sum: will vary depending of IFD and ME extracted where IFD regions of BIOS and ME should be consistent.

1.1: More blobs
--------------------
ifd.bin was extracted from a T480 from an external flashrom backup.

sha256sum:
f2f6d5fb0a5e02964b494862032fd93f1f88e2febd9904b936083600645c7fdf  ifd.bin

sha256sum:
d3af2dfbf128bcddfc8c5810a11478697312e5701668f719f80f3f6322db5642  gbe.bin
------------------------

Notes: as specified in first link, this ME can be deployed to:
    T480 and T480s
add t480 board Signed-off-by: gaspar-ilom <gasparilom@riseup.net> 2025-01-14 13:20:05 +01:00			`The ME blobs dumped in this directory come from the following link: https://dl.dell.com/FOLDER04573471M/1/Inspiron_5468_1.3.0.exe`

			`This provides ME version 11.6.0.1126. In this version CVE-2017-5705 has not yet been fixed.`
			`See https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00086.html`
			`Therefore, Bootguard can be disabled by deguard with a patched ME.`

			`1.0.0:Automatically extract, neuter and deguard me.bin`
			`download_clean_me.sh : Downloads vulnerable ME from Dell verify checksum, extract ME, neuters ME, relocate and trim it, then apply deguard patch and place it into me.bin`

			`sha256sum:`
			`1990b42df67ba70292f4f6e2660efb909917452dcb9bd4b65ea2f86402cfa16b me.bin`

			`1.0.1: Extract blobs from original rom:`
			`extract.sh: takes backup, unlocks ifd, apply me_cleaner to neuter, relocate, trim and deguard it, modify BIOS and ME region of IFD and place output files into this dir.`

			`sha256sum: will vary depending of IFD and ME extracted where IFD regions of BIOS and ME should be consistent.`

			`1.1: More blobs`
			`--------------------`
			`ifd.bin was extracted from a T480 from an external flashrom backup.`

			`sha256sum:`
			`f2f6d5fb0a5e02964b494862032fd93f1f88e2febd9904b936083600645c7fdf ifd.bin`

			`sha256sum:`
blobs/xx80/README: fix gbe hash repro user@heads-t480:~/heads/blobs/xx80$ git status On branch poc_t480 nothing to commit, working tree clean user@heads-t480:~/heads/blobs/xx80$ cat hashes.txt d3af2dfbf128bcddfc8c5810a11478697312e5701668f719f80f3f6322db5642 gbe.bin f2f6d5fb0a5e02964b494862032fd93f1f88e2febd9904b936083600645c7fdf ifd.bin 1990b42df67ba70292f4f6e2660efb909917452dcb9bd4b65ea2f86402cfa16b me.bin user@heads-t480:~/heads/blobs/xx80$ cat hashes.txt \| awk -F " " {'print $1'} \| while read hash; grep $hash README; done bash: syntax error near unexpected token `done' user@heads-t480:~/heads/blobs/xx80$ cat hashes.txt \| awk -F " " {'print $1'} \| while read hash; do grep $hash README; done f2f6d5fb0a5e02964b494862032fd93f1f88e2febd9904b936083600645c7fdf ifd.bin 1990b42df67ba70292f4f6e2660efb909917452dcb9bd4b65ea2f86402cfa16b me.bin user@heads-t480:~/heads/blobs/xx80$ vim README user@heads-t480:~/heads/blobs/xx80$ vim README user@heads-t480:~/heads/blobs/xx80$ cat hashes.txt \| awk -F " " {'print $1'} \| while read hash; do grep $hash README; done d3af2dfbf128bcddfc8c5810a11478697312e5701668f719f80f3f6322db5642 gbe.bin f2f6d5fb0a5e02964b494862032fd93f1f88e2febd9904b936083600645c7fdf ifd.bin 1990b42df67ba70292f4f6e2660efb909917452dcb9bd4b65ea2f86402cfa16b me.bin user@heads-t480:~/heads/blobs/xx80$ sha256sum -c hashes.txt gbe.bin: OK ifd.bin: OK me.bin: OK user@heads-t480:~/heads/blobs/xx80$ cat hashes.txt \| awk -F " " {'print $1'} \| while read hash; do grep $hash README; done d3af2dfbf128bcddfc8c5810a11478697312e5701668f719f80f3f6322db5642 gbe.bin f2f6d5fb0a5e02964b494862032fd93f1f88e2febd9904b936083600645c7fdf ifd.bin 1990b42df67ba70292f4f6e2660efb909917452dcb9bd4b65ea2f86402cfa16b me.bin user@heads-t480:~/heads/blobs/xx80$ cat .gitignore me.bin user@heads-t480:~/heads/blobs/xx80$ git status Signed-off-by: Thierry Laurion <insurgo@riseup.net> 2025-02-24 16:29:00 -05:00			`d3af2dfbf128bcddfc8c5810a11478697312e5701668f719f80f3f6322db5642 gbe.bin`
add t480 board Signed-off-by: gaspar-ilom <gasparilom@riseup.net> 2025-01-14 13:20:05 +01:00			`------------------------`

