2017-05-16 10:24:25 +02:00
# me_cleaner [](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=B5HCXCLZVCVZ8)
2016-11-14 13:19:16 +01:00
2017-05-16 10:24:25 +02:00
Intel ME is a coprocessor integrated in all post-2006 Intel boards, for which
this [Libreboot page ](https://libreboot.org/faq.html#intelme ) has an excellent
description. The main component of Intel ME is Intel AMT, and I suggest you to
read [this Wikipedia page ](https://en.wikipedia.org/wiki/Intel_Active_Management_Technology )
Add full support for Skylake (ME 11) and following
This commit has been widely tested on an MSI H110M (Sunrise Point) with an
i3-6300T, on two different ME firmware:
* 11.6.1.1142 CON (2.0 MB, no AMT)
* 11.6.1.1142 COR (7.1 MB, AMT)
In particular:
* The only fundamental FTPR modules seems to be rbe, kernel, syslib and
bup. Incidentally, on CON images, these modules are the only ones
Huffman-compressed. Removing any of these modules inhibits the correct
powering on of the PC.
* Now that the Huffman modules are not mixed together in a single Huffman
stream, removing them is trivial and can be done in the same way as the
LZMA/uncompressed modules.
* For the same reason, as there isn't a LLUT header anymore, the
partitions can be freely moved without any change in the content of the
partition, thus the relocation option has been added.
* The truncation information has been adjusted, like in the older ME
versions. However, the correct functioning of a PC with a truncated ME
region hasn't been tested yet.
With this commit me_cleaner is able to remove the majority of the FTPR
modules, going from the original code size of 2.0 MB (no AMT) or 6-7 MB
(AMT) to ~300 kB of compressed code.
2017-06-16 13:08:56 +02:00
for more information about it. In short, Intel ME is an irremovable environment
2017-05-16 10:24:25 +02:00
with an obscure signed proprietary firmware, with full network and memory
access, which poses a serious security threat.
Even when disabled from the BIOS settings, Intel ME is active: the only way to
be sure it is disabled is to remove its firmware from the flash chip.
2016-11-14 13:19:16 +01:00
2017-05-16 10:24:25 +02:00
Before Nehalem (ME version 6, 2008/2009) the ME firmware could be removed
completely from the flash chip by setting a couple of bits inside the flash
Add full support for Skylake (ME 11) and following
This commit has been widely tested on an MSI H110M (Sunrise Point) with an
i3-6300T, on two different ME firmware:
* 11.6.1.1142 CON (2.0 MB, no AMT)
* 11.6.1.1142 COR (7.1 MB, AMT)
In particular:
* The only fundamental FTPR modules seems to be rbe, kernel, syslib and
bup. Incidentally, on CON images, these modules are the only ones
Huffman-compressed. Removing any of these modules inhibits the correct
powering on of the PC.
* Now that the Huffman modules are not mixed together in a single Huffman
stream, removing them is trivial and can be done in the same way as the
LZMA/uncompressed modules.
* For the same reason, as there isn't a LLUT header anymore, the
partitions can be freely moved without any change in the content of the
partition, thus the relocation option has been added.
* The truncation information has been adjusted, like in the older ME
versions. However, the correct functioning of a PC with a truncated ME
region hasn't been tested yet.
With this commit me_cleaner is able to remove the majority of the FTPR
modules, going from the original code size of 2.0 MB (no AMT) or 6-7 MB
(AMT) to ~300 kB of compressed code.
2017-06-16 13:08:56 +02:00
descriptor, without the need to reverse-engineer the ME firmware.
2016-11-14 13:19:16 +01:00
2017-05-16 10:24:25 +02:00
Starting from Nehalem the Intel ME firmware can't be removed anymore: without a
valid firmware the PC shuts off forcefully after 30 minutes. This project is an
attempt to remove as much code as possible from such firmware without falling
Add full support for Skylake (ME 11) and following
This commit has been widely tested on an MSI H110M (Sunrise Point) with an
i3-6300T, on two different ME firmware:
* 11.6.1.1142 CON (2.0 MB, no AMT)
* 11.6.1.1142 COR (7.1 MB, AMT)
In particular:
* The only fundamental FTPR modules seems to be rbe, kernel, syslib and
bup. Incidentally, on CON images, these modules are the only ones
Huffman-compressed. Removing any of these modules inhibits the correct
powering on of the PC.
* Now that the Huffman modules are not mixed together in a single Huffman
stream, removing them is trivial and can be done in the same way as the
LZMA/uncompressed modules.
* For the same reason, as there isn't a LLUT header anymore, the
partitions can be freely moved without any change in the content of the
partition, thus the relocation option has been added.
* The truncation information has been adjusted, like in the older ME
versions. However, the correct functioning of a PC with a truncated ME
region hasn't been tested yet.
