Questions regarding BIOS OEM signing by vendors

Hi Plato,

I came across the thread: Intel Trusted Execution Engine: Drivers, Firmware & System Tools (12), posts #166-#172, which contains questions and answers regarding OEM signing, including FPFs.

I have a couple of questions which I’m not sure about the right answers, and I hope you can help me :slight_smile:

1. What are the differences between “OEM Public Key Hash FPF” and “OEM Public Key Hash TXE FW”?

2. What is the difference between “OEM Public Key Hash FPF” being in “not set” state in contrast to being in “00000-0000…” state? Does in both cases you can assume that the FPFs are not set?

3. If the “OEM Public Key Hash FPF” is not set or set to zeros, what does it mean regarding the “Platform Protection”? Specifically for the “hash key configuration for Bootguard / ISH”? can you delete it or disable it?
I know that once the FPFs are written there is not way to disable the Bootguard for example.

4. How do you determine if the manufacturing mode is open or closed?

5. What is the connection between the FUSEs and the Manufacturing Mode? or the mode is open you can probably assume that the FPSs are not burned?

6. The FPFs to my understanding are part of the Management Engine hardware. Is there any way of determining the FPFs state of a given device based on the BIOS image that was taken? using Intel’s tools for example?

7. Does OEM’s often close the manufacturing mode and/or tend not to burn the FUSEs?
After googling i’m starting to think that Gigabyte products are often come with Manufacturing mode with un-written (burned) FPFs. Is this the case for other vendors to your understanding and experience?

Thank you!

Hello,

1. The PCH/SoC fuses (FPF) are initially not set/unprovisioned. The OEM sets the values at the Engine firmware (TXE FW) and at first end of manufacturing boot (fpt -closemnf) these will permanently commit to the hardware (FPF). The Engine firmware is used for the initial FPF provisioning. The settings it holds afterwards are useless. Only what’s actually commited to the HW/FPF matters.

2. At the Engine FW, zeros means that it’s not set. It doesn’t mean that the actual HW/FPF is the same though, as explained at the 1st answer. At the HW/FPF, “not set” means that it is still in unprovisioned mode so the end of manufacturing never happened.

3. If the HW/FPF is set to zeroes then it usually means that the feature in question is Disabled permanently. So it is “set” to something, provisioned to “Disabled” state. Check the FPF status at the bottom for more info on what’s “not set”, “Enabled”, “Disabled” etc.

4. If you see HW/FPF “not set” then it’s definitely in manufacturing mode (I call this mode “OEM”). If they are set, manufacturing mode is basically equivalent to whether you have read/write access to the SPI/BIOS chip for servicing or similar (I call this mode “OEM/User”). MEInfo/TXEInfo tool should tell you whether Manufacturing Mode (doesn’t specify which) is enabled and whether you have read/write access to the Engine firmware.

5. Answered above.

6. The FPF are within the PCH/SoC. The Engine co-processor is also within the PCH/Soc but they are not the same. They work together. The only reliable way to detect the FPF state of a given system is to query it while it’s working via MEInfo/TXEInfo, as explained above. Looking at the BG Hash via Flash Image Tool or the BG state within BIOS via UEFITool (FIT, ACM etc) is not reliable because an OEM may have configured/set everything properly but not actually commited these changes to the HW/FPF by closing the manufacturing mode at least once (fpt -closemnf).

7. You can find some great research/results from people such as Alex Matrosov at his Betraying the BIOS: Where the Guardians of the BIOS are Failing talk, among others. From my personal experience, the best when it comes to security is Lenovo and HP followed closely by Dell. Apple is also very good (nowadays) but uses their own measures on top (T2 chip, way less features enabled).

Hello. Are there any default values for OEM Public Key Hashes FPF by vendors can be obtained elsewhere? My guess if Hash doesn’t match ACM table platform won’t boot.
I wish I could have at least one fully functional system. I promise this only for my private usage.