Closed seprj closed 1 year ago
dscott90
commented
1 year ago Hi,
A guide for interpreting results can be located on page 11 of the chipsec manual. If you'd like to attach a copy of your output when running chipsec tool, I can help clarify some of the things you are seeing.
seprj
commented
1 year ago Hi Thanks for your respond and advise my output when running chipsec is: [CHIPSEC] SUMMARY [CHIPSEC] Time elapsed 1.000 [CHIPSEC] Modules total 28 [CHIPSEC] Modules failed to run 14: ERROR: chipsec.modules.common.bios_kbrd_buffer ERROR: chipsec.modules.common.bios_smi ERROR: chipsec.modules.common.bios_wp ERROR: chipsec.modules.common.remap ERROR: chipsec.modules.common.rtclock ERROR: chipsec.modules.common.secureboot.variables ERROR: chipsec.modules.common.smrr ERROR: chipsec.modules.common.spi_access ERROR: chipsec.modules.common.spi_desc ERROR: chipsec.modules.common.spi_fdopss ERROR: chipsec.modules.common.spi_lock ERROR: chipsec.modules.common.uefi.access_uefispec ERROR: chipsec.modules.common.uefi.s3bootscript ERROR: chipsec.modules.common.wsmt [CHIPSEC] Modules passed 9: [+] PASSED: chipsec.modules.common.bios_ts [+] PASSED: chipsec.modules.common.cpu.ia_untrusted [+] PASSED: chipsec.modules.common.debugenabled [+] PASSED: chipsec.modules.common.ia32cfg [+] PASSED: chipsec.modules.common.me_mfg_mode [+] PASSED: chipsec.modules.common.memconfig [+] PASSED: chipsec.modules.common.smm_code_chk [+] PASSED: chipsec.modules.common.smm_dma [+] PASSED: chipsec.modules.common.spd_wd [CHIPSEC] Modules information 1: [#] INFORMATION: chipsec.modules.common.cpu.cpu_info [CHIPSEC] Modules failed 0: [CHIPSEC] Modules with warnings 1: [!] WARNING: chipsec.modules.common.cpu.spectre_v2 [CHIPSEC] Modules not implemented 0: [CHIPSEC] Modules not applicable 3: [] NOT APPLICABLE: chipsec.modules.common.memlock [] NOT APPLICABLE: chipsec.modules.common.sgx_check [*] NOT APPLICABLE: chipsec.modules.common.smm [CHIPSEC] Modules with exceptions 13: ERROR: chipsec.modules.common.bios_kbrd_buffer ERROR: chipsec.modules.common.bios_smi ERROR: chipsec.modules.common.bios_wp ERROR: chipsec.modules.common.remap ERROR: chipsec.modules.common.rtclock ERROR: chipsec.modules.common.secureboot.variables ERROR: chipsec.modules.common.smrr ERROR: chipsec.modules.common.spi_access ERROR: chipsec.modules.common.spi_desc ERROR: chipsec.modules.common.spi_fdopss ERROR: chipsec.modules.common.spi_lock ERROR: chipsec.modules.common.uefi.access_uefispec ERROR: chipsec.modules.common.wsmt [CHIPSEC] *****
dscott90
commented
1 year ago Hi @seprj,
Can you run the tool again using the -v argument and share the entire log file? (Chipsec can write directly to text files using the -l argument) The -v argument adds verbosity to the logging so more data about the module runs is available.
