2020-07-25 12:33:15 +03:00
|
|
|
|
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
|
|
|
|
|
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
|
|
|
|
|
<head>
|
|
|
|
|
<meta
|
|
|
|
|
http-equiv="Content-type"
|
|
|
|
|
content="application/xhtml+xml;charset=utf-8"
|
|
|
|
|
/>
|
2020-07-30 14:34:56 +03:00
|
|
|
|
<title>AMD — Spyware Watchdog</title>
|
2020-07-25 12:33:15 +03:00
|
|
|
|
<link rel="stylesheet" href="../style.css" />
|
2020-02-07 09:12:15 +02:00
|
|
|
|
</head>
|
2020-02-08 10:09:18 +02:00
|
|
|
|
|
2020-07-25 12:33:15 +03:00
|
|
|
|
<body>
|
|
|
|
|
<div class="case">
|
|
|
|
|
<div class="nav"><a href="index.html">← Catalog</a></div>
|
|
|
|
|
<div class="main">
|
|
|
|
|
<h1>
|
2020-07-30 14:34:56 +03:00
|
|
|
|
<span class="red">UNFINISHED ARTICLE — UNDER CONSTRUCTION — BAD FORMATTING</span>
|
2020-07-25 12:33:15 +03:00
|
|
|
|
</h1>
|
2020-07-30 14:34:56 +03:00
|
|
|
|
<img src="../images/amd_logo.png" alt="AMD logo" />
|
2020-07-25 12:33:15 +03:00
|
|
|
|
<h1>AMD CPU Family</h1>
|
|
|
|
|
<p>
|
|
|
|
|
This part of the article should have the name of the program and what
|
|
|
|
|
it does, and who develops it.
|
|
|
|
|
</p>
|
|
|
|
|
<p>
|
|
|
|
|
Advanced Micro Devices, Inc. is an American multinational
|
|
|
|
|
semiconductor company based in Santa Clara, California, that develops
|
|
|
|
|
computer processors and related technologies for business and consumer
|
2020-07-30 14:34:56 +03:00
|
|
|
|
markets. This article is specifically about the CPUs that are
|
2020-07-25 12:33:15 +03:00
|
|
|
|
produced by AMD and nothing else. The logo is one of many logos used
|
|
|
|
|
by AMD, but the article is not about any one specific CPU.
|
|
|
|
|
<b>No rating is given</b> because this is not an article about any
|
|
|
|
|
specific product, and the rating system is difficult to fit into this
|
|
|
|
|
article.
|
|
|
|
|
</p>
|
|
|
|
|
<p>
|
|
|
|
|
Modern CPU models produced by AMD contain an embedded ARM co-processor
|
2020-07-30 14:34:56 +03:00
|
|
|
|
called the Platform Security Processor (PSP). Nearly all AMD CPUs
|
2020-07-25 12:33:15 +03:00
|
|
|
|
produced since 2013 operate under the supervision of this separate,
|
|
|
|
|
more privileged, environment consisting of an integrated ARM processor
|
|
|
|
|
with access to isolated resources as well as main system memory and
|
|
|
|
|
I/O.
|
|
|
|
|
<sup><a href="#s1">[1]</a></sup>
|
|
|
|
|
</p>
|
|
|
|
|
<p>
|
|
|
|
|
This article isn't complete. This is a work-in-progress and so this
|
2020-07-30 14:34:56 +03:00
|
|
|
|
article is not formatted properly...
|
2020-07-25 12:33:15 +03:00
|
|
|
|
</p>
|
|
|
|
|
<p>
|
|
|
|
|
http://www.uefi.org/sites/default/files/resources/UEFI_PlugFest_AMD_Security_and_Server_innovation_AMD_March_2013.pdf
|
|
|
|
|
(page 11)
|
|
|
|
|
</p>
|
|
|
|
|
<p>
|
|
|
|
|
While ARM and AMD tout the “Trusted Execution Environment” as useful
|
|
|
|
|
for secure payment, anti-theft and malware protection, they also
|
|
|
|
|
discuss content protection or DRM as a use case.
|
|
|
|
|
https://www.owasp.o../images/c/c8/OWASP_Security_Tapas_-_TrustZone%2C_TEE_and_Mobile_Security_final.pdf
|
|
|
|
|
</p>
|
|
|
|
|
<p>Possible uses … DRM</p>
|
|
|
|
|
<p>
|
|
|
|
|
Researchers have already been able to identify exploits in AMD’s
|
|
|
|
|
Platform Security Processor. In 2018 researchers published a
|
|
|
|
|
vulnerability in which a specially crafted certificate could lead to a
|
|
|
|
|
stack overflow in the PSP’s TPM firmware allowing for remote code
|
|
|
|
|
execution. (https://seclists.org/fulldisclosure/2018/Jan/12) Another
|
|
|
|
|
group goes on to detail how an attacker might leverage exploits
|
|
|
|
|
RYZENFALL or FALLOUT to gain foothold in networks with Ryzen based
|
|
|
|
|
systems.
|
|
|
|
|
(https://www.techpowerup.com/242386/cts-labs-responds-to-a-techpowerup-technical-questionnaire)
|
|
|
|
|
</p>
|
|
|
|
|
<hr/>
|
|
|
|
|
<p>
|
|
|
|
|
Please note that Family 16h and Family 15h-Models60h and later contain
|
|
|
|
|
a PSP
|
|
|
|
|
</p>
|
|
|
|
|
<h2><font color="red">NOT TRUSTED:</font></h2>
|
|
|
|
|
<ul>
|
|
|
|
|
<li>
|
|
|
|
|
Kaveri (Steamroller “BDv3”)
|
|
|
|
|
https://www.amd.com/system/files/TechDocs/51590_15h_Models_30h-3Fh_A-Series_PDS.pdf
|
|
|
|
|
(page 6)
|
|
|
|
|
https://arstechnica.com/information-technology/2012/06/amd-to-add-arm-processors-to-boost-chip-security/
|
|
|
|
|
</li>
|
|
|
|
|
<li>
|
|
|
|
|
Carrizo/Bristol Ridge (Excavator “BDv4”)
|
|
|
|
|
https://www.anandtech.com/show/8995/amd-at-isscc-2015-carrizo-and-excavator-details
|
|
|
|
|
</li>
|
|
|
|
|
<li>All Zen based CPUs (17h family)</li>
|
|
|
|
|
</ul>
|
|
|
|
|
<h2><font color="yellow">POTENTIALLY TRUSTED:</font></h2>
|
|
|
|
|
<ul>
|
|
|
|
|
<li>
|
|
|
|
|
Jaguar (the only 16h family CPU that does NOT have PSP):
|
|
|
|
|
http://support.amd.com/TechDocs/52128_16h_Software_Opt_Guide.zip
|
|
|
|
|
(page 8)
|
|
|
|
|
https://en.wikipedia.org/wiki/Puma_(microarchitecture)#Improvements_over_Jaguar
|
|
|
|
|
</li>
|
|
|
|
|
<li>
|
|
|
|
|
All K5-K10, Bobcat, Bulldozer (“BDv1”) and Piledriver (“BDv2”)
|
|
|
|
|
</li>
|
|
|
|
|
<li>
|
|
|
|
|
All K5-K10, Bobcat, Bulldozer (“BDv1”) and Piledriver (“BDv2”)
|
|
|
|
|
</li>
|
|
|
|
|
</ul>
|
|
|
|
|
</div>
|
|
|
|
|
<hr />
|
|
|
|
|
<div class="footer">
|
|
|
|
|
<div class="sources">
|
|
|
|
|
<h4>Sources:</h4>
|
|
|
|
|
<ol>
|
|
|
|
|
<li id="s1">
|
|
|
|
|
<a
|
|
|
|
|
href="http://www.uefi.org/sites/default/files/resources/UEFI_PlugFest_AMD_Security_and_Server_innovation_AMD_March_2013.pdf"
|
|
|
|
|
>AMD Security and Server innovation</a
|
|
|
|
|
>
|
|
|
|
|
<a
|
|
|
|
|
href="http://web.archive.org/web/20180422100442/http://www.uefi.org/sites/default/files/resources/UEFI_PlugFest_AMD_Security_and_Server_innovation_AMD_March_2013.pdf"
|
|
|
|
|
>[web.archive.org]</a
|
|
|
|
|
>
|
|
|
|
|
<a href="http://archive.vn/7dYOZ">[archive.vn]</a><br />
|
|
|
|
|
</li>
|
|
|
|
|
</ol>
|
|
|
|
|
</div>
|
|
|
|
|
<hr />
|
|
|
|
|
<b>This article was last edited on 1/10/2019</b>
|
|
|
|
|
<!--Dont change-->
|
|
|
|
|
<p>
|
2020-11-17 22:04:37 +02:00
|
|
|
|
If you want to edit this article, or contribute your own article(s), visit us
|
2020-07-25 12:33:15 +03:00
|
|
|
|
at the git repo on
|
2020-10-15 05:07:55 +03:00
|
|
|
|
<a href="https://codeberg.org/shadow/SpywareWatchdog">Codeberg</a>.
|
2020-07-25 12:33:15 +03:00
|
|
|
|
</p>
|
|
|
|
|
<p>
|
|
|
|
|
All contributions must be licensed under the CC0 license to be
|
|
|
|
|
accepted.
|
|
|
|
|
</p>
|
2021-01-02 07:54:37 +02:00
|
|
|
|
<a href="../LICENSE.txt"
|
2020-07-25 12:33:15 +03:00
|
|
|
|
><img class="icon" src="../images/cc0.png" alt="CC0 License"
|
|
|
|
|
/></a>
|
|
|
|
|
<!--Dont change-->
|
|
|
|
|
</div>
|
|
|
|
|
</div>
|
2020-02-07 09:12:15 +02:00
|
|
|
|
</body>
|
|
|
|
|
</html>
|