Skip to content

Instantly share code, notes, and snippets.

@mouadcherkaoui

mouadcherkaoui/chipsec-out.txt

Created January 13, 2021 20:21
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save mouadcherkaoui/684e4cc33a45865a4e6923be89cedfe1 to your computer and use it in GitHub Desktop.
Save mouadcherkaoui/684e4cc33a45865a4e6923be89cedfe1 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
chipsec-out.txt
################################################################
## ##
## CHIPSEC: Platform Hardware Security Assessment Framework ##
## ##
################################################################
[CHIPSEC] Version 1.5.8
[CHIPSEC] Arguments: 

****** Chipsec Linux Kernel module is licensed under GPL 2.0
[CHIPSEC] API mode: using CHIPSEC kernel module API
[CHIPSEC] OS : Linux 5.4.0-60-generic #67-Ubuntu SMP Tue Jan 5 18:31:36 UTC 2021 x86_64
[CHIPSEC] Python : 2.7.18 (64-bit)
[CHIPSEC] Helper : LinuxHelper (/home/mouad/Documents/chipsec/chipsec/helper/linux/chipsec.ko)
[CHIPSEC] Platform: (IceLake U 4 Cores)
[CHIPSEC] VID: 8086
[CHIPSEC] DID: 8A12
[CHIPSEC] RID: 03
[CHIPSEC] PCH : Intel 495 series PCH-LP Prem-U
[CHIPSEC] VID: 8086
[CHIPSEC] DID: 3482
[CHIPSEC] RID: 30
 
[*] loading common modules from "./chipsec/modules/common" ..
[*] No platform specific modules to load
[*] loading modules from "./chipsec/modules" ..
[+] loaded chipsec.modules.common.bios_kbrd_buffer
[+] loaded chipsec.modules.common.bios_smi
[+] loaded chipsec.modules.common.bios_ts
[+] loaded chipsec.modules.common.bios_wp
[+] loaded chipsec.modules.common.cpu.cpu_info
[+] loaded chipsec.modules.common.cpu.ia_untrusted
[+] loaded chipsec.modules.common.cpu.spectre_v2
[+] loaded chipsec.modules.common.debugenabled
[+] loaded chipsec.modules.common.ia32cfg
[+] loaded chipsec.modules.common.me_mfg_mode
[+] loaded chipsec.modules.common.memconfig
[+] loaded chipsec.modules.common.memlock
[+] loaded chipsec.modules.common.remap
[+] loaded chipsec.modules.common.rtclock
[+] loaded chipsec.modules.common.secureboot.variables
[+] loaded chipsec.modules.common.sgx_check
[+] loaded chipsec.modules.common.smm
[+] loaded chipsec.modules.common.smm_dma
[+] loaded chipsec.modules.common.smrr
[+] loaded chipsec.modules.common.spd_wd
[+] loaded chipsec.modules.common.spi_access
[+] loaded chipsec.modules.common.spi_desc
[+] loaded chipsec.modules.common.spi_fdopss
[+] loaded chipsec.modules.common.spi_lock
[+] loaded chipsec.modules.common.uefi.access_uefispec
[+] loaded chipsec.modules.common.uefi.s3bootscript
[*] running loaded modules ..

[*] running module: chipsec.modules.common.bios_kbrd_buffer
[x][ =======================================================================
[x][ Module: Pre-boot Passwords in the BIOS Keyboard Buffer
[x][ =======================================================================
[*] Keyboard buffer head pointer = 0x1E (at 0x41A), tail pointer = 0x1E (at 0x41C)
[*] Keyboard buffer contents (at 0x41E):
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 
[*] Checking contents of the keyboard buffer..

[+] PASSED: Keyboard buffer looks empty. Pre-boot passwords don't seem to be exposed

[*] running module: chipsec.modules.common.bios_smi
[x][ =======================================================================
[x][ Module: SMI Events Configuration
[x][ =======================================================================
[+] SMM BIOS region write protection is enabled (SMM_BWP is used)

[*] Checking SMI enables..
 Global SMI enable: 1
 TCO SMI enable : 1
[+] All required SMI events are enabled

[*] Checking SMI configuration locks..
[+] TCO SMI configuration is locked (TCO SMI Lock)
[+] SMI events global configuration is locked (SMI Lock)

[+] PASSED: All required SMI sources seem to be enabled and locked

[*] running module: chipsec.modules.common.bios_ts
[x][ =======================================================================
[x][ Module: BIOS Interface Lock (including Top Swap Mode)
[x][ =======================================================================
[*] BiosInterfaceLockDown (BILD) control = 1
[*] BIOS Top Swap mode is disabled (TSS = 0)
[*] RTC TopSwap control (TS) = 0
[+] PASSED: BIOS Interface is locked (including Top Swap Mode)

