MSI has very insecure Secure Boot defaults

[dawidpotocki]

Some MSI motherboards with some firmware versions by default allow
booting binaries on policy violations, thereby not providing any
additional security compared to having Secure Boot disabled. Scroll down
for a list of affected boards and their firmware versions.

To deny booting on policy violation, go to the place where your Secure
Boot settings are in your UEFI, change "Secure Boot Mode" to "Custom"
and then open "Image Execution Policy".

Some example locations:

• Settings/Advanced/Windows OS Configuration/Secure Boot
• Security/Secure Boot

NOTE: MSI released beta firmware for some AMD and Intel boards
and the layout looks different. Instead of "Image Execution Policy"
there is a "Secure Boot Preset" option with "Hardware/OS Compatibility"
and "Maximum Security", pick "Maximum Security".

Then change "Always Execute" to "Deny Execute" on "Removable Media" and
"Fixed Media". Optionally you can also change "Option ROM" to "Deny
Execute", read more about Option ROMs:

• https://github.com/Foxboron/sbctl/wiki/FAQ#option-rom
• https://learn.microsoft.com/en-us/windows-hardware/manufacture/desktop/uefi-validation-option-rom-validation-guidance

WARNING: DON'T USE "ALWAYS DENY" UNLESS YOU KNOW WHAT YOU ARE DOING. Use "Deny
Execute" instead.

Example UEFI firmware screenshots:

_{My blog post in English: https://dawidpotocki.com/en/2023/01/13/msi-insecure-boot/
Mój post na blogu po polsku: https://dawidpotocki.com/pl/2023/01/13/msi-insecure-boot/}

MSI's statement: https://www.reddit.com/r/MSI_Gaming/comments/10g9v3m/msi_statement_on_secure_boot/

---

Format:

• CPU vendor:
  • Chipset:
    • Board name (release date) [build date]

Some build dates are earlier than release dates, don't ask me why.

MSI firmware shows dates in MM/DD/YYYY, I have provided them in YYYY-MM-DD.

Affected motherboards (all firmware versions):

• AMD:
  • Every X670(E) motherboard
  • Every B650(E) motherboard
  • X570:
    • MEG X570S ACE MAX
    • MEG X570S UNIFY-X MAX
    • MPG X570S CARBON MAX WIFI / MPG X570S CARBON EK X
  • B550:
    • B550 GAMING GEN3
    • MAG B550 TOMAHAWK MAX WIFI
    • PRO B550M-P GEN3
    • PRO B550-P GEN3
    • PRO B550-VC
• Intel:
  • Every Z790 motherboard
  • Every B760 motherboard
  • Z590:
    • MEG Z590 UNIFY-X
  • B660:
    • MAG B660M MORTAR MAX WIFI DDR4
    • PRO B660M-A CEC WIFI DDR4 V2
  • H610:
    • PRO H610M 12VO
    • PRO H610M VDHP DDR4
    • PRO H610M-E DDR4
  • H410:
    • PRO H410M-B

Affected motherboards (newer firmware versions):

• AMD:
  • TRX40:
    • Creator TRX40: 7C59v17 (2022-05-18) [2022-05-17]
    • TRX40 PRO 10G / TRX40-A PRO: 7C60v18 (2022-05-24) [2022-05-17]
    • TRX40 PRO WIFI: 7C60v28 (2022-05-24) [2022-05-17]
  • X399:
    • MEG X399 CREATION: 7B92v146 (2022-08-11) [2022-08-11]
    • X399 GAMING PRO CARBON AC: 7B09v1D9 (2022-08-11) [2022-08-10]
    • X399 SLI PLUS: 7B09vA89 (2022-08-11) [2022-08-11]
  • X570:
    • MAG X570 TOMAHAWK WIFI: 7C84v18 (2022-01-06) [2021-12-29]
    • MAG X570S TOMAHAWK MAX WIFI: 7D54v11 (2021-12-22) [2021-12-17]
    • MAG X570S TORPEDO MAX: 7D54vA1 (2021-12-22) [2021-12-17]
    • MEG X570 ACE: 7C35v1H1 (2022-01-05) [2022-01-14]
    • MEG X570 GODLIKE: 7C34v1F (2022-01-05) [2021-12-27]
    • MEG X570 UNIFY: 7C35vAB (2021-12-23) [2021-12-22]
    • MPG X570 GAMING EDGE WIFI: 7C37v1G (2021-12-22) [2021-12-16]
    • MPG X570 GAMING PLUS: 7C37vAF (2021-12-22) [2021-12-16]
    • MPG X570 GAMING PRO CARBON WIFI: 7B93v1E (2021-12-22) [2021-12-17]
    • MPG X570S EDGE MAX WIFI: 7D53v11 (2021-12-28) [2021-12-27]
    • PRESTIGE X570 CREATION: 7C36v1F (2022-01-05) [2021-12-19]
    • X570-A PRO: 7C37vHF (2021-12-21) [2021-12-16]
  • X470:
    • X470 GAMING M7 AC: 7B77v1I1 (2022-07-15) [2022-07-19]
    • X470 GAMING PLUS: 7B79vAL1 (2022-07-04) [2022-06-24]
    • X470 GAMING PLUS MAX: 7B79vHD2 (2021-09-29) [2021-09-26]
    • X470 GAMING PRO: 7B79v1I (2022-01-28) [2022-01-26]
    • X470 GAMING PRO CARBON / X470 GAMING PRO CARBON AC: 7B78v2I1 (2022-07-15) [2022-07-16]
    • X470 GAMING PRO MAX: 7B79vMB (2021-09-29) [2021-09-28]
  • X370:
    • X370 GAMING M7 ACK: 7A35v1H2 (2022-05-10) [2022-05-12]
    • X370 GAMING PLUS: 7A33v5L2 (2022-05-10) [2022-05-12]
    • X370 GAMING PRO: 7A33v4K1 (2022-05-10) [2022-05-11]
    • X370 GAMING PRO CARBON: 7A32v1P1 (2022-05-10) [2022-05-13]
    • X370 GAMING PRO CARBON AC: 7A32v2K1 (2022-05-10) [2022-05-13]
    • X370 KRAIT GAMING: 7A33v1L2 (2022-05-10) [2022-05-10]
    • X370 SLI PLUS: 7A33v3L2 (2022-05-10) [2022-05-11]
    • X370 XPOWER GAMING TITANIUM: 7A31v1O2 (2022-05-10) [2022-05-10]
  • B550:
    • B550-A PRO: 7C56vA8 (2021-12-20) [2021-12-16]
    • B550M PRO: 7D14v26 (2022-01-05) [2021-12-22]
    • B550M PRO-DASH: 7C95v37 (2021-12-22) [2021-12-21]
    • B550M PRO-VDH / B550M PRO-VDH WIFI: 7C95v29 (2022-01-05) [2021-12-23]
    • B550M PRO-VDH WIFI (CEC): 7C95vH1 (2022-01-05) [2021-12-23]
    • B550M-A PRO: 7C96v26 (2021-12-15) [2021-12-13]
    • MAG B550 TOMAHAWK: 7C91vA8 (2021-12-20) [2021-12-16]
    • MAG B550 TORPEDO: 7C91vH5 (2021-12-20) [2021-12-16]
    • MAG B550M BAZOOKA: 7C95vA8 (2022-01-05) [2021-12-23]
    • MAG B550M MORTAR / MAG B550M MORTAR WIFI / MAG B550M MORTAR MAX WIFI: 7C94v19 (2021-12-20) [2021-12-15]
    • MAG B550M VECTOR WIFI: 7D14vB6 (2022-01-05) [2021-12-19]
    • MEG B550 UNIFY: 7D13v14 (2021-12-22) [2021-12-17]
    • MEG B550 UNIFY-X: 7D13vA4 (2021-12-23) [2021-12-17]
    • MPG B550 GAMING CARBON WIFI: 7C90v18 (2021-12-22) [2021-12-20]
    • MPG B550 GAMING EDGE WIFI: 7C91v18 (2021-12-20) [2021-12-15]
    • MPG B550 GAMING PLUS: 7C56v18 (2022-01-05) [2021-12-30]
    • MPG B550I GAMING EDGE WIFI / MPG B550I GAMING EDGE MAX WIFI: 7C92v18 (2021-12-22) [2021-12-21]
    • PRO B550M-VC WIFI: 7C95vH1 (2022-01-05) [2021-12-23]
  • B450:
    • B450 GAMING PLUS MAX: 7B86vHD3 (2021-09-29) [2021-09-28]
    • B450 GAMING PRO CARBON MAX WIFI: 7B85v283 (2021-09-29) [2021-09-28]
    • B450 MORTAR MAX: 7B89v2E3 (2021-09-29) [2021-09-28]
    • B450 TOMAHAWK: 7C02v1H8 (UNKNOWN) [2022-04-18]
    • B450 TOMAHAWK MAX: 7C02v3C (2021-09-29) [2021-09-27]
    • B450 TOMAHAWK MAX II: 7C02vH63 (2021-09-29) [2021-09-27]
    • B450-A PRO MAX: 7B86vME3 (2021-09-29) [2021-09-28]
    • B450I GAMING PLUS AC: 7A40vAF7 (UNKNOWN) [2022-03-30]
    • B450I GAMING PLUS MAX WIFI: 7A40vB62 (2021-09-29) [2021-09-27]
    • B450M BAZOOKA: 7A38vHH6 (UNKNOWN) [2022-04-13]
    • B450M BAZOOKA MAX WIFI: 7C87v17 (2021-09-29) [2021-09-27]
