Chipsec

This version includes the following new or updated modules:
- `tools.vmm.xen.xsa188` - new proof-of-concept module for Xen XSA-188 / CVE-2016-7154 "use after free in FIFO event channel code" (https://xenbits.xen.org/xsa/advisory-188.html)
- `tools.vmm.xen.hypercallfuzz` - refactored and enhanced Xen hypercall fuzzer which discovered Xen XSA-188
- `tools.uefi.blacklist` - extended black-list configuration file with detection of EFI binaries affected by SystemSmmRuntimeRt a.k.a. 'ThinkPwn' vulnerability discovered by Dmytro Oleksiuk (http://blog.cr4.sh/2016/06/exploring-and-exploiting-lenovo.html)

This version includes the following new functionality:
- Significant improvements in installing CHIPSEC package, including from PyPI
- Added Mac OS X support with limited functionality (Alpha)
- Improved CHIPSEC service management on Windows
- Added support of "Native OS API" mode which in certain cases can use native OS API instead of CHIPSEC kernel module
- Added support of VIRTIO virtual devices
- Added support of VMM hypercall interfaces from Linux VMs
- Added parsing of EFI firmware update capsules and RAW sections
- Improved UEFI VSS variable format parsing
- Added support of Intel 7th Generation Core based platforms

This version includes the following fixes:
- Fixed calculation of SPI flash protected ranges PRx
- Updated SPI HAL to use XML config
- Added checking that SPI hardware sequencing is enabled

This version includes the following new or updated modules:
- `memconfig` - assess configuration of memory map
- `common.spi_fdopss` - check that SPI flash descriptor security override pin-strap (FDOPSS) is not used on the system
- `common.ia32cfg` - assess whether CPU architectural feature configuration is locked
- `common.rtclock` - check that RTC memory locations are protected
- `tools.cpu.sinkhole` - check if CPU is affected by 'The SMM memory sinkhole' vulnerability (see https://www.blackhat.com/docs/us-15/materials/us-15-Domas-The-Memory-Sinkhole-Unleashing-An-x86-Design-Flaw-Allowing-Universal-Privilege-Escalation.pdf)
- `tools.uefi.blacklist` - check if UEFI firmware image contains any black-listed EFI binaries
- Currently, black-list configuration (`blacklist.json`) contains only HackingTeam's UEFI rootkit components (see http://www.intelsecurity.com/advanced-threat-research/content/data/HT-UEFI-rootkit.html)
- Initial implementation of the following security testing tools for VMM/hypervisor low-level interfaces:
- `tools.vmm.hypercallfuzz` - simple fuzzer for generic hypercall interfaces
- `tools.vmm.xen.hypercallfuzz` - fuzzer for Xen specific hypercall interface
- `tools.vmm.xen.hypercallinfo` - information utility related to Xen specific hypercall interface
- `tools.vmm.hv.hypercallfuzz` - fuzzer for Hyper-V specific hypercall interface
- `tools.vmm.hv.vmbusfuzz` - fuzzer for Hyper-V specific generic VMBus interface
- `tools.vmm.hv.synth_dev` - generic fuzzer for Hyper-V synthetic VMBus devices
- `tools.vmm.hv.synth_kbd` - fuzzer for Hyper-V synthetic VMBus keyboard device

This version includes the following new functionality:
- Searching for EFI modules according to specified criteria in a firmware image
- Calculating hashes of EFI modules in a firmware image
- Linux kernel module is now automatically loaded and unloaded by CHIPSEC
- New support to use /dev/mem as a fallback method on Linux
- Parsing of DSDT and FADT ACPI tables
- Enumeration of PCIe option/expansion ROMs
- Integration with Travis-CI

This version includes the following fixes:
- Updated `pcidb`

This version has the following known issues:
- Decompression of images in SPI flash parsing is not available in UEFI shell.
- UEFI Shell environment does not support `cpuid` or `get_thread_count`. There are functions that simply warn that they are not supported.
- Size of MMCFG (PCIEXBAR) is calculated incorrectly
- `chipsec_util mmcfg` and calculation of MMCFG (ECBASE) does not work on Atom SoCs
- Atom SoC message bus interface is not implemented on Windows and in UEFI shell

1. We have support for uefi variables on Windows and Linux but not UEFI shell.
2. Decompression of images in SPI flash parsing is only supported in Windows.
3. UEFI - Support for IA32 and i586 (Quark)
4. Added capability to use modules from an arbitrary path with the -I / --import command line option
5. Module functionality encapsulated in class inheriting BaseModule
6. Fixed loading platform specific configuration
7. Fixed issue with modules which run on multiple logical CPUs hanging on Bay Trail (Windows/Linux). The issue still exist when running from UEFI shell
8. Added template for a module - module_template.py
9. Added options to flush log files
10. Added ability to define custom platforms

Driver changes:
1. Windows - Added IOCTL_ALLOC_PHYSMEM to allocate physical memory buffer
2. Linux - Fix wrpci defect