seprj
commented
1 year ago Hi @npmitche , thanks for your respond I run this tool using -v argument then I have some Error , one of them is Most modules encounter this error, What should be done? What is the best and most stable version of ChipSec for this? Because the results are different in different versions
[*] running module: chipsec.modules.common.memlock 'MSR_LT_LOCK_MEMORY.LT_LOCK' not defined for platform. Skipping module. Skipping module chipsec.modules.common.memlock since it is not supported in this platform
[*] running module: chipsec.modules.common.remap [x][ ======================================================================= [x][ Module: Memory Remapping Configuration [x][ ======================================================================= ERROR: Exception occurred during chipsec.modules.common.remap.run(): 'argument must be sequence of length 2, not 3'
[*] running module: chipsec.modules.common.rtclock [x][ ======================================================================= [x][ Module: Protected RTC memory locations [x][ ======================================================================= ERROR: Exception occurred during chipsec.modules.common.rtclock.run(): 'argument must be sequence of length 2, not 3'
[*] running module: chipsec.modules.common.secureboot.variables [x][ ======================================================================= [x][ Module: Attributes of Secure Boot EFI Variables [x][ ======================================================================= ERROR: Exception occurred during chipsec.modules.common.secureboot.variables.run(): 'must be unicode, not str'
seprj
commented
1 year ago @npmitche this is my new summery
[CHIPSEC] SUMMARY [CHIPSEC] Time elapsed 1.000 [CHIPSEC] Modules total 28 [CHIPSEC] Modules failed to run 14: ERROR: chipsec.modules.common.bios_kbrd_buffer ERROR: chipsec.modules.common.bios_smi ERROR: chipsec.modules.common.bios_wp ERROR: chipsec.modules.common.remap ERROR: chipsec.modules.common.rtclock ERROR: chipsec.modules.common.secureboot.variables ERROR: chipsec.modules.common.smrr ERROR: chipsec.modules.common.spi_access ERROR: chipsec.modules.common.spi_desc ERROR: chipsec.modules.common.spi_fdopss ERROR: chipsec.modules.common.spi_lock ERROR: chipsec.modules.common.uefi.access_uefispec ERROR: chipsec.modules.common.uefi.s3bootscript ERROR: chipsec.modules.common.wsmt [CHIPSEC] Modules passed 9: [+] PASSED: chipsec.modules.common.bios_ts [+] PASSED: chipsec.modules.common.cpu.ia_untrusted [+] PASSED: chipsec.modules.common.debugenabled [+] PASSED: chipsec.modules.common.ia32cfg [+] PASSED: chipsec.modules.common.me_mfg_mode [+] PASSED: chipsec.modules.common.memconfig [+] PASSED: chipsec.modules.common.smm_code_chk [+] PASSED: chipsec.modules.common.smm_dma [+] PASSED: chipsec.modules.common.spd_wd [CHIPSEC] Modules information 1: [#] INFORMATION: chipsec.modules.common.cpu.cpu_info [CHIPSEC] Modules failed 0: [CHIPSEC] Modules with warnings 1: [!] WARNING: chipsec.modules.common.cpu.spectre_v2 [CHIPSEC] Modules not implemented 0: [CHIPSEC] Modules not applicable 3: [] NOT APPLICABLE: chipsec.modules.common.memlock [] NOT APPLICABLE: chipsec.modules.common.sgx_check [*] NOT APPLICABLE: chipsec.modules.common.smm [CHIPSEC] Modules with exceptions 14: ERROR: chipsec.modules.common.bios_kbrd_buffer ERROR: chipsec.modules.common.bios_smi ERROR: chipsec.modules.common.bios_wp ERROR: chipsec.modules.common.remap ERROR: chipsec.modules.common.rtclock ERROR: chipsec.modules.common.secureboot.variables ERROR: chipsec.modules.common.smrr ERROR: chipsec.modules.common.spi_access ERROR: chipsec.modules.common.spi_desc ERROR: chipsec.modules.common.spi_fdopss ERROR: chipsec.modules.common.spi_lock ERROR: chipsec.modules.common.uefi.access_uefispec ERROR: chipsec.modules.common.uefi.s3bootscript ERROR: chipsec.modules.common.wsmt [CHIPSEC] *****
dscott90
commented
1 year ago Hi @seprj,
Attaching the entire log file rather than snippets of output will help me better understand your issues. I'd like to see the platform and argument data.
Thanks
seprj
commented
1 year ago Hi @dscott90 , Thanks for your answer This is entire log file
################################################################
################################################################ [CHIPSEC] Version 1.8.0 [CHIPSEC] Arguments: -v
[CHIPSEC] API mode: using CHIPSEC kernel module API
[CHIPSEC] OS : uefi
[CHIPSEC] Python : 2.7.2 (64-bit)
[CHIPSEC] Helper : EfiHelper (None)
[CHIPSEC] Platform: TGL UP3 4 Cores
[CHIPSEC] VID: 8086
[CHIPSEC] DID: 9A14
[CHIPSEC] RID: 01
[CHIPSEC] PCH : 5xx PCH Premium UP3
[CHIPSEC] VID: 8086
[CHIPSEC] DID: A082
[CHIPSEC] RID: 20
[] loading common modules from ".\chipsec\modules\common" .. [] No platform specific modules to load [] loading modules from ".\chipsec\modules" .. [+] loaded chipsec.modules.common.bios_kbrd_buffer [+] loaded chipsec.modules.common.bios_smi [+] loaded chipsec.modules.common.bios_ts [+] loaded chipsec.modules.common.bios_wp [+] loaded chipsec.modules.common.cpu.cpu_info [+] loaded chipsec.modules.common.cpu.ia_untrusted [+] loaded chipsec.modules.common.cpu.spectre_v2 [+] loaded chipsec.modules.common.debugenabled [+] loaded chipsec.modules.common.ia32cfg [+] loaded chipsec.modules.common.me_mfg_mode [+] loaded chipsec.modules.common.memconfig [+] loaded chipsec.modules.common.memlock [+] loaded chipsec.modules.common.remap [+] loaded chipsec.modules.common.rtclock [+] loaded chipsec.modules.common.secureboot.variables [+] loaded chipsec.modules.common.sgx_check [+] loaded chipsec.modules.common.smm [+] loaded chipsec.modules.common.smm_code_chk [+] loaded chipsec.modules.common.smm_dma [+] loaded chipsec.modules.common.smrr [+] loaded chipsec.modules.common.spd_wd [+] loaded chipsec.modules.common.spi_access [+] loaded chipsec.modules.common.spi_desc [+] loaded chipsec.modules.common.spi_fdopss [+] loaded chipsec.modules.common.spi_lock [+] loaded chipsec.modules.common.uefi.access_uefispec [+] loaded chipsec.modules.common.uefi.s3bootscript [+] loaded chipsec.modules.common.wsmt [] running loaded modules ..
[*] running module: chipsec.modules.common.bios_kbrd_buffer [x][ ======================================================================= [x][ Module: Pre-boot Passwords in the BIOS Keyboard Buffer [x][ ======================================================================= ERROR: Exception occurred during chipsec.modules.common.bios_kbrd_buffer.run(): 'argument must be sequence of length 2, not 3'
[] running module: chipsec.modules.common.bios_smi [x][ ======================================================================= [x][ Module: SMI Events Configuration [x][ ======================================================================= [] BC = 0x100008AA << BIOS Control (b:d.f 00:31.5 + 0xDC) [00] BIOSWE = 0 << BIOS Write Enable [01] BLE = 1 << BIOS Lock Enable [02] SRC = 2 << SPI Read Configuration [04] TSS = 0 << Top Swap Status [05] SMM_BWP = 1 << SMM BIOS Write Protection [06] BBS = 0 << Boot BIOS Strap [07] BILD = 1 << BIOS Interface Lock Down [11] ASE_BWP = 1 << Async SMI Enable for BIOS Write Protection [+] SMM BIOS region write protection is enabled (SMM_BWP is used)
[] Checking SMI enables.. [] SMI_EN = 0x90002033 << SMI Control and Enable (I/O ABASE + 0x30) [00] GBL_SMI_EN = 1 [01] EOS = 1 [02] BIOS_EN = 0 [03] LEGACY_USB_EN = 0 [04] SLP_SMI_EN = 1 [05] APMC_EN = 1 [06] SWSMI_TMR_EN = 0 [07] BIOS_RLS = 0 [11] MCSMI_EN = 0 [13] TCO_EN = 1 [14] PERIODIC_EN = 0 [17] LEGACY_USB2_EN = 0 [18] INTEL_USB2_EN = 0 [27] GPIO_UNLOCK_SMI_EN = 0 [30] ME_SMI_EN = 0 [31] xHCI_SMI_EN = 1 [*] SMI_EN = 0x90002033 << SMI Control and Enable (I/O ABASE + 0x30) [00] GBL_SMI_EN = 1 [01] EOS = 1 [02] BIOS_EN = 0 [03] LEGACY_USB_EN = 0 [04] SLP_SMI_EN = 1 [05] APMC_EN = 1 [06] SWSMI_TMR_EN = 0 [07] BIOS_RLS = 0 [11] MCSMI_EN = 0 [13] TCO_EN = 1 [14] PERIODIC_EN = 0 [17] LEGACY_USB2_EN = 0 [18] INTEL_USB2_EN = 0 [27] GPIO_UNLOCK_SMI_EN = 0 [30] ME_SMI_EN = 0 [31] xHCI_SMI_EN = 1 Global SMI enable: 1 TCO SMI enable : 1 [+] All required SMI events are enabled
