Intel Management Engine
The wiki is being retired!
Documentation is now handled by the same processes we use for code: Add something to the Documentation/ directory in the coreboot repo, and it will be rendered to https://doc.coreboot.org/. Contributions welcome!
Uses of the Management Engine
The management engine(Often abreviated ME) is a CPU which permits Out of band management of the computer.
Freedom and security issues
- The code that is running inside the management engine is proprietary and signed
- The management engine CPU has access to a lot of things, see "ME physical capabilities" for more details.
|Board||Firmware||Microarchitecture||Chipset||ME location||ME physical capabilities||ME restrictions|
|Lenovo x201||AMT||Nehalem||Ibex Peak||Inside the PCH||
|Packard Bell EasyNote LM85 (MS2290)||AMT?|
|Samsung Series 5 550 Chromebook||me.bin||Sandy Bridge||Inside the PCH||
|Samsung Series 3 Chromebox||me.bin|
|Google/HP Pavilion Chromebook 14||me.bin||Ivy Bridge||Inside the PCH||
|Google Chromebook Pixel||me.bin|
|Google/Acer C7 Chromebook||me.bin|
|Google/Lenovo Thinkpad X131e Chromebook||me.bin|
|Google/Acer C720 Chromebook||?||Haswell||Inside the PCH||
|Google/HP Chromebook 14||?|
Why there is no replacement for it yet
Replacing the ME firmware is not that easy because:
- Its firmware is signed
- On recent chipset its RAM reagion is locked while it is allocated