    • B450M BAZOOKA PLUS: 7B90v1F6 (UNKNOWN) [2022-04-21]
    • B450M BAZOOKA V2: 38vPE6 (UNKNOWN) [2022-04-13]
    • B450M MORTAR: 7B89v1I (2022-08-10) [2022-07-27]
    • B450M MORTAR TITANIUM: 7B89vAG6 (UNKNOWN) [2022-04-21]
    • B450M PRO-M2 MAX: 7B84vAE2 (2021-09-29) [2021-09-27]
    • B450M PRO-M2: 7B84v2H7 (UNKNOWN) [2022-04-11]
    • B450M PRO-M2 V2: 7B84v4E (UNKNOWN) [2022-04-11]
    • B450M PRO-VDH PLUS: 7A38v9C4 (2021-10-12) [2021-10-09]
    • B450M PRO-VDH V2: 7A38v8F6 (UNKNOWN) [2022-04-13]
    • B450M-A PRO MAX: 7C52v3D2 (2021-09-29) [2021-09-28]
  • B350:
    • B350 GAMING PLUS: 7A34vMHS (2021-11-04) [2021-11-04]
    • B350 GAMING PRO CARBON: 7B00v1JS (2021-11-02) [2021-11-01]
    • B350 KRAIT GAMING: 7B08v1IS (2021-11-02) [2021-11-01]
    • B350 PC MATE: 7A34vALS (2021-11-04) [2021-11-04]
    • B350 TOMAHAWK: 7A34v1Q2 (2021-11-04) [2021-11-04]
    • B350 TOMAHAWK ARCTIC: 7A34vHKS (2021-11-04) [2021-11-04]
    • B350 TOMAHAWK PLUS: 7B36v1ER (2021-11-02) [2021-11-01]
    • B350I PRO AC: 7A40v1E2 (2022-05-10) [2021-11-01]
    • B350M BAZOOKA: 7A38v1LR (2021-11-02) [2021-11-01]
    • B350M GAMING PRO: 7A39v2NS (2021-11-02) [2021-11-01]
    • B350M MORTAR: 7A37v1MW (2021-11-04) [2021-11-01]
    • B350M MORTAR ARCTIC: 7A37vAKT (2021-11-04) [2021-11-01]
    • B350M PRO-VD PLUS: 7B38v2GV (2021-11-04) [2021-11-04]
    • B350M PRO-VDH PLUS: 7A38vAJS (2021-11-02) [2021-11-02]
    • B350M PRO-VH PLUS: 7B07v2FV (2021-11-02) [2021-11-01]
  • A520:
    • A520M PRO: 7D14v193 (2021-09-27) [2021-09-26]
    • A520M PRO-C DASH: 7C57v173 (2021-09-27) [2021-09-26]
    • A520M PRO-VDH: 7D49v135 (2021-09-27) [2021-09-26]
    • A520M PRO-VH: 7C96vA81 (2022-08-08) [2022-08-11]
    • A520M-A PRO: 7C96v183 (2021-09-27) [2021-09-28]
    • MAG A520M BAZOOKA WIFI: 7D49vA35 (2021-09-27) [2021-09-26]
    • MAG A520M VECTOR WIFI: 7D14vA93 (2021-09-27) [2021-09-26]
  • A320:
    • A320M GRENADE: 7A39vAK2 (2022-05-10) [2022-05-11]
    • A320M PRO-VH / A320M-A PRO M2: 7C52v192 (2022-01-05) [2022-01-04]
    • A320M PRO-C: 7C58v242 (2022-05-10) [2022-05-13]
    • A320M-A PRO MAX: 7C52v411 (2022-05-10) [2022-05-10]
    • A320M-A PRO: 7C51v162 (2021-12-28) [2021-12-22]
    • A320M PRO-M2 V2: 7B84v34Z (2021-11-04) [2021-11-04]
    • A320M PRO-E: 7A36vH51 (2021-11-02) [2021-11-02]
    • A320M PRO-VD/S V2: 7A36vA63 (2022-05-10) [2022-05-14]
    • A320M PRO-M2: 7B84v191 (2022-07-19) [2022-07-19]
    • A320M PRO-VHL: 7B07v1I2 (2022-05-10) [2022-05-10]
    • A320M PRO-VD PLUS: 7B38v1I2 (2022-05-10) [2022-05-13]
    • A320M PRO-VH PLUS: 7B07v3I2A (2022-05-10) [2022-05-10]
    • A320M BAZOOKA: 7A38v2K2 (2022-05-10) [2022-05-11]
    • A320M GAMING PRO: 7A39v1M2 (2022-05-10) [2022-05-10]
    • A320M PRO-VD/S: 7A36v2L3 (2022-05-10) [2022-05-14]
• Intel:
  • X299:
    • Creator X299: 7B96v151 (2022-03-10) [2022-09-07]
    • MEG X299 CREATION: 7C06v183 (UNKNOWN) [2022-09-07]
    • X299 GAMING M7 ACK: 7A90v1G (UNKNOWN) [2022-09-07]
    • X299 GAMING PRO CARBON / X299 GAMING PRO CARBON AC: 7A95v1H2 (UNKNOWN) [2022-09-07]
    • X299 PRO / X299 PRO 10G: 7B94v142 (UNKNOWN) [2022-09-07]
    • X299 RAIDER: 7A94v1H4 (UNKNOWN) [2022-09-07]
    • X299 SLI PLUS: 7A93v1I6 (UNKNOWN) [2022-09-08]
    • X299 TOMAHAWK / X299 TOMAHAWK AC: 7B05v1G2 (UNKNOWN) [2022-09-07]
    • X299 TOMAHAWK ARCTIC: 7B05v2G (UNKNOWN) [2022-09-07]
    • X299 XPOWER GAMING AC: 7A91v1F2 (UNKNOWN) [2022-09-08]
    • X299-A PRO / X299-S01A: 7A94vA24 (2022-03-10) [2022-09-07]
    • X299M GAMING PRO CARBON AC: 7B06v1F2 (2022-03-10) [2022-09-07]
    • X299M-A PRO: 7B40v1D2 (2022-03-10) [2022-09-07]
  • Z690:
    • MAG Z690 TOMAHAWK WIFI: 7D32vH41 (2022-05-18) [2022-05-17]
    • MAG Z690 TOMAHAWK WIFI DDR4: 7D32v142 (2022-05-18) [2022-05-18]
    • MAG Z690 TORPEDO / MAG Z690 TORPEDO EK X: 7D32vA41 (2022-05-18) [2022-05-17]
    • MAG Z690M MORTAR WIFI: 7D42vB31 (2022-05-18) [2022-05-19]
    • MEG Z690 ACE: 7D27v143 (2022-05-18) [2022-05-17]
    • MEG Z690 GODLIKE: 7D26v141 (2022-05-18) [2022-05-18]
