(9th June 2025)
Preface: AMD’s Versal™ Adaptive SoCs are used in a wide range of industries, particularly those requiring high-performance, low-latency processing and flexibility, such as data centers, wireless networking, automotive, aerospace, and defense. Versal chips are also utilized in areas like 5G wireless, advanced driver assist, and even 3D printing.
AMD’s Versal™ Adaptive SoC technology is used in several different chip series, including the Versal AI Edge, Versal AI Core, Versal Prime, Versal Premium, and Versal RF series. These SoCs are designed for a variety of applications, including AI inference, data-intensive workloads, and high-speed communication.
Background: Platform Management Controller (PMC), Platform Loader and Manager (PLM), and boot and configuration are key components in modern embedded systems, especially in Xilinx Versal ACAPs and similar platforms.
Key Steps Illustrated:
1.BootROM loads PL – Initial boot step from non-volatile memory.
2.PLM starts running – Executes on the MicroBlaze inside the PMC.
3.PLM authenticates and decrypts partitions – Uses hardware accelerators in the PMC for cryptographic operations.
4.PLM configures programmable logic – Loads and configures the Adaptive Engines and other programmable resources.
Remark: To understand the process, please refer to the attached diagram.
Vulnerability details: In Versal™ Adaptive SoC devices, the Platform Loader and Manager (PLM) implements runtime (post-boot) software services that can allow a remote processor to command the PLM to execute cryptographic operations – including AES, SHA3, RSA, ECDSA – using the hardened cryptographic accelerators, eFUSE and BBRAM reads and writes, reloading PDIs, and reading back the FPGA on behalf of the remote processor.
A potential vulnerability exists with commanding these runtime services, in that the memory passed with the command to execute the services is not checked by the PLM to verify that the requesting processor has access to the memory space.
Official announcement: Please refer to the link for details – https://www.amd.com/en/resources/product-security/bulletin/amd-sb-8010.html