AMD has been developing exclusive Ryzen chips for select PC OEMs, like Lenovo. These Ryzen Pro processors use Microsoft’s Pluton security chip, although it seems that Pluton does limit OS compatibility, limiting these processors to the Windows OS.
Matthew Garret (via Phoronix), a Linux security specialist, wanted to analyse the implementation of the Microsoft Pluton on the Ryzen Pro 6860Z Zen3+ processor. Ultimately, this didn’t go very well, as he couldn’t get a Linux install to complete.
As it seems, the firmware doesn’t trust any other bootloaders besides Microsoft’s or any drivers using Microsoft 3rd Party UEFI CA key. In other words, trying to install any other OS that’s not Windows won’t work. Moreover, any third-party external peripherals that are plugged in via Thunderbolt shouldn’t work.
According to Garrett, this decision doesn’t offer any additional security, it just makes it harder for users to install any OS that’s not Windows. Fortunately, you can disable the Pluton chip via UEFI, allowing you to install alternative operating systems.
KitGuru says: This implementation of Pluton makes it seem like some form of Windows DRM, rather than a security-enhancing chip.
Become a Patron!