AMD Platform Security Processor: Difference between revisions
Beeldscherm (talk | contribs) Added information and concerns. |
Removed 2 duplicate url-status parameter(s) from 2 citation(s) using CRWCitationBot |
||
| (3 intermediate revisions by 3 users not shown) | |||
| Line 8: | Line 8: | ||
|Logo=AMD logo.svg|Website=https://www.amd.com/en.html}} | |Logo=AMD logo.svg|Website=https://www.amd.com/en.html}} | ||
The '''AMD Platform Security Processor (PSP)''', also known as the '''AMD Secure Processor''', is an autonomous processor embedded on most modern AMD CPU's since 2013. The PSP has full access to memory and is capable of running without the main CPU cores being active.<ref>{{Cite web |last=Eichner |first=Alexander |last2=Buhren |first2=Robert |date=2020-08-05 |title=All you ever wanted to know about the AMD Platform Security Processor and were afraid to emulate |url=https://i.blackhat.com/USA-20/Wednesday/us-20-Buhren-All-You-Ever-Wanted-To-Know-About-The-AMD-Platform-Security-Processor-And-Were-Afraid-To-Emulate.pdf |url-status=live |access-date=2026-02-04 |website=blackhat.com}}</ref> | The '''[[AMD]] Platform Security Processor (PSP)''', also known as the '''AMD Secure Processor''', is an autonomous processor embedded on most modern AMD CPU's since 2013. The PSP has full access to memory and is capable of running without the main CPU cores being active.<ref>{{Cite web |last=Eichner |first=Alexander |last2=Buhren |first2=Robert |date=2020-08-05 |title=All you ever wanted to know about the AMD Platform Security Processor and were afraid to emulate |url=https://i.blackhat.com/USA-20/Wednesday/us-20-Buhren-All-You-Ever-Wanted-To-Know-About-The-AMD-Platform-Security-Processor-And-Were-Afraid-To-Emulate.pdf |url-status=live |access-date=2026-02-04 |website=blackhat.com |archive-url=https://web.archive.org/web/20260215213932/https://i.blackhat.com/USA-20/Wednesday/us-20-Buhren-All-You-Ever-Wanted-To-Know-About-The-AMD-Platform-Security-Processor-And-Were-Afraid-To-Emulate.pdf |archive-date=15 Feb 2026}}</ref> | ||
AMD has not provided much information about the PSP, but several features are know, including:<ref>{{Cite web |date=2023-04-17 |title=Reversing the AMD Secure Processor (PSP) |url=https://dayzerosec.com/blog/2023/04/17/reversing-the-amd-secure-processor-psp.html |url-status=live |archive-url=https://web.archive.org/web/20260112172321/https://dayzerosec.com/blog/2023/04/17/reversing-the-amd-secure-processor-psp.html |archive-date=2026-01-12 |access-date=2026-02-04 |website=dayzerosec.com}}</ref> | AMD has not provided much information about the PSP, but several features are know, including:<ref name=":0">{{Cite web |date=2023-04-17 |title=Reversing the AMD Secure Processor (PSP) |url=https://dayzerosec.com/blog/2023/04/17/reversing-the-amd-secure-processor-psp.html |url-status=live |archive-url=https://web.archive.org/web/20260112172321/https://dayzerosec.com/blog/2023/04/17/reversing-the-amd-secure-processor-psp.html |archive-date=2026-01-12 |access-date=2026-02-04 |website=dayzerosec.com}}</ref> | ||
* CPU initialization | *CPU initialization | ||
* Hardware-accelerated cryptography | *Hardware-accelerated cryptography | ||
* Hardware/software integrity verification ([[wikipedia:Trusted_Platform_Module|TPM]]) | *Hardware/software integrity verification ([[wikipedia:Trusted_Platform_Module|TPM]]) | ||
* Facilitating Secure Encrypted Virtualization ([https://www.amd.com/en/developer/sev.html SEV]) | *Facilitating Secure Encrypted Virtualization ([https://www.amd.com/en/developer/sev.html SEV]) | ||
