Tag Archives: efi

CHIPSEC notes

Posted on by
Reply

The following is some quick notes on using CHIPSEC to compare the EFI whitelist on your current machine with the BIOS Dell provides

Quick notes.

  1. Install prerequisites (Uses python 2)
  2. Git clone Chipsec
  3. Install (Had to use a -i option, is in the manual)
  4. Run (Use spaces like below)

Extract Bios ROM from Dell EXE
Use the BIOS exe to output a .rom file that you can use in Linux. Run the following command from Windows command prompt, accept the security request. Change the EXE to the BIOS you downloaded.

Alienware_17_R2_1.5.0.EXE /writeromfile

The BIOS rom is named dell.rom in the following commands

Get list of Computer ROM

Should create fw.bin file and efilist.json file from local machine

sudo python chipsec_main.py -m tools.uefi.whitelist

Get list from Dell rom

sudo python chipsec_main.py -m tools.uefi.whitelist -a generate efilist.json dell.rom

Compare the current ROM against the one downloaded from Dell

sudo python chipsec_main.py -m tools.uefi.whitelist -a check efilist.json fw.bin

For some reason Ubuntu was not recognizing the last three options after the -a as individual options unless there was a space in between them.  All the examples online show that they had commas between them.  Which should work, so wonder if it was an environment variable problem or something.

The tell tell sign was the [*] Module arguments Line only shows 1 argument, needs 3.

Other links

Install instructions here.
https://github.com/chipsec/chipsec/wiki/Installing-CHIPSEC-in-Linux

LUV Linux download
https://01.org/linux-uefi-validation

Manual
https://github.com/chipsec/chipsec/blob/master/chipsec-manual.pdf

Repairing Fedora grub from chroot

Posted on by
Reply

Notes from repairing a Fedora drive.

Mount system in chroot.

If the system is a raid drive and your not able to access it refer to this post.  May just need to install the raid utilities.

For mounting the chroot environment refer to this post

Repairing grub

yum install grub2-efi-*

Install grub.  Change /sda to your drive, may need to specify the efi partition.

grub2-install /dev/sda

If your boot and efi partitions are mounted.

grub2-mkconfig -o /boot/efi/EFI/fedora/grub.cfg

Reboot.

How to view hidden EFI partition on Mac drive

Posted on by
Reply

Open a terminal and run the following command to list your hard drives

diskutil list

It should return something similar to the following

bobs-MacBook:~ bob$ diskutil list
/dev/disk0 (internal, physical):
   #:                       TYPE NAME                    SIZE       IDENTIFIER
   0:      GUID_partition_scheme                        *1000.1 GB  disk0
   1:                        EFI EFI                     209.7 MB   disk0s1
   2:                  Apple_HFS Macintosh HD            999.1 GB   disk0s2
   3:                 Apple_Boot Recovery HD             650.0 MB   disk0s3

/dev/disk2 (external, physical):
   #:                       TYPE NAME                    SIZE       IDENTIFIER
   0:      GUID_partition_scheme                        *8.0 GB     disk2
   1:                        EFI EFI                     209.7 MB   disk2s1
   2:                  Apple_HFS Install macOS Sierra    7.0 GB     disk2s2

bobs-MacBook:~ bob$

From above we see that the EFI partition on the main drive is disk0s1.

Make a directory for it to mount to

sudo mkdir /Volumes/TMPEFI

Mount it.

sudo mount -t msdos /dev/disk0s1 /Volumes/TMPEFI

It should now show up in finder for you to browse.

To unmount it simple eject it in Finder, or use one of the following commands

umount /Volumes/TMPEFI
diskutil unmount /Volumes/TMPEFI