Disclaimer: Production viable releases are tagged and listed under 'Releases'. All other check-ins should be considered 'in-development' and should not be used in production
RPC is used for activation, deactivation, maintenance, and status of an AMT device The Remote Provisioning Client (RPC) is an application that assists with activation, configuration, and maintenance of for Intel® AMT devices. RPC provides source code that must be compiled into a binary to run or library for integration with other client applications.
For detailed documentation about Getting Started or other features of the Device Management Toolkit, see the docs.
go build -o rpc.exe ./cmd/rpc/main.go
go build -buildmode=c-shared -o rpc.dll ./cmd/rpc
go build -o rpc ./cmd/rpc/main.go
CGO_ENABLED=1 go build -buildmode=c-shared -o librpc.so ./cmd/rpc
docker build -t rpc-go:latest .Install the executable on a target device and then run from a terminal/shell command line with adminstrator privileges.
For usage, call the executable with no additional parameters.
RPC can preload defaults from a YAML configuration file (default: config.yaml in the working directory or passed explicitly via --config <path>).
See config.sample.yaml for a fully documented example containing every command and flag. Typical workflow:
- Copy the sample:
cp config.sample.yaml config.yaml(or on Windowscopy config.sample.yaml config.yaml). - Edit only the sections you need (e.g. set
configure: sync-clock: password:or activation parameters). - Run a command using the file:
rpc --config config.yaml configure sync-clockCLI flags and environment variables always override values loaded from the file.
Sensitive values (passwords, tokens) can also be provided via environment variables (see flag env: tags in code) instead of storing in plaintext YAML.
You can now supply a single global AMT admin password once via either:
rpc --amt-password <pass> <command> ...
or environment variable:
set AMT_PASSWORD=<pass> # Windows PowerShell
export AMT_PASSWORD=<pass> # Linux/macOS
All commands that require an AMT password will use this value automatically unless a per-command --password is explicitly provided (legacy behavior kept for backward compatibility). The sample config (config.sample.yaml) reflects this by using a top-level amt-password: key instead of repeating password: under each command section.
.\rpcsudo ./rpc$ docker run --rm -it --device /dev/mei0 rpc-go:latest- Ensure code is formatted correctly with
gofumpt -l -w -extra ./ - Ensure all unit tests pass with
go test ./... - Ensure code has been linted with
docker run --rm -v ${pwd}:/app -w /app golangci/golangci-lint:latest golangci-lint run -v
The project includes fuzz tests to identify edge cases and potential panics in CLI command parsing. Fuzz testing uses Go's built-in fuzzing support (Go 1.18+).
# Run quick fuzz tests (30 seconds per test)
make fuzz-short
# Run extended fuzz tests (5 minutes per test)
make fuzz
# Run regression tests with existing corpus only
make fuzz-regression
# Run a specific fuzz test manually
go test -fuzz=FuzzDeactivate -fuzztime=1m ./internal/cliFuzz tests run automatically in GitHub Actions:
- Pull Requests & Pushes: Quick 30-second fuzz tests on each PR
- Scheduled (Weekly): Extended 10-minute fuzz tests every Monday
- Manual Trigger: Run with custom duration via workflow_dispatch
If fuzz testing discovers a crash, the failure inputs are uploaded as artifacts for investigation.
The project maintains seed corpus files in internal/cli/testdata/fuzz/ to ensure effective fuzzing coverage. These files represent valid and edge-case CLI commands that the fuzzer uses as starting points.
-
For detailed documentation and Getting Started, visit the docs site.
-
Looking to contribute? Find more information here about contribution guidelines and practices.
-
Find a bug? Or have ideas for new features? Open a new Issue.
-
Need additional support or want to get the latest news and events about Open AMT? Connect with the team directly through Discord.
