Closed stemid closed 7 years ago
I don't know what is going on, but providing more info will definitively help debugging or other people figuring out if they are dealing with the same situation. Some 'low hanging fruits' are probably sharing:
strace
output with us. Make sure to check any output you are sharing with us not leaking any unique details (MAC-address, hostname, ...).`:$ strace -o "./mei-amt-check.strace" -s 256 -f ./mei-amt-check
---
$ man strace # in case you are curious about the strace flags.
# [...]
-o filename Write the trace output to the file filename rather than to stderr. Use
filename.pid if -ff is used. If the argument begins with '|' or with '!'
then the rest of the argument is treated as a command and all output is
piped to it. This is convenient for piping the debugging output to a pro‐
gram without affecting the redirections of executed programs.
# [...]
-s strsize Specify the maximum string size to print (the default is 32). Note that
filenames are not considered strings and are always printed in full.
# [...]
-f Trace child processes as they are created by currently traced processes as
a result of the fork(2), vfork(2) and clone(2) system calls. Note that -p
PID -f will attach all threads of process PID if it is multi-threaded, not
only thread with thread_id = PID.
lspci -v
, lsmod
and cat /proc/cpuinfo
git rev-parse HEAD
you've compiled mei-amt-check withme_cleaner
documentation where they mention checking the mangement engine status via. ./intelmetool -s
, this might be useful for you too.I hope this helps a tiny little bit, thanks for this tool!
It's actually the same error as in #1.
execve("./mei-amt-check", ["./mei-amt-check"], [/* 20 vars */]) = 0
brk(NULL) = 0x1125000
mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9972293000
access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory)
open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=129381, ...}) = 0
mmap(NULL, 129381, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f9972273000
close(3) = 0
open("/lib64/libc.so.6", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\3\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0 \5\2\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=2115824, ...}) = 0
mmap(NULL, 3955040, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f9971caa000
mprotect(0x7f9971e67000, 2093056, PROT_NONE) = 0
mmap(0x7f9972066000, 24576, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1bc000) = 0x7f9972066000
mmap(0x7f997206c000, 14688, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f997206c000
close(3) = 0
mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9972271000
arch_prctl(ARCH_SET_FS, 0x7f9972271700) = 0
mprotect(0x7f9972066000, 16384, PROT_READ) = 0
mprotect(0x602000, 4096, PROT_READ) = 0
mprotect(0x7f9972295000, 4096, PROT_READ) = 0
munmap(0x7f9972273000, 129381) = 0
open("/dev/mei0", O_RDWR) = 3
ioctl(3, IOCTL_MEI_CONNECT_CLIENT, 0x7ffd168768b0) = -1 ENOTTY (Inappropriate ioctl for device)
write(2, "Error: Management Engine refused"..., 84Error: Management Engine refused connection. This probably means you don't have AMT
) = 84
close(3) = 0
exit_group(1) = ?
+++ exited with 1 +++
I get this message.
Error: Management Engine refused connection. This probably means you don't have AMT
On a thinkpad x260.
But according to lenovo it's vulnerable to CVE-2017-5689.
I've tried with SElinux in permissive but I can't see that it would be blocking the program in any way.
I make and I run sudo ./mei-amt-check.
I've also verified that mei_me is loaded in lsmod and /dev/mei0 exists.