[linux-2.6-block.git] / Documentation / misc-devices / mei / mei.txt

Intel(R) Management Engine Interface (Intel(R) MEI)
===================================================

Introduction
============

The Intel Management Engine (Intel ME) is an isolated and protected computing
resource (Co-processor) residing inside certain Intel chipsets. The Intel ME
provides support for computer/IT management features. The feature set
depends on the Intel chipset SKU.

The Intel Management Engine Interface (Intel MEI, previously known as HECI)
is the interface between the Host and Intel ME. This interface is exposed
to the host as a PCI device. The Intel MEI Driver is in charge of the
communication channel between a host application and the Intel ME feature.

Each Intel ME feature (Intel ME Client) is addressed by a GUID/UUID and
each client has its own protocol. The protocol is message-based with a
header and payload up to 512 bytes.

Prominent usage of the Intel ME Interface is to communicate with Intel(R)
Active Management Technology (Intel AMT) implemented in firmware running on
the Intel ME.

Intel AMT provides the ability to manage a host remotely out-of-band (OOB)
even when the operating system running on the host processor has crashed or
is in a sleep state.

Some examples of Intel AMT usage are:
   - Monitoring hardware state and platform components
   - Remote power off/on (useful for green computing or overnight IT
     maintenance)
   - OS updates
   - Storage of useful platform information such as software assets
   - Built-in hardware KVM
   - Selective network isolation of Ethernet and IP protocol flows based
     on policies set by a remote management console
   - IDE device redirection from remote management console

Intel AMT (OOB) communication is based on SOAP (deprecated
starting with Release 6.0) over HTTP/S or WS-Management protocol over
HTTP/S that are received from a remote management console application.

For more information about Intel AMT:
http://software.intel.com/sites/manageability/AMT_Implementation_and_Reference_Guide


Intel MEI Driver
================

The driver exposes a misc device called /dev/mei.

An application maintains communication with an Intel ME feature while
/dev/mei is open. The binding to a specific feature is performed by calling
MEI_CONNECT_CLIENT_IOCTL, which passes the desired UUID.
The number of instances of an Intel ME feature that can be opened
at the same time depends on the Intel ME feature, but most of the
features allow only a single instance.

The Intel AMT Host Interface (Intel AMTHI) feature supports multiple
simultaneous user connected applications. The Intel MEI driver
handles this internally by maintaining request queues for the applications.

The driver is transparent to data that are passed between firmware feature
and host application.

Because some of the Intel ME features can change the system
configuration, the driver by default allows only a privileged
user to access it.

A code snippet for an application communicating with Intel AMTHI client:

	struct mei_connect_client_data data;
	fd = open(MEI_DEVICE);

	data.d.in_client_uuid = AMTHI_UUID;

	ioctl(fd, IOCTL_MEI_CONNECT_CLIENT, &data);

	printf("Ver=%d, MaxLen=%ld\n",
			data.d.in_client_uuid.protocol_version,
			data.d.in_client_uuid.max_msg_length);

	[...]

	write(fd, amthi_req_data, amthi_req_data_len);

	[...]

	read(fd, &amthi_res_data, amthi_res_data_len);

	[...]
	close(fd);


IOCTL
=====

The Intel MEI Driver supports the following IOCTL command:
	IOCTL_MEI_CONNECT_CLIENT	Connect to firmware Feature (client).

	usage:
		struct mei_connect_client_data clientData;
		ioctl(fd, IOCTL_MEI_CONNECT_CLIENT, &clientData);

	inputs:
		mei_connect_client_data struct contain the following
		input field:

		in_client_uuid -	UUID of the FW Feature that needs
					to connect to.
	outputs:
		out_client_properties - Client Properties: MTU and Protocol Version.

	error returns:
		EINVAL	Wrong IOCTL Number
		ENODEV	Device or Connection is not initialized or ready.
			(e.g. Wrong UUID)
		ENOMEM	Unable to allocate memory to client internal data.
		EFAULT	Fatal Error (e.g. Unable to access user input data)
		EBUSY	Connection Already Open

	Notes:
        max_msg_length (MTU) in client properties describes the maximum
        data that can be sent or received. (e.g. if MTU=2K, can send
        requests up to bytes 2k and received responses up to 2k bytes).


Intel ME Applications
=====================

	1) Intel Local Management Service (Intel LMS)

	   Applications running locally on the platform communicate with Intel AMT Release
	   2.0 and later releases in the same way that network applications do via SOAP
	   over HTTP (deprecated starting with Release 6.0) or with WS-Management over
	   SOAP over HTTP. This means that some Intel AMT features can be accessed from a
	   local application using the same network interface as a remote application
	   communicating with Intel AMT over the network.