There is no official way of disabling the PSP. Since it has responsibilities during the boot sequence, it is likely to be impossible to remove the PSP entirely without breaking the system.<ref name=":0" /> Around 2018, some users reported seeing a BIOS option to disable the PSP. <ref>{{Cite web |last=Cimpanu |first=Catalin |date=2018-01-06 |title=Security Flaw in AMD's Secure Chip-On-Chip Processor Disclosed Online |url=https://www.bleepingcomputer.com/news/security/security-flaw-in-amds-secure-chip-on-chip-processor-disclosed-online/ |url-status=live |archive-url=https://web.archive.org/web/20251219104119/https://www.bleepingcomputer.com/news/security/security-flaw-in-amds-secure-chip-on-chip-processor-disclosed-online/ |archive-date=2025-12-19 |access-date=2026-02-04 |website=BleepingComputer}}</ref> | |||
==Concerns== | ==Concerns== | ||
AMD has denied requests to open-source the software running on the PSP.<ref>{{Cite web |last=Williams |first=Rob |date=19 Jul 2017 |title=AMD Confirms It Won't Opensource EPYC's Platform Security Processor Code |url=https://hothardware.com/news/amd-confirms-it-will-not-be-opensourcing-epycs-platform-security-processor-code |url-status=live |archive-url=https://web.archive.org/web/20251123014437/https://hothardware.com/news/amd-confirms-it-will-not-be-opensourcing-epycs-platform-security-processor-code |archive-date=2025-11-23 |access-date=2026-02-04 |website=HotHardware}}</ref> This means that the inner workings of the PSP cannot be independently verified and | AMD has denied requests to open-source the software running on the PSP.<ref>{{Cite web |last=Williams |first=Rob |date=19 Jul 2017 |title=AMD Confirms It Won't Opensource EPYC's Platform Security Processor Code |url=https://hothardware.com/news/amd-confirms-it-will-not-be-opensourcing-epycs-platform-security-processor-code |url-status=live |archive-url=https://web.archive.org/web/20251123014437/https://hothardware.com/news/amd-confirms-it-will-not-be-opensourcing-epycs-platform-security-processor-code |archive-date=2025-11-23 |access-date=2026-02-04 |website=HotHardware}}</ref> This means that the inner workings of the PSP cannot be independently verified and bug-fixing can only be performed by AMD. This is an example of [[Security through obscurity|"security through obscurity"]], which has been criticized for taking away consumer rights. | ||
Some have accused the AMD PSP of having a backdoor because of its closed nature, full system access, and AMD's secrecy and unwillingness to make the code public.<ref>{{Cite web |date=15 Mar 2021 |title=Every modern computer has a backdoor |url=https://www.sysjolt.com/2021/every-modern-computer-has-a-backdoor/ |url-status=live |access-date=2026-02-04 |website=sysjolt.com |archive-url=https://web.archive.org/web/20260215213945/https://www.sysjolt.com/2021/every-modern-computer-has-a-backdoor/ |archive-date=15 Feb 2026}}</ref> | |||
==Vulnerabilities== | ==Vulnerabilities== | ||
{ | There have been several vulnerabilities related to AMD's PSP. | ||
{| class="wikitable" | |||
!Date | |||
!Vulnerability | |||
!CVE | |||
|- | |||
|2020 | |||
|Incorrect BIOS image length validation by the PSP might cause arbitrary code execution. | |||
|[https://nvd.nist.gov/vuln/detail/CVE-2020-12944 CVE-2020-12944] | |||
|- | |||
|2020 | |||
|Due to a vulnerability in the PSP, an attacker can modify registers and possibly bypass ROM protections. | |||
|[https://nvd.nist.gov/vuln/detail/CVE-2020-12961 CVE-2020-12961] | |||
|- | |||
|2021 | |||
|Insufficient verification of image decrypted by PSP may lead to arbitrary code execution. | |||
|[https://nvd.nist.gov/vuln/detail/CVE-2021-26315 CVE-2021-26315] | |||
|- | |||
|2021 | |||
|Using the PSP, low-privilege users are able to send driver requests, allowing data leakage. | |||
