Group: Hardware/research/anti-freedom/Intel Management Engine/HP Elitebook 2570p

From LibrePlanet
Jump to: navigation, search

Introduction

This laptop cannot even boot without nonfree software.

However doing tests on it to understand better the Management Engine and the laptop lack of freedom is still interesting.

As for now:

  • That laptop requires a signed and nonfree Management Engine firmware.
  • It also requires a nonfree Embedded Controller (EC) firmware that has to be part of the Coreboot image.
  • It still needs to be tested without CPU microcode.

Hardware

This laptop uses the Ivybridge microarchitecture.

Tests

Management Engine

Test Results Comments
Keep ROMP + BUP ME partitions
  • Boots
FPTR, ROMP and BUP partitions were removed
  • The keyboard blinks (Is the EC firmware doing that)
  • After a timeout, the fan engages at full speed
  • Did Coreboot crash or panic?
  • TODO: retry with some other debug mechanism:
    • Try with beeps added and blinking removed from in Coreboot config
    • Try to get a Coreboot log with serial, usb debug, or other means
Removed completely the ME partition like for GM45 (1, 0xffff for region 2 base)
  • It powers off right after pressing the power on button

Embedded Controller

Test Results Comments
TODO TODO

CPU Microcode

Test Results Comments
Removed cpu_microcode_blob.bin from the coreboot image with cbfstool
  • The keyboard blinks (Is the EC firmware doing that)
Coreboot image built without the microcode
  • The board boots fine.
  • Beside warnings about the MDS security issue, nothing problematic (related to the microcode ) was found in dmesg