145 lines
6.1 KiB
HTML
145 lines
6.1 KiB
HTML
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
|
||
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
|
||
<head>
|
||
<meta
|
||
http-equiv="Content-type"
|
||
content="application/xhtml+xml;charset=utf-8"
|
||
/>
|
||
<title>AMD - Spyware Watchdog</title>
|
||
<link rel="stylesheet" href="../style.css" />
|
||
</head>
|
||
|
||
<body>
|
||
<div class="case">
|
||
<div class="nav"><a href="index.html">← Catalog</a></div>
|
||
<div class="main">
|
||
<h1>
|
||
<span class="red">UNFINISHED ARTICLE - UNDER CONSTRUCTION - BAD FORMATTING</span>
|
||
</h1>
|
||
<img src="../images/amd_logo.png" alt="amd Logo" />
|
||
<h1>AMD CPU Family</h1>
|
||
<p>
|
||
This part of the article should have the name of the program and what
|
||
it does, and who develops it.
|
||
</p>
|
||
<p>
|
||
Advanced Micro Devices, Inc. is an American multinational
|
||
semiconductor company based in Santa Clara, California, that develops
|
||
computer processors and related technologies for business and consumer
|
||
markets. This article is specifically about the CPU's that are
|
||
produced by AMD and nothing else. The logo is one of many logos used
|
||
by AMD, but the article is not about any one specific CPU.
|
||
<b>No rating is given</b> because this is not an article about any
|
||
specific product, and the rating system is difficult to fit into this
|
||
article.
|
||
</p>
|
||
<p>
|
||
Modern CPU models produced by AMD contain an embedded ARM co-processor
|
||
called the Platform Security Processor (PSP). Nearly all AMD CPU's
|
||
produced since 2013 operate under the supervision of this separate,
|
||
more privileged, environment consisting of an integrated ARM processor
|
||
with access to isolated resources as well as main system memory and
|
||
I/O.
|
||
<sup><a href="#s1">[1]</a></sup>
|
||
</p>
|
||
<p>
|
||
This article isn't complete. This is a work-in-progress and so this
|
||
article is not formatted properly..
|
||
</p>
|
||
<p>
|
||
http://www.uefi.org/sites/default/files/resources/UEFI_PlugFest_AMD_Security_and_Server_innovation_AMD_March_2013.pdf
|
||
(page 11)
|
||
</p>
|
||
<p>
|
||
While ARM and AMD tout the “Trusted Execution Environment” as useful
|
||
for secure payment, anti-theft and malware protection, they also
|
||
discuss content protection or DRM as a use case.
|
||
https://www.owasp.o../images/c/c8/OWASP_Security_Tapas_-_TrustZone%2C_TEE_and_Mobile_Security_final.pdf
|
||
</p>
|
||
<p>Possible uses … DRM</p>
|
||
<p>
|
||
Researchers have already been able to identify exploits in AMD’s
|
||
Platform Security Processor. In 2018 researchers published a
|
||
vulnerability in which a specially crafted certificate could lead to a
|
||
stack overflow in the PSP’s TPM firmware allowing for remote code
|
||
execution. (https://seclists.org/fulldisclosure/2018/Jan/12) Another
|
||
group goes on to detail how an attacker might leverage exploits
|
||
RYZENFALL or FALLOUT to gain foothold in networks with Ryzen based
|
||
systems.
|
||
(https://www.techpowerup.com/242386/cts-labs-responds-to-a-techpowerup-technical-questionnaire)
|
||
</p>
|
||
<hr/>
|
||
<p>
|
||
Please note that Family 16h and Family 15h-Models60h and later contain
|
||
a PSP
|
||
</p>
|
||
<h2><font color="red">NOT TRUSTED:</font></h2>
|
||
<ul>
|
||
<li>
|
||
Kaveri (Steamroller “BDv3”)
|
||
https://www.amd.com/system/files/TechDocs/51590_15h_Models_30h-3Fh_A-Series_PDS.pdf
|
||
(page 6)
|
||
https://arstechnica.com/information-technology/2012/06/amd-to-add-arm-processors-to-boost-chip-security/
|
||
</li>
|
||
<li>
|
||
Carrizo/Bristol Ridge (Excavator “BDv4”)
|
||
https://www.anandtech.com/show/8995/amd-at-isscc-2015-carrizo-and-excavator-details
|
||
</li>
|
||
<li>All Zen based CPUs (17h family)</li>
|
||
</ul>
|
||
<h2><font color="yellow">POTENTIALLY TRUSTED:</font></h2>
|
||
<ul>
|
||
<li>
|
||
Jaguar (the only 16h family CPU that does NOT have PSP):
|
||
http://support.amd.com/TechDocs/52128_16h_Software_Opt_Guide.zip
|
||
(page 8)
|
||
https://en.wikipedia.org/wiki/Puma_(microarchitecture)#Improvements_over_Jaguar
|
||
</li>
|
||
<li>
|
||
All K5-K10, Bobcat, Bulldozer (“BDv1”) and Piledriver (“BDv2”)
|
||
</li>
|
||
<li>
|
||
All K5-K10, Bobcat, Bulldozer (“BDv1”) and Piledriver (“BDv2”)
|
||
</li>
|
||
</ul>
|
||
</div>
|
||
<hr />
|
||
<div class="footer">
|
||
<div class="sources">
|
||
<h4>Sources:</h4>
|
||
<ol>
|
||
<li id="s1">
|
||
<a
|
||
href="http://www.uefi.org/sites/default/files/resources/UEFI_PlugFest_AMD_Security_and_Server_innovation_AMD_March_2013.pdf"
|
||
>AMD Security and Server innovation</a
|
||
>
|
||
<a
|
||
href="http://web.archive.org/web/20180422100442/http://www.uefi.org/sites/default/files/resources/UEFI_PlugFest_AMD_Security_and_Server_innovation_AMD_March_2013.pdf"
|
||
>[web.archive.org]</a
|
||
>
|
||
<a href="http://archive.vn/7dYOZ">[archive.vn]</a><br />
|
||
</li>
|
||
</ol>
|
||
</div>
|
||
<hr />
|
||
<b>This article was last edited on 1/10/2019</b>
|
||
<!--Dont change-->
|
||
<p>
|
||
If you want to edit this article, or contribute your own article(s),
|
||
contact us on XMPP over in spyware@conference.nuegia.net, or visit us
|
||
at the git repo on
|
||
<a href="https://codeberg.org/TheShadow/SpywareWatchdog">Codeberg</a>.
|
||
</p>
|
||
<p>
|
||
All contributions must be licensed under the CC0 license to be
|
||
accepted.
|
||
</p>
|
||
<a href="https://creativecommons.org/publicdomain/zero/1.0/legalcode"
|
||
><img class="icon" src="../images/cc0.png" alt="CC0 License"
|
||
/></a>
|
||
<!--Dont change-->
|
||
</div>
|
||
</div>
|
||
</body>
|
||
</html>
|