Question, regarding psp,

[FrostKnight]

Is there going to be a psp cleaner in the future, for amd processors?

Like there is for intel?

I was curious, I don't need anything mega new, but I would like to be able to see the network stack disabled similar to how it is on intel processors 3rd gen and up via me cleaner.

I am very curious in fact how close you guys are to that/or other people being close to such a goal.

[cwerling]

We are not working on a tool similar to MECleaner for the PSP and we don't see substantial reason to do so. As far as we have looked into the firmware running on the PSP, there is no network stack included and therefore no direct communication to the internet.

From my personal perspective, in terms of threats customers already need to trust AMD with manufacturing something as complex as a CPU without introducing bugs (let alone backdoors). "Cleaning" one small piece of this complex system (i.e. the PSP's firmware) would be a drop in the ocean.

That is not to say that they weren't bugs in the past (there were). However, they are only relevant for very specific attack scenarios (e.g. a malicious admin attacking an SEV-protected VM, attacking AMD's firmware-based TPM, or breaking AMD Platform Secure Boot).

[FrostKnight]

We are not working on a tool similar to MECleaner for the PSP and we don't see substantial reason to do so. As far as we have looked into the firmware running on the PSP, there is no network stack included and therefore no direct communication to the internet.

From my personal perspective, in terms of threats customers already need to trust AMD with manufacturing something as complex as a CPU without introducing bugs (let alone backdoors). "Cleaning" one small piece of this complex system (i.e. the PSP's firmware) would be a drop in the ocean.

That is not to say that they weren't bugs in the past (there were). However, they are only relevant for very specific attack scenarios (e.g. a malicious admin attacking an SEV-protected VM, attacking AMD's firmware-based TPM, or breaking AMD Platform Secure Boot).

Do you know of any backdoors amd processors currently have that have network stack? I would be interested to know for coreboot/libreboot/skulls bios sake.

[cwerling]

I don't think I understand your question. Do you mean if I know of any components or co-processors that have a network stack (i.e. means to communicate via TCP/IP)? No, I don't. And of course, I don't know of any "backdoor" either, otherwise I would feel obliged to responsively disclose it to the public.

[FrostKnight]

I don't think I understand your question. Do you mean if I know of any components or co-processors that have a network stack (i.e. means to communicate via TCP/IP)? No, I don't. And of course, I don't know of any "backdoor" either, otherwise I would feel obliged to responsively disclose it to the public.

That was what I was asking, yeah. I also wondered if you thought porting coreboot to 2018+ processors would be semi hard, hard, very hard or downright impossible. This being said, what you say makes sense. You would have said something if you thought there was backdoors in amd with network stack.

Some consider amd psp to be like intel me, its good to hear that this is probably not be the case.