[] Checking SMI configuration locks.. [] TCO1_CNT = 0x1800 << TCO1 Control (I/O TCOBASE + 0x8) [12] TCO_LOCK = 1 << TCO Lock [+] TCO SMI configuration is locked (TCO SMI Lock) ERROR: Exception occurred during chipsec.modules.common.bios_smi.run(): 'argument must be sequence of length 2, not 3'
[] running module: chipsec.modules.common.bios_ts [x][ ======================================================================= [x][ Module: BIOS Interface Lock (including Top Swap Mode) [x][ ======================================================================= [] BC = 0x100008AA << BIOS Control (b:d.f 00:31.5 + 0xDC) [00] BIOSWE = 0 << BIOS Write Enable [01] BLE = 1 << BIOS Lock Enable [02] SRC = 2 << SPI Read Configuration [04] TSS = 0 << Top Swap Status [05] SMM_BWP = 1 << SMM BIOS Write Protection [06] BBS = 0 << Boot BIOS Strap [07] BILD = 1 << BIOS Interface Lock Down [11] ASE_BWP = 1 << Async SMI Enable for BIOS Write Protection [] BiosInterfaceLockDown (BILD) control = 1 [] BC = 0x100008AA << BIOS Control (b:d.f 00:31.5 + 0xDC) [00] BIOSWE = 0 << BIOS Write Enable [01] BLE = 1 << BIOS Lock Enable [02] SRC = 2 << SPI Read Configuration [04] TSS = 0 << Top Swap Status [05] SMM_BWP = 1 << SMM BIOS Write Protection [06] BBS = 0 << Boot BIOS Strap [07] BILD = 1 << BIOS Interface Lock Down [11] ASE_BWP = 1 << Async SMI Enable for BIOS Write Protection [] BIOS Top Swap mode is disabled (TSS = 0) [] BC = 0x100008AA << BIOS Control (b:d.f 00:31.5 + 0xDC) [00] BIOSWE = 0 << BIOS Write Enable [01] BLE = 1 << BIOS Lock Enable [02] SRC = 2 << SPI Read Configuration [04] TSS = 0 << Top Swap Status [05] SMM_BWP = 1 << SMM BIOS Write Protection [06] BBS = 0 << Boot BIOS Strap [07] BILD = 1 << BIOS Interface Lock Down [11] ASE_BWP = 1 << Async SMI Enable for BIOS Write Protection [*] RTC TopSwap control (TS) = 0 [+] PASSED: BIOS Interface is locked (including Top Swap Mode)
[] running module: chipsec.modules.common.bios_wp [x][ ======================================================================= [x][ Module: BIOS Region Write Protection [x][ ======================================================================= [] BC = 0x100008AA << BIOS Control (b:d.f 00:31.5 + 0xDC) [00] BIOSWE = 0 << BIOS Write Enable [01] BLE = 1 << BIOS Lock Enable [02] SRC = 2 << SPI Read Configuration [04] TSS = 0 << Top Swap Status [05] SMM_BWP = 1 << SMM BIOS Write Protection [06] BBS = 0 << Boot BIOS Strap [07] BILD = 1 << BIOS Interface Lock Down [11] ASE_BWP = 1 << Async SMI Enable for BIOS Write Protection [] BC = 0x100008AA << BIOS Control (b:d.f 00:31.5 + 0xDC) [00] BIOSWE = 0 << BIOS Write Enable [01] BLE = 1 << BIOS Lock Enable [02] SRC = 2 << SPI Read Configuration [04] TSS = 0 << Top Swap Status [05] SMM_BWP = 1 << SMM BIOS Write Protection [06] BBS = 0 << Boot BIOS Strap [07] BILD = 1 << BIOS Interface Lock Down [11] ASE_BWP = 1 << Async SMI Enable for BIOS Write Protection [] BC = 0x100008AA << BIOS Control (b:d.f 00:31.5 + 0xDC) [00] BIOSWE = 0 << BIOS Write Enable [01] BLE = 1 << BIOS Lock Enable [02] SRC = 2 << SPI Read Configuration [04] TSS = 0 << Top Swap Status [05] SMM_BWP = 1 << SMM BIOS Write Protection [06] BBS = 0 << Boot BIOS Strap [07] BILD = 1 << BIOS Interface Lock Down [11] ASE_BWP = 1 << Async SMI Enable for BIOS Write Protection [+] BIOS region write protection is enabled (writes restricted to SMM) ERROR: Exception occurred during chipsec.modules.common.bios_wp.run(): 'argument must be sequence of length 2, not 3'
[] running module: chipsec.modules.common.cpu.cpu_info [x][ ======================================================================= [x][ Module: Current Processor Information: [x][ ======================================================================= [] Thread 0000 [] Processor: 11th Gen Intel(R) Core(TM) i5-1135G7 @ 2.40GHz [] Family: 06 Model: 8C Stepping: 1 [] Microcode: 00000086 [] [#] INFORMATION: Processor information displayed
[] running module: chipsec.modules.common.cpu.ia_untrusted [x][ ======================================================================= [x][ Module: IA_UNTRUSTED Check [x][ ======================================================================= [] Check that untrusted mode has been set. [+] SoC_BIOS_DONE set.
