Skip to content

Releases: ANSSI-FR/chipsec-check

Features and bugfix

21 May 16:20
v2.2
Compare
Choose a tag to compare

This release contains the following changes:

  • stop creating EFI boot entries using the fallback mechanism (https://www.rodsbooks.com/efi-bootloaders/fallback.html) and only use Grub with specific boot entries for the Shell and Keytool
  • support passing a specific Chipsec repository (either local or remote) in order to be able to incorporate changes not yet merged to Chipsec upstream
  • fix build with latest Chipsec
  • update partition creation so the data partition is now at the end (which makes it easier to resize it, for example on devices created by burning the .iso provided with releases)

Bugfix release

21 Dec 10:31
v2.1.1
Compare
Choose a tag to compare

Removing spurious shell tracing

Bugfix and small improvements release

27 Aug 12:31
v2.1
Compare
Choose a tag to compare

This relase adds few minor features:

  • a vfat partition is added to export data more easily from the machine under test
  • debootstrap now uses the minbase variant to lower disk usage
  • some tools (cpuid, msr-tools and dmidecode) are explicitely added to the installed ones
  • grub entries have been added for the EFI shell and Keytool utility; those entries might be more practical than the EFI ones (which might be removed in a future release)

The chipsec.ko is now explicitely built when installing Chipsec, following upstream changes.

Major release merging Secure Boot utils into Chipsec key

31 May 20:34
v2.0
Compare
Choose a tag to compare

This release feature a major modification of the scripts to support a one-USB key setup. The Chipsec key created with create-chipsec.sh now includes tools to tune the Secure Boot keys (previously only created with create-shell.sh so only one USB drive is needed.

The updated key bootloader, kernel and chipsec.ko kernel module are now also signed with the key generated with the gen-keys script so the Chipsec key can be loaded in a SB-enabled platform.

Other smaller changes can be found by looking at the commits history.

Bugfix and small features release

27 Feb 10:43
v1.2
Compare
Choose a tag to compare
  • Add pciutils to the installed packages list
  • Ask for confirmation before all write operations (especially the truncate call when generating an iso)
  • Add support for installing extra packages on the command line

Small bugfixes and ISO regeneration

06 Jan 12:58
v1.1
Compare
Choose a tag to compare

This release adds a fix to detect an older version of efitools which can causes problem when inserting the PK (Platform Key). Some details can be found at https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920014 and https://forums.lenovo.com/t5/ThinkPad-11e-Windows-13-E-and/Cannot-install-custom-secure-boot-PK-platform-key/td-p/4318378.

The image provided with v1.0 is affected by this bug, so people should rather use v1.1 versions.

Release chipsec and secure boot build tools

19 Dec 10:35
v1.0
Compare
Choose a tag to compare

This release provide pre-built ISO for the chipsec and secure-boot USB keys