[coreboot] Trusting coreboot versus trusting the FSP
ron minnich
rminnich at gmail.com
Mon Jan 9 18:10:00 CET 2017
well, my flippant answer is also I think the right one: I don't see a way
to build a system I'd trust based on x86 or ARM CPUs any more, and that's
why I'm putting all my work into riscv. RISCV is not real, yet, but it's
getting there, and the x86 situation has only gotten worse, not better, in
the last dozen years :-(
For reasons I don't quite understand, ARM Inc. has decided the x86 model is
the right one for ARM v8, and are diving into the UEFI/ACPII tarpit just as
deep as they can. I don't understand their thinking.
I don't expect any of this to change; I expect it to get worse. And riscv
is no guarantee, either: there are some things built into that architecture
that can support vendor mischief, the main one being the requirement to do
BIOS calls to do trivial operations, such as enable and reset timer
interrupts, or find out your core id. Further, vendors like Red Hat are
pushing hard for UEFI and I assume ACPI as the RISCV standard, for reasons
I still don't understand. But it ought to be possible to build RISCV
systems that are much more trustworthy than the x86/ARM systems.
ron
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.coreboot.org/pipermail/coreboot/attachments/20170109/8adaf92a/attachment.html>
More information about the coreboot
mailing list