About Kernel Documentation Linux Kernel Contact Linux Resources Linux Blog

Documentation / misc-devices / mei / mei.txt

Custom Search

Based on kernel version 4.2. Page generated on 2015-09-09 12:14 EST.

1	Intel(R) Management Engine Interface (Intel(R) MEI)
2	===================================================
4	Introduction
5	============
7	The Intel Management Engine (Intel ME) is an isolated and protected computing
8	resource (Co-processor) residing inside certain Intel chipsets. The Intel ME
9	provides support for computer/IT management features. The feature set
10	depends on the Intel chipset SKU.
12	The Intel Management Engine Interface (Intel MEI, previously known as HECI)
13	is the interface between the Host and Intel ME. This interface is exposed
14	to the host as a PCI device. The Intel MEI Driver is in charge of the
15	communication channel between a host application and the Intel ME feature.
17	Each Intel ME feature (Intel ME Client) is addressed by a GUID/UUID and
18	each client has its own protocol. The protocol is message-based with a
19	header and payload up to 512 bytes.
21	Prominent usage of the Intel ME Interface is to communicate with Intel(R)
22	Active Management Technology (Intel AMT) implemented in firmware running on
23	the Intel ME.
25	Intel AMT provides the ability to manage a host remotely out-of-band (OOB)
26	even when the operating system running on the host processor has crashed or
27	is in a sleep state.
29	Some examples of Intel AMT usage are:
30	   - Monitoring hardware state and platform components
31	   - Remote power off/on (useful for green computing or overnight IT
32	     maintenance)
33	   - OS updates
34	   - Storage of useful platform information such as software assets
35	   - Built-in hardware KVM
36	   - Selective network isolation of Ethernet and IP protocol flows based
37	     on policies set by a remote management console
38	   - IDE device redirection from remote management console
40	Intel AMT (OOB) communication is based on SOAP (deprecated
41	starting with Release 6.0) over HTTP/S or WS-Management protocol over
42	HTTP/S that are received from a remote management console application.
44	For more information about Intel AMT:
45	http://software.intel.com/sites/manageability/AMT_Implementation_and_Reference_Guide
48	Intel MEI Driver
49	================
51	The driver exposes a misc device called /dev/mei.
53	An application maintains communication with an Intel ME feature while
54	/dev/mei is open. The binding to a specific feature is performed by calling
55	MEI_CONNECT_CLIENT_IOCTL, which passes the desired UUID.
56	The number of instances of an Intel ME feature that can be opened
57	at the same time depends on the Intel ME feature, but most of the
58	features allow only a single instance.
60	The Intel AMT Host Interface (Intel AMTHI) feature supports multiple
61	simultaneous user connected applications. The Intel MEI driver
62	handles this internally by maintaining request queues for the applications.
64	The driver is transparent to data that are passed between firmware feature
65	and host application.
67	Because some of the Intel ME features can change the system
68	configuration, the driver by default allows only a privileged
69	user to access it.
71	A code snippet for an application communicating with Intel AMTHI client:
73		struct mei_connect_client_data data;
74		fd = open(MEI_DEVICE);
76		data.d.in_client_uuid = AMTHI_UUID;
78		ioctl(fd, IOCTL_MEI_CONNECT_CLIENT, &data);
80		printf("Ver=%d, MaxLen=%ld\n",
81				data.d.in_client_uuid.protocol_version,
82				data.d.in_client_uuid.max_msg_length);
84		[...]
86		write(fd, amthi_req_data, amthi_req_data_len);
88		[...]
90		read(fd, &amthi_res_data, amthi_res_data_len);
92		[...]
93		close(fd);
97	=====
99	The Intel MEI Driver supports the following IOCTL command:
100		IOCTL_MEI_CONNECT_CLIENT	Connect to firmware Feature (client).
102		usage:
103			struct mei_connect_client_data clientData;
104			ioctl(fd, IOCTL_MEI_CONNECT_CLIENT, &clientData);
106		inputs:
107			mei_connect_client_data struct contain the following
108			input field:
110			in_client_uuid -	UUID of the FW Feature that needs
111						to connect to.
112		outputs:
113			out_client_properties - Client Properties: MTU and Protocol Version.
115		error returns:
116			EINVAL	Wrong IOCTL Number
117			ENODEV	Device or Connection is not initialized or ready.
118				(e.g. Wrong UUID)
119			ENOMEM	Unable to allocate memory to client internal data.
120			EFAULT	Fatal Error (e.g. Unable to access user input data)
121			EBUSY	Connection Already Open
123		Notes:
