diff options
-rw-r--r-- | Documentation/mainboard/hp/hp_sure_start.md | 57 | ||||
-rw-r--r-- | Documentation/mainboard/index.md | 1 |
2 files changed, 58 insertions, 0 deletions
diff --git a/Documentation/mainboard/hp/hp_sure_start.md b/Documentation/mainboard/hp/hp_sure_start.md new file mode 100644 index 0000000000..2c25ca3bf7 --- /dev/null +++ b/Documentation/mainboard/hp/hp_sure_start.md @@ -0,0 +1,57 @@ +# HP Sure Start + +According to the [HP Sure Start Technical Whitepaper], HP Sure Start is a chipset +and processor independent firmware intrusion detection and automatic repair system. +It is implemented in HP notebooks since 2013, and desktops since 2015. + +This document talks about some mechanism of HP Sure Start on some machines, and +the method to bypass it. + +## Laptops with SMSC MEC1322 embedded controller + +Haswell EliteBook and ProBook 600 series use SMSC MEC1322 as their embedded controller. +The EC firmware implements HP Sure Start. A Haswell EliteBook has two flash chips. +According to the strings in the EC firmware, the 16MB flash chip that stores the +BIOS firmware is called the *system flash*, and the 2MB flash chip that stores part +of the system flash content is called the *private flash*. + +The private flash is connected to the EC, and is not accessible by the OS. +It contains the following: + +- HP Sure Start policy header (starting with the string "POLI") +- A copy of the Intel Flash Descriptor +- A copy of the GbE firmware +- Machine Unique Data (MUD) +- Hashes of the IFD, GbE firmware and MUD, the hash algorithm is unknown +- A copy of the bootblock, UEFI PEI stage, and microcode + +If the IFD of the system flash does not match the hash in the private flash, for example, +modifying the IFD with ``ifdtool -u`` or ``me_cleaner -S``, the EC will recover the IFD. + +If the content of the private flash is lost. The EC firmware will still copy the IFD, +bootblock and PEI to the private flash. However, the IFD is not protected after that. + +HP Sure Start also verifies the bootblock and PEI without using the private flash. +EC firmware reads the PEI from an absolute address of the system flash chip, which is +hardcoded in the EC firmware. It looks like this verification is done with a digital +signature. If the PEI volume is modified, EC firmware will recover it using the copy +in the private flash. If the private flash has no valid copies of the PEI volume, and +the PEI volume is modified, the machine will refuse to boot with the CapsLock LED blinking. + +## Bypassing HP Sure Start + +First search the mainboard for the flash chips. If there are two flash chips, then the +smaller one may be the private flash. + +For Intel boards, try to modify the IFD with ``ifdtool -u``, power on and shut down +the machine, then read the flash again. If the IFD is not modified, it is likely to +be recovered from the private flash. Find the private flash and erase it, then the IFD +can be modified. + +To bypass the bootblock and PEI verification, we can modify the IFD to make the +BIOS region not overlap with the protected region. Since the EC firmware is usually +located at the high address of the flash chip (and in the protected region), +we can leave it untouched, and do not need to extract the EC firmware to put it in +the coreboot image. + +[HP Sure Start Technical Whitepaper]: http://h10032.www1.hp.com/ctg/Manual/c05163901 diff --git a/Documentation/mainboard/index.md b/Documentation/mainboard/index.md index 0eefee82ab..335eae237c 100644 --- a/Documentation/mainboard/index.md +++ b/Documentation/mainboard/index.md @@ -61,6 +61,7 @@ The boards in this section are not real mainboards, but emulators. ### EliteBook series - [HP Laptops with KBC1126 EC](hp/hp_kbc1126_laptops.md) +- [HP Sure Start](hp/hp_sure_start.md) - [EliteBook 2560p](hp/2560p.md) - [EliteBook 8760w](hp/8760w.md) |