After glancing thru this PSP <http://www.uefi.org/sites/default/files/resources/UEFI_PlugFest_AMD_Security_and_Server_innovation_AMD_March_2013.pdf> (Platitude Spewing Presentation), it looks more like they are grafting the security model of ARM-based SoCs onto x86 where a masked ROM loads the next stage.
A couple kind of nice things they mention: - "Isolated on-chip ROM and SRAM" - So this may be somewhat more constrained than the multi-megabyte blobs for MEs? - "Secure Boot does not require the system ROM image to be signed" Not so nice: "Access to system memory / resources". Ugh. On Mon, Aug 25, 2014 at 11:37 AM, Patrick Georgi <[email protected]> wrote: > Am 25.08.2014 um 19:44 schrieb ron minnich: > > Is it as closed off and mysterious? > Its firmware is signed. So yes, closed off. > > My hope is that it is (and stays) like early ME: no firmware, no harm, > since it deactivates itself silently. > But since AMD prefers to parrot Intel's worst ideas these days... > > > Patrick > > > -- > coreboot mailing list: [email protected] > http://www.coreboot.org/mailman/listinfo/coreboot > -- David Hendricks (dhendrix) Systems Software Engineer, Google Inc.
-- coreboot mailing list: [email protected] http://www.coreboot.org/mailman/listinfo/coreboot