[*] running module: chipsec.modules.common.bios_wp
[x][ =======================================================================
[x][ Module: BIOS Region Write Protection
[x][ =======================================================================
[*] BC = 0x000008AA << BIOS Control (b:d.f 00:31.5 + 0xDC)
[00] BIOSWE = 0 << BIOS Write Enable
[01] BLE = 1 << BIOS Lock Enable
[02] SRC = 2 << SPI Read Configuration
[04] TSS = 0 << Top Swap Status
[05] SMM_BWP = 1 << SMM BIOS Write Protection
[06] BBS = 0 << Boot BIOS Strap
[07] BILD = 1 << BIOS Interface Lock Down
[11] ASE_BWP = 1 << Async SMI Enable for BIOS Write Protection 
[+] BIOS region write protection is enabled (writes restricted to SMM)

[*] BIOS Region: Base = 0x00500000, Limit = 0x00FFFFFF
SPI Protected Ranges
------------------------------------------------------------
PRx (offset) | Value | Base | Limit | WP? | RP?
------------------------------------------------------------
PR0 (84) | 00000000 | 00000000 | 00000000 | 0 | 0 
PR1 (88) | 00000000 | 00000000 | 00000000 | 0 | 0 
PR2 (8C) | 00000000 | 00000000 | 00000000 | 0 | 0 
PR3 (90) | 00000000 | 00000000 | 00000000 | 0 | 0 
PR4 (94) | 00000000 | 00000000 | 00000000 | 0 | 0 

[!] None of the SPI protected ranges write-protect BIOS region

[+] PASSED: BIOS is write protected

[*] running module: chipsec.modules.common.cpu.cpu_info
[x][ =======================================================================
[x][ Module: Current Processor Information:
[x][ =======================================================================
[*] Thread 0000
[*] Processor: Intel(R) Core(TM) i7-1065G7 CPU @ 1.30GHz
[*] Family: 06 Model: 7E Stepping: 5
[*] Microcode: 000000A0
[*]
[*] Thread 0001
[*] Processor: Intel(R) Core(TM) i7-1065G7 CPU @ 1.30GHz
[*] Family: 06 Model: 7E Stepping: 5
[*] Microcode: 000000A0
[*]
[*] Thread 0002
[*] Processor: Intel(R) Core(TM) i7-1065G7 CPU @ 1.30GHz
[*] Family: 06 Model: 7E Stepping: 5
[*] Microcode: 000000A0
[*]
[*] Thread 0003
[*] Processor: Intel(R) Core(TM) i7-1065G7 CPU @ 1.30GHz
[*] Family: 06 Model: 7E Stepping: 5
[*] Microcode: 000000A0
[*]
[*] Thread 0004
[*] Processor: Intel(R) Core(TM) i7-1065G7 CPU @ 1.30GHz
[*] Family: 06 Model: 7E Stepping: 5
[*] Microcode: 000000A0
[*]
[*] Thread 0005
[*] Processor: Intel(R) Core(TM) i7-1065G7 CPU @ 1.30GHz
[*] Family: 06 Model: 7E Stepping: 5
[*] Microcode: 000000A0
[*]
[*] Thread 0006
[*] Processor: Intel(R) Core(TM) i7-1065G7 CPU @ 1.30GHz
[*] Family: 06 Model: 7E Stepping: 5
[*] Microcode: 000000A0
[*]
[*] Thread 0007
[*] Processor: Intel(R) Core(TM) i7-1065G7 CPU @ 1.30GHz
[*] Family: 06 Model: 7E Stepping: 5
[*] Microcode: 000000A0
[*]
[#] INFORMATION: Processor information displayed

[*] running module: chipsec.modules.common.cpu.ia_untrusted
[x][ =======================================================================
[x][ Module: IA_UNTRUSTED Check
[x][ =======================================================================
[*] Check that untrusted mode has been set.
[+] SoC_BIOS_DONE set.

[+] IA_UNTRUSTED set on thread 0.
[+] IA_UNTRUSTED set on thread 1.
[+] IA_UNTRUSTED set on thread 2.
[+] IA_UNTRUSTED set on thread 3.
[+] IA_UNTRUSTED set on thread 4.
[+] IA_UNTRUSTED set on thread 5.
[+] IA_UNTRUSTED set on thread 6.
[+] IA_UNTRUSTED set on thread 7.

