Uncategorized

coreboot for HiFive Unleashed

Re: https://firmwaresecurity.com/2018/06/25/risc-v-implementations-filled-with-blobs/

https://github.com/hardenedlinux/firmware-anatomy/tree/master/bin_blobs/hifive_unleashed

Standard
Uncategorized

io386: tool wrapping around ioperm(2), iopl(2), outb(b), etc.

Introduction: A command line tool wrapping around ioperm(2) iopl(2) outb(2), etc.
Where it is needed: Designed for Linux-as-bootloader-payload schemes like Heads, in order to perform low-level IO operations, e.g. triggering SMIs.

https://github.com/hardenedlinux/io386

 

Standard
Uncategorized

Hardened Linux and firmware

I recently noticed Hardened Linux, because they were calling CHIPSEC. I just noticed they have some informational pages with info on Intel ME/AMT/UEFI and other technologies:

https://github.com/hardenedlinux/firmware-anatomy

https://github.com/hardenedlinux/firmware-anatomy/blob/master/hack_ME/firmware_security.md

https://github.com/hardenedlinux/firmware-anatomy/tree/master/hack_ME

https://github.com/hardenedlinux/firmware-anatomy/blob/master/hack_ME/me_info.md

https://hardenedlinux.github.io/about3/

https://hardenedlinux.github.io/system-security/2017/07/31/firmware_chipsec.html

https://translate.google.com/translate?hl=enu&u=https://hardenedlinux.github.io/system-security/2017/07/31/firmware_chipsec.html

 

Standard
Uncategorized

Hardened Linux: coreboot and CHIPSEC

A bit more information on Hardened Linux’s use of CHIPSEC, in this case coreboot-centric:

https://firmwaresecurity.com/2017/07/31/hardened-linux-using-chipsec/

“# Enabling some security features at runtime in case of which vendor provided implementation improperly.”

https://github.com/hardenedlinux/Debian-GNU-Linux-Profiles/blob/master/scripts/harbian_fw/fw_hardening_runtime.py

There aren’t many CHIPSEC-based codebases, Hardened Linux is one relatively new one.

Standard