After glancing thru this PSP http://www.uefi.org/sites/default/files/resources/UEFI_PlugFest_AMD_Security_and_Server_innovation_AMD_March_2013.pdf (Platitude Spewing Presentation), it looks more like they are grafting the security model of ARM-based SoCs onto x86 where a masked ROM loads the next stage.
A couple kind of nice things they mention: - "Isolated on-chip ROM and SRAM" - So this may be somewhat more constrained than the multi-megabyte blobs for MEs? - "Secure Boot does not require the system ROM image to be signed"
Not so nice: "Access to system memory / resources". Ugh.
On Mon, Aug 25, 2014 at 11:37 AM, Patrick Georgi patrick@georgi-clan.de wrote:
Am 25.08.2014 um 19:44 schrieb ron minnich:
Is it as closed off and mysterious?
Its firmware is signed. So yes, closed off.
My hope is that it is (and stays) like early ME: no firmware, no harm, since it deactivates itself silently. But since AMD prefers to parrot Intel's worst ideas these days...
Patrick
-- coreboot mailing list: coreboot@coreboot.org http://www.coreboot.org/mailman/listinfo/coreboot