After glancing thru this PSP (Platitude Spewing Presentation), it looks more like they are grafting the security model of ARM-based SoCs onto x86 where a masked ROM loads the next stage.

A couple kind of nice things they mention:

- "Isolated on-chip ROM and SRAM" - So this may be somewhat more constrained than the multi-megabyte blobs for MEs?

- "Secure Boot does not require the system ROM image to be signed"

Not so nice: "Access to system memory / resources". Ugh.

On Mon, Aug 25, 2014 at 11:37 AM, Patrick Georgi <patrick@georgi-clan.de> wrote:

Am 25.08.2014 um 19:44 schrieb ron minnich:

> Is it as closed off and mysterious?

Its firmware is signed. So yes, closed off.

My hope is that it is (and stays) like early ME: no firmware, no harm, since it deactivates itself silently.
But since AMD prefers to parrot Intel's worst ideas these days...

Patrick

--
coreboot mailing list: coreboot@coreboot.org
http://www.coreboot.org/mailman/listinfo/coreboot

--
David Hendricks (dhendrix)
Systems Software Engineer, Google Inc.