Yep

Sent from Yahoo Mail on Android

On Thu, Oct 28, 2021 at 23:03, Frinzell, Aaron
<aaron.frinzell@intel.com> wrote:

Hi Tal,

 

This is a document normally shared though NDA.  If you are associated with an organization that has access to it?

 

Thanks,

 

Aaron

 

From: Tal Lubko <tallubko@yahoo.com>
Sent: Thursday, October 28, 2021 2:10 PM
To: chipsec@lists.01.org; Frinzell, Aaron <aaron.frinzell@intel.com>
Subject: Re: [chipsec] BIOS Guard Security Configuration

 

Document #557274 in Intel RDC

 

On Thursday, October 28, 2021, 09:44:53 PM GMT+3, Frinzell, Aaron <aaron.frinzell@intel.com> wrote:

 

 

 

Hi Tal,

 

Are you able to share the link to this document or the source?

 

Thanks,

 

Aaron

 

From: Tal Lubko <tallubko@yahoo.com>
Sent: Thursday, October 28, 2021 12:42 PM
To: chipsec@lists.01.org
Subject: [chipsec] BIOS Guard Security Configuration

 

Hi

 

I'm looking at "Skylake and Kaby Lake Platform Secure Configuration Specification".

It has a section named "BIOS Guard Security Configuration" with several recommendations.

For example: Test "BIOS Guard Lock" (this is MSR bit).

Why chipsec doesn't verify this bit?

 

Regards,

Tal