[+] PASSED: IA_UNTRUSTED set on all threads

[*] running module: chipsec.modules.common.cpu.spectre_v2
[x][ =======================================================================
[x][ Module: Checks for Branch Target Injection / Spectre v2 (CVE-2017-5715)
[x][ =======================================================================
[*] CPUID.7H:EDX[26] = 1 Indirect Branch Restricted Speculation (IBRS) & Predictor Barrier (IBPB)
[*] CPUID.7H:EDX[27] = 1 Single Thread Indirect Branch Predictors (STIBP)
[*] CPUID.7H:EDX[29] = 1 IA32_ARCH_CAPABILITIES
[+] CPU supports IBRS and IBPB
[+] CPU supports STIBP
[*] checking enhanced IBRS support in IA32_ARCH_CAPABILITIES...
[*] cpu0: IBRS_ALL = 1
[*] cpu1: IBRS_ALL = 1
[*] cpu2: IBRS_ALL = 1
[*] cpu3: IBRS_ALL = 1
[*] cpu4: IBRS_ALL = 1
[*] cpu5: IBRS_ALL = 1
[*] cpu6: IBRS_ALL = 1
[*] cpu7: IBRS_ALL = 1
[+] CPU supports enhanced IBRS (on all logical CPU)
[*] checking if OS is using Enhanced IBRS...
[*] cpu0: IA32_SPEC_CTRL[IBRS] = 1
[*] cpu0: IA32_SPEC_CTRL[STIBP] = 0
[*] cpu1: IA32_SPEC_CTRL[IBRS] = 1
[*] cpu1: IA32_SPEC_CTRL[STIBP] = 0
[*] cpu2: IA32_SPEC_CTRL[IBRS] = 1
[*] cpu2: IA32_SPEC_CTRL[STIBP] = 0
[*] cpu3: IA32_SPEC_CTRL[IBRS] = 1
[*] cpu3: IA32_SPEC_CTRL[STIBP] = 0
[*] cpu4: IA32_SPEC_CTRL[IBRS] = 1
[*] cpu4: IA32_SPEC_CTRL[STIBP] = 0
[*] cpu5: IA32_SPEC_CTRL[IBRS] = 1
[*] cpu5: IA32_SPEC_CTRL[STIBP] = 0
[*] cpu6: IA32_SPEC_CTRL[IBRS] = 1
[*] cpu6: IA32_SPEC_CTRL[STIBP] = 0
[*] cpu7: IA32_SPEC_CTRL[IBRS] = 1
[*] cpu7: IA32_SPEC_CTRL[STIBP] = 0
[+] OS enabled Enhanced IBRS (on all logical processors)
[#] INFORMATION: Unable to determine if the OS uses STIBP
[+] PASSED: CPU and OS support hardware mitigations
[!] OS may be using software based mitigation (eg. retpoline)
[!] WARNING: 'retpoline_enabled' is not implemented

[*] running module: chipsec.modules.common.debugenabled
[x][ =======================================================================
[x][ Module: Debug features test
[x][ =======================================================================

[*] Checking IA32_DEBUG_INTERFACE msr status
[+] CPU debug interface state is correct.
[+] CPU debug interface state is correct.
[+] CPU debug interface state is correct.
[+] CPU debug interface state is correct.
[+] CPU debug interface state is correct.
[+] CPU debug interface state is correct.
[+] CPU debug interface state is correct.
[+] CPU debug interface state is correct.

[*] Checking DCI register status
[+] DCI Debug is disabled

[*] Module Result
[+] PASSED: All checks have successfully passed

[*] running module: chipsec.modules.common.ia32cfg
[x][ =======================================================================
[x][ Module: IA32 Feature Control Lock
[x][ =======================================================================
[*] Verifying IA32_Feature_Control MSR is locked on all logical CPUs..
[*] cpu0: IA32_Feature_Control Lock = 1
[*] cpu1: IA32_Feature_Control Lock = 1
[*] cpu2: IA32_Feature_Control Lock = 1
[*] cpu3: IA32_Feature_Control Lock = 1
[*] cpu4: IA32_Feature_Control Lock = 1
[*] cpu5: IA32_Feature_Control Lock = 1
[*] cpu6: IA32_Feature_Control Lock = 1
[*] cpu7: IA32_Feature_Control Lock = 1
[+] PASSED: IA32_FEATURE_CONTROL MSR is locked on all logical CPUs

[*] running module: chipsec.modules.common.me_mfg_mode
[x][ =======================================================================
[x][ Module: ME Manufacturing Mode
[x][ =======================================================================
[+] PASSED: ME is not in Manufacturing Mode

[*] running module: chipsec.modules.common.memconfig
[x][ =======================================================================
[x][ Module: Host Bridge Memory Map Locks
[x][ =======================================================================
[*]
[*] Checking legacy register lock state:
[+] PCI0.0.0_BDSM = 0x 6C800001 - LOCKED - Base of Graphics Stolen Memory
[+] PCI0.0.0_BGSM = 0x 6C000001 - LOCKED - Base of GTT Stolen Memory
[+] PCI0.0.0_DPR = 0x 6B000001 - LOCKED - DMA Protected Range
[+] PCI0.0.0_GGC = 0x FEC1 - LOCKED - Graphics Control
[?] Skipping Validation: Register PCI0.0.0_MESEG_MASK or field MELCK was not defined for this platform.
[+] PCI0.0.0_PAVPC = 0x 702000C7 - LOCKED - PAVP Configuration
[?] Skipping Validation: Register PCI0.0.0_REMAPBASE or field LOCK was not defined for this platform.
[?] Skipping Validation: Register PCI0.0.0_REMAPLIMIT or field LOCK was not defined for this platform.
[+] PCI0.0.0_TOLUD = 0x 70400001 - LOCKED - Top of Low Usable DRAM
[+] PCI0.0.0_TOM = 0x 200000001 - LOCKED - Top of Memory
[+] PCI0.0.0_TOUUD = 0x 28FC00001 - LOCKED - Top of Upper Usable DRAM
[-] PCI0.0.0_TSEGMB = 0x 6B000000 - UNLOCKED - TSEG Memory Base
[*]
[*] Checking if IA Untrusted mode is used to lock registers
[+] IA Untrusted mode set
[*]
[+] PASSED: All memory map registers seem to be locked down

