Intel/AMD CPU Security Features

Philipp_Deppenwiese · November 3, 2023, 3:59pm

Hello Framework folks,

It would be great to know what kind of security features are available per SoC platform.
What I mean by that is that you provide detailed security information that has been activated and is available to use in the technical specification, like:

Intel Example:

Intel Firmware TPM
Intel BootGuard 2.0
Intel MKTME
Intel IOMMU
Intel TXT
Intel SGX

AMD Example:

AMD fTPM
AMD SKINIT
AMD SME
AMD SEV
AMD IOMMU

It would also be great if they were known to be working and tested in some testbed.
Normally I don’t want to buy any laptop without IOMMU and TPM 2.0 anymore, especially in the begin of Windows 11 security era…

Peter_Schofield · November 4, 2023, 11:12am

obsolete and removed since 10th gen. (technically still present in 11th gen but not reported, gone completely since 12th gen)

Azure · November 5, 2023, 2:47am

As this is a user forum, you are unlikely to get an official response from the Framework team here. You can get an official response to your question by reaching out to Framework Support. Note that they are dealing with long queues right now, so it could take them a bit of time to get back to you on this.

Kelvie · November 10, 2023, 7:02pm

I’m also interested in this – especially in the SME (memory encryption).

It’s one of those things which (I think) helps full-disk-encryption keys in suspend (and perhaps hibernate?).

I know the intel had it, but I don’t see the option on my AMD framework.