chipsec v1.6.4 releases: Platform Security Assessment Framework

CHIPSEC is a framework for analyzing the security of PC platforms including hardware, system firmware (BIOS/UEFI), and platform components. It includes a security test suite, tools for accessing various low-level interfaces, and forensic capabilities. It can be run on Windows, Linux, Mac OS X, and UEFI shell. Instructions for installing and using CHIPSEC can be found in the manual.

NOTE: This software is for security testing purposes. Use at your own risk. Read WARNING.txt before using.

The first version of CHIPSEC was released in March 2014: Announcement at CanSecWest 2014

The recent presentation on how to use CHIPSEC to find vulnerabilities in firmware, hypervisors and hardware configuration, explore low-level system assets and even detect firmware implants: Exploring Your System Deeper

What is Platform Security?
Hardware Implementation and Configuration
• Available Security Features
• Correct Configuration of HW Components
• Testing/Demonstration of HW Security Mechanisms
Firmware Implementation and Configuration
• Access Controls on Firmware Interfaces
• Correct Settings of Lock Bits
• Testing/Demonstration of FW Security Mechanisms

Feature:
+ System Management Mode
* CPU SMM Cache Poisoning / SMM Range Registers (SMRR)
* SMM memory (SMRAM) Lock
+ BIOS Write Protection
+ Direct HW Access for Manual Testing
+ Forensics
* Live system firmware analysis
* Offline system firmware analysis

Changelog v1.6.4

New or Updated Modules/UtilCmds:

• tools.cpu.sinkhole – Minor improvements to sinkhole.py
• tools.uefi.scan_blocked – Fix to exit if no FW image is found
• utilcmd.acpi_cmd – Prompt the user to specify only existing ACPI tables, delete unused import
• utilcmd.desc_cmd – Fix log message typos
• utilcmd.tpm_cmd – Fix TPM locality memory mapping bug caused by argparse changes

New or Updated Configurations:

• 8086/dnv – Change SPIBAR mask (Issue #927)
• 8086/pch_5xxxh – Update config files for pch5xxh and pch5xxlp
• 8086/pch_5xxxlp – Update config files for pch5xxh and pch5xxlp

Additional Changes:

• README.md – Update 01.org mailing list link
• common.wsmt – Introduce a new module to check for the presence and configuration of the WSMT table
• chipset – Add write_register() return
• docs/create_manual.cmd – Script enhancements
• docs/create_manual.sh – Script enhancements
• docs/sphinx/Contact.rst – Update Windows Installation and other improvements
• docs/sphinx/Download.rst – Update Windows Installation and other improvements
• docs/sphinx/Install in Windows.rst – Update Windows Installation and other improvements
• docs/sphinx/_images/GHRepo.png – Update Windows Installation and other improvements
• docs/sphinx/_images/LR.png – Update Windows Installation and other improvements
• docs/sphinx/_images/chipsec_favicon.jpg – Update Windows Installation and other improvements
• docs/sphinx/conf.py – Update Windows Installation and other improvements
• docs/sphinx/index.rst – Update Windows Installation and other improvements
• drivers/linux/chipsec_km.c – Drop GNU_SOURCE define, simplify and fix symbol resolving for kernels >= 5.10, sprint_symbol() based fallback for symbol resolving, always ensure required symbols are non-null, use appropriate error code on module init errors, fix ioctl() error codes, fix memory leak in IOCTL_GET_EFIVAR ioctl, simplify my_xlate_dev_mem_ptr() slightly, make my[un]xlate_dev_mem_ptr() static and fix getting physical address of GDT
• drivers/win7/driver.c – Fix issue with mmio r/w
• drivers/win7/include/chipsec.h – Fix issue with mmio r/w
• hal.acpi_tables – Better parsing of the WSMT
• hal.acpi – oshelper.get_ACPI_table already takes care of checking if we’re in native API mode, better parsing of the WSMT
• hal.uefi_common – Fix bug when formatting VendorGuid, Rename VendorGuid -> VendorGuidData
• helper.rwe.rwehelper – Trace error message when GetSystemFirmwareTable fails, fix conversion of table identifiers from strings to integers
• helper.win.win32helper – Fix issue with mmio r/w
• helper.win.win32helper – Trace error message when GetSystemFirmwareTable fails, fix conversion of table identifiers from strings to integers
• windows_requirements.txt – Add windows_requirements.txt, Add setuptools to windows_requirements.txt

Additional Notes:

• ➡️ For Windows users, please rebuild your windows driver as updates have been made. ⬅️
• For Windows, Linux and MacOS: Python2 support has been deprecated as of June 2020. Please use Python3.
• Any modules under the modules.tools directory have not yet been fully validated to work with Python3.

Tutorial

Copyright (C) 2018 chipsecintel

Source: https://github.com/chipsec/