Announcement

Collapse
No announcement yet.

AMD Publishes SEV Firmware As Open-Source

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • piorunz
    replied
    Originally posted by billbo View Post

    Having the "code" doesn't mean you can verify the shipped binaries were built from that version of the code. You need reproducible builds and a way to compare your binaries to what the vendor (AMD) ships. You can look for bugs with the code, which you might be able to verify have been fixed in the next binary release; but this won't help much to find any deliberate backdoors.
    Agree. But it will help to find undeliberate backdoors.
    It's not much from AMD, but better than nothing.

    Leave a comment:


  • billbo
    replied
    Originally posted by piorunz View Post
    Good move. While not letting anyone compile and run modified software, it allows independent engineers and hackers to read the code and verify it. To make sure there are no nasty surprises in it.
    Having the "code" doesn't mean you can verify the shipped binaries were built from that version of the code. You need reproducible builds and a way to compare your binaries to what the vendor (AMD) ships. You can look for bugs with the code, which you might be able to verify have been fixed in the next binary release; but this won't help much to find any deliberate backdoors.

    Leave a comment:


  • piorunz
    replied
    Good move. While not letting anyone compile and run modified software, it allows independent engineers and hackers to read the code and verify it. To make sure there are no nasty surprises in it.

    Leave a comment:


  • marlock
    replied
    Originally posted by boboviz View Post

    It's a GREAT idea to modify (by yourself) the firmware of servers in a datacenter (this firmware is for EPYC cpu)!!

    Errr, no, it's NOT a GREAT idea.
    As counterintuitive as it may sound, major corps behind huge datacenters such as Facebook are of the opposite opinion, and have put their development weight behind making it happen:


    This allows for a far smaller and easier to audit firmware attack surface because the custom firmware can cut off anything and everything that's not needed for that specific use, faster (re)booting positively impacting downtimes for each machine, advanced specialized architectures that a traditional firmware might not enable so directly, etc, etc

    Is it complicated to develop? Sure... but then again being FOSS means there's at least the possibility for a wide-range cooperation and creation of reference designs, implementations, etc instead of each company reinventing the wheel alone from scratch


    Unfortunately what AMD did falls short of being FOSS or even of the opencompute open firmware criteria, but still better than not doing it

    Leave a comment:


  • boboviz
    replied
    Originally posted by NeoMorpheus View Post
    AMD offers/publishes/supports open source: Negative comments.

    Ngreedia keeps treating Linux like shit: Forums members keeps giving them money and free passes.
    As usual. Nothing new

    Leave a comment:


  • boboviz
    replied
    Originally posted by hlandau View Post
    This means that while this source code has been made available, you can't actually compile it yourself or use it on your computer. It doesn't give you the freedom to modify the software, which is what open source is supposed to do. In short, this doesn't actually move things any closer to actually be able to have fully FOSS firmware on a PC, or to allow use of e.g. Libreboot with modern AMD systems.
    It's a GREAT idea to modify (by yourself) the firmware of servers in a datacenter (this firmware is for EPYC cpu)!!

    Errr, no, it's NOT a GREAT idea.

    Leave a comment:


  • Developer12
    replied
    Let's not blow this out of proportion.

    This is code for *one* app running on the PSP, it's far from complete, and you'll never be able to run it. This is just a code dump, with the intention of allowing security researchers to comb through it for bugs.

    The licence is wrong for people to do anything with it, they're not accepting contributions, it's missing headers and build scripts and other junk, and you'd have to get it signed by AMD to run it because there's no provision for testing locally.

    One has to admit though that it technically is *a step* towards the demands to "open source the PSP" even if very small.

    Leave a comment:


  • szymon_g
    replied
    does it work only with epyc or can some of the features be used with ryzen pro cpus?

    Leave a comment:


  • OneTimeShot
    replied
    AMD releasing all their secret IP. Oh noes, Intel will steal it!

    Leave a comment:


  • GreenReaper
    replied
    While I agree that the title is misleading, different understandings on what "open source" actually means is one of the reasons it's a bad idea to use it if you actually mean "available to use under a free licence".

    Leave a comment:

Working...
X