	   When a local application sends a message addressed to the local Intel AMT host
	   name, the Intel LMS, which listens for traffic directed to the host name,
	   intercepts the message and routes it to the Intel MEI.
	   For more information:
	   http://software.intel.com/sites/manageability/AMT_Implementation_and_Reference_Guide
	   Under "About Intel AMT" => "Local Access"

	   For downloading Intel LMS:
	   http://software.intel.com/en-us/articles/download-the-latest-intel-amt-open-source-drivers/

	   The Intel LMS opens a connection using the Intel MEI driver to the Intel LMS
	   firmware feature using a defined UUID and then communicates with the feature
	   using a protocol called Intel AMT Port Forwarding Protocol (Intel APF protocol).
	   The protocol is used to maintain multiple sessions with Intel AMT from a
	   single application.

	   See the protocol specification in the Intel AMT Software Development Kit (SDK)
	   http://software.intel.com/sites/manageability/AMT_Implementation_and_Reference_Guide
	   Under "SDK Resources" => "Intel(R) vPro(TM) Gateway (MPS)"
	   => "Information for Intel(R) vPro(TM) Gateway Developers"
	   => "Description of the Intel AMT Port Forwarding (APF) Protocol"

	2) Intel AMT Remote configuration using a Local Agent

	   A Local Agent enables IT personnel to configure Intel AMT out-of-the-box
	   without requiring installing additional data to enable setup. The remote
	   configuration process may involve an ISV-developed remote configuration
	   agent that runs on the host.
	   For more information:
	   http://software.intel.com/sites/manageability/AMT_Implementation_and_Reference_Guide
	   Under "Setup and Configuration of Intel AMT" =>
	   "SDK Tools Supporting Setup and Configuration" =>
	   "Using the Local Agent Sample"

	   An open source Intel AMT configuration utility,	implementing a local agent
	   that accesses the Intel MEI driver, can be found here:
	   http://software.intel.com/en-us/articles/download-the-latest-intel-amt-open-source-drivers/


Intel AMT OS Health Watchdog
============================

The Intel AMT Watchdog is an OS Health (Hang/Crash) watchdog.
Whenever the OS hangs or crashes, Intel AMT will send an event
to any subscriber to this event. This mechanism means that
IT knows when a platform crashes even when there is a hard failure on the host.

The Intel AMT Watchdog is composed of two parts:
	1) Firmware feature - receives the heartbeats
	   and sends an event when the heartbeats stop.
	2) Intel MEI driver - connects to the watchdog feature, configures the
	   watchdog and sends the heartbeats.

The Intel MEI driver uses the kernel watchdog API to configure the Intel AMT
Watchdog and to send heartbeats to it. The default timeout of the
watchdog is 120 seconds.

If the Intel AMT Watchdog feature does not exist (i.e. the connection failed),
the Intel MEI driver will disable the sending of heartbeats.


Supported Chipsets
==================

7 Series Chipset Family
6 Series Chipset Family
5 Series Chipset Family
4 Series Chipset Family
Mobile 4 Series Chipset Family
ICH9
82946GZ/GL
82G35 Express
82Q963/Q965
82P965/G965
Mobile PM965/GM965
Mobile GME965/GLE960
82Q35 Express
82G33/G31/P35/P31 Express
82Q33 Express
82X38/X48 Express