[*] running module: chipsec.modules.common.memlock
[x][ =======================================================================
[x][ Module: Check MSR_LT_LOCK_MEMORY
[x][ =======================================================================
[X] Checking MSR_LT_LOCK_MEMORY status
[*] cpu0: MSR_LT_LOCK_MEMORY[LT_LOCK] = 1
[*] cpu1: MSR_LT_LOCK_MEMORY[LT_LOCK] = 1
[*] cpu2: MSR_LT_LOCK_MEMORY[LT_LOCK] = 1
[*] cpu3: MSR_LT_LOCK_MEMORY[LT_LOCK] = 1
[*] cpu4: MSR_LT_LOCK_MEMORY[LT_LOCK] = 1
[*] cpu5: MSR_LT_LOCK_MEMORY[LT_LOCK] = 1
[*] cpu6: MSR_LT_LOCK_MEMORY[LT_LOCK] = 1
[*] cpu7: MSR_LT_LOCK_MEMORY[LT_LOCK] = 1
[+] PASSED: Check have successfully passed

[*] running module: chipsec.modules.common.remap
[x][ =======================================================================
[x][ Module: Memory Remapping Configuration
[x][ =======================================================================
[*] Registers:
[*] TOUUD : 0x000000028FC00001
[*] REMAPLIMIT: 0x000000028FB00000
[*] REMAPBASE : 0x0000000200000000
[*] TOLUD : 0x70400001
[*] TSEGMB : 0x6B000000

[*] Memory Map:
[*] Top Of Upper Memory: 0x000000028FC00000
[*] Remap Limit Address: 0x000000028FBFFFFF
[*] Remap Base Address : 0x0000000200000000
[*] 4GB : 0x0000000100000000
[*] Top Of Low Memory : 0x0000000070400000
[*] TSEG (SMRAM) Base : 0x000000006B000000

[*] checking memory remap configuration..
[*] Memory Remap is enabled
[+] Remap window configuration is correct: REMAPBASE <= REMAPLIMIT < TOUUD
[+] All addresses are 1MB aligned
[*] checking if memory remap configuration is locked..
[+] TOUUD is locked
[+] TOLUD is locked
[+] REMAPBASE and REMAPLIMIT are locked
[+] PASSED: Memory Remap is configured correctly and locked

[*] running module: chipsec.modules.common.rtclock
[x][ =======================================================================
[x][ Module: Protected RTC memory locations
[x][ =======================================================================
[!] WARNING: Unable to test lock bits without attempting to modify CMOS.
[*] Run chipsec_main manually with the following commandline flags.
[*] python chipsec_main -m common.rtclock -a modify

[*] running module: chipsec.modules.common.secureboot.variables
[x][ =======================================================================
[x][ Module: Attributes of Secure Boot EFI Variables
[x][ =======================================================================
[*] Checking protections of UEFI variable 8be4df61-93ca-11d2-aa0d-00e098032b8c:SecureBoot
[*] Checking protections of UEFI variable 8be4df61-93ca-11d2-aa0d-00e098032b8c:SetupMode
[*] Checking protections of UEFI variable 8be4df61-93ca-11d2-aa0d-00e098032b8c:PK
[+] Variable 8be4df61-93ca-11d2-aa0d-00e098032b8c:PK is authenticated (TIME_BASED_AUTHENTICATED_WRITE_ACCESS)
[*] Checking protections of UEFI variable 8be4df61-93ca-11d2-aa0d-00e098032b8c:KEK
[+] Variable 8be4df61-93ca-11d2-aa0d-00e098032b8c:KEK is authenticated (TIME_BASED_AUTHENTICATED_WRITE_ACCESS)
[*] Checking protections of UEFI variable d719b2cb-3d3a-4596-a3bc-dad00e67656f:db
[+] Variable d719b2cb-3d3a-4596-a3bc-dad00e67656f:db is authenticated (TIME_BASED_AUTHENTICATED_WRITE_ACCESS)
[*] Checking protections of UEFI variable d719b2cb-3d3a-4596-a3bc-dad00e67656f:dbx
[+] Variable d719b2cb-3d3a-4596-a3bc-dad00e67656f:dbx is authenticated (TIME_BASED_AUTHENTICATED_WRITE_ACCESS)

[*] Secure Boot appears to be disabled
[+] PASSED: All Secure Boot UEFI variables are protected

[*] running module: chipsec.modules.common.sgx_check
[x][ =======================================================================
[x][ Module: Check SGX feature support
[x][ =======================================================================
[*] Test if CPU has support for SGX

[*] SGX BIOS enablement check
[*] Verifying IA32_FEATURE_CONTROL MSR is configured
[!] WARNING: Intel SGX is not enabled in BIOS

[*] Verifying IA32_FEATURE_CONTROL MSR is locked
[+] IA32_Feature_Control locked

[*] Verifying if Protected Memory Range (PRMRR) is configured
[+] Protected Memory Range configuration is supported