			`Notes: as specified in first link, this ME can be deployed to:`
blobs/xx80/README: fix gbe hash repro user@heads-t480:~/heads/blobs/xx80$ git status On branch poc_t480 nothing to commit, working tree clean user@heads-t480:~/heads/blobs/xx80$ cat hashes.txt d3af2dfbf128bcddfc8c5810a11478697312e5701668f719f80f3f6322db5642 gbe.bin f2f6d5fb0a5e02964b494862032fd93f1f88e2febd9904b936083600645c7fdf ifd.bin 1990b42df67ba70292f4f6e2660efb909917452dcb9bd4b65ea2f86402cfa16b me.bin user@heads-t480:~/heads/blobs/xx80$ cat hashes.txt \| awk -F " " {'print $1'} \| while read hash; grep $hash README; done bash: syntax error near unexpected token `done' user@heads-t480:~/heads/blobs/xx80$ cat hashes.txt \| awk -F " " {'print $1'} \| while read hash; do grep $hash README; done f2f6d5fb0a5e02964b494862032fd93f1f88e2febd9904b936083600645c7fdf ifd.bin 1990b42df67ba70292f4f6e2660efb909917452dcb9bd4b65ea2f86402cfa16b me.bin user@heads-t480:~/heads/blobs/xx80$ vim README user@heads-t480:~/heads/blobs/xx80$ vim README user@heads-t480:~/heads/blobs/xx80$ cat hashes.txt \| awk -F " " {'print $1'} \| while read hash; do grep $hash README; done d3af2dfbf128bcddfc8c5810a11478697312e5701668f719f80f3f6322db5642 gbe.bin f2f6d5fb0a5e02964b494862032fd93f1f88e2febd9904b936083600645c7fdf ifd.bin 1990b42df67ba70292f4f6e2660efb909917452dcb9bd4b65ea2f86402cfa16b me.bin user@heads-t480:~/heads/blobs/xx80$ sha256sum -c hashes.txt gbe.bin: OK ifd.bin: OK me.bin: OK user@heads-t480:~/heads/blobs/xx80$ cat hashes.txt \| awk -F " " {'print $1'} \| while read hash; do grep $hash README; done d3af2dfbf128bcddfc8c5810a11478697312e5701668f719f80f3f6322db5642 gbe.bin f2f6d5fb0a5e02964b494862032fd93f1f88e2febd9904b936083600645c7fdf ifd.bin 1990b42df67ba70292f4f6e2660efb909917452dcb9bd4b65ea2f86402cfa16b me.bin user@heads-t480:~/heads/blobs/xx80$ cat .gitignore me.bin user@heads-t480:~/heads/blobs/xx80$ git status Signed-off-by: Thierry Laurion <insurgo@riseup.net> 2025-02-24 16:29:00 -05:00			`T480 and T480s`