[*] MSR_BIOS_DONE = 0x00000003 << BIOS Done Status (MSR 0x151 Thread 0x0) [00] IA_UNTRUSTED = 1 << Untrusted mode enable bit [01] SoC_BIOS_DONE = 1 << SoC init done [+] IA_UNTRUSTED set on thread 0.
[+] PASSED: IA_UNTRUSTED set on all threads
[] running module: chipsec.modules.common.cpu.spectre_v2 [x][ ======================================================================= [x][ Module: Checks for Branch Target Injection / Spectre v2 (CVE-2017-5715) [x][ ======================================================================= [] CPUID.7H:EDX[26] = 1 Indirect Branch Restricted Speculation (IBRS) & Predictor Barrier (IBPB) [] CPUID.7H:EDX[27] = 1 Single Thread Indirect Branch Predictors (STIBP) [] CPUID.7H:EDX[29] = 1 IA32_ARCH_CAPABILITIES [+] CPU supports IBRS and IBPB [+] CPU supports STIBP [] checking enhanced IBRS support in IA32_ARCH_CAPABILITIES... [] cpu0: IBRS_ALL = 1 [+] CPU supports enhanced IBRS (on all logical CPU) [] checking if OS is using Enhanced IBRS... [] cpu0: IA32_SPEC_CTRL[IBRS] = 0 [*] cpu0: IA32_SPEC_CTRL[STIBP] = 0 [-] OS doesn't seem to use Enhanced IBRS [#] INFORMATION: Unable to determine if the OS uses STIBP [!] WARNING: CPU supports mitigation (enhanced IBRS) but OS is not using it [!] OS may be using software based mitigation (eg. retpoline) [!] WARNING: Retpoline check not implemented in current environment
[*] running module: chipsec.modules.common.debugenabled [x][ ======================================================================= [x][ Module: Debug features test [x][ =======================================================================
[] Checking IA32_DEBUG_INTERFACE msr status [] IA32_DEBUG_INTERFACE = 0x40000000 << Silicon Debug Feature Control (MSR 0xC80 Thread 0x0) [00] ENABLE = 0 << Enable [30] LOCK = 1 << Lock (set automatically on the first SMI) [31] DEBUG_OCCURRED = 0 << Debug Occurred (set by hardware) [+] CPU debug interface state is correct.
[*] Module Result [+] PASSED: All checks have successfully passed
[] running module: chipsec.modules.common.ia32cfg [x][ ======================================================================= [x][ Module: IA32 Feature Control Lock [x][ ======================================================================= [] Verifying IA32_Feature_Control MSR is locked on all logical CPUs.. [] IA32_FEATURE_CONTROL = 0x00000005 << Processor Feature Control (MSR 0x3A Thread 0x0) [00] LOCK = 1 << Lock [01] EN_VMX_INSIDE_SMX = 0 << Enable VMX inside SMX operation [02] EN_VMX_OUTSIDE_SMX = 1 << Enable VMX outside SMX operation [03] Reserved0 = 0 << Reserved [08] SENTER_LOCAL_EN = 0 << SENTER Local Functions Enable [15] SENTER_GLOBAL_EN = 0 << SENTER Global Enable [16] Reserved1 = 0 << Reserved [17] SGX_LAUNCH_CTRL_EN = 0 << SGX Launch Control Enable [18] SGX_GLOBAL_EN = 0 << SGX Global Enable [19] Reserved2 = 0 << Reserved [20] LMCE_ON = 0 << Turn Local Machine Check On [] IA32_FEATURE_CONTROL = 0x00000005 << Processor Feature Control (MSR 0x3A Thread 0x0) [00] LOCK = 1 << Lock [01] EN_VMX_INSIDE_SMX = 0 << Enable VMX inside SMX operation [02] EN_VMX_OUTSIDE_SMX = 1 << Enable VMX outside SMX operation [03] Reserved0 = 0 << Reserved [08] SENTER_LOCAL_EN = 0 << SENTER Local Functions Enable [15] SENTER_GLOBAL_EN = 0 << SENTER Global Enable [16] Reserved1 = 0 << Reserved [17] SGX_LAUNCH_CTRL_EN = 0 << SGX Launch Control Enable [18] SGX_GLOBAL_EN = 0 << SGX Global Enable [19] Reserved2 = 0 << Reserved [20] LMCE_ON = 0 << Turn Local Machine Check On [*] cpu0: IA32_Feature_Control Lock = 1 [+] PASSED: IA32_FEATURE_CONTROL MSR is locked on all logical CPUs
[*] running module: chipsec.modules.common.me_mfg_mode [x][ ======================================================================= [x][ Module: ME Manufacturing Mode [x][ ======================================================================= [+] PASSED: ME is not in Manufacturing Mode
