
AMD to consider coreboot/Libreboot support for Ryzen - preya2k
https://www.reddit.com/r/linux/comments/5x5xl3/amd_to_consider_corebootlibreboot_support_contact/
======
moppl
This is a futile discussion. It would not make any difference if AMD released
the PSP source code. The problem with the PSP is not it's firmware, it is a
much deeper fundamental architectural problem as outlined in (unfortunately
dead link)
[https://www.reddit.com/r/linux/comments/5x5xl3/amd_to_consid...](https://www.reddit.com/r/linux/comments/5x5xl3/amd_to_consider_corebootlibreboot_support_contact/degd6wi/)

If AMD would release the source code, the PSP would still remain a black box
controlled by the manufacturer. It is an autonomous universal computer (with
it's own CPU, RAM, ROM, clock...) which can load/run anytime any software AMD
wants it to. There is no way for the user to tell what software it is running
at the moment and what it is doing on the platform. It has fully privileged
access to the users resources while it offers no interface for the user (only
a very minimal low level interface).

So the fundamental problem is, that it takes the control of the platform away
from the user, the manufacturer is ultimately in control on the platform. This
is what goes against the philosophy of Coreboot/Libreboot (of being completely
in control of the platform), not simply the encrypted PSP firmware blob.

Knowing that blob would not compromise the PSP and would not give the control
back to the user.

~~~
i336_
Unfortunately the link you just provided just died.

If you're on Linux, your best bet is likely to be attaching to each renderer
process and running `generate-core-file`. Unfortunately (and very annoyingly)
chrome://cache stores HTTPS-encrypted data, which you would need to have
previously exported SSLKEYLOGFILE to decrypt.

Alternatively, if you still have the tab open, CTRL+S :D

Regarding your point though, if the PSP is _completely laid open_ so we can
understand how it works, can't we load our own firmware into the PSP and then
be confident that that's what's running?

~~~
moppl
Oh, sorry for the dead link. So I repost it here:

"Hello!? Releasing the source code would NOT change the fundamental problem
with the PSP! It will still remain a black box under the control of the
manufacturer! The problem is not the obfuscation of the source code, it is a
much deeper platform architecture issue.

The PSP is a universal computer with it's own CPU, RAM, ROM, clock etc, that
can run whatever software AMD wants it to run, hidden from the user. It could
load software anytime without you even noticing. AMD controls the PSP by using
unique cryptographic keys which are burnt into each PSP.

As the Intel IME engineer Xiaoyu Ruan wrote in his book "Platform Embedded
Security Technology Revealed", the security architecture of the IME does not
rely on security through obscurity, it relies much more on the burnt in
cryptographic keys and it's architecture. The designers of the IME took into
account that the firmware might be unscrambled and realeased by somebody, so
they designed it in a way that this would not compromise it.

Even if you have it's source code (it's OS so to speak), there is no way for
the user to tell what software it has loaded into memory and what it is doing
at the moment (since it is a universal computer in its own right which offers
no interface to the user). It is a parallel world on the platform the user has
no access to (while the PSP has fully privileged access to all the users
resources).

So the only real way to support Coreboot/Libreboot would be to remove the PSP
completely (which is probably not possible, since it became an integral part
of the system) or to offer the option to disable it and/or feed it with one's
own cryptographic keys.

IMHO it stays an uncontrollable risk as long as there is an PSP on the
platform (likewise the IME on Intel platforms). The source code doesn't make a
difference. The only advantage of releasing the source would be, that it could
be checked for potential security risks to avoid hostile takeovers of the PSP
(which would be a true disaster).

So don't be naive, don't believe this hype."

To further answer your question (as far as I am able to do that), if the PSP
is _completely laid open, it would not change its fundamental design, and it
would not allow you to put your own firmware. It would be necessary to know
its burnt in and unique cryptographic keys, to be able to load your own
firmware/software. I would say those cryptographic keys are the crown jewels
of the PSP (or IME), which allow you to take control of the PSP. And those are
(hopefully) only known to the manufacturer and will not be released with the
source code ;)

The problem is cast in silicon so to speak.

~~~
i336_
Thanks for the paste! I'm curious what user it was from (anything you put on
the Internet, stays on the Internet...).

And thanks for the explanation about the crypto keys in the PSP. That makes
perfect sense, and it's really sad that this is a case of a security
architecture that is literally founded upon obscurity (ie, keeping the keys
secret).

So the only real solution here would be for AMD to release a PSP firmware that
essentially did nothing. I can only hope the people that AMD talk to will
explain that this is the sort of approach that would be needed. Being able to
disable enterprise security solutions for my non-enterprise desktop _and know
they are off_ would be awesome - and that's all I'd need.

As an aside, I commented in this thread -
[https://news.ycombinator.com/item?id=13782508](https://news.ycombinator.com/item?id=13782508)
\- regarding the potential existence of ME keys in the wild. Really
reassuring...

