Which does ... nothing to actually disable the PSP. Just like the HAP bit on the ME, it politely asks the PSP to stop responding to the OS-visible mailbox. It's probably still running in the background doing who-knows-what.

To be as clear as possible: the PSP must run during system startup. It runs before the x86 cores are even taken out of reset, since it is responsible for doing so. Partly as a result of its position to do this low level setup, it has basically the highest privilege level possible within the system. The closest analogy is that coreboot is just a guest within the PSP-controlled environment, best case -- just because someone decorates a prison nicely doesn't make it any less of a prison.

To put things another way, here's semi-equivalent code for just part of the PSP. This is the SBE on POWER: https://git.raptorcs.com/git/talos-sbe You're OK with code that is handling such low level tasks, including verification of firmware signatures and denial of boot, to be completely closed source, mutable by AMD, and completely 100% unmodifiable by you, the owner of the platform? If so, what is the interest in coreboot? Would you be OK if AMD offered a proprietary coreboot-like system that you couldn't touch, as long as it was fast to boot and more minimal than UEFI? Maybe that'd be more attractive commercially to AMD than having to deal with any open source for boot firmware, given the public history and rationale behind AGESA and BinaryPI?

If you have to run Windows, you've already lost. This discussion is only relevant for non-Windows systems where data slurp becomes a real concern at lower levels. Running Windows, you've already agreed to it, there's not even a fig leaf of privacy there.

I think it is more a question of making money so they can afford to support FOSS software. People seem to forget how many AMD laid off in the dark years that where not that long ago.

Now what we can thank that brain for is getting AMD to deliver viable products once again. Maybe not perfect products but stuff people can buy and not feel that they are wasting money. Let’s hope that corporate politics don’t catch up with her and that Lisa can stay at the helm and deliver exceptional products leading to profit. Profit means the ability to support things like CoreBoot.

i prefer open firmware with psp to closed firmware with psp
maybe performance gain is worth it. maybe it isn't a bit and not temporary when you have closed source executable for different isa

all closed hardware does who-knows-what in the background, psp is no different here

Regardless of what AMD does... or officially supports, it's pretty likely someone can figure out how to run custom PSP firmware.

No. Full stop. Just no, by design.

The PSP firmware is cryptographically signed with a strong key. The hardware itself checks the signature before allowing the firmware to start. There is no running custom anything on the PSP without AMD's direct blessing (signing the firmware). Period.

Why? What are you actually gaining, besides a pile of trouble when the partly-open firmware doesn't have official OEM support available?

The PSP firmware is not hardware. Not even by FSF rules.

.shmerl There are a growing number of people internally and externally who have desire in having more free software in our driver. I think Lisa is starting to get the message that's it's important for the bottom line.

madscientist159
Correct, I don't see a way around the PSP's crypto hw. Theoretically there /might/ be a way to do hybrid solution (i.e. open PSP few with optional blobs for DRM/HDCP features)... But I'm sure its not trivial to implement.

Might be worth noting that I say this with no authority on the matter though.

Ironically we have a couple of volume opportunities for AMD GPUs with open firmware, that remain blocked due to the closed, signed, GPU-PSP-loaded GPU firmware components. It might be easier to offer the GPU silicon for these systems than to than fix the PSP problem in the CPUs.

Feel free to PM if anyone at AMD might want to discuss more on the potential GPU opportunities...

AHAHAHA.... ha. PS4 wasn't supposed to be broken by design and is the origin of many of these features, however it has been broken.

It's just a matter of time and someone interested in poking the device until they find a chink in it's armor...

That said any such hack will almost certainly require physical access to the machine.