|[https://nvd.nist.gov/vuln/detail/CVE-2021-26333 CVE-2021-26333] | |||
|- | |||
|2021 | |||
|Insufficient address validation in PSP firmware may lead to arbitrary code execution. | |||
|[https://nvd.nist.gov/vuln/detail/CVE-2021-46771 CVE-2021-46771] | |||
|} | |||
==See also== | ==See also== | ||
* [[AMD]] | *[[AMD]] | ||
* [[Intel Management Engine]] | *[[Intel Management Engine]] | ||
==References== | ==References== | ||
Latest revision as of 06:18, 16 February 2026
AMD Platform Security Processor
| Basic Information | |
|---|---|
| Release Year | 2013 |
| Product Type | Surveillance, Security, Hardware, Computers, Firmware |
| In Production | Yes |
| Official Website | https://www.amd.com/en.html |
The AMD Platform Security Processor (PSP), also known as the AMD Secure Processor, is an autonomous processor embedded on most modern AMD CPU's since 2013. The PSP has full access to memory and is capable of running without the main CPU cores being active.[1]
AMD has not provided much information about the PSP, but several features are know, including:[2]
- CPU initialization
- Hardware-accelerated cryptography
- Hardware/software integrity verification (TPM)
- Facilitating Secure Encrypted Virtualization (SEV)
There is no official way of disabling the PSP. Since it has responsibilities during the boot sequence, it is likely to be impossible to remove the PSP entirely without breaking the system.[2] Around 2018, some users reported seeing a BIOS option to disable the PSP. [3]
Concerns
[edit | edit source]AMD has denied requests to open-source the software running on the PSP.[4] This means that the inner workings of the PSP cannot be independently verified and bug-fixing can only be performed by AMD. This is an example of "security through obscurity", which has been criticized for taking away consumer rights.
Some have accused the AMD PSP of having a backdoor because of its closed nature, full system access, and AMD's secrecy and unwillingness to make the code public.[5]
Vulnerabilities
[edit | edit source]There have been several vulnerabilities related to AMD's PSP.
| Date | Vulnerability | CVE |
|---|---|---|
| 2020 | Incorrect BIOS image length validation by the PSP might cause arbitrary code execution. | CVE-2020-12944 |
| 2020 | Due to a vulnerability in the PSP, an attacker can modify registers and possibly bypass ROM protections. | CVE-2020-12961 |
| 2021 | Insufficient verification of image decrypted by PSP may lead to arbitrary code execution. | CVE-2021-26315 |
| 2021 | Using the PSP, low-privilege users are able to send driver requests, allowing data leakage. | CVE-2021-26333 |
| 2021 | Insufficient address validation in PSP firmware may lead to arbitrary code execution. | CVE-2021-46771 |
See also
[edit | edit source]References
[edit | edit source]- ↑ Eichner, Alexander; Buhren, Robert (2020-08-05). "All you ever wanted to know about the AMD Platform Security Processor and were afraid to emulate" (PDF). blackhat.com. Archived (PDF) from the original on 15 Feb 2026. Retrieved 2026-02-04.
- ↑ 2.0 2.1 "Reversing the AMD Secure Processor (PSP)". dayzerosec.com. 2023-04-17. Archived from the original on 2026-01-12. Retrieved 2026-02-04.
- ↑ Cimpanu, Catalin (2018-01-06). "Security Flaw in AMD's Secure Chip-On-Chip Processor Disclosed Online". BleepingComputer. Archived from the original on 2025-12-19. Retrieved 2026-02-04.
- ↑ Williams, Rob (19 Jul 2017). "AMD Confirms It Won't Opensource EPYC's Platform Security Processor Code". HotHardware. Archived from the original on 2025-11-23. Retrieved 2026-02-04.
- ↑ "Every modern computer has a backdoor". sysjolt.com. 15 Mar 2021. Archived from the original on 15 Feb 2026. Retrieved 2026-02-04.