~~~
moppl
That reddit post was mine. I just created a new account there, but somehow my
comment doesn't show up, no idea why. But fortunately there is HN :)

I would not call it an enterprise security solution. It is also very much
aimed at the ordinary user's machine. It is important for DRM (the infamous
TPM chip is now basically an app running inside the IME/PSP). Decryption of
DRM content takes place inside the IME and it is presented using a protected
media path. So the content industry wants to have that on your computer. Intel
also tries to market it by offering security solutions like 'Intel Anti Theft
Technology' or its 'True Key' App which utilizes the IME. It makes your
machine uniquely identifiable and it should serve as a store for all your
secrets (like biometrics, passwords etc). Intel is also opening the IME up for
third parties to create software for it. So your bank might e.g. run it's
software inside the (considered safe and secure) IME. But of course such
software has to be signed by Intel before.

Ruan even hints in his book at the possibility that one day the IME might
become just as powerful as the user system. So it would be possible to run
e.g. a game completely inside the IME, absolutely safe from the malicious user
who might try to copy it. All you get is the output on the screen and the
speakers. So the (considered unsafe) ordinary user space would just remain for
running and storing trivial tasks and information. Everything else runs hidden
away from you.

And all of this is supposedly for your own good and security. I would call it
a dual use technology which (dis)owns the user.

~~~
madez
But then I don't get why they wouldn't market two different CPU's, one
backdoored and user-controlling one and a normal maliciousness-free one. It's
then up to the game developers to require a system of the former type to play
their game. Then gamers get these and people who mind their privacy and
security in computing get the latter. Win-win, right?

I mean, people will anyways get computers that obey them. Either an ARM-based
or something completely different.

There are (at least) two different markets here. People who just want to enjoy
products and media (which might be DRM'ed but they don't care) and people who
want a computer they can trust. Why should AMD or Intel restrict themselves to
the former market?

------
anoother
This refers to a reply in the AMA that reads:

"Thanks for the inquiry. Currently we do not have plans to release source code
but you make a good argument for reasons to do so. We will evaluate and find a
way to work with security vendors and the community to everyone's benefit."

To consider this 'consideration' seems rather.... hopeful.

~~~
kilburn
Later on she says:

> I will bring this to the attention of the product team for serious
> consideration, so please feel like you have been heard even if we were not
> able to give you an easy 'yes' right away.

Which is not a commitment of course, but goes the extra mile to make it clear
that it's not your standard PR reply either.

Let's hope!

~~~
throwaway7767
Still sounds like a standard customer service response to me, just from a good
CSR. "Please feel like you have been heard"? I think that captures it.

I'd love it if this happened, it would make me change my purchasing habits to
prefer AMD over Intel. But I'll believe it when I see it, and I can't say this
post on their forums changes my assessment of the probabilities at all.

~~~
irq-1
The CEO and other management were in the same thread answering questions...
but not that question. The reply is just polite PR unfortunately.

------
drdaeman
What could be arguments for not doing so?

Not a rhetorical question - I'm genuinely curious. What's the point of keeping
BIOS blobs in secrecy? If it's some secret sauce know-hows - what sort of
information could be possibly revealed, that a skilled competitor-hired
reverse engineer can't obtain? I understand that it's hard to talk about
actual secrets, but are there any similar-enough examples from the past?

I know many hardware companies are highly secretive-by-default, but is that a
real thing, this secrecy protects, or just some business superstitions?

~~~
floatboth
BIOS blobs aren't the problem, coreboot actually replaces them.

The problem is early initialization firmware on the CPU/chipset/etc. And the
fact that parts of initialization are moved into Management Engine / Platform
Security Processor which are tiny processors running a third party proprietary
OS (Trustonic TEE OS in the case of AMD).

Of course there's no real thing to protect, these companies just don't give a
fuck.

~~~
i336_
> Trustonic TEE OS

I have visions of the Windows 95 3D screensaver, with the walls, floor and
ceiling displaying the many, many NDAs you need to sign to get access to this.

(I must admit that what initially came to mind was ~2:25 in
[http://youtu.be/EUXnJraKM3k](http://youtu.be/EUXnJraKM3k) (2:55).)

In all seriousness, this may be the tricky bit. AMD may need to release the
PSP spec and get Libreboot to take it from there.

Considering the huge amount of support for this though, I can _totally_ see a
crowdfunded firmware implementation for the PSP working out.

------
Zekio
AMD would probably win over a lot of people if they officially support it

~~~
jplayer01
You mean the dozen people who care? I guess so.

~~~
jychang
The actual percent of users who use it may be small, but they're the most
vocal and activist group who recommend products to the majority of ignorant
people.

Coreboot is a good thing, and if AMD could implement it, they should do so.

~~~
green7ea
I think there is also a huge benifit for OEMs: it would reduce the cost of
developping a Ryzen system. If you're Asus and you want to make a Ryzen
motherboard, you have to write or license a BIOS. If Ryzen supports coreboot,
this is something you no longer have to do and the system is much closer to
working out of the box.

The downside for OEMs is that a lot of them use the BIOS as a way to
differentiate themselves with extra features. I think there is going to be
some initial resistance because of this but it shouldn't be too major.

