1 .. SPDX-License-Identifier: GPL-2.0 1 .. SPDX-License-Identifier: GPL-2.0 2 2 3 Intel(R) Active Management Technology (Intel A 3 Intel(R) Active Management Technology (Intel AMT) 4 ============================================== 4 ================================================= 5 5 6 Prominent usage of the Intel ME Interface is t 6 Prominent usage of the Intel ME Interface is to communicate with Intel(R) 7 Active Management Technology (Intel AMT) imple 7 Active Management Technology (Intel AMT) implemented in firmware running on 8 the Intel ME. 8 the Intel ME. 9 9 10 Intel AMT provides the ability to manage a hos 10 Intel AMT provides the ability to manage a host remotely out-of-band (OOB) 11 even when the operating system running on the 11 even when the operating system running on the host processor has crashed or 12 is in a sleep state. 12 is in a sleep state. 13 13 14 Some examples of Intel AMT usage are: 14 Some examples of Intel AMT usage are: 15 - Monitoring hardware state and platform co 15 - Monitoring hardware state and platform components 16 - Remote power off/on (useful for green com 16 - Remote power off/on (useful for green computing or overnight IT 17 maintenance) 17 maintenance) 18 - OS updates 18 - OS updates 19 - Storage of useful platform information su 19 - Storage of useful platform information such as software assets 20 - Built-in hardware KVM 20 - Built-in hardware KVM 21 - Selective network isolation of Ethernet a 21 - Selective network isolation of Ethernet and IP protocol flows based 22 on policies set by a remote management co 22 on policies set by a remote management console 23 - IDE device redirection from remote manage 23 - IDE device redirection from remote management console 24 24 25 Intel AMT (OOB) communication is based on SOAP 25 Intel AMT (OOB) communication is based on SOAP (deprecated 26 starting with Release 6.0) over HTTP/S or WS-M 26 starting with Release 6.0) over HTTP/S or WS-Management protocol over 27 HTTP/S that are received from a remote managem 27 HTTP/S that are received from a remote management console application. 28 28 29 For more information about Intel AMT: 29 For more information about Intel AMT: 30 https://software.intel.com/sites/manageability 30 https://software.intel.com/sites/manageability/AMT_Implementation_and_Reference_Guide/default.htm 31 31 32 32 33 Intel AMT Applications 33 Intel AMT Applications 34 ---------------------- 34 ---------------------- 35 35 36 1) Intel Local Management Service (Intel L 36 1) Intel Local Management Service (Intel LMS) 37 37 38 Applications running locally on the pla 38 Applications running locally on the platform communicate with Intel AMT Release 39 2.0 and later releases in the same way 39 2.0 and later releases in the same way that network applications do via SOAP 40 over HTTP (deprecated starting with Rel 40 over HTTP (deprecated starting with Release 6.0) or with WS-Management over 41 SOAP over HTTP. This means that some In 41 SOAP over HTTP. This means that some Intel AMT features can be accessed from a 42 local application using the same networ 42 local application using the same network interface as a remote application 43 communicating with Intel AMT over the n 43 communicating with Intel AMT over the network. 44 44 45 When a local application sends a messag 45 When a local application sends a message addressed to the local Intel AMT host 46 name, the Intel LMS, which listens for 46 name, the Intel LMS, which listens for traffic directed to the host name, 47 intercepts the message and routes it to 47 intercepts the message and routes it to the Intel MEI. 48 For more information: 48 For more information: 49 https://software.intel.com/sites/manage 49 https://software.intel.com/sites/manageability/AMT_Implementation_and_Reference_Guide/default.htm 50 Under "About Intel AMT" => "Local Acces 50 Under "About Intel AMT" => "Local Access" 51 51 52 For downloading Intel LMS: 52 For downloading Intel LMS: 53 https://github.com/intel/lms 53 https://github.com/intel/lms 54 54 55 The Intel LMS opens a connection using 55 The Intel LMS opens a connection using the Intel MEI driver to the Intel LMS 56 firmware feature using a defined GUID a 56 firmware feature using a defined GUID and then communicates with the feature 57 using a protocol called Intel AMT Port 57 using a protocol called Intel AMT Port Forwarding Protocol (Intel APF protocol). 58 The protocol is used to maintain multip 58 The protocol is used to maintain multiple sessions with Intel AMT from a 59 single application. 59 single application. 60 60 61 See the protocol specification in the I 61 See the protocol specification in the Intel AMT Software Development Kit (SDK) 62 https://software.intel.com/sites/manage 62 https://software.intel.com/sites/manageability/AMT_Implementation_and_Reference_Guide/default.htm 63 Under "SDK Resources" => "Intel(R) vPro 63 Under "SDK Resources" => "Intel(R) vPro(TM) Gateway (MPS)" 64 => "Information for Intel(R) vPro(TM) G 64 => "Information for Intel(R) vPro(TM) Gateway Developers" 65 => "Description of the Intel AMT Port F 65 => "Description of the Intel AMT Port Forwarding (APF) Protocol" 66 66 67 2) Intel AMT Remote configuration using a 67 2) Intel AMT Remote configuration using a Local Agent 68 68 69 A Local Agent enables IT personnel to c 69 A Local Agent enables IT personnel to configure Intel AMT out-of-the-box 70 without requiring installing additional 70 without requiring installing additional data to enable setup. The remote 71 configuration process may involve an IS 71 configuration process may involve an ISV-developed remote configuration 72 agent that runs on the host. 72 agent that runs on the host. 73 For more information: 73 For more information: 74 https://software.intel.com/sites/manage 74 https://software.intel.com/sites/manageability/AMT_Implementation_and_Reference_Guide/default.htm 75 Under "Setup and Configuration of Intel 75 Under "Setup and Configuration of Intel AMT" => 76 "SDK Tools Supporting Setup and Configu 76 "SDK Tools Supporting Setup and Configuration" => 77 "Using the Local Agent Sample" 77 "Using the Local Agent Sample" 78 78 79 Intel AMT OS Health Watchdog 79 Intel AMT OS Health Watchdog 80 ---------------------------- 80 ---------------------------- 81 81 82 The Intel AMT Watchdog is an OS Health (Hang/C 82 The Intel AMT Watchdog is an OS Health (Hang/Crash) watchdog. 83 Whenever the OS hangs or crashes, Intel AMT wi 83 Whenever the OS hangs or crashes, Intel AMT will send an event 84 to any subscriber to this event. This mechanis 84 to any subscriber to this event. This mechanism means that 85 IT knows when a platform crashes even when the 85 IT knows when a platform crashes even when there is a hard failure on the host. 86 86 87 The Intel AMT Watchdog is composed of two part 87 The Intel AMT Watchdog is composed of two parts: 88 1) Firmware feature - receives the heartbe 88 1) Firmware feature - receives the heartbeats 89 and sends an event when the heartbeats 89 and sends an event when the heartbeats stop. 90 2) Intel MEI iAMT watchdog driver - connec 90 2) Intel MEI iAMT watchdog driver - connects to the watchdog feature, 91 configures the watchdog and sends the h 91 configures the watchdog and sends the heartbeats. 92 92 93 The Intel iAMT watchdog MEI driver uses the ke 93 The Intel iAMT watchdog MEI driver uses the kernel watchdog API to configure 94 the Intel AMT Watchdog and to send heartbeats 94 the Intel AMT Watchdog and to send heartbeats to it. The default timeout of the 95 watchdog is 120 seconds. 95 watchdog is 120 seconds. 96 96 97 If the Intel AMT is not enabled in the firmwar 97 If the Intel AMT is not enabled in the firmware then the watchdog client won't enumerate 98 on the me client bus and watchdog devices won' 98 on the me client bus and watchdog devices won't be exposed. 99 99 100 --- 100 --- 101 linux-mei@linux.intel.com 101 linux-mei@linux.intel.com
Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.