I, also, would love to see this happen. AMD supporting Coreboot/Libreboot would be an instant win over for me as well. All my systems as well as my clients systems would from then on be AMD based.
This is more a question towards the motherboard and how openly the manufacturer makes documentation available. Technically everything is possible, but it will take time for Coreboot to release a build for it. You then replace the code from AMI, Phoenix or some other company (which the manufacturers bought and paid for to be delivered with your board).
AMD itself is very open when it comes to documentation and support of open source. But Intel and Nvidia are more popular, so this is where lots of 'hobby' developer spend most of their time with.
I promise I will ditch Intel and start buying AMD products instead if AMD begins to help Coreboot/Libreboot developers.
I'm considering getting a couple of Intel-based laptops quite soon. I previously avoided Intel and got an Asus F2A85-M due to it working to an extent with Coreboot, but now this PSP stuff makes me think there's no point avoiding Intel anymore.
If AMD were to properly support Libreboot, Intel would seriously be out of the question for me.
What reasons AMD could have not to support Coreboot/Libreboot on their processors? Here are my thoughts:
- Competitive advantage: Other companies could copy something that AMD does best. I don't think this one is valid because Intel already does the same thing.
- Could be abused by nasty people: From what I understand, you need physical access to the components to actually do something. Someone at the store could insert some nasty payload and pass the compromised system to the client. Maybe it could happen, I'm not sure.
- Crappy or stolen code: The code AMD uses could be of poor quality and/or use some copyrighted code. AMD does not want to show its code because it could land them in trouble with the community. At least the poor quality code is likely.
- Security by obscurity: The design is bad and full of holes. By showing the code, new exploits could be observed and older systems could be placed in peril. (Well, they are already in peril, most likely). If AMD and the *boot people could work on a new system, this problem could be suppressed.
- NSA (or other agency) forbids them to: What more is there to say? I would not ignore this possibility.
- Could cause problems to users and increase support costs: People messing with their systems? That could mean trouble. Should this invalidate the warranty of the system? I would be OK with that if this is what is keeping AMD back.
I would buy a nice Ryzen 7 if Coreboot/Libreboot was supported. But for now, my aging system is good enough, and it has no PSP. More open system means a more open wallet (not just mine, as us geeks are often asked about recommendations).
If AMD won't open up PSP, then at least allow us to disable it in some form.
I'm with these guys. AMD, please support Coreboot/Libreboot by providing, at minimum, a sanitized non-proprietary source tree and an toolchain for building that souce into a firmware that can be signed and executed.
I want the security community to be allowed to validate the code allowed to run on modern CPUs. IMHO, if that means you guys strip the PSP firmware down to the bare "it works" source code and neglect to maintain it from there, that's just fine. The argument against releasing source seemed to be, "It's too expensive to continually redact proprietary bits from source code." Well, I'm only asking that you do it once. As long as we, the community, can compile and execute our own firmware for AMD CPUs, we will maintain our own branch and we can be happy knowing that your products operate as intended.
Please, AMD, for the sake of real security and trust, support efforts to provide free/libre/open firmware for modern CPUs.