mirror of
https://git.proxmox.com/git/fwupd
synced 2025-06-11 00:40:51 +00:00
![]() We were calling g_module_symbol() 2703 times, which is actually more expensive than you'd think. It also means the plugins are actually what we tell people they are: A set of vfuncs that get run. The reality before that they were dlsym'd functions that get called at pretty random times. |
||
---|---|---|
.. | ||
fu-plugin-amt.c | ||
meson.build | ||
README.md |
Intel Management Engine
Introduction
This plugin is used to get the version number on the Intel Management Engine.
If AMT is enabled and provisioned and the AMT version is between 6.0 and 11.2, and you have not upgraded your firmware, you are vulnerable to CVE-2017-5689 and you should disable AMT in your system firmware.
This code is inspired by 'AMT status checker for Linux' by Matthew Garrett which can be found here: https://github.com/mjg59/mei-amt-check
That tool in turn is heavily based on mei-amt-version from samples/mei in the Linux source tree and copyright Intel Corporation.
GUID Generation
These devices use the existing GUID provided by the AMT host interface.
Vendor ID Security
The device is not upgradable and thus requires no vendor ID set.
External Interface Access
This plugin requires read only access to /dev/mei0
.