Am 26.08.2014 20:00 schrieb Bruce Griffith: > Here's what I know about PSP: > >> I'm utterly ignorant of the PSP -- is this thing like the Intel ME, and >> how scared should we be of it? > Somewhat scared. > > The PSP is an actual processor that takes control when reset is released. > The x86 does not start fetching code until the PSP is satisfied that BIOS > meets whatever constraints have been programmed into the PSP firmware.
I can see this as a way to prevent modification of some signed parts of coreboot, i.e. it can be a usable and desirable security mechanism against unauthorized firmware replacement. However, if the key used for verification is under control of a foreign entity and can't be changed, some users (especially government users) won't consider this to be additional security. > There are TPM-like characteristics but I don't know any specifics. > > The PSP is capable of "locking" additional processor features that could > be exploited to take over a system. > >> My hope is that it ... deactivates itself silently. > For the coreboot implementation, it runs, decides that the x86 code is not > its concern, and the x86 starts fetching code. From that point on, I > think the PSP is transparent to the x86. > >> After glancing thru [the PSP presentation], it looks more like they are >> grafting the security model of ARM-based SoCs onto x86 where a masked >> ROM loads the next stage. > A masked processor and associated firmware (the PSP) validate the first > "stage" of x86 code. What comprises the first stage is arbitrary and gets > signed with an AMD private key. Your first stage could be bootblock, > bootblock plus romstage, something more involved, or something less > involved. You need a legal arrangement with AMD to get your first stage > signed. For coreboot, none of the x86 code is signed. Hm. Is there a way to have AMD exchange that key for your own, possibly by paying decent money? That way, the platform can be under your own control which would make security-conscious users (governments, military, ...) happy. Regards, Carl-Daniel -- coreboot mailing list: [email protected] http://www.coreboot.org/mailman/listinfo/coreboot
