no longer disable Intel ME related kernel modules #239
Description
For rationale, see:
https://www.kicksecure.com/wiki/Out-of-band_Management_Technology#Intel_ME_Disabling_Disadvantages
## Intel Management Engine (ME):
## Partially disable the Intel ME interface with the OS.
## ME functionality has increasing become more intertwined with basic system operation.
## Disabling may lead to breakages places such as security, power management, display, and DRM.
##
## https://www.kernel.org/doc/html/latest/driver-api/mei/mei.html
## https://en.wikipedia.org/wiki/Intel_Management_Engine#Security_vulnerabilities
## https://www.kicksecure.com/wiki/Out-of-band_Management_Technology#Intel_ME_Disabling_Disadvantages
## https://github.com/Kicksecure/security-misc/pull/236#issuecomment-2229092813
##
install mei /usr/bin/disabled-intelme-by-security-misc
install mei-gsc /usr/bin/disabled-intelme-by-security-misc
install mei_gsc_proxy /usr/bin/disabled-intelme-by-security-misc
install mei_hdcp /usr/bin/disabled-intelme-by-security-misc
install mei-me /usr/bin/disabled-intelme-by-security-misc
install mei_phy /usr/bin/disabled-intelme-by-security-misc
install mei_pxp /usr/bin/disabled-intelme-by-security-misc
install mei-txe /usr/bin/disabled-intelme-by-security-misc
install mei-vsc /usr/bin/disabled-intelme-by-security-misc
install mei-vsc-hw /usr/bin/disabled-intelme-by-security-misc
install mei_wdt /usr/bin/disabled-intelme-by-security-misc
install microread_mei /usr/bin/disabled-intelme-by-security-misc
Disabling Linux Intel ME related kernel modules does nothing to disable Intel ME from the CPU.
related: