It's not just OMI that's the trouble with POWER10


Now that POWER10 is out, the gloves (or at least the NDA) are off. Raptor Computing had been careful not to explicitly say what about POWER10 they didn't like and considered non-free, though we note that they pointed to our (and, credit where credit's due, Hugo Landau's) article on OMI's closed firmware multiple times. After all, when even your RAM has firmware, even your RAM can get pwned.

Well, it looks like they're no longer so constrained. In a nerdily juicy Twitter thread, Raptor points out that there's something else iffy with POWER10: unlike the issue with OMI firmware, which is not intrinsically part of the processor (the missing piece is the on-DIMM memory controller), this additional concern is the firmware for the on-chip "PPE I/O processor." It's 16 kilowords of binary blob. The source code isn't available.

It's not clear what this component does exactly, either. The commit messages, such as they are, make reference to a Synopsys part, so my guess is it manages the PCIe bus. Although PPE would imply a Power Processing Element (a la Cell or Xenon), the firmware code does not obviously look like Power ISA instructions at first glance.

In any case, Raptor's concern is justified: on POWER9, you can audit everything, but on POWER10, you have to trust the firmware blobs for RAM and I/O. That's an unacceptable step down in transparency for OpenPOWER, and one we hope IBM rectifies pronto. Please release the source.

Comments

  1. Is it not possible to operate the POWER10 like a POWER9? I mean, with standard DDR4 RAM modules and without OMI?

    ReplyDelete
    Replies
    1. Not that I know of currently, because the CPU memory interface only knows how to speak OpenCAPI, and the only I/O attach is via PCIe. The first *might* be solvable if someone(tm) developed a controller on the board, but the second (the PPE I/O controller) is a bigger problem.

      Delete
  2. Do we know what IBM's response has been to this situation? Has there been any effort on their part to try and get these issues rectified?

    ReplyDelete

Post a Comment

Comments are subject to moderation. Be nice.