[*] Verifying PRMRR Configuration on each core.
[+] PRMRR config is uniform across all CPUs
[*] PRMRR config supports: 2M, 64M, 128M, 256M
[*] PRMRR base address: 0x00000006AA00
[*] Verifying PRMR memory type is valid
[*] PRMRR memory type : 0x6
[+] PRMRR memory type is WB as expected
[*] PRMRR mask address: 0x000007FFFE00
[*] Verifying PRMR address are valid
[*] PRMRR uncore mask valid: 0x0
[+] Mcheck marked PRMRR address as valid
[*] Verifying if PRMR mask register is locked
[*] PRMRR mask lock: 0x1
[+] PRMRR MASK register is locked

[*] Verifying if SGX is available to use
[!] WARNING: Intel SGX instructions disabled by firmware

[*] BIOS_SE_SVN : 0x0000FFFFFFFF000A
[*] PFAT_SE_SVN : 0xFF
[*] ANC_SE_SVN : 0xFF
[*] SCLEAN_SE_SVN : 0xFF
[*] SINIT_SE_SVN : 0xFF
[*] BIOS_SE_SVN_STATUS : 0x0000000000000000
[*] BIOS_SE_SVN ACM threshold lock : 0x0

[*] Check SGX debug feature settings
[*] SGX Debug Enable : 0
[*] Check Silicon debug feature settings
[*] IA32_DEBUG_INTERFACE : 0x40000000
[*] Debug enabled : 0
[*] Lock : 1
[+] SGX debug mode is disabled
[+] Silicon debug features are disabled
[+] Silicon debug Feature Control register is locked
[!] WARNING: One or more SGX checks detected a warning

[*] running module: chipsec.modules.common.smm
Skipping module chipsec.modules.common.smm since it is not supported in this platform

[*] running module: chipsec.modules.common.smm_dma
[x][ =======================================================================
[x][ Module: SMM TSEG Range Configuration Check
[x][ =======================================================================
[*] TSEG : 0x000000006B000000 - 0x000000006BFFFFFF (size = 0x01000000)
[*] SMRR range: 0x000000006B000000 - 0x000000006BFFFFFF (size = 0x01000000)

[*] checking TSEG range configuration..
[+] TSEG range covers entire SMRAM
[+] TSEG range is locked
[+] PASSED: TSEG is properly configured. SMRAM is protected from DMA attacks

[*] running module: chipsec.modules.common.smrr
[x][ =======================================================================
[x][ Module: CPU SMM Cache Poisoning / System Management Range Registers
[x][ =======================================================================
[+] OK. SMRR range protection is supported

[*] Checking SMRR range base programming..
[*] IA32_SMRR_PHYSBASE = 0x6B000006 << SMRR Base Address MSR (MSR 0x1F2)
[00] Type = 6 << SMRR memory type
[12] PhysBase = 6B000 << SMRR physical base address 
[*] SMRR range base: 0x000000006B000000
[*] SMRR range memory type is Writeback (WB)
[+] OK so far. SMRR range base is programmed

[*] Checking SMRR range mask programming..
[*] IA32_SMRR_PHYSMASK = 0xFF000C00 << SMRR Range Mask MSR (MSR 0x1F3)
[11] Valid = 1 << SMRR valid
[12] PhysMask = FF000 << SMRR address range mask 
[*] SMRR range mask: 0x00000000FF000000
[+] OK so far. SMRR range is enabled

[*] Verifying that SMRR range base & mask are the same on all logical CPUs..
[CPU0] SMRR_PHYSBASE = 000000006B000006, SMRR_PHYSMASK = 00000000FF000C00
[CPU1] SMRR_PHYSBASE = 000000006B000006, SMRR_PHYSMASK = 00000000FF000C00
[CPU2] SMRR_PHYSBASE = 000000006B000006, SMRR_PHYSMASK = 00000000FF000C00
[CPU3] SMRR_PHYSBASE = 000000006B000006, SMRR_PHYSMASK = 00000000FF000C00
[CPU4] SMRR_PHYSBASE = 000000006B000006, SMRR_PHYSMASK = 00000000FF000C00
[CPU5] SMRR_PHYSBASE = 000000006B000006, SMRR_PHYSMASK = 00000000FF000C00
[CPU6] SMRR_PHYSBASE = 000000006B000006, SMRR_PHYSMASK = 00000000FF000C00
[CPU7] SMRR_PHYSBASE = 000000006B000006, SMRR_PHYSMASK = 00000000FF000C00
[+] OK so far. SMRR range base/mask match on all logical CPUs
[*] Trying to read memory at SMRR base 0x6B000000..
[+] PASSED: SMRR reads are blocked in non-SMM mode

[+] PASSED: SMRR protection against cache attack is properly configured

[*] running module: chipsec.modules.common.spd_wd
[x][ =======================================================================
[x][ Module: SPD Write Disable
[x][ =======================================================================
[+] PASSED: SPD Write Disable is set

[*] running module: chipsec.modules.common.spi_access
[x][ =======================================================================
[x][ Module: SPI Flash Region Access Control
[x][ =======================================================================
SPI Flash Region Access Permissions
------------------------------------------------------------

