You are not logged in.

Pages: 1

#1 2024-06-12 09:44:33

marchbaby
Member
From: Kenitra,Morocco
Registered: 2024-05-28
Posts: 17

Firmware security Issues

Hello Guys, wish that you're having a good day, I was going through my KDE system setting and came across the following info in firmware security tab:

Idle…: 0%
Host Security ID: HSI:0! (v1.9.20)
HSI-1
✔ BIOS firmware updates:         Enabled
✔ MEI key manifest:              Valid
✔ csme manufacturing mode:       Locked
✔ csme override:                 Locked
✔ Platform debugging:            Disabled
✔ SPI write:                     Disabled
✔ SPI lock:                      Enabled
✔ SPI BIOS region:               Locked
✔ Supported CPU:                 Valid
✔ TPM empty PCRs:                Valid
✔ TPM v2.0:                      Found
✔ UEFI bootservice variables:    Locked
✔ UEFI platform key:             Valid
✘ csme v0:15.0.23.1706:          Invalid


HSI-2
✔ Intel BootGuard:               Enabled
✔ Intel BootGuard OTP fuse:      Valid
✔ Intel GDS mitigation:          Enabled
✔ Platform debugging:            Locked
✔ TPM PCR0 reconstruction:       Valid
✘ Intel BootGuard ACM protected: Invalid
✘ Intel BootGuard verified boot: Invalid
✘ IOMMU:                         Not found


HSI-3
✔ CET Platform:                  Supported
✔ Pre-boot DMA protection:       Enabled
✔ Suspend-to-idle:               Enabled
✔ Suspend-to-ram:                Disabled
✘ Intel BootGuard error policy:  Invalid


HSI-4
✔ SMAP:                          Enabled
✘ Encrypted RAM:                 Not supported


Runtime Suffix -!
✔ fwupd plugins:                 Untainted
✔ CET OS Support:                Supported
✘ Linux kernel lockdown:         Disabled
✘ Linux swap:                    Unencrypted
✘ Linux kernel:                  Tainted
✘ UEFI secure boot:              Disabled


This system has a low HSI security level.
» https://fwupd.github.io/hsi.html#low-security-level


This system has HSI runtime issues.
» https://fwupd.github.io/hsi.html#hsi-runtime-suffix


Host Security Events
2024-06-02 12:33:06:  ✘ Kernel is tainted

I'm not familiar with these terms and settings at all so I'd like some help, thanks in advance.

Offline

#2 2024-06-12 10:34:09

V1del
Forum Moderator
Registered: 2012-10-16
Posts: 25,223

Re: Firmware security Issues

You can read the links on what those mean, but generally speaking for your normal desktop computer most of this is normal and not inherently cause for concern and you shouldn't panic because of it. If this was a company provided system and they had this many flags here that might be a different story.

Offline

#3 2024-06-12 12:13:32

marchbaby
Member
From: Kenitra,Morocco
Registered: 2024-05-28
Posts: 17

Re: Firmware security Issues

Ok thanks for the help

Offline

Pages: 1

Board footer

Powered by FluxBB