124	        max_msg_length (MTU) in client properties describes the maximum
125	        data that can be sent or received. (e.g. if MTU=2K, can send
126	        requests up to bytes 2k and received responses up to 2k bytes).
129	Intel ME Applications
130	=====================
132		1) Intel Local Management Service (Intel LMS)
134		   Applications running locally on the platform communicate with Intel AMT Release
135		   2.0 and later releases in the same way that network applications do via SOAP
136		   over HTTP (deprecated starting with Release 6.0) or with WS-Management over
137		   SOAP over HTTP. This means that some Intel AMT features can be accessed from a
138		   local application using the same network interface as a remote application
139		   communicating with Intel AMT over the network.
141		   When a local application sends a message addressed to the local Intel AMT host
142		   name, the Intel LMS, which listens for traffic directed to the host name,
143		   intercepts the message and routes it to the Intel MEI.
144		   For more information:
145		   http://software.intel.com/sites/manageability/AMT_Implementation_and_Reference_Guide
146		   Under "About Intel AMT" => "Local Access"
148		   For downloading Intel LMS:
149		   http://software.intel.com/en-us/articles/download-the-latest-intel-amt-open-source-drivers/
151		   The Intel LMS opens a connection using the Intel MEI driver to the Intel LMS
152		   firmware feature using a defined UUID and then communicates with the feature
153		   using a protocol called Intel AMT Port Forwarding Protocol (Intel APF protocol).
154		   The protocol is used to maintain multiple sessions with Intel AMT from a
155		   single application.
157		   See the protocol specification in the Intel AMT Software Development Kit (SDK)
158		   http://software.intel.com/sites/manageability/AMT_Implementation_and_Reference_Guide
159		   Under "SDK Resources" => "Intel(R) vPro(TM) Gateway (MPS)"
160		   => "Information for Intel(R) vPro(TM) Gateway Developers"
161		   => "Description of the Intel AMT Port Forwarding (APF) Protocol"
163		2) Intel AMT Remote configuration using a Local Agent
165		   A Local Agent enables IT personnel to configure Intel AMT out-of-the-box
166		   without requiring installing additional data to enable setup. The remote
167		   configuration process may involve an ISV-developed remote configuration
168		   agent that runs on the host.
169		   For more information:
170		   http://software.intel.com/sites/manageability/AMT_Implementation_and_Reference_Guide
171		   Under "Setup and Configuration of Intel AMT" =>
172		   "SDK Tools Supporting Setup and Configuration" =>
173		   "Using the Local Agent Sample"
175		   An open source Intel AMT configuration utility,	implementing a local agent
176		   that accesses the Intel MEI driver, can be found here:
177		   http://software.intel.com/en-us/articles/download-the-latest-intel-amt-open-source-drivers/
180	Intel AMT OS Health Watchdog
181	============================
183	The Intel AMT Watchdog is an OS Health (Hang/Crash) watchdog.
184	Whenever the OS hangs or crashes, Intel AMT will send an event
185	to any subscriber to this event. This mechanism means that
186	IT knows when a platform crashes even when there is a hard failure on the host.
188	The Intel AMT Watchdog is composed of two parts:
189		1) Firmware feature - receives the heartbeats
190		   and sends an event when the heartbeats stop.
191		2) Intel MEI driver - connects to the watchdog feature, configures the
192		   watchdog and sends the heartbeats.
194	The Intel MEI driver uses the kernel watchdog API to configure the Intel AMT
195	Watchdog and to send heartbeats to it. The default timeout of the
196	watchdog is 120 seconds.
198	If the Intel AMT Watchdog feature does not exist (i.e. the connection failed),
199	the Intel MEI driver will disable the sending of heartbeats.
202	Supported Chipsets
203	==================
205	7 Series Chipset Family
206	6 Series Chipset Family
207	5 Series Chipset Family
208	4 Series Chipset Family
209	Mobile 4 Series Chipset Family
210	ICH9
211	82946GZ/GL
212	82G35 Express
213	82Q963/Q965
214	82P965/G965
215	Mobile PM965/GM965
216	Mobile GME965/GLE960
217	82Q35 Express
218	82G33/G31/P35/P31 Express
219	82Q33 Express
220	82X38/X48 Express
222	---
223	linux-mei@linux.intel.com
Hide Line Numbers
About Kernel Documentation Linux Kernel Contact Linux Resources Linux Blog

Information is copyright its respective author. All material is available from the Linux Kernel Source distributed under a GPL License. This page is provided as a free service by mjmwired.net.