From 01224b23e6a68ec7842de7707b31f13ca67d2c6f Mon Sep 17 00:00:00 2001 From: Richard Hughes Date: Fri, 29 Oct 2021 20:43:01 +0100 Subject: [PATCH] trivial: Fix the DCI links in the HSI specification All the attributes have a 1:1 mapping except this one, and that broke the Insights rules. --- docs/hsi.md | 21 +++++++++++++++------ 1 file changed, 15 insertions(+), 6 deletions(-) diff --git a/docs/hsi.md b/docs/hsi.md index 434ad525e..dca86fd02 100644 --- a/docs/hsi.md +++ b/docs/hsi.md @@ -265,16 +265,13 @@ See also: - [Intel CSME Security Review Cumulative Update](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00086.html) - + -### [Intel DCI](#org.fwupd.hsi.IntelDci) +### [Intel DCI](#org.fwupd.hsi.IntelDci.Enabled) Newer Intel CPUs support debugging over USB3 via a proprietary Direct Connection Interface (DCI) with the use of off-the-shelf hardware. -DCI should always be disabled and locked on production hardware. -- For HSI-1 this should be disabled. *[v1.5.0]* - -- For HSI-2 this should be locked. *[v1.5.0]* +- For HSI-1 this feature should be disabled. *[v1.5.0]* See also: @@ -282,6 +279,18 @@ See also: - [Chipsec 4xxlp register definitions](https://github.com/chipsec/chipsec/blob/master/chipsec/cfg/8086/pch_4xxlp.xml#L270) - [RISC-V EDK PCH register definitions](https://github.com/riscv/riscv-edk2-platforms/blob/85a50de1b459d1d6644a402081120770aa6dd8c7/Silicon/Intel/CoffeelakeSiliconPkg/Pch/Include/Register/PchRegsDci.h) + + +### [Intel DCI](#org.fwupd.hsi.IntelDci.Locked) + +Newer Intel CPUs support debugging over USB3 via a proprietary Direct Connection Interface (DCI) with the use of off-the-shelf hardware. + +- For HSI-2 this feature should be locked. *[v1.5.0]* + +See also: + +- [Intel Direct Connect Interface](https://www.intel.co.uk/content/www/uk/en/support/articles/000029393/processors.html) + ### [PCR0 TPM Event Log Reconstruction](#org.fwupd.hsi.Tpm.ReconstructionPcr0)