[coreboot] Re: Are AMD CPUs as researched as Intel ones (was Re: New Intel microcode release for migiating ZOMBIELOAD FALLOUT AND OTHERS)
On 5/15/19 11:54 PM, Nico Huber wrote: If you can't provide any _related_ reference for research on AMD processors, please keep your believes about who is better for yourself (or at least away from technical oriented mailing lists). Nico, you sound a little rude and schoolmasterly. You know, other people have different writing styles, and that's a good thing. Cheers ___ coreboot mailing list -- coreboot@coreboot.org To unsubscribe send an email to coreboot-le...@coreboot.org
[coreboot] Re: Are AMD CPUs as researched as Intel ones (was Re: New Intel microcode release for migiating ZOMBIELOAD FALLOUT AND OTHERS)
Hi On 15. 05. 19 17:28, Nico Huber wrote: Hi Ivan, I'm curious. Did you do or know somebody who did as much research on AMD processors, as was necessary to find these vulnerabilities? If not, how can you make such comparisons? Here [1] is a official AMD paper on the speculation behavior in AMD architectures. Intro: This document provides in depth descriptions of AMD CPU micro-architecture and how it handles speculative execution in a variety of architectural scenarios. This document is referring to the latest Family 17h processors which include AMD’s Ryzen™ and EPYC™ processors, unless otherwise specified. This document does necessarily describe general micro-architectural principles that exist in all AMD microprocessors. AMD’s processor architecture includes hardware protection checks that AMD believes help AMD processors not be affected by many side-channel vulnerabilities. These checks happen in various speculation scenarios including during TLB validation, architectural exception handling, loads and floating point operations. Thanks, Rudolf [1] https://www.amd.com/system/files/documents/security-whitepaper.pdf ___ coreboot mailing list -- coreboot@coreboot.org To unsubscribe send an email to coreboot-le...@coreboot.org
[coreboot] Re: Are AMD CPUs as researched as Intel ones (was Re: New Intel microcode release for migiating ZOMBIELOAD FALLOUT AND OTHERS)
On 15.05.19 17:59, Ivan Ivanov wrote: > Yes, the people are checking AMD as well, and discovered the > AMD-specific vulnerabilities at their PSP Platform (IN)Security > Processor. Unless I missed something about the PSP, I fear, we are talking past each other. Not only is the PSP a completely different research area than the main CPU cores, also, the vulnerabilities I recall were in software programs. If you can't provide any _related_ reference for research on AMD processors, please keep your believes about who is better for yourself (or at least away from technical oriented mailing lists). Nico ___ coreboot mailing list -- coreboot@coreboot.org To unsubscribe send an email to coreboot-le...@coreboot.org
[coreboot] Re: Are AMD CPUs as researched as Intel ones (was Re: New Intel microcode release for migiating ZOMBIELOAD FALLOUT AND OTHERS)
Yes, the people are checking AMD as well, and discovered the AMD-specific vulnerabilities at their PSP Platform (IN)Security Processor. Luckily almost all the coreboot-supported AMD computers - with the exception of some PC Engines boards if I'm not mistaken - don't have a PSP, so not affected. ср, 15 мая 2019 г. в 18:50, Nico Huber : > > On 15.05.19 17:37, Ivan Ivanov wrote: > > Hi Nico, when someone finds a vulnerability at Intel, people do a good > > digging for a similar vulnerability at AMD. > > I don't doubt it. But did somebody try to find AMD-specific vulnera- > bilities? Checking if somebody else did the same errors is not the same > as checking if they did their own. > > Nico ___ coreboot mailing list -- coreboot@coreboot.org To unsubscribe send an email to coreboot-le...@coreboot.org
[coreboot] Re: Are AMD CPUs as researched as Intel ones (was Re: New Intel microcode release for migiating ZOMBIELOAD FALLOUT AND OTHERS)
On 15.05.19 17:37, Ivan Ivanov wrote: > Hi Nico, when someone finds a vulnerability at Intel, people do a good > digging for a similar vulnerability at AMD. I don't doubt it. But did somebody try to find AMD-specific vulnera- bilities? Checking if somebody else did the same errors is not the same as checking if they did their own. Nico ___ coreboot mailing list -- coreboot@coreboot.org To unsubscribe send an email to coreboot-le...@coreboot.org
[coreboot] Re: Are AMD CPUs as researched as Intel ones (was Re: New Intel microcode release for migiating ZOMBIELOAD FALLOUT AND OTHERS)
Hi Nico, when someone finds a vulnerability at Intel, people do a good digging for a similar vulnerability at AMD. And so far, if I haven't missed something, it has been discovered that AMD shares only a few variants of Spectre together with Intel, while all the other vulns seem to be Intel-specific. Judging by the lack of other findings, I believe that AMD is more secure - perhaps because they haven't used such a "speedhacks"... ср, 15 мая 2019 г. в 18:23, Nico Huber : > > Hi Ivan, > > On 15.05.19 17:11, Ivan Ivanov wrote: > > Funny vuln names! Luckily AMD (as usual?) is not affected... As > > someone wrote at the forums, a hidden price for Intel higher > > performance is a holey pants, just for 120 fps in games instead of 110 > > :P Neglecting security for the purpose of performing slightly better > > by skipping various checks inside CPU to improve the latencies, - is > > both unfair competition and scamming a consumer, since eventually he's > > getting significantly less performance than what he paid for > > I'm curious. Did you do or know somebody who did as much research on AMD > processors, as was necessary to find these vulnerabilities? If not, how > can you make such comparisons? > > Nico ___ coreboot mailing list -- coreboot@coreboot.org To unsubscribe send an email to coreboot-le...@coreboot.org