    • MEG Z690 UNIFY: 7D28v142 (2022-05-18) [2022-05-18]
    • MEG Z690 UNIFY-X: 7D28vA42 (2022-05-18) [2022-05-18]
    • MEG Z690I UNIFY: 7D29v142 (2022-05-18) [2022-05-18]
    • MPG Z690 CARBON WIFI / MPG Z690 CARBON EK X: 7D30v144 (2022-05-18) [2022-05-17]
    • MPG Z690 EDGE WIFI: 7D31vH42 (2022-05-18) [2022-05-18]
    • MPG Z690 EDGE WIFI DDR4: 7D31v144 (2022-05-18) [2022-05-18]
    • MPG Z690 FORCE WIFI: 7D30vA42 (2022-05-18) [2022-05-17]
    • PRO Z690-A / PRO Z690-A WIFI: 7D25vA42 (2022-05-23) [2022-05-17]
    • PRO Z690-A DDR4 / PRO Z690-A WIFI DDR4: 7D25v143 (2022-05-23) [2022-05-17]
    • PRO Z690-P DDR4: 7D36vA5 (2022-05-18) [2022-05-18]
    • PRO Z690-P WIFI: 7D33v121 (2022-05-18) [2022-05-18]
  • Z590:
    • MAG Z590 TOMAHAWK WIFI: 7D08v23 (2021-09-15) [2021-09-13]
    • MAG Z590 TORPEDO: 7D08vA3 (2021-09-15) [2021-09-13]
    • MEG Z590 ACE / MEG Z590 ACE GOLD EDITION: 7D04v13 (2021-09-15) [2021-09-22]
    • MEG Z590 GODLIKE: 7D03vA3 (2021-09-15) [2021-09-22]
    • MEG Z590 UNIFY: 7D38v12 (2021-09-15) [2021-09-06]
    • MEG Z590 UNIFY-X: 7D38vA2 (2021-09-15) [2021-09-06]
    • MEG Z590I UNIFY: 7D05v13 (2021-09-13) [2021-09-08]
    • MPG Z590 GAMING CARBON WIFI / MPG Z590 CARBON EK X: 7D06v15 (2021-09-15) [2021-09-13]
    • MPG Z590 GAMING EDGE WIFI: 7D07v13 (2021-09-13) [2021-09-09]
    • MPG Z590 GAMING FORCE: 7D06vA3 (2021-09-15) [2021-09-13]
    • MPG Z590 GAMING PLUS: 7D07vA3 (2021-09-13) [2021-09-09]
    • MPG Z590M GAMING EDGE WIFI: 7D12v12 (2021-09-14) [2021-09-08]
    • Z590 PLUS: 7D11v13 (2021-09-15) [2021-09-09]
    • Z590 PRO / Z590 PRO WIFI / Z590-A PRO: 7D09v13 (2021-09-08) [2021-09-06]
    • Z590 PRO WIFI (CEC): 7D09vA3 (2021-09-09) [2021-09-06]
    • Z590M PRO: 7D18v22 (2021-09-15) [2021-09-09]
  • Z490:
    • MAG Z490 TOMAHAWK: 7C80v1A (2021-10-18) [2021-10-19]
    • MEG Z490 ACE: 7C71v1A (2021-09-13) [2021-09-30]
    • MEG Z490 GODLIKE: 7C70v1A (2021-10-18) [2021-10-21]
    • MEG Z490 UNIFY: 7C71vAA (2021-09-13) [2021-09-30]
    • MEG Z490I UNIFY: 7C77v1A (2021-10-18) [2021-10-20]
    • MPG Z490 GAMING CARBON WIFI / MPG Z490 CARBON EK X: 7C73v1A (2021-10-18) [2021-10-22]
    • MPG Z490 GAMING EDGE WIFI: 7C79v19 (2021-09-13) [2021-09-30]
    • MPG Z490 GAMING PLUS: 7C75vA9 (2021-09-13) [2021-09-30]
    • MPG Z490M GAMING EDGE WIFI: 7C76v2A (2021-09-13) [2021-09-30]
    • Z490 PLUS: 7C98v16 (2021-10-30) [2021-10-22]
    • Z490-A PRO: 7C75v2B (2021-09-13) [2021-09-30]
  • Z390:
    • MAG Z390 TOMAHAWK: 7B18v1C (2022-11-08) [2022-11-02]
    • MAG Z390M MORTAR: 7C00v1B3 (2022-10-14) [2022-10-13]
    • MEG Z390 ACE: 7B12v1B3 (2022-10-14) [2022-10-13]
    • MEG Z390 GODLIKE: 7B10v1D (2022-11-07) [2022-11-01]
    • MPG Z390 GAMING EDGE AC: 7B17vAC3 (2022-10-14) [2022-10-13]
    • MPG Z390 GAMING PLUS: 7B51v1E2 (2022-10-14) [2022-10-12]
    • MPG Z390 GAMING PRO CARBON / MPG Z390 GAMING PRO CARBON AC: 7B17v1C3 (2022-10-14) [2022-10-13]
    • MPG Z390I GAMING EDGE AC: 7C04v1B (2022-11-07) [2022-10-21]
    • MPG Z390M GAMING EDGE AC: 7B50v1C (2022-10-24) [2022-10-20]
    • Z390-A PRO: 7B98v1E (2022-11-08) [2022-10-21]
  • B660:
    • MAG B660 TOMAHAWK EVA e-PROJECT: 7D41vH31 (2022-05-23) [2022-05-23]
    • MAG B660 TOMAHAWK WIFI: 7D41vA31 (2022-05-23) [2022-05-23]
    • MAG B660 TOMAHAWK WIFI DDR4: 7D41v241 (2022-05-23) [2022-05-23]
    • MAG B660M BAZOOKA: 7D43vM21 (2022-05-23) [2022-05-21]
    • MAG B660M MORTAR / MAG B660M MORTAR WIFI: 7D42vA31 (2022-05-18) [2022-05-19]
    • MAG B660M MORTAR DDR4 / MAG B660M MORTAR WIFI DDR4: 7D42v143 (2022-05-18) [2022-05-19]
    • PRO B660-A / PRO B660M-A WIFI: 7D59vA31 (2022-05-23) [2022-05-21]
    • PRO B660-A DDR4 / PRO B660M-A WIFI DDR4: 7D59v131 (2022-05-23) [2022-05-21]
    • PRO B660M-A / PRO B660M-A WIFI: 7D43vA31 (2022-05-23) [2022-05-20]
    • PRO B660M-A CEC WIFI DDR4: 7D37v131 (2022-05-18) [2022-05-18]
    • PRO B660M-A DDR4 / PRO B660M-A WIFI DDR4: 7D43v133 (2022-05-23) [2022-05-19]