BIOS Region Write Access Grant (00):
 FREG0_FLASHD: 0
 FREG1_BIOS : 0
 FREG2_ME : 0
 FREG3_GBE : 0
 FREG4_PD : 0
 FREG5 : 0
 FREG6 : 0
BIOS Region Read Access Grant (00):
 FREG0_FLASHD: 0
 FREG1_BIOS : 0
 FREG2_ME : 0
 FREG3_GBE : 0
 FREG4_PD : 0
 FREG5 : 0
 FREG6 : 0
BIOS Region Write Access (4A):
 FREG0_FLASHD: 0
 FREG1_BIOS : 1
 FREG2_ME : 0
 FREG3_GBE : 1
 FREG4_PD : 0
 FREG5 : 0
 FREG6 : 1
BIOS Region Read Access (CF):
 FREG0_FLASHD: 1
 FREG1_BIOS : 1
 FREG2_ME : 1
 FREG3_GBE : 1
 FREG4_PD : 0
 FREG5 : 0
 FREG6 : 1
[!] WARNING: Software has write access to GBe region in SPI flash
[!] WARNING: Certain SPI flash regions are writeable by software

[*] running module: chipsec.modules.common.spi_desc
[x][ =======================================================================
[x][ Module: SPI Flash Region Access Control
[x][ =======================================================================
[*] FRAP = 0x00004ACF << SPI Flash Regions Access Permissions Register (SPIBAR + 0x50)
[00] BRRA = CF << BIOS Region Read Access
[08] BRWA = 4A << BIOS Region Write Access
[16] BMRAG = 0 << BIOS Master Read Access Grant
[24] BMWAG = 0 << BIOS Master Write Access Grant 
[*] Software access to SPI flash regions: read = 0xCF, write = 0x4A

[+] PASSED: SPI flash permissions prevent SW from writing to flash descriptor

[*] running module: chipsec.modules.common.spi_fdopss
[x][ =======================================================================
[x][ Module: SPI Flash Descriptor Security Override Pin-Strap
[x][ =======================================================================
[*] HSFS = 0x0000E800 << Hardware Sequencing Flash Status Register (SPIBAR + 0x4)
[00] FDONE = 0 << Flash Cycle Done
[01] FCERR = 0 << Flash Cycle Error
[02] AEL = 0 << Access Error Log
[05] SCIP = 0 << SPI cycle in progress
[11] WRSDIS = 1 << Write status disable
[12] PR34LKD = 0 << PRR3 PRR4 Lock-Down
[13] FDOPSS = 1 << Flash Descriptor Override Pin-Strap Status
[14] FDV = 1 << Flash Descriptor Valid
[15] FLOCKDN = 1 << Flash Configuration Lock-Down
[16] FGO = 0 << Flash cycle go
[17] FCYCLE = 0 << Flash Cycle Type
[21] WET = 0 << Write Enable Type
[24] FDBC = 0 << Flash Data Byte Count
[31] FSMIE = 0 << Flash SPI SMI# Enable 
[+] PASSED: SPI Flash Descriptor Security Override is disabled

[*] running module: chipsec.modules.common.spi_lock
[x][ =======================================================================
[x][ Module: SPI Flash Controller Configuration Locks
[x][ =======================================================================
[*] HSFS = 0x0000E800 << Hardware Sequencing Flash Status Register (SPIBAR + 0x4)
[00] FDONE = 0 << Flash Cycle Done
[01] FCERR = 0 << Flash Cycle Error
[02] AEL = 0 << Access Error Log
[05] SCIP = 0 << SPI cycle in progress
[11] WRSDIS = 1 << Write status disable
[12] PR34LKD = 0 << PRR3 PRR4 Lock-Down
[13] FDOPSS = 1 << Flash Descriptor Override Pin-Strap Status
[14] FDV = 1 << Flash Descriptor Valid
[15] FLOCKDN = 1 << Flash Configuration Lock-Down
[16] FGO = 0 << Flash cycle go
[17] FCYCLE = 0 << Flash Cycle Type
[21] WET = 0 << Write Enable Type
[24] FDBC = 0 << Flash Data Byte Count
[31] FSMIE = 0 << Flash SPI SMI# Enable 
[+] SPI write status disable set.
[+] SPI Flash Controller configuration is locked
[+] PASSED: SPI Flash Controller locked correctly.