[] running module: chipsec.modules.common.memconfig [x][ ======================================================================= [x][ Module: Host Bridge Memory Map Locks [x][ ======================================================================= [] [] Checking legacy register lock state: [+] PCI0.0.0_BDSM = 0x 4C800001 - LOCKED - Base of Graphics Stolen Memory [+] PCI0.0.0_BGSM = 0x 4C000001 - LOCKED - Base of GTT Stolen Memory [+] PCI0.0.0_DPR = 0x 4B000001 - LOCKED - DMA Protected Region [+] PCI0.0.0_GGC = 0x FEC1 - LOCKED - Graphics Control [?] Skipping Validation: Register PCI0.0.0_MESEG_MASK or field MELCK was not defined for this platform. [+] PCI0.0.0_PAVPC = 0x 502000C7 - LOCKED - PAVP Control [?] Skipping Validation: Register PCI0.0.0_REMAPBASE or field LOCK was not defined for this platform. [?] Skipping Validation: Register PCI0.0.0_REMAPLIMIT or field LOCK was not defined for this platform. [+] PCI0.0.0_TOLUD = 0x 50400001 - LOCKED - Top of Low Usable DRAM [+] PCI0.0.0_TOM = 0x 200000001 - LOCKED - Top of Memory [+] PCI0.0.0_TOUUD = 0x 2AFC00001 - LOCKED - Top of Upper Usable DRAM [+] PCI0.0.0_TSEGMB = 0x 4B000001 - LOCKED - TSEG Memory Base [] [] Checking if IA Untrusted mode is used to lock registers [+] IA Untrusted mode set [] [+] PASSED: All memory map registers seem to be locked down
[*] running module: chipsec.modules.common.memlock 'MSR_LT_LOCK_MEMORY.LT_LOCK' not defined for platform. Skipping module. Skipping module chipsec.modules.common.memlock since it is not supported in this platform
[*] running module: chipsec.modules.common.remap [x][ ======================================================================= [x][ Module: Memory Remapping Configuration [x][ ======================================================================= ERROR: Exception occurred during chipsec.modules.common.remap.run(): 'argument must be sequence of length 2, not 3'
[*] running module: chipsec.modules.common.rtclock [x][ ======================================================================= [x][ Module: Protected RTC memory locations [x][ ======================================================================= ERROR: Exception occurred during chipsec.modules.common.rtclock.run(): 'argument must be sequence of length 2, not 3'
[*] running module: chipsec.modules.common.secureboot.variables [x][ ======================================================================= [x][ Module: Attributes of Secure Boot EFI Variables [x][ ======================================================================= ERROR: Exception occurred during chipsec.modules.common.secureboot.variables.run(): 'must be unicode, not str'
[] running module: chipsec.modules.common.sgx_check []CPU0: does not support SGX Skipping module chipsec.modules.common.sgx_check since it is not supported in this platform
[*] running module: chipsec.modules.common.smm Either not a Core (client) platform or 'PCI0.0.0_SMRAMC' not defined for platform. Skipping module. Skipping module chipsec.modules.common.smm since it is not supported in this platform
[] running module: chipsec.modules.common.smm_code_chk [x][ ======================================================================= [x][ Module: SMM_Code_Chk_En (SMM Call-Out) Protection [x][ ======================================================================= [] MSR_SMM_FEATURE_CONTROL = 0x00000005 << Enhanced SMM Feature Control (MSR 0x4E0 Thread 0x0) [00] LOCK = 1 << Lock bit [02] SMM_Code_Chk_En = 1 << Prevents SMM from executing code outside the ranges defined by the SMRR [+] PASSED: SMM_Code_Chk_En is enabled and locked down
[] running module: chipsec.modules.common.smm_dma [x][ ======================================================================= [x][ Module: SMM TSEG Range Configuration Check [x][ ======================================================================= [] TSEG : 0x000000004B000000 - 0x000000004BFFFFFF (size = 0x01000000) [*] SMRR range: 0x000000004B000000 - 0x000000004BFFFFFF (size = 0x01000000)
