Re: [PATCH v1 5/6] site: faq: change x86 to AMD64.

[Adrien 'neox' Bourmault]

Le dimanche 12 mai 2024 à 23:36 +0200, Denis 'GNUtoo' Carikli a écrit :
> From: DiffieHellman <DiffieHellman@endianness.com>
> 
> Most people using x86 CPUs use the AMD64 ISA, so people are usually
> more interested in 64bit x86 CPUs than 32bit ones.
> 
> Signed-off-by: DiffieHellman <DiffieHellman@endianness.com>
> GNUtoo: split, commit message, removed 1 useless change.
> Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
> ---
>  site/faq.md | 8 ++++----
>  1 file changed, 4 insertions(+), 4 deletions(-)
> 
> diff --git a/site/faq.md b/site/faq.md
> index 51ba61b..d9da350 100644
> --- a/site/faq.md
> +++ b/site/faq.md
> @@ -507,15 +507,15 @@ issues, although the implementation is wildly different.
>  The Platform Security Processor (PSP) is built in on the AMD CPUs whose
>  [architecture](
> https://en.wikipedia.org/wiki/List_of_AMD_CPU_microarchitectures) is Late
> Family 16h (Puma), Zen 17h or later (and also on
>  the AMD GPUs which are GCN 5th gen (Vega) or later). On the CPUs, a PSP
> -controls the main x86 core startup. PSP firmware is cryptographically
> +controls the main AMD64 core startup. PSP firmware is cryptographically
>  signed with a strong key similar to the Intel ME. If the PSP firmware
> -is not present, or if the AMD signing key is not present, the x86 cores
> +is not present, or if the AMD signing key is not present, the AMD64 cores
>  will not be released from reset, rendering the system inoperable.
>  
>  The PSP is an ARM core with TrustZone technology, built onto the main
>  CPU die. As such, it has the ability to hide its own program code,
>  scratch RAM, and any data it may have taken and stored from the
> -lesser-privileged x86 system RAM (kernel encryption keys, login data,
> +lesser-privileged AMD64 system RAM (kernel encryption keys, login data,
>  browsing history, keystrokes, who knows!). To make matters worse, the
>  PSP theoretically has access to the entire system memory space (AMD
>  either will not or cannot deny this, and it would seem to be required to
> @@ -593,7 +593,7 @@ shows that something is seriously wrong with AMD. Like
> Intel, they do
>  not deserve your money.

All okay for me at this point.

>  
>  Given the current state of Intel hardware with the Management Engine, it
> -is our opinion that all performant x86 hardware newer than the AMD
> +is our opinion that all performant AMD64 hardware newer than the AMD
>  Family 15h CPUs (on AMD's side) or anything post-2009 on Intel's side
>  is defective by design and cannot safely be used to store, transmit, or
>  process sensitive data. Sensitive data is any data in which a data

Here, I'm a bit annoyed since we're talking about AMD and Intel implementations,
so I would prefer to stick with x86 here. GNUtoo, what do you think ?
-- 
Adrien Bourmault
Maintainer, GNU Boot project
Associate member, Free Software Foundation
GPG : 393D4CC68136F39799DA75F295F65F55F682A17A

signature.asc
Description: This is a digitally signed message part