Ergebnis 1 bis 2 von 2

Why don't mainboards come with a simple ARM chip for BIOS and diagnostics?

  1. #1 Zitieren
    banned
    Registriert seit
    Aug 2019
    Beiträge
    1
    A cheap and simple ARM chip (think IoT applications) that can access Bios and output via one of the mainboard's display connectors. Why?

    • Proper, detailed diagnostics, no beep beep / codes and guessing around
    • Flash BIOS without need for a compatible CPU (think AM4)
    • Change BIOS settings without need to reset via jumper (OC, testing for stability etc.)
      Also,These days server BMCs allow you to dump huge amounts of data from CPU registers on crashes, allow you to update BIOS and verify bios signatures before upgrades, change settings, reset CMOS, etc. etc. That's for Intel anyway, I don't think AMD supports as much of the diagnostics side.

    gammy13 ist offline Geändert von foobar (27.08.2019 um 14:29 Uhr) Grund: Werbelink entfernt

  2. #2 Zitieren

    Metasyntaktische Variable
    Avatar von foobar
    Registriert seit
    Sep 2004
    Ort
    Direkt hinter dir! Buh!
    Beiträge
    24.009
    There actually are some AMD Ryzen mainboards that do allow to update the BIOS without having a CPU in the socket.

    Generally speaking, it's not as easy as just putting a little chip somewhere and be done with it. You also need to wire it up to everything you want it to control which takes away board space (routing cost). It might even make it so that you need an additional layer on the PCB (which increases production cost). Then you need to make sure that this microcontroller doesn't interfere with normal operations (higher debugging and testing cost). And if you want it to actually do something, it needs a firmware on it. Which, like the BIOS, needs to be programmed, tested, updated, etc (software development cost).

    So it's usually the fancy pancy high-end gaming mainboards that have a feature like that. The cheaper the motherboard, the more those costs are going to be problem. You could probably get it anyway, but might have to trade it for some other feature that would also be nice to have. And then it's a market thing. Do you, as a customer, want a feature that's only going to be useful during the initial setup and in case of problems? Or some other feature that you can use all the time? What is more useful? What sounds more useful in the marketing material?

    There's also a security angle. Look at the management functions of modern systems that are located inside the CPU or chipset. Intel used to call it the IME (Intel Management Engine). They somewhat recently renamed it to CSME (Compromised Converged Security and Management Engine). Maybe due to its bad reputation (see below). AMD has something similar, only they call it PSP (Plattform Security Processor).

    These are, essentially, microcontrollers that run independently from the normal CPU and operating system. And AMD's PSP is, in fact, based on an ARM core. And what you have there is, in simple terms, a second system hidden inside your machine. Running its own operating system, doing its own thing. Without supervision. A "shadow computer" that you cannot control and do not know what exactly it's doing. It knows everything that's happening on your system and can, at any time, bypass or override anything that you or your main OS want to do. Even if you trust Intel and AMD not to abuse that power (e.g. let the NSA plant a back door in it whenever they want), it can also potentially serve as a target for viruses. A virus inside these modules would have total control over the machine and could operate with impunity. And there would be no way to detect or remove it with antivirus software running under your normal OS. There have been several instances of security vulnerabilities in these modules that could have been used to attack the computer.

    Both Intel and AMD refuse to properly document this microcontroller and its firmware. And obviously, they don't want you to replace it with an open source alternative. This has often been criticised, and especially Intel's IME has had some bad press (hence the re-labeling).
    foobar ist offline

Berechtigungen

  • Neue Themen erstellen: Nein
  • Themen beantworten: Nein
  • Anhänge hochladen: Nein
  • Beiträge bearbeiten: Nein
  •