    • PRO B660M-B: 7D45vA21 (2022-05-23) [2022-05-20]
    • PRO B660M-B DDR4: 7D45v141 (2022-05-23) [2022-05-20]
    • PRO B660M-E DDR4: 7D46v231 (2022-05-18) [2022-05-18]
    • PRO B660M-G: 7D45vA21 (2022-05-23) [2022-05-20]
    • PRO B660M-G DDR4: 7D45v141 (2022-05-23) [2022-05-23]
    • PRO B660M-P DDR4 / PRO B660M-P WIFI DDR4: 7D24v221 (2022-05-18) [2022-05-18]
    • PRO B660M-VC WIFI DDR4: 7D37v131 (2022-05-18) [2022-05-18]
  • B560:
    • B560-A PRO: 7D15vH1 (2021-09-15) [2021-09-09]
    • B560M PRO: 7D20v13 (2021-09-15) [2021-09-09]
    • B560M PRO WIFI: 7D21v12 (2021-09-15) [2021-09-09]
    • B560M PRO-E: 7D22v23 (2021-09-15) [2021-09-09]
    • B560M PRO-VDH / B560M PRO-VDH WIFI: 7D18v13 (2021-09-15) [2021-09-09]
    • B560M PRO-VDH WIFI (CEC): 7D18vH1 (2021-09-15) [2021-09-09]
    • B560M-A PRO: 7D20v253 (2022-05-23) [2022-05-21]
    • MAG B560 TOMAHAWK WIFI: 7D15v23 (2021-09-15) [2021-09-09]
    • MAG B560 TORPEDO: 7D15vA3 (2021-09-15) [2021-09-09]
    • MAG B560M BAZOOKA: 7D18vA3 (2021-09-15) [2021-09-09]
    • MAG B560M MORTAR / MAG B560M MORTAR WIFI: 7D17v14 (2021-09-09) [2021-09-08]
    • MPG B560I GAMING EDGE WIFI: 7D19v13 (2021-09-10) [2021-09-09]
  • B460:
    • B460M PRO / B460M-A PRO: 7C88v17 (2021-10-18) [2021-10-22]
    • B460M PRO-VDH / B460M PRO-VDH WIFI: 7C83v15 (2021-10-30) [2021-10-26]
    • MAG B460 TOMAHAWK: 7C81v13 (2021-10-30) [2021-10-25]
    • MAG B460 TORPEDO: 7C81vA2 (2021-10-30) [2021-10-25]
    • MAG B460M BAZOOKA: 7C83vA4 (2021-10-30) [2021-10-26]
    • MAG B460M MORTAR / MAG B460M MORTAR WIFI: 7C82v15 (2021-10-18) [2021-10-19]
    • MPG B460I GAMING EDGE WIFI: 7C86v12 (2021-11-12) [2021-11-05]
  • B360:
    • B360M BAZOOKA PLUS: 7B23vHC (2022-10-28) [2022-10-24]
    • B360-A PRO / B360 GAMING ARCTIC / B360 GAMING PLUS: 7B22v2D (2022-10-24) [2022-10-21]
    • B360M PRO-VD / B360M PRO-VH: 7B53v1C (2022-11-07) [2022-10-21]
    • B360M PRO-VDH: 7B24vAC (2022-11-02) [2022-10-26]
    • B360M MORTAR: 7B23v1C (2022-10-27) [2022-10-24]
    • B360M MORTAR TITANIUM: 7B23vAC (2022-10-27) [2022-10-24]
    • B360M BAZOOKA: 7B24v2C (2022-11-02) [2022-10-26]
    • B360 GAMING PRO CARBON: 7B16v2D (2022-11-14) [2022-11-03]
    • B360M GAMING PLUS: 7B19v1B (2022-10-25) [2022-10-20]
    • B360I GAMING PRO AC: 7B31v1B (2022-11-07) [2022-10-28]
    • B360-F PRO: 7B25v1B (2022-10-24) [2022-10-20]
  • H670:
    • MAG H670 TOMAHAWK WIFI DDR4: 7D25vH4 (2022-05-23) [2022-05-23]
  • H610:
    • PRO H610M-B DDR4 / PRO H610M-G DDR4 / PRO H610M-G WIFI DDR4: 7D46v131 (2022-05-18) [2022-05-18]
    • PRO H610M-C EX: 7D56v131 (2022-05-23) [2022-05-20]
    • PRO H610M-C EX DDR4: 7D56vA11 (2022-05-23) [2022-05-23]
  • H510:
    • H510I PRO WIFI: 7D16v13 (2021-09-10) [2021-09-09]
    • H510M PRO: 7D22v16 (2021-09-15) [2021-09-09]
    • H510M PRO-E: 7D23v11 (2021-09-16) [2021-09-14]
    • H510M-A PRO: 7D22v35 (2021-09-15) [2021-09-10]
    • H510TI-S01: 7D35v11 (2022-02-10) [2022-01-20]
  • H410:
    • H410I PRO WIFI: 7C86v22 (2021-11-12) [2021-11-08]
    • H410M PRO / H410M-A PRO / H410M PRO-VH: 7C89v19 (2021-11-01) [2021-11-05]
    • H410M PRO-C: 7D01v14 (2021-10-18) [2021-11-05]
    • H410M PRO-E: 7C85v11 (2021-10-18) [2021-10-22]
  • H370:
    • H370 GAMING PLUS: 7B22v1D (2022-10-25) [2022-10-21]
    • H370 GAMING PRO CARBON: 7B16v1D (2022-11-11) [2022-11-03]
    • H370M BAZOOKA: 7B24v1C (2022-11-02) [2022-10-26]
  • H310:
    • H310-A PRO: 7B83v1B (2022-11-07) [2022-10-26]
    • H310-F PRO: 7B25v2B (2022-10-24) [2022-10-21]
    • H310I PRO: 7B80v1A (2022-11-08) [2022-10-28]
    • H310M GAMING ARCTIC: 7B28vHB (2022-10-25) [2022-10-21]
    • H310M GAMING PLUS: 7B28v1B (2022-10-25) [2022-10-21]
    • H310M PRO-D / H310M PRO-VD / H310M PRO-VH: 7B33v1D (2022-11-08) [2022-10-28]
    • H310M PRO-M2: 7B28vAC (2022-10-24) [2022-10-20]
    • H310M PRO-VDH: 7B29v1D (2022-10-14) [2022-10-12]
    • H310M PRO-VHL: 7B27v1C (2022-10-27) [2022-10-24]
    • H310M PRO-VL: 7B75v1B (2022-10-24) [2022-10-21]

