[coreboot] AMT bug
Nico Huber
nico.h at gmx.de
Thu May 11 21:53:52 CEST 2017
On 10.05.2017 00:25, Taiidan at gmx.com wrote:
> On 05/09/2017 05:26 PM, Taiidan at gmx.com wrote:
>
>> On 05/08/2017 12:40 AM, ron minnich wrote:
>>
>>>
>>> I am long past believing one can build secure platforms on any x86
>>> chipset.
>>> This mess only strengthens that conviction. But there are some great
>>> RISC-V
>>> announcements this week!
> How come risv-v has no DMA security features? ala IOMMU? if you want to
> do virtualization that is also a must have due to the performance
> differential - you couldn't push 1gbps on a emulated NIC without serious
> processing power.
Simple, RISC-V is an ISA, IOMMU is not an ISA concept. If somebody
builds an SoC with RISC-V and doesn't implement an IOMMU between the
memory bus and peripherals, ask him why he didn't. Of course, there
could be an IOMMU standard, but would it have to be RISC-V specific?
Nico
>
> I wish intel/amd had done their supervisor PU's as removable modules
> like a hardware TPM, for security (theater) they could have a fuse on
> the CPU that if blown will require the device to be present for the
> computer to boot up but otherwise it isn't required at all. Easy way to
> satisfy everyone.
>
More information about the coreboot
mailing list