This forum has been archived. All content is frozen. Please use KDE Discuss instead.
The Discussions and Opinions forum is a place for open discussion regarding everything related to KDE, within the boundaries of KDE Code of Conduct. If you have a question or need a solution for a KDE problem, please post in the apppropriate forum instead.

How to Solve Firmware Security Issues

Page 1 of 1 (1 post)

Tags: None
(comma "," separated)
yuvarajvelmurugan
Registered Member
Posts
7
Karma
0

How to Solve Firmware Security Issues

Thu Feb 23, 2023 9:57 am
SYSTEM INFORMATION:
Code: Select all
Operating System: KDE neon 5.27
KDE Plasma Version: 5.27.1
KDE Frameworks Version: 5.103.0
Qt Version: 5.15.8
Kernel Version: 5.19.0-32-generic (64-bit)
Graphics Platform: X11
Processors: 4 × Intel® Core™ i3-7100 CPU @ 3.90GHz
Memory: 15.4 GiB of RAM
Graphics Processor: Mesa Intel® HD Graphics 630
Manufacturer: Gigabyte Technology Co., Ltd.
Product Name: B250M-D3H

FIRMWARE SECURITY INFORMATION
Code: Select all
Host Security ID: HSI:0! (v1.7.9)

HSI-1
✔ CSME override:                 Locked
✔ Intel DCI debugger:            Disabled
✔ SPI write:                     Disabled
✔ TPM empty PCRs:                Valid
✔ TPM v2.0:                      Found
✔ UEFI platform key:             Valid
✘ CSME manufacturing mode:       Unlocked
✘ CSME v0:11.8.50.3425:          Invalid
✘ SPI BIOS region:               Unlocked
✘ SPI lock:                      Disabled

HSI-2
✔ Intel BootGuard:               Enabled
✔ Intel DCI debugger:            Locked
✘ IOMMU:                         Not found
✘ Intel BootGuard ACM protected: Invalid
✘ Intel BootGuard OTP fuse:      Invalid
✘ Intel BootGuard verified boot: Invalid
✘ TPM PCR0 reconstruction:       Not found

HSI-3
✘ Intel BootGuard error policy:  Invalid
✘ Intel CET Enabled:             Not supported
✘ Pre-boot DMA protection:       Disabled
✘ Suspend-to-idle:               Disabled
✘ Suspend-to-ram:                Enabled

HSI-4
✔ Intel SMAP:                    Enabled
✘ Encrypted RAM:                 Not supported

Runtime Suffix -!
✔ Linux kernel:                  Untainted
✔ fwupd plugins:                 Untainted
✘ Linux kernel lockdown:         Disabled
✘ Linux swap:                    Unencrypted
✘ UEFI secure boot:              Disabled

This system has a low HSI security level.
 » https://github.com/fwupd/fwupd/wiki/Low-host-security-level

This system has HSI runtime issues.
 » https://github.com/fwupd/fwupd/wiki/Host-security-ID-runtime-issues

Host Security Events
  2023-01-13 13:13:28:  ✔ All TPM PCRs are valid
  2023-01-13 13:13:28:  ✘ TPM PCR0 reconstruction appeared: Not found
  2022-10-12 08:53:30:  ✔ TPM v2.0 changed: Not found → Found

UEFI INFORMATION:
Code: Select all
BIOS Information
        Vendor: American Megatrends Inc.
        Version: F10
        Release Date: 12/14/2018
        Address: 0xF0000
        Runtime Size: 64 kB
        ROM Size: 8 MB
        Characteristics:
                PCI is supported
                BIOS is upgradeable
                BIOS shadowing is allowed
                Boot from CD is supported
                Selectable boot is supported
                BIOS ROM is socketed
                EDD is supported
                5.25"/1.2 MB floppy services are supported (int 13h)
                3.5"/720 kB floppy services are supported (int 13h)
                3.5"/2.88 MB floppy services are supported (int 13h)
                Print screen service is supported (int 5h)
                Serial services are supported (int 14h)
                Printer services are supported (int 17h)
                ACPI is supported
                USB legacy is supported
                BIOS boot specification is supported
                Targeted content distribution is supported
                UEFI is supported
        BIOS Revision: 5.12

BIOS Language Information
        Language Description Format: Long
        Installable Languages: 6
                en|US|iso8859-1
                zh|CN|unicode
                zh|CN|unicode
                de|DE|iso8859-1
                ja|JP|unicode
                ru|RU|iso8859-5
        Currently Installed Language: en|US|iso8859-1

Page 1 of 1 (1 post)

Bookmarks


Who is online

Registered users: bartoloni, Bing [Bot], Google [Bot], Yahoo [Bot]