With this commit me_cleaner is able to remove the majority of the FTPR
modules, going from the original code size of 2.0 MB (no AMT) or 6-7 MB
(AMT) to ~300 kB of compressed code.
2017-06-16 13:08:56 +02:00
into the 30 minutes recovery mode.
2016-11-14 13:19:16 +01:00
2017-05-16 10:24:25 +02:00
me_cleaner currently works on most architectures, see [me_cleaner status ](https://github.com/corna/me_cleaner/wiki/me_cleaner-status ) (or [its discussion ](https://github.com/corna/me_cleaner/issues/3 ))
for more info about them. me_cleaner works also on the TXE and SPS firmware.
2016-11-30 17:15:15 +01:00
2017-05-16 10:24:25 +02:00
If you want to understand how me_cleaner works, you can read the ["How does it work?" page ](https://github.com/corna/me_cleaner/wiki/How-does-it-work%3F ).
2016-11-14 13:19:16 +01:00
2017-06-03 16:46:44 +02:00
If you want to apply me_cleaner on your platform I suggest you to read the
2017-05-16 10:24:25 +02:00
["How does it work?" page ](https://github.com/corna/me_cleaner/wiki/How-does-it-work%3F )
and then follow the guide ["How to apply me_cleaner" ](https://github.com/corna/me_cleaner/wiki/How-to-apply-me_cleaner ).
For pre-Skylake firmware (ME version < 11 ) this tool removes almost everything ,
leaving only the two fundamental modules needed for the correct boot, ROMP and
BUP. The code size is reduced from 1.5 MB (non-AMT firmware) or 5 MB (AMT
firmware) to ~90 kB of compressed code.
Add full support for Skylake (ME 11) and following
This commit has been widely tested on an MSI H110M (Sunrise Point) with an
i3-6300T, on two different ME firmware:
* 11.6.1.1142 CON (2.0 MB, no AMT)
* 11.6.1.1142 COR (7.1 MB, AMT)
In particular:
* The only fundamental FTPR modules seems to be rbe, kernel, syslib and
bup. Incidentally, on CON images, these modules are the only ones
Huffman-compressed. Removing any of these modules inhibits the correct
powering on of the PC.
* Now that the Huffman modules are not mixed together in a single Huffman
stream, removing them is trivial and can be done in the same way as the
LZMA/uncompressed modules.
* For the same reason, as there isn't a LLUT header anymore, the
partitions can be freely moved without any change in the content of the
partition, thus the relocation option has been added.
* The truncation information has been adjusted, like in the older ME
versions. However, the correct functioning of a PC with a truncated ME
region hasn't been tested yet.
With this commit me_cleaner is able to remove the majority of the FTPR
modules, going from the original code size of 2.0 MB (no AMT) or 6-7 MB
(AMT) to ~300 kB of compressed code.
2017-06-16 13:08:56 +02:00
Starting from Skylake (ME version >= 11) the ME subsystem and the firmware
structure have changed, requiring substantial changes in me_cleaner.
The fundamental modules required for the correct boot are now four (rbe, kernel,
syslib and bup) and the minimum code size is ~300 kB of compressed code (from
the 2 MB of the non-AMT firmware and the 7 MB of the AMT one).
2017-05-16 10:24:25 +02:00
This project is based on the work of the community; in particular I thank Igor
Add full support for Skylake (ME 11) and following
This commit has been widely tested on an MSI H110M (Sunrise Point) with an
i3-6300T, on two different ME firmware:
* 11.6.1.1142 CON (2.0 MB, no AMT)
* 11.6.1.1142 COR (7.1 MB, AMT)
In particular:
* The only fundamental FTPR modules seems to be rbe, kernel, syslib and
bup. Incidentally, on CON images, these modules are the only ones
Huffman-compressed. Removing any of these modules inhibits the correct
powering on of the PC.
* Now that the Huffman modules are not mixed together in a single Huffman
stream, removing them is trivial and can be done in the same way as the
LZMA/uncompressed modules.
* For the same reason, as there isn't a LLUT header anymore, the
partitions can be freely moved without any change in the content of the
partition, thus the relocation option has been added.
* The truncation information has been adjusted, like in the older ME
versions. However, the correct functioning of a PC with a truncated ME
region hasn't been tested yet.
With this commit me_cleaner is able to remove the majority of the FTPR
modules, going from the original code size of 2.0 MB (no AMT) or 6-7 MB
(AMT) to ~300 kB of compressed code.
2017-06-16 13:08:56 +02:00
Skochinsky, for the core information about Intel ME and its firmware structure,
2017-05-16 10:24:25 +02:00
and Federico Amedeo Izzo, for its help during the study of Intel ME.