Unaffected motherboards (so far):

• AMD:
  • A320:
    • A320M PRO-VD
• Intel:
  • Z590:
    • MPG Z590 GAMING EDGE WIFI SP
  • Every Z370 motherboard
  • H310:
    • H310M PRO-C
    • H310M PRO-D PLUS
    • H310M PRO-M2 PLUS
    • H310M PRO-VD PLUS
    • H310M PRO-VDH PLUS
    • H310M PRO-VH PLUS
    • H310M PRO-VL PLUS
    • H310M PRO-VLH PLUS

No downloadable firmware available, need volunteers

• Intel:
  • X299:
    • MPG X299M GAMING EDGE AC
  • H610:
    • H610TI-S01
  • H510:
    • H510TI-S03
    • H510TI-S05
    • PRO H510M-E

---

Original issue

Title: MSI PRO Z790-A has very broken Secure Boot

Submitting as Foxboron asked me to.

Feel free to open an issue on sbctl and we can keep track of it

Chat log: https://view.matrix.org/room/!GtIfdsfQtQIgbQSxwJ:archlinux.org/?anchor=$smbsrKoEbpAzdUlEfGDSA-StHWVsoVbotfH06e3lVXs&offset=120

The board seems to accept unsigned OSes when booting with Secure Boot
enabled. Firmware version: E7E07IMS.A22 (7E07vA2).

This is how it went:

I went to firmware to enable Secure Boot and also wiped factory keys to
switch into Setup Mode. Then I checked sbctl status and noticed that
while Secure Boot was enabled, Setup Mode was disabled and Microsoft was
still enrolled.

$ sbctl status
Installed:      ✓ sbctl is installed
Owner GUID:     6e2b1be3-6ecf-41e6-a59b-a30efdfa85ba
Setup Mode:     ✓ Disabled
Secure Boot:    ✓ Enabled
Vendor Keys:    microsoft

Well that made no sense. I went back to firmware and toggled "Custom"
mode to "Standard" or something like that. Well… still booting.

Here is the output of commands that I was asked to run:

$ efi-readvar -v db
Variable db, length 3961
db: List 0, type X509
    Signature 0, size 790, owner 841d6484-c82e-4135-ac79-0bf5d26284cd
        Subject:
            CN=MSI SHIP DB
        Issuer:
            CN=MSI SHIP KEK
db: List 1, type X509
    Signature 0, size 1572, owner 77fa9abd-0359-4d32-bd60-28f4e78f784b
        Subject:
            C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Corporation UEFI CA 2011
        Issuer:
            C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Corporation Third Party Marketplace Root
db: List 2, type X509
    Signature 0, size 1515, owner 77fa9abd-0359-4d32-bd60-28f4e78f784b
        Subject:
            C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Windows Production PCA 2011
        Issuer:
            C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2010

$ efibootmgr -v
BootCurrent: 0000
Timeout: 0 seconds
BootOrder: 0000,0001
Boot0000* Linux Boot Manager    HD(1,GPT,eee220d1-aec3-45fa-adf2-596981dc70e1,0x800,0x100000)/File(\EFI\systemd\systemd-bootx64.efi)
      dp: 04 01 2a 00 01 00 00 00 00 08 00 00 00 00 00 00 00 00 10 00 00 00 00 00 d1 20 e2 ee c3 ae fa 45 ad f2 59 69 81 dc 70 e1 02 02 / 04 04 46 00 5c 00 45 00 46 00 49 00 5c 00 73 00 79 00 73 00 74 00 65 00 6d 00 64 00 5c 00 73 00 79 00 73 00 74 00 65 00 6d 00 64 00 2d 00 62 00 6f 00 6f 00 74 00 78 00 36 00 34 00 2e 00 65 00 66 00 69 00 00 00 / 7f ff 04 00
Boot0001* UEFI OS       HD(1,GPT,eee220d1-aec3-45fa-adf2-596981dc70e1,0x800,0x100000)/File(\EFI\BOOT\BOOTX64.EFI)0000424f
      dp: 04 01 2a 00 01 00 00 00 00 08 00 00 00 00 00 00 00 00 10 00 00 00 00 00 d1 20 e2 ee c3 ae fa 45 ad f2 59 69 81 dc 70 e1 02 02 / 04 04 30 00 5c 00 45 00 46 00 49 00 5c 00 42 00 4f 00 4f 00 54 00 5c 00 42 00 4f 00 4f 00 54 00 58 00 36 00 34 00 2e 00 45 00 46 00 49 00 00 00 / 7f ff 04 00
    data: 00 00 42 4f

$ sbverify --list /efi/EFI/systemd/systemd-bootx64.efi
warning: data remaining[110080 vs 121365]: gaps between PE/COFF sections?
warning: data remaining[110080 vs 121368]: gaps between PE/COFF sections?
No signature table present

$ fwupdmgr update
WARNING: UEFI capsule updates not available or enabled in firmware setup
  See https://github.com/fwupd/fwupd/wiki/PluginFlag:capsules-unsupported for more information.
Devices with no available firmware updates:
 • 0000:00:1f.5
 • CT2000P5PSSD8
╔══════════════════════════════════════════════════════════════════════════════╗
║ Upgrade UEFI dbx from 77 to 217?                                             ║
╠══════════════════════════════════════════════════════════════════════════════╣
║ This updates the dbx to the latest release from Microsoft which adds         ║
║ insecure versions of grub and shim to the list of forbidden signatures due   ║
║ to multiple discovered security updates.                                     ║
║                                                                              ║
║ Before installing the update, fwupd will check for any affected executables  ║
║ in the ESP and will refuse to update if it finds any boot binaries signed    ║
║ with any of the forbidden signatures. If the installation fails, you will    ║
║ need to update shim and grub packages before the update can be deployed.     ║
║                                                                              ║
║ Once you have installed this dbx update, any DVD or USB installer images     ║
║ signed with the old signatures may not work correctly. You may have to       ║
║ temporarily turn off secure boot when using recovery or installation media,  ║
║ if new images have not been made available by your distribution.             ║
║                                                                              ║
╚══════════════════════════════════════════════════════════════════════════════╝

Perform operation? [Y|n]:

Later tried to sign all EFI binaries with my unenrolled keys and… it
still booted.

