
Why is the latest AMD hardware unsupported in libreboot? - rnhmjoj
https://libreboot.org/faq/#amd
======
mikexstudios
To be fair, see:
[https://libreboot.org/faq/#intel](https://libreboot.org/faq/#intel)

~~~
jandrese
I was wondering this myself. I was wondering why they were focusing so much on
AMD when all AMD did was copy Intel's horrible idea.

It seems kind of pointless to continue the Libreboot project if they're not
going to work on any modern hardware for the foreseeable future. Their
recommended systems are all old and out of production. Fastest recommended
laptop seems to be roughly a Core2Duo at 2.0Ghz.

~~~
yuhong
They don't even do microcode updates, which is ridiculous when you are running
non-free microcode to boot.

~~~
jandrese
So if Intel discovers a bug in their chip that needs to be patched with a
microcode update then Libreboot users are just SOL? That can't be right.

~~~
wtallis
Linux supports applying microcode updates as part of the kernel boot process,
so you are not dependent on the motherboard firmware to do it and you still
get the microcode loaded pretty early.

------
aexaey
Whole page is an enlightening read, with quite a few disappointing
discoveries, such as:

    
    
      There are several privacy, security and freedom issues
      with [Purism Librem laptops], due to the Intel chipset

~~~
masida
They're probably talking about the wireless network adapter here, not the CPU.
If that's what you're implying.

~~~
aexaey
Alas, CPU. Namely ME[1] and FSP/SMM blob [2].

If you are wondering what's wrong with either of them, I would recommend
Joanna Rutkowska's research as a starting point [3,4].

[1] [https://libreboot.org/faq/#intelme](https://libreboot.org/faq/#intelme)

[2] [https://libreboot.org/faq/#fsp](https://libreboot.org/faq/#fsp)

[3]
[http://blog.invisiblethings.org/papers/2015/x86_harmful.pdf](http://blog.invisiblethings.org/papers/2015/x86_harmful.pdf)

[4]
[https://media.ccc.de/v/32c3-7352-towards_reasonably_trustwor...](https://media.ccc.de/v/32c3-7352-towards_reasonably_trustworthy_x86_laptops)

------
web007
tl;dr: It's not just AMD, it's anything AMD after 2013 and anything Intel
after 2009. So essentially all modern x86 hardware.

~~~
imrehg
I wonder if VIA hardware could be supported. There are modern
CPUs/motherboards coming out there, and even if they are on a different
performance level (being embedded-focused hardware), in 2016 they must beat
Intel-from-2009 and should get close to AMD-from-2013...

(disclaimer: I'm working at VIA)

~~~
i336_
It would be interesting to throw this URL as far up the internal chain as
possible... and see what happens. :P

I'm curious myself, and there are a lot of other people who wouldn't mind
knowing too. Fast AND trustworthy turnkey silicon is both a completely
untapped hole in tech at the moment _and_ something that's desperately needed
in this climate of NDA'd garbage-quality security systems (see
[https://www.devever.net/~hl/smartcards](https://www.devever.net/~hl/smartcards)
for one of thousands of examples) and increasingly locked down chipsets.

I'm not sure what else is out there, but I recently learned of RISC-V
([http://www.adapteva.com/andreas-blog/why-i-will-be-using-
the...](http://www.adapteva.com/andreas-blog/why-i-will-be-using-the-risc-v-
in-my-next-chip/) ); I'll admit I was impressed to learn a free (open design)
CPU has just broken the GHz barrier
([http://riscv.org/download.html#tab_rocket_core](http://riscv.org/download.html#tab_rocket_core)),
but this chip and ISA are still in the early prototyping stages, although the
spec seems complete.

On the other hand, x86 is a widely (!) used, well-known ISA with a lot of
legacy software running on it, and VIA already have proven CPUs and chipsets
and motherboards. I only know about VIA as "the low-power alternative CPU
company," so I have no idea what it's position or stance on secure
applications is, but it could well net itself some unique contracts by
investing in security.

One of the big problems in this space (or at least what's being made into a
problem by the major chip vendors) is secure bootstrapping: I can verify the
entire boot device (a 128MB boot image could read in a second or two from
eMMC)... but how do I know that "I", aka the code doing the verification, have
not been compromised? It's a chicken-and-egg problem.

Here's my back-of-an-envelope approach: create a CPU with a secure, write-
once, write-only (executable) PROM of say 64KB (maybe 256KB? 512KB?), and ship
the chips with this area blank. The customer writes whatever data they like to
that area of the chip, and then the chip begins execution (ie, PC = 0, or
close to it) running whatever code it finds there. Maybe you'd call this the
"pre-BIOS area".

You could write a public key and a verification routine in there and use it to
verify everything else the system wanted to load. Besides verifying the BIOS,
which would be nice, you could verify the boot media..... bam. Trustworthy
boot sequence.

This might be surprising to hear, but right now, the above is a pipe dream.
It's 2016, and yet, even something as basic as this does not exist - if
anything, we're moving away from such a position with the current state of
things. The above cannot be done with any hardware/ISA/chipset I'm aware of.
For example, the Raspberry Pi Zero (the latest one) _still_ uses the
proprietary ARM core in the GPU to handle bootup
([http://raspberrypi.stackexchange.com/questions/38585/raspber...](http://raspberrypi.stackexchange.com/questions/38585/raspberry-
pi-zero-usable-with-fully-free-software)), which is basically the opposite of
what I've just described here.

Whoever says "I can do this!" is going to get some interesting offers. The
military can of course afford to design/get whatever they want, and fat
contracts from them are always fun... but think of all the private companies
that would benefit from guaranteeably secure data acquisition and/or
communication... that's everything from the stock market to secure money
courier vans. All that industry, taken together, amounts to a lot of
(untapped!) potential. What's more, the private sector is always going to come
up with ideas that would be best implemented on a secure platform, so having
something "anybody" can get their hands on, rather than only playing ball
within the military space, might work out more profitably.

Besides contracts, whoever does this will inevitably get a LOT of publicity
from the open source movement, so they'll need to have a good department to
handle that, along with the sometimes OCD-to-the-point-of-being-awkward stance
that GNU takes sometimes.

There are other issues, such as running the system off entirely free-software
drivers; I'm not sure where VIA's at on that front, but that would be an
arguably necessary part of such a platform as this (the argument against this
type of thing being that if there are Components(TM) in the hardware that can
do fun tricks, said Components(TM) need to be communicated with, and that
might be happening in the drivers.)

And I'd finally get to build the secure communications device I've always
wanted to make. :D

(Incidentally, current smartphones are a security nightmare:
[https://www.devever.net/~hl/nosecuresmartphone](https://www.devever.net/~hl/nosecuresmartphone)
is as non-theoretical as it gets without providing PoC explots, IMO).

[PS. Honestly not trying to big-note myself or anything - I'm just a
tinkerer/hobbyist - but feel free to copy/forward this text.]

------
bluejekyll
Given that AMD and Intel are both driven by large for profit customers and
their requirements, these concerns will probably only get worse.

ARM is probably the closest open chip platform out there, but even that is not
Free in the FSF sense or $ sense. It seems that the project is going to forgo
user-base for principles, and then most likely no longer be relevant.

It's great to try and fight for and defend your principles, but if that means
that you no longer have a user base on which to stand, then the fight will be
of little value. I'd love to be wrong about this, but I can't logically see
another way that this will play out.

~~~
ris
"ARM is probably the closest open chip platform out there"

I don't know what you think is open about ARM. AMD even uses the ARM locking-
down technology to implement _its_ system management processor.

~~~
bluejekyll
I meant that it's a spec, my point wasn't perfect, but there really aren't
OpenSource chips.

------
pdkl95
Yet another battle in the War On General Purpose Computers is lost.

------
arantius
From the Intel section (
[https://libreboot.org/faq/#intelme](https://libreboot.org/faq/#intelme) )

> If the manifest isn't signed by a specific Intel key, the boot ROM won't
> load and execute the firmware and the ME processor core will be halted.

So if I just overwrite a few bytes of flash on my motherboard (i.e. corrupt
the signature), the whole thing is disabled? It says the _ME_ core is halted.
But the main CPU continues to run? Are there side effects? Why is this not a
solution?

Also: is there more (probably community reverse-engineered) documentation on
the ME's specifics?

------
jlarocco
I guess the better question would be why they're even bothering any more when
they only support a few ancient Thinkpads and a couple of decade old Apple
laptops.

For better or worse, I think they've lost this battle.

~~~
rekado
I'm still using one of these "ancient" Thinkpads (an X200S). It's good enough
for my purposes (audio recording, live audio performances, hacking on free
software, Emacs, browsing the web).

I don't often find myself wishing for a more powerful machine. When I do, I
run computations on remote servers.

~~~
jlarocco
I didn't say the hardware wasn't useful anymore.

But it seems like a losing proposition to run and promote a project that's
only ever going to run on a handful of ancient laptops. The FAQ explicitly
says it's not going to run on any new Intel or AMD processors, which
essentially makes it useless for modern desktop, laptop, and server systems.
As others have pointed out, it's almost not even possible to buy hardware
that's supported.

------
moonbug
I think I'd rather have a machine that has a verified chain of trust from boot
than one that will happily run anything.

~~~
deno
I prefer secure boot without backdoors.

[http://www.tianocore.org/](http://www.tianocore.org/)

~~~
chei0aiV
That has non-free code to read the FAT partition.

It also really needs a security audit.

------
moftz
They promote freedom but specifically forbid the use of Windows. Not everyone
has the choice to not use Windows at certain points in the day, VMs aren't
perfect. Forbidding the bare-metal usage of Windows is ridiculous.

~~~
geofft
I mean, they're promoting the freedom to use a bunch of 2006–2009-era
ThinkPads and MacBooks, and if you use the git release, a couple of
motherboards from the same time period and maybe one 2015 Chromebook if you're
lucky.

I appreciate that this work is being done (though I'm unclear on where the
coreboot/libreboot line lies, but anyway), but calling it "freedom" is a
stretch. It very much feels like the freedom to move to an abandoned island
and not pay taxes or be subject to any government.

~~~
deno
> It very much feels like the freedom to move to an abandoned island and not
> pay taxes or be subject to any government.

It might be a stretch to be able to use Coreboot for work or entertainment at
the moment, unfortunately. But consider that those specs are just fine for
most privacy sensitive stuff. Tor, email, banking… etc.

So for a separate, trusted, privacy-focused box a few years old, slightly
slower CPU is not a big deal. And you get the compartmentalization for free!

That’s my perspective, at least.