[*] running module: chipsec.modules.common.uefi.access_uefispec
[x][ =======================================================================
[x][ Module: Access Control of EFI Variables
[x][ =======================================================================
[*] Testing UEFI variables ..
[*] Variable WAND (NV+BS+RT)
[*] Variable PlatformLangCodes (BS+RT)
[*] Variable BootOrder (NV+BS+RT)
[*] Variable SetupCpuFeatures (NV+BS+RT)
[*] Variable InitSetupVariable (NV+BS+RT)
[*] Variable dbx (NV+BS+RT+TBAWS)
[*] Variable SystemAudioVolume (NV+BS+RT)
[*] Variable UserManagerVar (NV+BS+RT)
[*] Variable ConOut (NV+BS+RT)
[*] Variable TcgSetup (NV+BS+RT)
[*] Variable SPLC (NV+BS+RT)
[*] Variable OilRetentionVariable (NV+BS+RT)
[*] Variable OilSetup (NV+BS+RT)
[*] Variable lBoot0014 (BS+RT)
[*] Variable VarErrorFlag (NV+BS+RT)
[*] Variable csr-active-config (NV+BS+RT)
[*] Variable opencore-version (NV+BS+RT)
[*] Variable CpuSetupVolatileData (BS+RT)
[*] Variable LenovoComputraceFpConfig (NV+BS+RT)
[*] Variable lBoot0017 (BS+RT)
[*] Variable OrgLoadOptionCrcTable (NV+BS+RT)
[*] Variable BRDS (NV+BS+RT)
[*] Variable Tcg2PhysicalPresenceFlags (NV+BS+RT)
[*] Variable Setup (NV+BS+RT)
[*] Variable db (NV+BS+RT+TBAWS)
[*] Variable GPC (NV+BS+RT)
[*] Variable lvar (NV+BS+RT)
[*] Variable lBoot0001 (BS+RT)
[*] Variable OfflineUniqueIDEKPubCRC (NV+BS+RT)
[*] Variable SMBIOSMEMSIZE (NV+BS+RT)
[*] Variable VendorKeys (BS+RT)
[*] Variable SiSetup (NV+BS+RT)
[*] Variable lBoot0019 (BS+RT)
[*] Variable ConOutDev (BS+RT)
[*] Variable PreDefinedBootOptions (NV+BS+RT)
[*] Variable System (NV+BS+RT)
[*] Variable LastBootCurrent (NV+BS+RT)
[*] Variable WGDS (NV+BS+RT)
[*] Variable SFRM_NVRAM (NV+BS+RT)
[*] Variable Tcg2PhysicalPresence (NV+BS+RT)
[*] Variable lBoot001B (BS+RT)
[*] Variable lBoot001C (BS+RT)
[*] Variable UnlockIDCopy (NV+BS+RT)
[*] Variable CpuSetup (NV+BS+RT)
[*] Variable MeSetup (NV+BS+RT)
[*] Variable boot-args (NV+BS+RT)
[*] Variable DIAGSPLSHSCRN (BS+RT)
[*] Variable lBoot001A (BS+RT)
[*] Variable LenovoSecurityStatus (NV+BS+RT)
[*] Variable HDD_Password_Status (NV+BS+RT)
[*] Variable SetupMode (BS+RT)
[*] Variable PK (NV+BS+RT+TBAWS)
[*] Variable L05OkrData (NV+BS+RT)
[*] Variable SCT_SECURE_BOOT_CONFIGURATION (NV+BS+RT)
[*] Variable SMBIOSELOG000 (NV+BS+RT)
[*] Variable RTL-pwrovr (NV+BS+RT)
[*] Variable LBLDESP (NV+BS+RT)
[*] Variable lBoot0000 (BS+RT)
[*] Variable OilEraseVar (NV+BS+RT)
[*] Variable OsIndications (NV+BS+RT)
[*] Variable CapsuleLongModeBuffer (NV+BS+RT)
[*] Variable UCR (NV+BS+RT)
[*] Variable BootOptionSupport (BS+RT)
[*] Variable OfflineUniqueIDEKPub (NV+BS+RT)
[*] Variable ConInDev (BS+RT)
[*] Variable ErrOutDev (BS+RT)
[*] Variable prev-lang:kbd (NV+BS+RT)
[*] Variable Key0002 (NV+BS+RT)
[*] Variable Key0000 (NV+BS+RT)
[*] Variable Key0001 (NV+BS+RT)
[*] Variable MeSetupStorage (NV+BS+RT)
[*] Variable ProtectedBootOptions (NV+BS+RT)
[*] Variable boot-feature-usage (NV+BS+RT)
[*] Variable PciBusSetup (NV+BS+RT)
[*] Variable SMBIOSELOGNUMBER (NV+BS+RT)
[*] Variable OsProfile (NV+BS+RT)
[*] Variable LastBootOrder (NV+BS+RT)
[*] Variable EWRD (NV+BS+RT)
[*] Variable SaSetup (NV+BS+RT)
[*] Variable WRDS (NV+BS+RT)
[*] Variable Timeout (NV+BS+RT)
[*] Variable OilSetupVarInited (NV+BS+RT)
[*] Variable BootOrderDefault (NV+BS+RT)
[*] Variable SignatureSupport (BS+RT)
[*] Variable KEK (NV+BS+RT+TBAWS)
[*] Variable lBoot0015 (BS+RT)
[*] Variable PchSetup (NV+BS+RT)
[*] Variable OpromDevicePath (NV+BS+RT)
[*] Variable lBoot0002 (BS+RT)
[*] Variable TbtSetupVolatileData (BS+RT)
[*] Variable Boot0000 (NV+BS+RT)
[*] Variable Boot0001 (NV+BS+RT)
[*] Variable Boot0002 (NV+BS+RT)
[*] Variable SecureBoot (BS+RT)
[*] Variable WRDD (NV+BS+RT)
[*] Variable OilTpmVarInited (NV+BS+RT)
[*] Variable certdbv (BS+RT+TBAWS)
[*] Variable PBRDevicePath (NV+BS+RT)
[*] Variable lBoot0016 (BS+RT)
[*] Variable run-efi-updater (NV+BS+RT)
[*] Variable BootState (NV+BS+RT)
[*] Variable ConfigurationPagePrivate (NV+BS+RT)
[*] Variable Boot001C (NV+BS+RT)
[*] Variable Boot001B (NV+BS+RT)
[*] Variable Boot001A (NV+BS+RT)
[*] Variable LoadOptionCrcTable (NV+BS+RT)
[*] Variable lBoot0012 (BS+RT)
[*] Variable lBoot0013 (BS+RT)
[*] Variable lBoot0010 (BS+RT)
[*] Variable lBoot0011 (BS+RT)
[*] Variable ConIn (NV+BS+RT)
[*] Variable lBoot0018 (BS+RT)
[*] Variable ReservedConfiguration (NV+BS+RT)
[*] Variable Boot0013 (NV+BS+RT)
[*] Variable Boot0012 (NV+BS+RT)
[*] Variable Boot0011 (NV+BS+RT)
[*] Variable Boot0010 (NV+BS+RT)
[*] Variable Boot0017 (NV+BS+RT)
[*] Variable Boot0016 (NV+BS+RT)
[*] Variable Boot0015 (NV+BS+RT)
[*] Variable Boot0014 (NV+BS+RT)
[*] Variable CurrentPolicy (NV+BS+RT+TBAWS)
[*] Variable RstOptaneConfig (NV+BS+RT)
[*] Variable Boot0019 (NV+BS+RT)
[*] Variable Boot0018 (NV+BS+RT)
[*] Variable OsIndicationsSupported (BS+RT)
[*] Variable PbaStatusVar (NV+BS+RT)
[*] Variable SADS (NV+BS+RT)
[*] Variable MTC (NV+BS+RT)
[*] Variable PreviousBoot (NV+BS+RT)
[*] Variable UIScale (NV+BS+RT)
[*] Variable EventLog (BS+RT)
[*] Variable HDDPWD (NV+BS+RT)
[*] Variable SOFTWAREGUARDSTATUS (BS+RT)
[*] Variable certdb (NV+BS+RT+TBAWS)
[*] Variable BootCurrent (BS+RT)
[*] Variable PlatformLang (NV+BS+RT)