[medhefgo]

What loader is \EFI\BOOT\BOOTX64.EFI and is it signed? Also, does bootctl agree on secure boot state?

MSI firmware is pretty much identical to ASUS, so these instructions should work for you: https://github.com/Foxboron/sbctl/blob/master/docs/workflow-example.md. You can even make screenshots with F12 (it should ask you for a usb stick to store them onto), which may help us figuring out if everything is set up correctly.

[Foxboron]

@medhefgo The issue is that BOOTX64.EFI is not being booted, and it apparently boots the unsigned sd-boot binary.

I found all of this too weird to not have an issue about it.

EDIT:

Also, does bootctl agree on secure boot state?

Yes, the chat log included the bootctl output and it said SB is enabled.

[medhefgo]

Yes, the chat log included the bootctl output and it said SB is enabled.

That chatlog is terrible and I cannot find the bootctl output. I'll take your word for it.

It seems that MSI has other boards with weird secure boot issues: memtest86plus/memtest86plus#201 (comment) (in that case always being enabled and working).

I went to firmware to enable Secure Boot and also wiped factory keys to
switch into Setup Mode. Then I checked sbctl status and noticed that
while Secure Boot was enabled, Setup Mode was disabled and Microsoft was
still enrolled.

Was this done in one step or with a save and reset in between? Does the secure boot menu explicitly state that secure boot is disabled after clearing the keys (before leaving the firmware setup)? Have you tried only deleting the PK while leaving the others keys as is?

Resetting firmware settings and/or downgrading/reflashing the firmware might be something to try…

[dawidpotocki]

Here is a bunch of runs I just did:

Run 0

Secure Boot enabled with factory keys.

Run 1

Changed Secure Boot Mode to Custom and showing all keys enrolled.

Run 2

Disabled Secure Boot. This one is kinda interesting, cause I remember disabling SB and still OS behaving as if it still was enabled.

Run 3

Clearing Secure Boot keys.

Run 4

When checking enrolled keys, factory keys were back. This time when clearing keys I didn't just press "Yes" when clearing keys. I checked enrolled keys and noticed that there is an option to automatically enroll factory keys… oh well. I didn't notice it earlier as I was focused on keys showing that there is nothing there and popup telling me that it will put me in Setup Mode. Disabled that and it worked. My bad, but MSI should have designed their firmware better.

Run 5

Trying to remove just PK, it… doesn't do anything. Maybe it would be able to delete non-factory key, but idk.

Soon™

I will try reflashing firmware and downgrading, but not today. I tried changing some settings that I changed back to defaults to check if they caused this issue, but no. I didn't change much, mostly just memory speed, timings and fan settings.

---

EDIT:

What loader is \EFI\BOOT\BOOTX64.EFI and is it signed?

It's systemd-boot and it's not signed.

dawid@archlinux in ~
$ sbverify --list /efi/EFI/systemd/systemd-bootx64.efi
warning: data remaining[110592 vs 121739]: gaps between PE/COFF sections?
warning: data remaining[110592 vs 121744]: gaps between PE/COFF sections?
No signature table present
dawid@archlinux in ~
$ sbverify --list /efi/EFI/BOOT/BOOTX64.EFI
warning: data remaining[110592 vs 121739]: gaps between PE/COFF sections?
warning: data remaining[110592 vs 121744]: gaps between PE/COFF sections?
No signature table present

[medhefgo]

Well, that is some interesting firmware…

Have you tried enrolling your own keys when in setup mode? And does that properly activate signature checking?

I have two working theories right now:

1. The firmware might be trusting your efi binaries on a TOFU basis on first boot after clearing the keys. Easily tested by swapping out to a different build/version of sd-boot after booting once.
2. The firmware might be thinking your boot hd is a trusted firmware volume and therefore does not enforce signatures. If that is the case it might refuse booting unsigned images from a usb stick (ideally different from the ones on the ESP).

If possible, you could also try moving the ESP to a different internal drive. I'm also wondering if it would accept efi binaries coming from a XBOOTLDR partition…

[Foxboron]

Is there a reliably way to detect motherboard versions from Linux? I'm contemplating if sbctl should have a generic "wonkey warning" if it encounters known bad motherboard+firmware versions.

[medhefgo]

Is there a reliably way to detect motherboard versions from Linux? I'm contemplating if sbctl should have a generic "wonkey warning" if it encounters known bad motherboard+firmware versions.

DMI/SMBIOS info is the best source you're looking for (demidecode). And even that is full of "to be filled by OEM" crap that has to be filtered out. Best thing is to access it by hostnamectl (or hostnamed dbus API) as it does that for you.

[dawidpotocki]

The firmware might be thinking your boot hd is a trusted firmware volume and therefore does not enforce signatures. If that is the case it might refuse booting unsigned images from a usb stick (ideally different from the ones on the ESP).

Unless RebeccaBlackOS has Secure Boot support, I think that's pretty unlikely.

[medhefgo]

Unless RebeccaBlackOS has Secure Boot support, I think that's pretty unlikely.