[] Checking TSEG range configuration.. [+] TSEG range covers entire SMRAM [] PCI0.0.0_TSEGMB = 0x4B000001 << TSEG Memory Base (b:d.f 00:00.0 + 0xB8) [00] LOCK = 1 << Lock [20] TSEGMB = 4B0 << TSEG Memory Base [*] PCI0.0.0_BGSM = 0x4C000001 << Base of GTT Stolen Memory (b:d.f 00:00.0 + 0xB4) [00] LOCK = 1 << Lock [20] BGSM = 4C0 << Base of GTT Stolen Memory [+] TSEG range is locked [+] PASSED: TSEG is properly configured. SMRAM is protected from DMA attacks
[*] running module: chipsec.modules.common.smrr [x][ ======================================================================= [x][ Module: CPU SMM Cache Poisoning / System Management Range Registers [x][ ======================================================================= [+] OK. SMRR range protection is supported
[] Checking SMRR range base programming.. [] IA32_SMRR_PHYSBASE = 0x4B000006 << SMRR Base Address MSR (MSR 0x1F2 Thread 0x0) [00] Type = 6 << SMRR memory type [12] PhysBase = 4B000 << SMRR physical base address [] SMRR range base: 0x000000004B000000 [] SMRR range memory type is Writeback (WB) [+] OK so far. SMRR range base is programmed
[] Checking SMRR range mask programming.. [] IA32_SMRR_PHYSMASK = 0xFF000C00 << SMRR Range Mask MSR (MSR 0x1F3 Thread 0x0) [11] Valid = 1 << SMRR valid [12] PhysMask = FF000 << SMRR address range mask [*] SMRR range mask: 0x00000000FF000000 [+] OK so far. SMRR range is enabled
[] Verifying that SMRR range base & mask are the same on all logical CPUs.. [CPU0] SMRR_PHYSBASE = 000000004B000006, SMRR_PHYSMASK = 00000000FF000C00 [+] OK so far. SMRR range base/mask match on all logical CPUs [] Trying to read memory at SMRR base 0x4B000000.. ERROR: Exception occurred during chipsec.modules.common.smrr.run(): 'argument must be sequence of length 2, not 3'
[*] running module: chipsec.modules.common.spd_wd [x][ ======================================================================= [x][ Module: SPD Write Disable [x][ =======================================================================
[*] SMBUS_HCFG = 0x11 << Host Configuration (b:d.f 00:31.4 + 0x40) [00] HST_EN = 1 [01] SMB_SMI_EN = 0 [02] I2C_EN = 0 [03] SSRESET = 0 [04] SPD_WD = 1 [+] PASSED: SPD Write Disable is set
ERROR: Exception occurred during chipsec.modules.common.spi_access.run(): 'argument must be sequence of length 2, not 3'
[*] running module: chipsec.modules.common.spi_desc [x][ ======================================================================= [x][ Module: SPI Flash Region Access Control [x][ ======================================================================= ERROR: Exception occurred during chipsec.modules.common.spi_desc.run(): 'argument must be sequence of length 2, not 3'
[*] running module: chipsec.modules.common.spi_fdopss [x][ ======================================================================= [x][ Module: SPI Flash Descriptor Security Override Pin-Strap [x][ ======================================================================= ERROR: Exception occurred during chipsec.modules.common.spi_fdopss.run(): 'argument must be sequence of length 2, not 3'
[*] running module: chipsec.modules.common.spi_lock [x][ ======================================================================= [x][ Module: SPI Flash Controller Configuration Locks [x][ ======================================================================= ERROR: Exception occurred during chipsec.modules.common.spi_lock.run(): 'argument must be sequence of length 2, not 3'
[*] running module: chipsec.modules.common.uefi.access_uefispec [x][ ======================================================================= [x][ Module: Access Control of EFI Variables [x][ ======================================================================= ERROR: Exception occurred during chipsec.modules.common.uefi.access_uefispec.run(): 'must be unicode, not str'
