[coreboot] AMD PSP
Bruce Griffith
Bruce.Griffith at se-eng.com
Tue Aug 26 20:00:55 CEST 2014
Here's what I know about PSP:
> I'm utterly ignorant of the PSP -- is this thing like the Intel ME, and
how scared should we be of it?
Somewhat scared.
The PSP is an actual processor that takes control when reset is released.
The x86 does not start fetching code until the PSP is satisfied that BIOS
meets whatever constraints have been programmed into the PSP firmware.
There are TPM-like characteristics but I don't know any specifics.
The PSP is capable of "locking" additional processor features that could
be exploited to take over a system.
> My hope is that it ... deactivates itself silently.
For the coreboot implementation, it runs, decides that the x86 code is not
its concern, and the x86 starts fetching code. From that point on, I
think the PSP is transparent to the x86.
> After glancing thru [the PSP presentation], it looks more like they are
> grafting the security model of ARM-based SoCs onto x86 where a masked
> ROM loads the next stage.
A masked processor and associated firmware (the PSP) validate the first
"stage" of x86 code. What comprises the first stage is arbitrary and gets
signed with an AMD private key. Your first stage could be bootblock,
bootblock plus romstage, something more involved, or something less
involved. You need a legal arrangement with AMD to get your first stage
signed. For coreboot, none of the x86 code is signed.
> So we can kiss goodbye coreboot on AMD platforms in the future?.. How
sad! :-/
That isn't true for the first processor with PSP. Coreboot support for
"Steppe Eagle" is already posted to Gerrit. Steppe Eagle is the AMD
Embedded variant of Mullins. The Olive Hill+ platform demonstrates
building a coreboot ROM without requiring that AMD sign any part of the
coreboot code. I expect to have the final version of support posted by
the end of the week. Give me some +2's and we could have PSP support
available next week! ;-)
> Does this thing ... exist in any AMD CPUs buyable today?
The processors are released as AMD Beema (A6-6310, A4-6210,
E2-6110,E1-6010), AMD Mullins (A10 micro-6700T, A4 micro-6400T, E1
Micro-6200T), and AMD Steppe Eagle processors. AMD has developed
reference boards similar to what was developed for AMD Kabini SoCs. I
have not seen any retail "bare-bones" motherboards, but maybe there are
low-end notebooks and desktops that use Mullins/Beema (perhaps Acer Aspire
AXC-115-UR20)?
More information about the coreboot
mailing list