[vfio-users] Lots of info for AMD Ryzen early adopters
Taiidan at gmx.com
Taiidan at gmx.com
Sun Mar 5 23:12:29 UTC 2017
I imagine most of the virtualization issues are not a hardware problem
but an implementation problem where the board vendors don't want desktop
boards to cut in to server/workstation board marketshare, I presume they
could be fixed with a coreboot open source init port. (not the closed
source version of AGESA which would be pointless)
RE legit virt support:
AMD's circa 2010 SR56xx chipset on my g34 opteron system has full ACS
with proper IOMMU groups, it seems AMD has made a downgrade or they're
going the intel route and making ACS a "server" chipset feature by
fusing the silicon to disable it.
There is a drive and discussion on the coreboot mailing list enticing
AMD to free the platform by releasing the source and a flashing mechanism.
https://www.coreboot.org/pipermail/coreboot/2017-March/083496.html
https://libreboot.org/amd-libre/
Zen (and FM2+) systems have the Platform "Security" Processor which is
an equivalent to Intel's Management Engine, so AMD's cooperation would
be required to port it due to signing key enforcement and basic hardware
init being handled by the closed source supervisor processor (unlike the
previous gen AM3+/G34/C32/FM2/AM1 processors that had no PSP and no
hardware signing key enforcement)
The only reason OEM's add hardware signing enforcement is to force
people to buy new hardware instead of fixing the hardware they have. (I
am not referring to BIOS update flash signatures, but hardware signature
enforcement that prevents externally flashed firmware from being loaded)
More information about the vfio-users
mailing list