Upload
code-blue
View
6.060
Download
9
Embed Size (px)
DESCRIPTION
最近のすべてのIntelのマザーボードのチップセットに組み込まれた専用マイクロコントローラであるIntel Management Engine(ME)はシステム電源がオフの場合でもメインCPUから独立して動作しネットワークインターフェースへの専用接続を持っている。その構造分析と攻撃を受ける可能性および対策について解説。 インテルマネージメントエンジン("ME")は最近のインテル系マザーボードチップセットに組み込まれてる専用のマイクロコントローラです。 マザーボードのメインのCPUから完全に独立しており、システムが稼働していなくとも稼働でき、 ネットワークインターフェイスへの専属のコネクションを持っている為メインの CPUとインストールされているOSを回避するout-of-bound通信が可能です。 従来の目的に関連する管理タスクの処理だけに止まらず、Intel Identity Protection Technology(IPT)、Protected Audio-Video Path、Intel Anti-Theft, Intel TPM, NFC 通信などの様々な機能を実装しています。 現在、 このマイクロコントローラがどのように動くかについて関する情報は非常に少なく、本プレゼンテーションでは情報のギャップを埋める共に低レイヤーに関する詳細について話す予定です。 イゴール・スコチンスキー - Igor Skochinsky イゴール・スコチンスキーは、世界的に有名なInteractive DissasemblerとHex-Rays Decompilerの主要開発者の1人として活躍中。 2008年にHex-Raysと合流する以前 からリバースエンジニアリングに興味を持ち、iTunesのDRMを解除するQTFairUse6と初期のアマゾンキンドル端末のハックで名声を得る。 Recon,Breakpointと Hack.LUなどにて講演。
Citation preview
ME
Igor Skochinsky Hex-Rays
CODE BLUE 2014 Tokyo
2 (c) 2014 Igor Skochinsky
! ME ! ! ME ! ! !
3 (c) 2014 Igor Skochinsky
! 15 ! IDA ! 2008 Hex-‐Rays ! IDA (
) ! ( KindleSony Reader)
! PC (BIOS, UEFI, ME) ! reddit.com/r/ReverseEngineering/
4 (c) 2014 Igor Skochinsky
ME:
! ( )
!
(GMCH, PCH, MCH) ! BIOS CPU
!
( CPU ) !
CPU
5 (c) 2014 Igor Skochinsky
ME:
Credit: Intel 2009
6 (c) 2014 Igor Skochinsky
ME:
OS
! HECI (MEI): Host Embedded Controller Interface; PCI
! SOAP ; HTTPHTTPS
7 (c) 2014 Igor Skochinsky
ME:
ME
! (AMT): KVM
! : /
! IDE (IDE-‐R) LAN (SOL): OS CD/
HDD PC ! : 2
(OTP) ! :
PIN
8 (c) 2014 Igor Skochinsky
ME:
! PC
” ” PC
! 3G SMS
! HDD
!
9 (c) 2014 Igor Skochinsky
ME:
10 (c) 2014 Igor Skochinsky
ME:
! ( ) !
! HECI ! AMT SDK ! Linux ; coreboot
! BIOS ! ME
BIOS ! ME
11 (c) 2014 Igor Skochinsky
ME
! ME !
FTP !
! ! :)
12 (c) 2014 Igor Skochinsky
FSP
! 2013
!
! Intel ! HM76/QM77 ! ME
http://www.intel.com/content/www/us/en/intelligent-systems/intel-firmware-support-package/intel-fsp-overview
"confidential“ :)
13 (c) 2014 Igor Skochinsky
SPI
! SPI BIOS ME GbE
! BIOS( OS) ME
! DescriptorME
! Descriptor
14 (c) 2014 Igor Skochinsky
ME
! ME !
15 (c) 2014 Igor Skochinsky
ME
! “ " !
RSA
16 (c) 2014 Igor Skochinsky
ME
! 2
! Gen 2: Intel 5 Series( Ibex Peak)
Gen 1 Gen 2 ME versions 1.x-5.x 6.x-9.x Core ARCTangent-A4 ARC 600(?) Instruction set ARC (32-bit) ARCompact (32/16) Manifest tag $MAN $MN2 Module header tag $MOD $MME Code compression None, LZMA None, LZMA, Huffman
17 (c) 2014 Igor Skochinsky
ME
Module name Description BUP Bringup (hardware initialization/configuration) KERNEL Scheduler, low-level APIs for other modules POLICY Secondary init tasks, some high-level APIs HOSTCOMM Handles high-level protocols over HECI/MEI CLS Capability Licensing Service – enable/disable
features depending on SKU, SKU upgrades TDT Theft Deterrence Technology (Intel Anti-Theft) Pavp Protected Audio-Video Path JOM Dynamic Application Loader (DAL) – used to
implement Identity Protection Technology (IPT)
18 (c) 2014 Igor Skochinsky
ME: ROM
! ROM
!
