[coreboot] Trusting coreboot versus trusting the FSP
Timothy Pearson
tpearson at raptorengineering.com
Mon Jan 9 18:24:25 CET 2017
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 01/09/2017 11:10 AM, ron minnich wrote:
> well, my flippant answer is also I think the right one: I don't see a
> way to build a system I'd trust based on x86 or ARM CPUs any more, and
> that's why I'm putting all my work into riscv. RISCV is not real, yet,
> but it's getting there, and the x86 situation has only gotten worse, not
> better, in the last dozen years :-(
>
> For reasons I don't quite understand, ARM Inc. has decided the x86 model
> is the right one for ARM v8, and are diving into the UEFI/ACPII tarpit
> just as deep as they can. I don't understand their thinking.
>
> I don't expect any of this to change; I expect it to get worse. And
> riscv is no guarantee, either: there are some things built into that
> architecture that can support vendor mischief, the main one being the
> requirement to do BIOS calls to do trivial operations, such as enable
> and reset timer interrupts, or find out your core id. Further, vendors
> like Red Hat are pushing hard for UEFI and I assume ACPI as the RISCV
> standard, for reasons I still don't understand. But it ought to be
> possible to build RISCV systems that are much more trustworthy than the
> x86/ARM systems.
>
> ron
>
POWER systems are also a good option for when RISC-V just won't get the
job done (e.g. any kind of development work). The POWER8 SBE and
microcode are now open source, and POWER9 will be even more transparent.
- --
Timothy Pearson
Raptor Engineering
+1 (415) 727-8645 (direct line)
+1 (512) 690-0200 (switchboard)
https://www.raptorengineering.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iQEcBAEBAgAGBQJYc8dIAAoJEK+E3vEXDOFbApcIAIyUHseNPMtjbV4+bJGn7UGY
l2K1jHSchfKGrIfOQhY7i4xoWY8MLfS+KW2hOf+9mTnZjuhaPEEjA+fRAXxIwCyL
8bAlFhvkkzI0Mh5YNSEKGp7VdqmGyldGeAF4+sfD0ktf+54Fqqv/N+/d/ExsDBSa
Ur2M5jQ/VAIsBFCKUzjyW3KC06Y9GdGi922jcuDfTirvOtpHZ0iYtYbb8upDLoGr
HoB/suuI53GDO0SPqSOG41T6oA00GVLQQH29ltyow5p7xH3QNBqgvJ0P9MfLO6k8
aeXsflnl8/oV3eMbX+hC35RZaIiQHO0GqcydXRbbHaS92nH0IDmibbKowJnyevg=
=NF6Z
-----END PGP SIGNATURE-----
More information about the coreboot
mailing list