~~~
wolfgke
> I think there is also a huge benifit for OEMs: it would reduce the cost of
> developping a Ryzen system.

There is also a huge potential disbenefit for OEMs: It can make it more
difficult to "stand out" from competition by offering a firmware (UEFI, BIOS)
that has vendor-specific "advantages": OEMs do of course like implementing
such mainboard-vendor-specific modifications; I also heard there seem to be in
particular gamers who love such implementations that offer more "graphical
bling" in the UEFI firmware.

Since when open firmware becomes a desired property of mainboards, OEM will
have to be better in terms of concrete features of the hardware instead of
graphical tricks to stand out from competition (which is hard work), I can
also imagine quite well that OEMs are cautious about such open firmware
desires.

~~~
AnthonyMouse
> It can make it more difficult to "stand out" from competition by offering a
> firmware (UEFI, BIOS) that has vendor-specific "advantages"

Not really. Look at what Samsung does to Android. Let the upstream maintainers
do 99.7% of the real work, then change five random things for no reason other
than to be able to claim your competitors don't have that.

~~~
JoeAltmaier
It is a long and prosperous tradition. Just look at all the versions of unix
out there.

------
ajross
Uh... what they said was: " _Thanks for the inquiry. Currently we do not have
plans to release source code but you make a good argument for reasons to do
so. We will evaluate and find a way to work with security vendors and the
community to everyone 's benefit._"

That's as clear a corporate "no" as you're going to find, folks. There's no
story here. There will be no PSP source release.

~~~
madez
While corporatese is not one of my key strengths, I think they've commited now
to something that can't be dealt with with a simple "No, you won't get source
code."

------
i336_
* PSA for anyone interested in ME security *

Would like to drop this tidbit I found recently. The following is completely
unverifiable and not going to convince some people but I found it interesting.

From the AMA linked in the link:

> _1) Security Through Obscurity doesn 't work. As mention by /u/Gusec At some
> point in time, (somebody or some organization) will break this._

When I read that I remembered this:

[https://www.reddit.com/r/onions/comments/5i6qa3/can_the_nsaf...](https://www.reddit.com/r/onions/comments/5i6qa3/can_the_nsafbi_use_intel_me_to_defeat_tor_on_95/dbkxlw2/?context=10000)

Mirror: [http://archive.is/T8yVz](http://archive.is/T8yVz)

My focus is on the first paragraph in the wall of text, the bit about the
signing keys floating around out there.

This is, again, totally unverifiable, and could for all I know be a skiddie
strutting (it does read a bit like that). I thought it was an interesting bit
of insight though, for what it's worth; and maybe some people could use it as
a lead.

Regarding the views offered in that post, I am myself quite wary, simply
because I don't know this person's providence and I have no idea if this is
whatever you call the opposite of a scare campaign. (If it is it's a bit
weird, so it probably isn't.)

(I will note that it looks like the person in question doesn't seem to want to
be contactable, so poking them is unlikely to be helpful. I also wonder why
they used a new Reddit account for each post.)

I found it when reading [https://www.crowdsupply.com/raptor-computing-
systems/talos-s...](https://www.crowdsupply.com/raptor-computing-
systems/talos-secure-workstation/updates/the-state-of-owner-controlled-
computing-as-talos-winds-down) (mirror:
[http://archive.is/znkp3](http://archive.is/znkp3))

------
godmodus
If AMD does this I'm theirs for life!

------
Hates_
For the layman, what does this mean/offer?

~~~
bryanlarsen
This is a feature designed for enterprises. Imagine you had tens of thousands
of machines in your company. A secondary processor that's hardened against
virtually all attacks running an independent operating system allows you to
manage and audit those machines even if those machines have been compromised
maliciously or just messed up accidentally.

~~~
madez
If that were the use-case then nothing speaks against giving full control to
private customers over their chips or not including these features into chips
for private customers, while neither of both is done.

~~~
bryanlarsen
Both would cost significant money and effort.

The first would probably require replacing lots of purchased code with code
that can be disclosed, and doing a full security audit of the remaining code.

The second would require separate SKU's and validation for consumer vs
business use.

The first would benefit enterprises too by replacing the current "security by
obscurity" scheme with auditable security, so that's where we should probably
focus our lobbying.

~~~
madez
I don't see how giving full control to the user requires significant money and
effort. It is not necessary to release the full source code.

Providing hardware documentation and a way to flash the firmware is enough.
This shouldn't put AMD in front of significant problems.

------
mrstone
I'm dumb and don't really understand why this is beneficial. I also don't have
a lot of in-depth knowledge about CPUs, would someone mind explaining what the
problem is and how AMD doing this solves it?

~~~
ysleepy
There is a secret OS running inside the CPU that you don't have access to.
Only Intel/AMD know whats really inside and it has access to everything in
your system. Usually it even interjects itself into the LAN controller
listening and sending network traffic.

This is all for some definition of security, but since you the user do not
have access to, or control over it is most certainly not for your security.