!
! ME
"ROMB"
19 (c) 2014 Igor Skochinsky
ME: ROM
! ROM
!
20 (c) 2014 Igor Skochinsky
ME: ROM
! ME
! ROMB
21 (c) 2014 Igor Skochinsky
ME: ROM
! ROMB ROM
! ROM : ! C (memcpy, memset, strcpy ) ! ThreadX RTOS ! API
! ROM ! FTPR BUP
! BUP KERNEL
:(
22 (c) 2014 Igor Skochinsky
ME:
23 (c) 2014 Igor Skochinsky
ME:
! ME ! : ME RSA
ROM
“During the design phase, a Firmware Signing Key (FWSK) public/private pair is generated at a secure Intel Location, using the Intel Code Signing System. The Private FWSK is stored securely and confidentially by Intel. Intel AMT ROM includes a SHA-1 Hash of the public key, based on RSA, 2048 bit modulus fixed. Each approved production firmware image is digitally signed by Intel with the private FWSK. The public FWSK and the digital signature are appended to the firmware image manifest.
At runtime, a secure boot sequence is accomplished by means of the boot ROM verifying that the public FWSK on Flash is valid, based on the hash value in ROM. The ROM validates the firmware image that corresponds to the manifest’s digital signature through the use of the public FWSK, and if successful, the system continues to boot from Flash code.”
“Architecture Guide: Intel® Active Management Technology”, 2009
24 (c) 2014 Igor Skochinsky
ME: (UMA)
! MERAM (UMA) (MCU
) ! ME BIOS
CPU
! 2009 Invisible Things Lab
! ...
25 (c) 2014 Igor Skochinsky
ME: UMA
! UMA
! #1: BIOS MESEG
! [
...] ! ! UEFI ! ! : ! :
...
26 (c) 2014 Igor Skochinsky
ME: UMA
! #2: ! DRAM UMA
! ...
: ME UMA
: UMA
27 (c) 2014 Igor Skochinsky
ME: UMA
! – ! – ! DDR3
“The memory controller incorporates a DDR3 Data Scrambling feature to minimize the impact of excessive di/dt on the platform DDR3 VRs due to successive 1s and 0s on the data bus. [...] As a result the memory controller uses a data scrambling feature to create pseudo-random patterns on the DDR3 data bus to reduce the impact of any excessive di/dt.”
(from Intel Corporation Desktop 3rd Generation Intel® Core™ Processor Family, Desktop Intel® Pentium® Processor Family, and Desktop Intel® Celeron® Processor Family Datasheet)
28 (c) 2014 Igor Skochinsky
ME: UMA
! #3: UMA ! UMA FPT 1 ! FPT
! : 1) 32MB FPT BIOS 32MB
ME 16MB 2) 16MB FPT BIOS 16MB
16MB
!
29 (c) 2014 Igor Skochinsky
ME: UMA
! #4: ! BIOS
! UEFI"Setup" ( Breakpoint
2012 ) ! –
30 (c) 2014 Igor Skochinsky
ME: UMA
! #5: ! ! ! ...
31 (c) 2014 Igor Skochinsky
! ME ! ! (SPS) ! BUP KERNEL
! #1: BUP ! ! KERNEL " " ... ! #2: ( )
! 2
!
32 (c) 2014 Igor Skochinsky
JOM DAL
! JOM ME 7.1 ! (DAL)
! ME ( )
!
( IPT) ! ME
! ...
33 (c) 2014 Igor Skochinsky
JOM DAL
! :
! Java
Could not allocate an instance of java.lang.OutOfMemoryError linkerInternalCheckFile: JEFF format version not supported com.intel.crypto com.trustedlogic.isdi Starting VM Server...
34 (c) 2014 Igor Skochinsky
JOM DAL
! Java VM ! ME Base64 BLOB "oath.dalp"
! ! "Medal App"
! JOM "JEFF"
! JEFF Java
! Java !
35 (c) 2014 Igor Skochinsky
JOM DAL
! ...
! Java...
.ascii "Invalid constant offset in the SLDC instruction"
36 (c) 2014 Igor Skochinsky
JEFF
! JEFF ! J 2001
! ISO (ISO/IEC 20970) !