[+] PASSED: All checked EFI variables are protected according to spec.

[*] running module: chipsec.modules.common.uefi.s3bootscript
[x][ =======================================================================
[x][ Module: S3 Resume Boot-Script Protections
[x][ =======================================================================
[*] SMRAM: Base = 0x000000006B000000, Limit = 0x000000006BFFFFFF, Size = 0x01000000
[+] Didn't find any S3 boot-scripts in EFI variables
[!] WARNING: S3 Boot-Script was not found. Firmware may be using other ways to store/locate it, or OS might be blocking access.

[CHIPSEC] *************************** SUMMARY ***************************
[CHIPSEC] Time elapsed 0.121
[CHIPSEC] Modules total 26
[CHIPSEC] Modules failed to run 0:
[CHIPSEC] Modules passed 20:
[+] PASSED: chipsec.modules.common.bios_kbrd_buffer
[+] PASSED: chipsec.modules.common.bios_smi
[+] PASSED: chipsec.modules.common.bios_ts
[+] PASSED: chipsec.modules.common.bios_wp
[+] PASSED: chipsec.modules.common.cpu.ia_untrusted
[+] PASSED: chipsec.modules.common.cpu.spectre_v2
[+] PASSED: chipsec.modules.common.debugenabled
[+] PASSED: chipsec.modules.common.ia32cfg
[+] PASSED: chipsec.modules.common.me_mfg_mode
[+] PASSED: chipsec.modules.common.memconfig
[+] PASSED: chipsec.modules.common.memlock
[+] PASSED: chipsec.modules.common.remap
[+] PASSED: chipsec.modules.common.secureboot.variables
[+] PASSED: chipsec.modules.common.smm_dma
[+] PASSED: chipsec.modules.common.smrr
[+] PASSED: chipsec.modules.common.spd_wd
[+] PASSED: chipsec.modules.common.spi_desc
[+] PASSED: chipsec.modules.common.spi_fdopss
[+] PASSED: chipsec.modules.common.spi_lock
[+] PASSED: chipsec.modules.common.uefi.access_uefispec
[CHIPSEC] Modules information 1:
[#] INFORMATION: chipsec.modules.common.cpu.cpu_info
[CHIPSEC] Modules failed 0:
[CHIPSEC] Modules with warnings 4:
[!] WARNING: chipsec.modules.common.rtclock
[!] WARNING: chipsec.modules.common.sgx_check
[!] WARNING: chipsec.modules.common.spi_access
[!] WARNING: chipsec.modules.common.uefi.s3bootscript
[CHIPSEC] Modules not implemented 0:
[CHIPSEC] Modules not applicable 1:
[*] NOT APPLICABLE: chipsec.modules.common.smm
[CHIPSEC] *****************************************************************
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment