AMD平台安全處理器

AMD平台安全處理器（英語：AMD Platform Security Processor），公司稱其為AMD安全技術（英語：AMD Secure Technology），作為可信執行環境子系統自2013年起引入AMD處理器中^[1]。AMD開發人員手冊稱該系統「能夠創建、監測和維持安全環境」和「涵蓋了管理啟動過程，初始化各種與安全相關的機制、監測系統中的任何可疑活動或事件並妥善處理等功能」^[2]。有評論擔憂該技術可能暗藏後門並帶來安全隱患^[3]^[4]^[5]。AMD回絕了開源PSP所運行代碼的要求^[1]。

PSP類似英特爾管理引擎^[1]。

細節[編輯]

PSP實際是一個處理器內部的ARM處理器^[6]。

安全記錄[編輯]

谷歌安全研究人員 Cfir Cohen於2017年9月報告了一個PSP帶來的AMD產品漏洞，攻擊者能藉此獲取密碼、證書和其他敏感信息；據說有關廠商於2017年12月收到了補丁^[7]^[8]。

2018年3月，一家以色列安全技術公司宣稱發現了數個在AMD Zen架構處理器上（EPYC、Ryzen、Ryzen Pro與Ryzen Mobile）由PSP引起、會導致間諜軟件運行並獲取權限訪問敏感信息的嚴重漏洞^[9]。AMD後來發布了修復漏洞的固件更新^[10]^[11]。雖然有人認為這些漏洞是為了操縱股票披露的^[12]^[13]，CTS實驗室所聲稱的風險仍有爭議，但獨立安全專家證實了漏洞的存在^[14]。

參考文獻[編輯]

^ ^1.0 ^1.1 ^1.2 Williams, Rob. AMD Confirms It Won't Opensource EPYC's Platform Security Processor Code. 2017-07-19 [2020-01-23]. （原始內容存檔於2019-06-03）. This chip is found on most AMD platforms from 2013 on, and behaves much like Intel's Management Engine does [...] The rather blunt realization that PSP wasn't being open sourced came out during a discussion with AMD top brass about EPYC.
^ BIOS and Kernel Developer's Guide (BKDG) for AMD Family 16h Models 30h-3Fh Processors (PDF). AMD: 156. 2016 [2020-01-23]. （原始內容存檔 (PDF)於2018-06-16）.
^ Martin, Ryan. Expert Says NSA Have Backdoors Built Into Intel And AMD Processors. eteknix.com. July 2013 [2018-01-19]. （原始內容存檔於2018-01-19）.
^ Claburn, Thomas, Security hole in AMD CPUs' hidden secure processor code revealed ahead of patches, The Register, 2018-01-06 [2020-01-23], （原始內容存檔於2020-05-19）
^ Larabel, Michael. AMD Reportedly Allows Disabling PSP Secure Processor With Latest AGESA. 2017-12-07 [2020-01-23]. （原始內容存檔於2009-09-21）. This built-in AMD Secure Processor has been criticized by some as another possible attack vector...
^ Libreboot FAQ. [2020-01-23]. （原始內容存檔於2021-01-21）. The PSP is an ARM core with TrustZone technology, built onto the main CPU die.
^ Millman, Rene. Security issue found in AMD's Platform Security Processor. 2018-01-08 [2020-01-23]. （原始內容存檔於2018-01-26）.
^ Cimpanu, Catalin. Security Flaw in AMD's Secure Chip-On-Chip Processor Disclosed Online. 2018-01-06 [2020-01-23]. （原始內容存檔於2020-11-09）.
^ Goodin, Dan. A raft of flaws in AMD chips makes bad hacks much, much worse. Ars Technica. 2018-03-13 [2020-01-23]. （原始內容存檔於2020-11-25）.
^ Bright, Peter. AMD promises firmware fixes for security processor bugs All bugs require administrative access to exploit. Ars Technica. 2018-03-20 [2020-01-23]. （原始內容存檔於2020-12-10）.
^ Papermaster, Mark. Initial AMD Technical Assessment of CTS Labs Research. AMD Community. 2018-03-21 [2020-01-23]. （原始內容存檔於2020-11-09）.
^ Burke, Steve. Assassination Attempt on AMD by Viceroy Research & CTS Labs, AMD "Should Be $0". GamersNexus. [2020-01-23]. （原始內容存檔於2019-12-20）.
^ Zynath Investment. AMD And CTS Labs: A Story Of Failed Stock Manipulation. Seeking Alpha. [2020-01-23]. （原始內容存檔於2018-03-19）.
^ Guido, Dan. "AMD Flaws" Technical Summary. [2020-01-23]. （原始內容存檔於2021-01-24）.

外部連結[編輯]

https://www.amd.com/en/technologies/security（頁面存檔備份，存於網際網路檔案館）官方網站介紹頁面（英文）
https://www.amd.com/zh-hans/technologies/security（頁面存檔備份，存於網際網路檔案館）官方網站介紹頁面（中文）

[Williams_2017-1] 1.0 ^1.1 ^1.2 Williams, Rob. AMD Confirms It Won't Opensource EPYC's Platform Security Processor Code. 2017-07-19 [2020-01-23]. （原始內容存檔於2019-06-03）. This chip is found on most AMD platforms from 2013 on, and behaves much like Intel's Management Engine does [...] The rather blunt realization that PSP wasn't being open sourced came out during a discussion with AMD top brass about EPYC.

[AMD_2016-2] BIOS and Kernel Developer's Guide (BKDG) for AMD Family 16h Models 30h-3Fh Processors (PDF). AMD: 156. 2016 [2020-01-23]. （原始內容存檔 (PDF)於2018-06-16）.

[Martin_2013-3] Martin, Ryan. Expert Says NSA Have Backdoors Built Into Intel And AMD Processors. eteknix.com. July 2013 [2018-01-19]. （原始內容存檔於2018-01-19）.

[Claburn_2018-4] Claburn, Thomas, Security hole in AMD CPUs' hidden secure processor code revealed ahead of patches, The Register, 2018-01-06 [2020-01-23], （原始內容存檔於2020-05-19）

[Larabel_2017-5] Larabel, Michael. AMD Reportedly Allows Disabling PSP Secure Processor With Latest AGESA. 2017-12-07 [2020-01-23]. （原始內容存檔於2009-09-21）. This built-in AMD Secure Processor has been criticized by some as another possible attack vector...

[Libreboot-6] Libreboot FAQ. [2020-01-23]. （原始內容存檔於2021-01-21）. The PSP is an ARM core with TrustZone technology, built onto the main CPU die.

[Millman_2018-7] Millman, Rene. Security issue found in AMD's Platform Security Processor. 2018-01-08 [2020-01-23]. （原始內容存檔於2018-01-26）.

[Cimpanu_2018-8] Cimpanu, Catalin. Security Flaw in AMD's Secure Chip-On-Chip Processor Disclosed Online. 2018-01-06 [2020-01-23]. （原始內容存檔於2020-11-09）.

[Goodin_2018-9] Goodin, Dan. A raft of flaws in AMD chips makes bad hacks much, much worse. Ars Technica. 2018-03-13 [2020-01-23]. （原始內容存檔於2020-11-25）.

[Bright_2018-10] Bright, Peter. AMD promises firmware fixes for security processor bugs All bugs require administrative access to exploit. Ars Technica. 2018-03-20 [2020-01-23]. （原始內容存檔於2020-12-10）.

[Papermaster_2018-11] Papermaster, Mark. Initial AMD Technical Assessment of CTS Labs Research. AMD Community. 2018-03-21 [2020-01-23]. （原始內容存檔於2020-11-09）.

[12] Burke, Steve. Assassination Attempt on AMD by Viceroy Research & CTS Labs, AMD "Should Be $0". GamersNexus. [2020-01-23]. （原始內容存檔於2019-12-20）.

[13] Zynath Investment. AMD And CTS Labs: A Story Of Failed Stock Manipulation. Seeking Alpha. [2020-01-23]. （原始內容存檔於2018-03-19）.

[trailofbits-14] Guido, Dan. "AMD Flaws" Technical Summary. [2020-01-23]. （原始內容存檔於2021-01-24）.

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]

[10]

[11]

[12]

[13]

[14]