neko
/
SpywareWatchdog
mirror of https://codeberg.org/shadow/SpywareWatchdog.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
SpywareWatchdog/articles/amd.html

69 lines
4.5 KiB
HTML
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<!DOCTYPE HTML>
<html lang=”en-us”>
<head>
<link rel="stylesheet" href="/style.css">
<meta charset="UTF-8">
<title>Spyware Watchdog</title>
</head>
<body>
<meta name="viewport" content="width=device-width, initial-scale=1">
<h1>AMD CPU Family</h1>
<p><a href="/articles">Back to catalog</a></p>
<img src="/images/amd_logo.png" alt="One of the logos AMD uses for its CPU's">
<h1>UNFINISHED ARTICLE - UNDER CONSTRUCTION - BAD FORMATTING</h1>
<p>
Advanced Micro Devices, Inc. is an American multinational semiconductor company based in Santa Clara, California, that develops computer processors and related technologies for business and consumer markets. This article is specifically about the CPU's that are produced by AMD and nothing else. The logo is one of many logos used by AMD, but the
article is not about any one specific CPU. <b>No rating is given</b> because this is not an article about any specific product, and the rating system is difficult to fit into this
article.
</p>
<p>
Modern CPU models produced by AMD contain an embedded ARM co-processor called the Platform Security Processor (PSP). Nearly all AMD CPU's produced since 2013 operate under the supervision of this separate, more privileged, environment consisting of an integrated ARM processor with access to isolated resources as well as main system memory and I/O.
<sup><a href="#1">[1]</a></sup>
</p>
<p>
This article isn't complete. This is a work-in-progress and so this article is not formatted properly..
</p>
<p>http://www.uefi.org/sites/default/files/resources/UEFI_PlugFest_AMD_Security_and_Server_innovation_AMD_March_2013.pdf (page 11)</p>
<p>While ARM and AMD tout the “Trusted Execution Environment” as useful for secure payment, anti-theft and malware protection, they also discuss content protection or DRM as a use case. https://www.owasp.org/images/c/c8/OWASP_Security_Tapas_-_TrustZone%2C_TEE_and_Mobile_Security_final.pdf</p>
<p>Possible uses … DRM</p>
<p>
Researchers have already been able to identify exploits in AMDs Platform Security Processor. In 2018 researchers published a vulnerability in which a specially crafted certificate could lead to a stack overflow in the PSPs TPM firmware allowing for remote code execution. (https://seclists.org/fulldisclosure/2018/Jan/12) Another group goes on to detail how an attacker might leverage exploits RYZENFALL or FALLOUT to gain foothold in networks with Ryzen based systems. (https://www.techpowerup.com/242386/cts-labs-responds-to-a-techpowerup-technical-questionnaire)
</p>
<hr>
<p>Please note that Family 16h and
Family 15h-Models60h and later contain a PSP</p>
<h2><font color=red>NOT TRUSTED:</font></h2>
<ul>
<li>Kaveri (Steamroller “BDv3”) https://www.amd.com/system/files/TechDocs/51590_15h_Models_30h-3Fh_A-Series_PDS.pdf (page 6)
https://arstechnica.com/information-technology/2012/06/amd-to-add-arm-processors-to-boost-chip-security/</li>
<li>Carrizo/Bristol Ridge (Excavator “BDv4”) https://www.anandtech.com/show/8995/amd-at-isscc-2015-carrizo-and-excavator-details</li>
<li>All Zen based CPUs (17h family)</li>
</ul>
<h2><font color=yellow>POTENTIALLY TRUSTED:</font></h2>
<ul>
<li>Jaguar (the only 16h family CPU that does NOT have PSP): http://support.amd.com/TechDocs/52128_16h_Software_Opt_Guide.zip (page 8) https://en.wikipedia.org/wiki/Puma_(microarchitecture)#Improvements_over_Jaguar</li>
<li>All K5-K10, Bobcat, Bulldozer (“BDv1”) and Piledriver (“BDv2”)</li>
<li>All K5-K10, Bobcat, Bulldozer (“BDv1”) and Piledriver (“BDv2”)</li>
</ul>
<hr>
<h2>Sources</h2>
<p>
<a name="1">1.</a>
<a href="http://www.uefi.org/sites/default/files/resources/UEFI_PlugFest_AMD_Security_and_Server_innovation_AMD_March_2013.pdf">AMD Security and Server innovation</a>
<a href="http://web.archive.org/web/20180422100442/http://www.uefi.org/sites/default/files/resources/UEFI_PlugFest_AMD_Security_and_Server_innovation_AMD_March_2013.pdf">[web.archive.org]</a>
<a href="http://archive.vn/7dYOZ">[archive.vn]</a><br>
</p>
<hr>
<p><b>
This article was last edited on 1/10/2019
</b></p>
<p>
If you want to edit this article, or contribute your own article(s), email me at <a href="mailto:spyware@aaathats3as.com">spyware@aaathats3as.com</a>. All contributions must be liscenced under the CC0 liscence to be accepted.
</p>
<a href="https://creativecommons.org/publicdomain/zero/1.0/legalcode"><img src="/images/cc0.png" alt="CC0 Liscence"></a>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink