Uncategorized

3mdeb: Minnowboard Turbot remote firmware flashing with RTE (Remote Testing Environment)

Minnowboard Turbot remote firmware flashing with RTE (Remote Testing Environment)
April 5, 2018
Arek Cichocki

Work related to a hardware carries some restrictions which don’t occur when working only with a software. One of them is a limited number of devices. This one may cause a problem with a accessibility to the platform. The limited number of users could slow development and testing. What is more work with a hardware requires a minimal knowledge of the theory of circuits and signals to eliminate platform damage by a user. Hardware can be expensive too. Remote Testing Environment project was made to resolve mentioned problems. […]

https://3mdeb.com/firmware/minnowboard-turbot-remote-firmware-flashing-with-rte-remote-testing-environment/

Standard
Uncategorized

Tianocore Security Advisory 27: Minnowboard UEFI Variable Deletion/Corruption

Tianocore EDK2 security advisory page has been updated, for the first time since 2016! It looks like a single entry:

https://edk2-docs.gitbooks.io/security-advisory/content/

27. UEFI Variable Deletion/Corruption

Description: Input validation error in MinnowBoard 3 Firmware versions prior to 0.65 allow local attacker to cause denial of service via UEFI APIs.

Recommendation: This update improves input validation by firmware and is strongly recommended. For firmware development projects, incorporate the updates in https://github.com/tianocore/edk2-platforms/tree/devel-MinnowBoard3-UDK2017. When using MinnowBoard 3, update to version 0.65 or later. Updated firmware is available at https://firmware.intel.com/projects/minnowboard3

Acknowledgments: Reported by Intel.

References: CVE-2017-5699

The referenced CVE is still empty, hopefully someone at Intel/MITRE/NIST is going to take care of that sometime.

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2017-5699
https://nvd.nist.gov/vuln/detail/CVE-2017-5699

 

Standard
Uncategorized

Passmark’s memtest86 issues [with Minnowboards]

You might want to re-run memtest on some machines before discarding systems as broken. Some Minnowboards were failing memory tests. Intel looked into it and says:

We have tracked down the issue and found that memtest86 tool is using a function call with rare but legitimate NULL value which causes memory test failure.
Currently we are working to update BIOS firmware with fix to prevent this memory test function call failure from memtest86 tool.
Again this is protocol interface issue between memtest86 and our FW driver, there is no hardware issue found with memory on Minnowboard.

See elinux-minnowboard thread for details:

https://www.memtest86.com/troubleshooting.htm

https://www.memtest86.com/technical.htm

http://lists.elinux.org/pipermail/elinux-minnowboard/Week-of-Mon-20170828/thread.html

 

Standard
Uncategorized

Intel updates Minnowboard firmware, and Firmware Engine for Windows

Intel has updated their UEFI firmware for the Minnowboard, and has updated Intel Firmware Engine for Windows.

 

 

Standard
Uncategorized

Asset Intertech on debugging Minnowboard firmware

Asset Intertech has a blog series on debugging Minnowboard firmware using their debugger product. Even if you can’t afford their product, you can still learn about debugging UEFI firmware from this post. 🙂

The Minnowboard Chronicles – Episode 3

As I continue the journey to learn about the internals of UEFI and to debug it with SourcePoint, I encounter some issues doing the firmware build. Last week, I played around with the UEFI shell, and then updated the firmware on my Minnowboard to the latest release (v0.94). Then, I used SourcePoint to look at disassembled code when the platform was sitting in the UEFI shell, waiting for keyboard input. From last time, we can see a number of “INT 3” instructions, with opcode CC. […]

http://blog.asset-intertech.com/test_data_out/2017/01/sourcepoint-debugging-the-minnowboard-turbot.html

http://blog.asset-intertech.com/test_data_out/2017/01/the-minnowboard-chronicles-episode-2.html

http://blog.asset-intertech.com/test_data_out/2017/01/the-minnowboard-chronicles-episode-3.html

Standard