Skip to content
Linux i386 tool to load and execute ME modules.
C Other
  1. C 98.2%
  2. Other 1.8%
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
cfg Implement HECI FS, GS decoding Sep 1, 2019
config Allow strings as section names Aug 22, 2019
include Implement HECI FS, GS decoding Sep 1, 2019
periph Add register names to PMC Sep 1, 2019
user Stub out select_receive syscall Aug 31, 2019
util Fix 64 bit unsigned print Aug 31, 2019
.gitignore Add real printf, handle tracehub IO Apr 15, 2019
CMakeLists.txt Implement HECI FS, GS decoding Sep 1, 2019
README.md Update README.md Sep 5, 2019

README.md

meloader

Linux i386 tool to load and execute ME modules.

The code as initially presented here is released under the GPLv2. (I reused code from an earlier project under that license) A commit adding license headers will soon follow.

Much of the later achievements demoed using this project were done on a local branch which I lost, resetting the project to its progress at April 21st 2019. This also means that the hardware register names and structures as used by this tool do not represent my current understanding of the ME hardware. I have since rewritten all the features that I lost, and it should now be able to do anything I've demonstrated using my local version of the tool.

Running the tool requires mmaping addresses from 0x1000 onward and so means that low mmap addresses should be enabled.

The chipset initially targetted by this tool is currently Sunrise Point (SPT, 100 series chipset), although it has since been rewritten to allow full reconfiguration of the emulated peripherals and interconnect.

It is provided as a interoperability tool to allow development of open alternative firmwares for the CSME.

This tool requires a rom library dump from the ME to use. See https://github.com/ptresearch/IntelTXE-PoC for a means of acquiring one, though that will yield a ROM for a different chipset (BXT). That chipset shares most core ME peripherals with SPT so changing the code will mostly mean tweaking addresses.

You can’t perform that action at this time.