---
linux-mei@linux.intel.com
Commit	Line	Data
463ac7f7	1	Intel(R) Management Engine Interface (Intel(R) MEI)
cfba6784	2	===================================================
6624fc23 OW	3
6624fc23 OW	4	Introduction
cfba6784	5	============
6624fc23	6
5f9092f3	7	The Intel Management Engine (Intel ME) is an isolated and protected computing
463ac7f7 OW	8	resource (Co-processor) residing inside certain Intel chipsets. The Intel ME
	9	provides support for computer/IT management features. The feature set
	10	depends on the Intel chipset SKU.
6624fc23	11
463ac7f7 OW	12	The Intel Management Engine Interface (Intel MEI, previously known as HECI)
	13	is the interface between the Host and Intel ME. This interface is exposed
	14	to the host as a PCI device. The Intel MEI Driver is in charge of the
	15	communication channel between a host application and the Intel ME feature.
6624fc23	16
463ac7f7 OW	17	Each Intel ME feature (Intel ME Client) is addressed by a GUID/UUID and
	18	each client has its own protocol. The protocol is message-based with a
	19	header and payload up to 512 bytes.
6624fc23	20
463ac7f7	21	Prominent usage of the Intel ME Interface is to communicate with Intel(R)
ccd7b014	22	Active Management Technology (Intel AMT) implemented in firmware running on
463ac7f7	23	the Intel ME.
6624fc23 OW	24
6624fc23 OW	25	Intel AMT provides the ability to manage a host remotely out-of-band (OOB)
463ac7f7 OW	26	even when the operating system running on the host processor has crashed or
463ac7f7 OW	27	is in a sleep state.
6624fc23 OW	28
	29	Some examples of Intel AMT usage are:
	30	- Monitoring hardware state and platform components
463ac7f7 OW	31	- Remote power off/on (useful for green computing or overnight IT
463ac7f7 OW	32	maintenance)
6624fc23 OW	33	- OS updates
6624fc23 OW	34	- Storage of useful platform information such as software assets
463ac7f7 OW	35	- Built-in hardware KVM
	36	- Selective network isolation of Ethernet and IP protocol flows based
	37	on policies set by a remote management console
6624fc23 OW	38	- IDE device redirection from remote management console
	39
	40	Intel AMT (OOB) communication is based on SOAP (deprecated
463ac7f7 OW	41	starting with Release 6.0) over HTTP/S or WS-Management protocol over
463ac7f7 OW	42	HTTP/S that are received from a remote management console application.
6624fc23 OW	43
6624fc23 OW	44	For more information about Intel AMT:
463ac7f7	45	http://software.intel.com/sites/manageability/AMT_Implementation_and_Reference_Guide
6624fc23	46
cfba6784	47
463ac7f7	48	Intel MEI Driver
cfba6784	49	================
6624fc23	50
463ac7f7	51	The driver exposes a misc device called /dev/mei.
6624fc23	52
463ac7f7	53	An application maintains communication with an Intel ME feature while
f6a4e494	54	/dev/mei is open. The binding to a specific feature is performed by calling
463ac7f7 OW	55	MEI_CONNECT_CLIENT_IOCTL, which passes the desired UUID.
	56	The number of instances of an Intel ME feature that can be opened
	57	at the same time depends on the Intel ME feature, but most of the
6624fc23 OW	58	features allow only a single instance.
6624fc23 OW	59
463ac7f7	60	The Intel AMT Host Interface (Intel AMTHI) feature supports multiple
f6a4e494 TW	61	simultaneous user connected applications. The Intel MEI driver
f6a4e494 TW	62	handles this internally by maintaining request queues for the applications.
6624fc23	63
f6a4e494	64	The driver is transparent to data that are passed between firmware feature
463ac7f7	65	and host application.
6624fc23	66
463ac7f7 OW	67	Because some of the Intel ME features can change the system
463ac7f7 OW	68	configuration, the driver by default allows only a privileged
6624fc23 OW	69	user to access it.
6624fc23 OW	70
f6a4e494 TW	71	A code snippet for an application communicating with Intel AMTHI client:
f6a4e494 TW	72
6624fc23 OW	73	struct mei_connect_client_data data;
	74	fd = open(MEI_DEVICE);
	75
	76	data.d.in_client_uuid = AMTHI_UUID;
	77
	78	ioctl(fd, IOCTL_MEI_CONNECT_CLIENT, &data);
	79
463ac7f7	80	printf("Ver=%d, MaxLen=%ld\n",
6624fc23 OW	81	data.d.in_client_uuid.protocol_version,
	82	data.d.in_client_uuid.max_msg_length);
	83
	84	[...]
	85
	86	write(fd, amthi_req_data, amthi_req_data_len);
	87
	88	[...]
	89
	90	read(fd, &amthi_res_data, amthi_res_data_len);
	91
	92	[...]
	93	close(fd);
	94
cfba6784 JB	95
	96	IOCTL
	97	=====
	98
463ac7f7 OW	99	The Intel MEI Driver supports the following IOCTL command:
	100	IOCTL_MEI_CONNECT_CLIENT Connect to firmware Feature (client).
	101
	102	usage:
	103	struct mei_connect_client_data clientData;
	104	ioctl(fd, IOCTL_MEI_CONNECT_CLIENT, &clientData);
	105
	106	inputs:
	107	mei_connect_client_data struct contain the following
	108	input field:
	109
	110	in_client_uuid - UUID of the FW Feature that needs
	111	to connect to.
	112	outputs:
	113	out_client_properties - Client Properties: MTU and Protocol Version.
	114
	115	error returns:
	116	EINVAL Wrong IOCTL Number
	117	ENODEV Device or Connection is not initialized or ready.
	118	(e.g. Wrong UUID)
	119	ENOMEM Unable to allocate memory to client internal data.
	120	EFAULT Fatal Error (e.g. Unable to access user input data)
	121	EBUSY Connection Already Open
	122
	123	Notes:
	124	max_msg_length (MTU) in client properties describes the maximum
	125	data that can be sent or received. (e.g. if MTU=2K, can send
f884ab15	126	requests up to bytes 2k and received responses up to 2k bytes).
463ac7f7	127
cfba6784 JB	128
	129	Intel ME Applications
	130	=====================
6624fc23	131
21ef5673 JB	132	1) Intel Local Management Service (Intel LMS)
	133
	134	Applications running locally on the platform communicate with Intel AMT Release
	135	2.0 and later releases in the same way that network applications do via SOAP
	136	over HTTP (deprecated starting with Release 6.0) or with WS-Management over
	137	SOAP over HTTP. This means that some Intel AMT features can be accessed from a
	138	local application using the same network interface as a remote application
	139	communicating with Intel AMT over the network.
	140
	141	When a local application sends a message addressed to the local Intel AMT host
	142	name, the Intel LMS, which listens for traffic directed to the host name,
	143	intercepts the message and routes it to the Intel MEI.
	144	For more information:
	145	http://software.intel.com/sites/manageability/AMT_Implementation_and_Reference_Guide
	146	Under "About Intel AMT" => "Local Access"
	147
	148	For downloading Intel LMS:
	149	http://software.intel.com/en-us/articles/download-the-latest-intel-amt-open-source-drivers/
	150
	151	The Intel LMS opens a connection using the Intel MEI driver to the Intel LMS
	152	firmware feature using a defined UUID and then communicates with the feature
	153	using a protocol called Intel AMT Port Forwarding Protocol (Intel APF protocol).
	154	The protocol is used to maintain multiple sessions with Intel AMT from a
	155	single application.
	156
	157	See the protocol specification in the Intel AMT Software Development Kit (SDK)
	158	http://software.intel.com/sites/manageability/AMT_Implementation_and_Reference_Guide
	159	Under "SDK Resources" => "Intel(R) vPro(TM) Gateway (MPS)"
	160	=> "Information for Intel(R) vPro(TM) Gateway Developers"
	161	=> "Description of the Intel AMT Port Forwarding (APF) Protocol"
	162
	163	2) Intel AMT Remote configuration using a Local Agent
	164
	165	A Local Agent enables IT personnel to configure Intel AMT out-of-the-box
	166	without requiring installing additional data to enable setup. The remote
	167	configuration process may involve an ISV-developed remote configuration
	168	agent that runs on the host.
	169	For more information:
	170	http://software.intel.com/sites/manageability/AMT_Implementation_and_Reference_Guide
	171	Under "Setup and Configuration of Intel AMT" =>
	172	"SDK Tools Supporting Setup and Configuration" =>
	173	"Using the Local Agent Sample"
	174
	175	An open source Intel AMT configuration utility, implementing a local agent
	176	that accesses the Intel MEI driver, can be found here:
	177	http://software.intel.com/en-us/articles/download-the-latest-intel-amt-open-source-drivers/
6624fc23	178
6624fc23	179
cfba6784 JB	180	Intel AMT OS Health Watchdog
	181	============================
	182
6624fc23 OW	183	The Intel AMT Watchdog is an OS Health (Hang/Crash) watchdog.
6624fc23 OW	184	Whenever the OS hangs or crashes, Intel AMT will send an event
5f9092f3 JM	185	to any subscriber to this event. This mechanism means that
5f9092f3 JM	186	IT knows when a platform crashes even when there is a hard failure on the host.
6624fc23	187
463ac7f7 OW	188	The Intel AMT Watchdog is composed of two parts:
	189	1) Firmware feature - receives the heartbeats
	190	and sends an event when the heartbeats stop.
	191	2) Intel MEI driver - connects to the watchdog feature, configures the
	192	watchdog and sends the heartbeats.
6624fc23	193
f6a4e494	194	The Intel MEI driver uses the kernel watchdog API to configure the Intel AMT
463ac7f7 OW	195	Watchdog and to send heartbeats to it. The default timeout of the
463ac7f7 OW	196	watchdog is 120 seconds.
6624fc23	197
463ac7f7 OW	198	If the Intel AMT Watchdog feature does not exist (i.e. the connection failed),
463ac7f7 OW	199	the Intel MEI driver will disable the sending of heartbeats.
6624fc23	200
cfba6784 JB	201
cfba6784 JB	202	Supported Chipsets
6624fc23	203	==================
cfba6784	204
6624fc23 OW	205	7 Series Chipset Family
	206	6 Series Chipset Family
	207	5 Series Chipset Family
	208	4 Series Chipset Family
	209	Mobile 4 Series Chipset Family
	210	ICH9
	211	82946GZ/GL
	212	82G35 Express
	213	82Q963/Q965
	214	82P965/G965
	215	Mobile PM965/GM965
	216	Mobile GME965/GLE960
	217	82Q35 Express
	218	82G33/G31/P35/P31 Express
	219	82Q33 Express
	220	82X38/X48 Express
	221
	222	---
	223	linux-mei@linux.intel.com