! !
! ! !
37 (c) 2014 Igor Skochinsky
JEFF
! Python ! oath.dalp JEFF
! ! Java
! :
! ! UI ( ) ! !
38 (c) 2014 Igor Skochinsky
JEFF
! ( ) Class com.intel.util.IntelApplet private: /* 0x0C */ boolean m_invokeCommandInProcess; /* 0x00 */ OutputBufferView m_outputBuffer; /* 0x0D */ boolean m_outputBufferTooSmall; /* 0x04 */ OutputValueView m_outputValue; /* 0x08 */ byte[] m_sessionId; public: void <init>(); final int getResponseBufferSize(); final int getSessionId(byte[], int); final int getSessionIdLength(); final String getUUID(); final abstract int invokeCommand(int, byte[]); int onClose(); final void onCloseSession(); final int onCommand(int, CommandParameters); int onInit(byte[]); final int onOpenSession(CommandParameters); final void sendAsynchMessage(byte[], int, int); final void setResponse(byte[], int, int); final void setResponseCode(int);
39 (c) 2014 Igor Skochinsky
IPT
! ! OATH :
package com.intel.dal.ipt.framework; public class AppletImpl extends com.intel.util.IntelApplet { final int invokeCommand(int, byte[]) { ... } int onClose() { ... } int onInit(byte[]) { ... } }
40 (c) 2014 Igor Skochinsky
IPT
! ME
!
!
! ...
41 (c) 2014 Igor Skochinsky
IPT
! C/C++, Java, .NETAPI DLL
! DLL JHICOM TCP/IP
! ME HECI/MEI
! ME JOM ! JOM ! ! out-of-
bound
42 (c) 2014 Igor Skochinsky
Trusted Execu;on Environment
! JOM Trusted Logic Mobility (Trustonic) "Trusted Foundations"
Trusted Execution Environment (TEE)
: Trusted Foundations
43 (c) 2014 Igor Skochinsky
Trusted Execu;on Environment
! Trusted Foundations
! ARM TrustZone ! GPL Trusted Foundations
! ! TrustZone ME/JOM
HECI/MEI !
44 (c) 2014 Igor Skochinsky
Trusted Execu;on Environment
! GlobalPlatform (Trusted Logic Mobililty/Trustonic ) TEE
! API (TEE
) API ! ME
http://www.globalplatform.org/specificationsdevice.asp
45 (c) 2014 Igor Skochinsky
! ME ! ME
! ROM BUP KERNEL ! API ! JEFF DAL/IPT
! ARC IDA 6.4 IDA 6.5
46 (c) 2014 Igor Skochinsky
! ! JEFF .class JEFF
!
! Linux IPT
! EFFS ! ME ! EFFS !
!
47 (c) 2014 Igor Skochinsky
! !
! ! UMA !
! ME ↔ !
! ;
!
... !
48 (c) 2014 Igor Skochinsky
! BIOS RE ! ME
! ME BIOS
! BIOS ! Nikolaj Schlej UEFITool UEFI
hkps://github.com/NikolajSchlej/UEFITool
! Coreboot ME !
! Open Virtual Plalorm (www.ovpworld.org) ARC600ARC700(ARCompact )
!
!
49 (c) 2014 Igor Skochinsky
http://software.intel.com/en-us/articles/architecture-guide-intel-active-management-technology/ http://software.intel.com/sites/manageability/AMT_Implementation_and_Reference_Guide/
http://theinvisiblethings.blogspot.com/2009/08/vegas-toys-part-i-ring-3-tools.html
http://download.intel.com/technology/itj/2008/v12i4/paper[1-10].pdf
http://web.it.kth.se/~maguire/DEGREE-PROJECT-REPORTS/100402-Vassilios_Ververis-with-cover.pdf
http://www.stewin.org/papers/dimvap15-stewin.pdf
http://www.stewin.org/techreports/pstewin_spring2011.pdf
http://www.stewin.org/slides/pstewin-SPRING6-EvaluatingRing-3Rootkits.pdf
http://flashrom.org/trac/flashrom/browser/trunk/Documentation/mysteries_intel.txt
http://review.coreboot.org/gitweb?p=coreboot.git;a=blob;f=src/southbridge/intel/bd82x6x/me.c
http://download.intel.com/technology/product/DCMI/DCMI-HI_1_0.pdf
http://me.bios.io/
http://www.uberwall.org/bin/download/download/102/lacon12_intel_amt.pdf