Do ARM chips have ME or PSP equivalents? It would be great to be able to buy a new machine and use something like coreboot without having to use hacks to disable ME.
Arm sells barebones CPU cores which can be used to create more complex processors like complete SoCs. When I mean barebones, I mean the traditional core with branch predictors, instruction fetchers, writebacks, etc.
Intel and AMD sell an entire System-on-a-Chip disguised as a CPU processor. Their CPU is much more than a CPU core: they contain an entire system in there.
If you want to make a comparison, it is more correct to compare the Snapdragon and the Exynos chips to the off-the-shelves CPUs that Intel and AMD sell.
Arm only sells technologies that enable other companies to create a final product, it doesn't impose those kind of "management systems" and binary blobs.
It would be fair to mention that TrustZone, the equivalent technology, is built into the cores/ISA. They also do distribute software related to the TrustZone, albeit not a full TEE solution.
Yes, AMD's PSP is actually licensed from ARM, its why there is a small ARM Cortex CPU on AMD's CPUs and APUs. The first few times they tried adding it on did not go well FYI, so they disabled this small chunk of silicon at the factory.
In 2013 AMD successfully fabricated a CPU with said ARM Cortex core embedded, thus that was the first year they actually offered their PSP. AMD had similar problems with their APU's for a number of years IIRC, whereby making a single chip with both CPU and GPU on it had poor yields with a high percentage of dead chips.
If the next Mac Pro doesn’t utterly blow me away I’ll take a dual-CPU POWER9 system into serious consideration. My only concern is drivers for suitably powerful GPUs.
Unfortunately it's not as easy to answer. Intel and AMD manufacture their own chips which means they can put their backdoors into all their products. However with ARM they license their IP and other companies make their chips.
This means some companies have hidden proprietary code in their bootloaders. For example the Samsung Exynos have a range of ARM chips, but to boot them you must use their bootloader, which may contain spyware, backdoors or surveillance systems. You can not see the source code for this bootloader and have no way of auditing what it actually does.
Rockchip is another company that makes ARM chips, and can be considered mostly free [1]. As with all hardware it's very hard to know what's going on inside, but all the code to boot into Linux (minus the optional GPU) on a Rockchip product is open source and can be audited/compiled by anyone.
ARM also have TrustZone [2] that allows you to run applications in a "secure" (or separate) space. It doesn't run on a separate chip, but runs on the ARM chip, separating memory and instructions from the operating system. (Don't quote me but...) I believe you don't actually have to use TrustZone. The instructions/documentation for it doesn't appear to be available to the public, however if you don't upload a blob for TrustZone, with Rockchip it simply won't use it and will run everything on the same level. (Note this is true for Rockchip, but again depending on who is manufacturing the ARM chip, they may force you to use TrustZone).
Unlike with Intel ME and AMD PSP, if you don't want to use their ME, you have no choice. If you remove the blob your system won't boot (or will restart after 30 minutes for some older models).
This means if ARM TrustZone is compromised you can remove it and continue on as normal. But if ME and PSP are compromised you are at the will of Intel and any agency it may have colluded with.
While we're on the subject of free and open source code, note that with (most) ARM chips, the GPU is closed source just like the Intel ME. Again, the difference is if you don't want to use the GPU, you can just not upload the blob, and use the CPU without the GPU. There are some movements being made to open the GPU [3], but it's still a long way off.
TrustZone is essentially an ISA extension, similar to Intel's TXT and SGX to provide a trusted execution environment. You can trivially avoid it by never running any of the related instructions.
The closed boot loader is a red herring. Unless you have the underlying RTL source the hardware could do anything - no secret boot loader required. Open source without open hardware is a false sense of security.
Every moderately complex SoC will have something like ME or PSP. The most recent big boy ARM SoC that I can think of without something like that was the iMX6. Even SiFive's newer U54-MC RISC-V SoC has a little "monitor core".
SoC power management, system bringup, and maintenance tasks are complicated enough these days to warrant a full small core tacked onto the side. These cores are necessary, and aren't going away. Complaining about them being there is just pissing into the wind. Complain about what they're used for and the closed source nature of their code.
> SoC power management, system bringup, and maintenance tasks are complicated enough these days to warrant a full small core tacked onto the side. These cores are necessary, and aren't going away. Complaining about them being there is just pissing into the wind.
There's a vast difference between such a core being used solely for bringup/power management/housekeeping and it having a network connection to the outside and being used for "remote management" (and running with godawfully insecure parsing code, at that).
They can have it, as ARM TrustZone. This is an independent ARM chip and is in fact used in the AMD PSP. I don't know if some or all of these laptop SoCs would have one, though. Some (most?) Android phones have one (see: https://googleprojectzero.blogspot.com/2017/07/trust-issues-...)
ARM TrustZone isn’t a chip at all, and it’s not a thing that an SoC could have. It’s just another operating mode of an ARM processor. It’s more analogous to x86’s SMM than to PSP or ME. TrustZone is also fully documented AFAIK.
So the real question is: will the laptops let end users replace the TrustZone kernel?
sweden|7 years ago
Intel and AMD sell an entire System-on-a-Chip disguised as a CPU processor. Their CPU is much more than a CPU core: they contain an entire system in there.
If you want to make a comparison, it is more correct to compare the Snapdragon and the Exynos chips to the off-the-shelves CPUs that Intel and AMD sell.
Arm only sells technologies that enable other companies to create a final product, it doesn't impose those kind of "management systems" and binary blobs.
surajrmal|7 years ago
StudentStuff|7 years ago
In 2013 AMD successfully fabricated a CPU with said ARM Cortex core embedded, thus that was the first year they actually offered their PSP. AMD had similar problems with their APU's for a number of years IIRC, whereby making a single chip with both CPU and GPU on it had poor yields with a high percentage of dead chips.
sweden|7 years ago
They could have used MIPS, PowerPC or any other CPU cores for PSP, they just decided to go with Arm.
ZiiS|7 years ago
monocasa|7 years ago
The only reason why it might not be considered a ME or PSP replacement is that the user can control the signing keys.
https://en.wikipedia.org/wiki/OpenBMC
qubex|7 years ago
turblety|7 years ago
This means some companies have hidden proprietary code in their bootloaders. For example the Samsung Exynos have a range of ARM chips, but to boot them you must use their bootloader, which may contain spyware, backdoors or surveillance systems. You can not see the source code for this bootloader and have no way of auditing what it actually does.
Rockchip is another company that makes ARM chips, and can be considered mostly free [1]. As with all hardware it's very hard to know what's going on inside, but all the code to boot into Linux (minus the optional GPU) on a Rockchip product is open source and can be audited/compiled by anyone.
ARM also have TrustZone [2] that allows you to run applications in a "secure" (or separate) space. It doesn't run on a separate chip, but runs on the ARM chip, separating memory and instructions from the operating system. (Don't quote me but...) I believe you don't actually have to use TrustZone. The instructions/documentation for it doesn't appear to be available to the public, however if you don't upload a blob for TrustZone, with Rockchip it simply won't use it and will run everything on the same level. (Note this is true for Rockchip, but again depending on who is manufacturing the ARM chip, they may force you to use TrustZone).
Unlike with Intel ME and AMD PSP, if you don't want to use their ME, you have no choice. If you remove the blob your system won't boot (or will restart after 30 minutes for some older models).
This means if ARM TrustZone is compromised you can remove it and continue on as normal. But if ME and PSP are compromised you are at the will of Intel and any agency it may have colluded with.
While we're on the subject of free and open source code, note that with (most) ARM chips, the GPU is closed source just like the Intel ME. Again, the difference is if you don't want to use the GPU, you can just not upload the blob, and use the CPU without the GPU. There are some movements being made to open the GPU [3], but it's still a long way off.
1. https://libreboot.org/docs/hardware/c201.html
2. http://www.openvirtualization.org/open-source-arm-trustzone....
3. https://gitlab.freedesktop.org/lima
gsnedders|7 years ago
slededit|7 years ago
monocasa|7 years ago
SoC power management, system bringup, and maintenance tasks are complicated enough these days to warrant a full small core tacked onto the side. These cores are necessary, and aren't going away. Complaining about them being there is just pissing into the wind. Complain about what they're used for and the closed source nature of their code.
zkms|7 years ago
There's a vast difference between such a core being used solely for bringup/power management/housekeeping and it having a network connection to the outside and being used for "remote management" (and running with godawfully insecure parsing code, at that).
craftyguy|7 years ago
danarmak|7 years ago
amluto|7 years ago
So the real question is: will the laptops let end users replace the TrustZone kernel?
masklinn|7 years ago
A complication is that ARM only designs the ISA, implementors can very much add their own management system to the SoC.