com.github.LongSoft.UEFITool
UEFI firmware image viewer and editor
| Size | 135.0 B |
|---|---|
| Entropy | 4.36 |
| GUID | 463191c7-fade-51b1-a0ba-eef794d26632 |
| SHA256 | ebc7c0e586aee58eeda2b296ca50f63542230619390104a9661a99fd84116a3f |
| SHA1 | e7593c97f492983554dacb53c6f0ce9d391929de |
org.uefi.Driver
| Size | 95.2 KiB |
|---|---|
| Entropy | 5.53 |
| GUID | 0162d06e-41ef-43ca-bb59-90a00cf88592 |
| SHA256 | 70540755e3fab6d72cb2bd3f1b0f55dfd76cce4600c0a73a789ef06fde9ea35c |
| SHA1 | 9fa9673499c2f764a25518378337e1a35a554e42 |
org.uefi.Driver
| Size | 74.5 KiB |
|---|---|
| Entropy | 5.88 |
| GUID | 91a5e4a3-1839-4aba-ab51-1ea8519a374a |
| SHA256 | e137c59b58b58f23bcd06cc9c3cc8904a205e7f4aac2f55672985d4bdc5fe75c |
| SHA1 | fa8f0d015ee10e7f4fc6fd33bf7f1a0e948e401a |
com.intel.ManagementEngine.ISHC
This Intel Management partition contains boot code for the Integrated Sensors Hub (ISH) and is digitally signed by the OEM.
| Size | 196.0 KiB |
|---|---|
| Entropy | 8.0 |
| GUID | ca8cee10-ebf4-5cca-a356-91f27c413d72 |
| SHA256 | b4107f7e9a02cfe1b00cb65c7161e37fc82ebab221dc33eb1c6678a4347d5bd4 |
com.intel.ManagementEngine.UTOK
This Intel Management block partition stores an OEM unlock token used to unlock debugging for the ME or Integrated Sensor Hub (ISH). This token is cryptographically signed by either the Intel private key or by an OEM private key, granting a level of access depending on which key was used. GREEN access is the default, when no UTOK is present and only allows TraceHub tracing and debug of the host CPU. ORANGE unlock allows debug of the Intel Sensor Hub, and RED unlock allows debugging the ME but will clear secrets from its memory before doing so.
| Size | 8.0 KiB |
|---|---|
| GUID | d62fac2d-36c1-59e4-977c-28ccbaa64a74 |
| SHA256 | 7d2c7ac4888bfd75cd5f56e8d61f69595121183afc81556c876732fd3782c62f |
com.intel.ManagementEngine.FLOG
This Intel Management partition provides a flash log that contains error and warning messages generated by ME modules, the data written here is a subset of the data output to the Tracehub.
| Size | 4.0 KiB |
|---|---|
| GUID | dfa881ba-d45b-5ef1-9fcf-4882cea6e1db |
| SHA256 | f47a8ec3e9aff2318d896942282ad4fe37d6391c82914f54a5da8a37de1300c6 |
com.intel.ManagementEngine.NFTP
This Intel Management partition is a code Non-Fault Tolerant Partition and provides additional code to the BUP. It is digitally signed by Intel.
| Size | 688.0 KiB |
|---|---|
| Entropy | 6.97 |
| GUID | 2749ab68-bcde-5e19-9f2f-b802d6f7e1d7 |
| SHA256 | 2511624a83b2c6c8fb2be6c1a6d388fdd50fbc92eabb8bf247761b859df69792 |
com.intel.ManagementEngine.MFS
This Intel Management partition stores a file system that contains ME-related data stored between runs. The low-level MFS implementation does not support file names or sizes. Files are identified by numbers.
| Size | 400.0 KiB |
|---|---|
| Entropy | 0.43 |
| GUID | 5abfb339-331f-55af-9bf9-31f4aa80387e |
| SHA256 | b033a8ffdc3858acf89f7ade53ff44dc67864637084781662662fc8c8eb0286e |
com.intel.ManagementEngine.IVBP
This Intel Management encrypted block partition is used for “warm” start (like hibernate restoration) and is integrity protected with HMAC. It is unique for each platform (PCH-chip) and each boot.
| Size | 16.0 KiB |
|---|---|
| GUID | 6312624b-3631-5317-9f47-519260d8eb52 |
| SHA256 | 0fbba07a833d4dcfc7024eaf313661a0ba8f80a05c6d29b8801c612e10e60dee |
com.intel.ManagementEngine.PSVN
This optional Intel Management partition stores the previous SVN (Secure Version Number) value and is used to calculate “previous security keys”. It must be impossible to install ME firmware with previous SVN without direct writing SPI Flash with chip programmer. Updates to the SVN causes alteration of related security keys. Having access to both “previous” and “current” keys allows migration of the MFS file system from old to new keys.
| Size | 512.0 B |
|---|---|
| GUID | cb1536bf-79b3-5f45-a765-344360a4327b |
| SHA256 | 9f56cda75fefeab90f6fa5d5ddc9601544b121732c5ecccab32e631060453a5d |
com.intel.ManagementEngine.DLMP
This Intel Management partition stores the IDLM module and is the only place (except ROM) where reading data from fuses is possible. The IDLM is signed with RSA-2048 and the owner of permitted RSA signing key can extract the HMAC key. The DLMP can overlap other partitions by design.
| Size | 12.0 KiB |
|---|---|
| Entropy | 2.83 |
| GUID | 10b47df9-a35f-5685-82cf-1e54f612337b |
| SHA256 | c1505d29091a2c8a6d4d96ed3b59d25c1fab263a1f03a61f86892a3930db1121 |
com.intel.ManagementEngine.FTUP
This Intel Management partition is a combination of the NFTP, WCOD and LOCL partitions.
| Size | 688.0 KiB |
|---|---|
| Entropy | 6.97 |
| GUID | c044ddce-74c3-5160-b4c1-bda92824a6f4 |
| SHA256 | 2511624a83b2c6c8fb2be6c1a6d388fdd50fbc92eabb8bf247761b859df69792 |
com.intel.ManagementEngine.FTPR
This Intel Management partition is a Fault Tolerant Partition (FTP) code partition. Digitally signed processes of the correct type are started from this module, much like autorun. It is digitally signed by Intel.
| Size | 668.0 KiB |
|---|---|
| Entropy | 7.9 |
| GUID | cbe73b88-8057-5046-80f5-0a5586268634 |
| SHA256 | c1fedacdf0a25a8629cf9dd5664abf2672cdcd032c395d3ce6c5ac7aab9ad8ba |
LVFS © 2015 Richard Hughes with icons from Font Awesome and GeoIP data from IP2Location.
Linux Vendor Firmware Service Project a Series of LF Projects, LLC :: Charter