[] running module: chipsec.modules.common.uefi.s3bootscript [x][ ======================================================================= [x][ Module: S3 Resume Boot-Script Protections [x][ ======================================================================= [] SMRAM: Base = 0x000000004B000000, Limit = 0x000000004BFFFFFF, Size = 0x01000000 ERROR: The module was not able to recognize the S3 resume boot script on this platform. ERROR: Exception occurred during chipsec.modules.common.uefi.s3bootscript.run(): 'must be unicode, not str'
[*] running module: chipsec.modules.common.wsmt ERROR: Exception occurred during chipsec.modules.common.wsmt.run(): 'argument must be sequence of length 2, not 3'
[CHIPSEC] SUMMARY [CHIPSEC] Time elapsed 1.000 [CHIPSEC] Modules total 28 [CHIPSEC] Modules failed to run 14: ERROR: chipsec.modules.common.bios_kbrd_buffer ERROR: chipsec.modules.common.bios_smi ERROR: chipsec.modules.common.bios_wp ERROR: chipsec.modules.common.remap ERROR: chipsec.modules.common.rtclock ERROR: chipsec.modules.common.secureboot.variables ERROR: chipsec.modules.common.smrr ERROR: chipsec.modules.common.spi_access ERROR: chipsec.modules.common.spi_desc ERROR: chipsec.modules.common.spi_fdopss ERROR: chipsec.modules.common.spi_lock ERROR: chipsec.modules.common.uefi.access_uefispec ERROR: chipsec.modules.common.uefi.s3bootscript ERROR: chipsec.modules.common.wsmt [CHIPSEC] Modules passed 9: [+] PASSED: chipsec.modules.common.bios_ts [+] PASSED: chipsec.modules.common.cpu.ia_untrusted [+] PASSED: chipsec.modules.common.debugenabled [+] PASSED: chipsec.modules.common.ia32cfg [+] PASSED: chipsec.modules.common.me_mfg_mode [+] PASSED: chipsec.modules.common.memconfig [+] PASSED: chipsec.modules.common.smm_code_chk [+] PASSED: chipsec.modules.common.smm_dma [+] PASSED: chipsec.modules.common.spd_wd [CHIPSEC] Modules information 1: [#] INFORMATION: chipsec.modules.common.cpu.cpu_info [CHIPSEC] Modules failed 0: [CHIPSEC] Modules with warnings 1: [!] WARNING: chipsec.modules.common.cpu.spectre_v2 [CHIPSEC] Modules not implemented 0: [CHIPSEC] Modules not applicable 3: [] NOT APPLICABLE: chipsec.modules.common.memlock [] NOT APPLICABLE: chipsec.modules.common.sgx_check [*] NOT APPLICABLE: chipsec.modules.common.smm [CHIPSEC] Modules with exceptions 14: ERROR: chipsec.modules.common.bios_kbrd_buffer ERROR: chipsec.modules.common.bios_smi ERROR: chipsec.modules.common.bios_wp ERROR: chipsec.modules.common.remap ERROR: chipsec.modules.common.rtclock ERROR: chipsec.modules.common.secureboot.variables ERROR: chipsec.modules.common.smrr ERROR: chipsec.modules.common.spi_access ERROR: chipsec.modules.common.spi_desc ERROR: chipsec.modules.common.spi_fdopss ERROR: chipsec.modules.common.spi_lock ERROR: chipsec.modules.common.uefi.access_uefispec ERROR: chipsec.modules.common.uefi.s3bootscript ERROR: chipsec.modules.common.wsmt [CHIPSEC] *****
dscott90
commented
1 year ago @seprj thanks for your reply.
I'm seeing that you are currently running chipsec using python 2.7. Python 2 has been deprecated and python 3 is now required to run chipsec successfully.
The log also shows that the chipsec version you're using is 1.8.0. We are currently on release 1.9.1 and you may have better results using that latest version.
Could you please update your python installation, try running chipsec release 1.9.1, and share your output with me again?
Thanks, Dan
seprj
commented
1 year ago @dscott90 Thanks for your help and your guid :)
seprj
commented
1 year ago Hello can you help me about Rtclock In Chipsec, in the rtclock module, I know that the third bit of RC register, which is the result of LL and UL, if only one of them(LL/UL) is 1, causes Rtclock memory not to be locked, how can third bit be always set to 1 through Chipsec and always Rtclock keep locked thank you for your guide
Hello I have a Lenovo laptop, which I applied chipset on it, there are 14 failed to Run, what is the difference between the faild and failed to Run? and in faild to run I see "ERROR" I dont know whats the meaning of? beside it I see 13 Modules with exceptions also I dont know whats the meaning of this tooooo thanks to answer to me