[coreboot] Does the 62xx Series Opteron work *securely* without microcode?
Robert Wilkinson
bob at fourtheye.org
Thu Jan 26 10:55:19 CET 2017
On Wed, Jan 25, 2017 at 11:26:53AM -0600, Aaron Durbin via coreboot wrote:
> On Wed, Jan 25, 2017 at 11:24 AM, Timothy Pearson
> <tpearson at raptorengineering.com> wrote:
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> >
> > On 01/24/2017 10:55 PM, Taiidan at gmx.com wrote:
> >> I know the 63xx has a very fatal NMI exploit, but according to the
> >> libreboot (oh no) website the 62xx works safely out of the box without
> >> microcode however I would like to confirm if this is actually true.
> >>
> >> I looked at the errata .pdf from the AMD website but I didn't see
> >> anything that seemed significant.
> >>
> >>
> >
> > As far as we have been able to determine it does, again with the caveat
> > that this is without microcode _updates_, not without microcode. There
> > is still the off chance that these CPUs ship with a backdoor inside the
> > burnt microcode ROM that is patched out with an update. Unlike POWER
> > and ARM we are solely dependent on the vendor being trustworthy enough
> > to disclose issues in their errata document; outside of that, there is
> > simply no feasible way to know for certain what bugs are lurking inside
> > the CPU.
>
> POWER and ARM parts can have microcode too. That's up to the
> implementation. I'm not sure how you can distinguish the difference.
> Because one posts an update vs others never indicating there is an
> update? Even if parts have no microcode, there's a possibility of
> backdoors baked into the silicon. In all situations one needs to trust
> the vendor.
I guess that "Reflections on Trusting Trust" by Ken Thompson
(https://www.ece.cmu.edu/~ganger/712.fall02/papers/p761-thompson.pdf)
is still (and will always be) relevant?
Bob
--
BOFH excuse #62:
need to wrap system in aluminum foil to fix problem
More information about the coreboot
mailing list