The firmware not checking the signature has nothing to do with your OS. And firmwares are known to do silly things, and confusing the ESP as an internally trusted firmware volume is something I wouldn't put past them.

It would also be interesting to see if it will at least handle the blocklist correctly by trying to boot a signed shim that is on the blocklist. Which version to try is a different question though, but one from like 2 years ago or so along with the dbx update should suffice.

[dawidpotocki]

The firmware not checking the signature has nothing to do with your OS.

Well, you told me boot something from a USB and I'm just saying that I did that.

It would also be interesting to see if it will at least handle the blocklist correctly by trying to boot a signed shim that is on the blocklist.

Will try later.

[medhefgo]

Well, you told me boot something from a USB and I'm just saying that I did that.

That was a rather roundabout way of saying that.

For shim testing, make sure that the dbx update has been applied again (because it gets cleared when sb vars are reset). Then make an entry that points to the shim binary with a copy of you loader (I recommend an efi shell) named to grubx64.efi next to it. A quick test on my machine says that this one is old enough to get rejected: https://kojipkgs.fedoraproject.org//vol/fedora_koji_archive05/packages/shim/13/2/x86_64/shim-x64-13-2.x86_64.rpm

[medhefgo]

Well, you told me boot something from a USB and I'm just saying that I did that.

Are you sure that was an UEFI boot and not CSM? Cause the iso does not have a EFI directory.

[dawidpotocki]

Shouldn't Secure Boot decline it anyway? But okay, Arch Linux and Void
Linux iso will start GRUB, but GRUB will complain that shim lock is not
available when picking an entry and will not start the OS.

error: shim_lock protocol not found
error: you need to load kernel first

My understanding is that GRUB shouldn't even boot if Secure Boot was
working, so it's just GRUB expecting to be signed or used with a shim
and failing.

[dawidpotocki]

I just tried every firmware available from MSI's website. They all have
Secure Boot broken.

https://www.msi.com/Motherboard/PRO-Z790-A-WIFI/support

[dawidpotocki]

I found the solution and I hate it.

By default MSI sets "Always execute" on policy violation on everything, essentially making Secure Boot useless with the default settings. This shouldn't be the default. Also "Query user" is useless if user is using some type of a bootloader, as it won't accept input anymore.

---

EDIT: Maybe sbctl should warn people on MSI motherboards about this setting? It makes people have a false sense of security.

To change it you have to:

1. Set Secure Boot Mode to "Custom"
2. Open "Image Execution Policy"
3. Change policies to "Deny Execute".

[dawidpotocki]

I know that it is a case for some MSI boards, but according to fwupdmgr,
my board doesn't have manufacturing mode enabled.

[CirnoT]

That's curious. If you are able to source CSME System Tools for v16+ you could try running MEInfo to find out for sure. You would be interested in sections "End Of Manufacturing" as well as "FW Supported FPFs", and especially SVNs and Hashes.

[dawidpotocki]

Welp, tried v16 and told me that Raptor Lake is unsupported, only Alder Lake.

[Tuxilla]

You can see it with Fedora 37 and Fedora 38 Rawhide that the Intel Management Engine is located Manufacturing Mode.
reddit.com

[dawidpotocki]

This is a different board and this info comes from fwupd.

[Foxboron]

Please keep in mind this issue is for Secure Boot issues. Manufacture mode, general other issues with MSI stuff isn't really relevant.

The issue has been linked many places at the moment, please keep it on-track :)

[orangpelupa]

Btw turning those 3 into always deny result in msi b550 gaming wifi edge cannot boot at all. Can't even go to uefi

[dawidpotocki]

@orangpelupa Don't use Always Deny. It means that it will ALWAYS DENY, no matter if it's signed or not. You want "Deny Execute". Clear CMOS and do it properly.

[orangpelupa]

@orangpelupa Don't use Always Deny. It means that it will ALWAYS DENY, no matter if it's signed or not. You want "Deny Execute". Clear CMOS and do it properly.

Whoops my bad.

Btw maybe make a clear warning to the OP?

In case other people did the same mistake as me.

Corrextion, clear cmos does fix the problem.

[denali1]

MSI has released a beta firmware update for the MEG X570S UNIFY-X MAX 7D51v151. The output I got when I ran the script above was "7D51v151: Good". However, I had to take that script and modify it for Kali Linux. Since I'm a firm believer in "Trust but verify", does anyone else who is using the script get the same outcome when they run it on that firmware package?

[dawidpotocki]

7D51v151: Bad

Idk how you ran the script, maybe you don't have some of the tools
installed or your edits are bad.

Anyway, the script is outdated as it doesn't work for newer firmware
that has changed Secure Boot settings. They now have "Secure Boot
Preset" instead of "Image Execution Policy".

[denali1]

Well, I'm glad I asked. I was afraid it was too good to be true. Thank you for following up.

[Foxboron]

If anyone following this issue wants to help Richard on the recent MSI leak please read.

https://blogs.gnome.org/hughsie/2023/05/09/msi-and-insecure-kms/

[skarpinis]

Firmware: ‼ Your firmware has known quirks still shows after I set Maximum Security in the bios this normal? thanks

[dawidpotocki]

This is expected, we can't tell from the OS side what settings you have set.

[rshxyz]

@dawidpotocki I was looking for the execution policy on b450-tomahawk and b550m-mortart, Do you know if they removed image execution policy and just made two options, hardware/os compatibility and maximum security?

https://www.msi.com/Motherboard/B450-TOMAHAWK/support
https://www.msi.com/Motherboard/MAG-B550M-MORTAR/support

[rshxyz]

looks like they did, they made it so much harder to understand lul
https://forum-en.msi.com/index.php?threads/is-it-safe-to-delete-all-secure-boot-keys-on-msi-pro-b650-p-wifi.395150/

[dawidpotocki]

Like it is mentioned at the top, it has been renamed. Hardware/OS compatibility means "pretend that we are doing anything" and Maximum Security actually does verification checks.