Uncategorized

ARM64JSON: AArch64 instructions encoded in JSON

 

The repository contains ARM64 (AArch64) instruction encoding in a machine-readable JSON:

* ISA_v83A_A64_xml_00bet6_instructions.json contains encoding of every instruction, including ARM64v2/v3 extensions.

* ISA_v83A_A64_xml_00bet6_group_class.json contains hierarchical encoding ARM64 top level -> Instruction group (e.g. “Data Processing — Immediate”) -> Instruction class (e.g. “Add/subtract (immediate)”). No instruction encodings in this file.

The simple and easyly-organised JSON data was extracted from a machine-readable ARM64 specs. A64 ISA XML for Armv8.3 ver. 00bet6.1 released by ARM.

https://github.com/kov4l3nko/ARM64JSON

See-also:

https://firmwaresecurity.com/2018/04/09/arm-documents-csdb-consumption-of-speculative-data-barrier-instruction/

https://firmwaresecurity.com/2017/04/21/arm-releases-machine-readable-architecture-specification/

 

Standard
Uncategorized

Linaro Connect Vancouver BC: CfP open

 

Call for Proposals: opened 8 May 2018
Deadline to submit proposals: ends 23 July 2018

 

http://connect.linaro.org/cfp/
http://connect.linaro.org/

PS: Resources from last Linaro Connect:

http://connect.linaro.org/hkg18/resources/

Standard
Uncategorized

GLitch: a remote Rowhammer exploit on ARM Android devices

What is GLitch?

GLitch is one part of our series of Rowhammer attacks. We started by breaking the EDGE browser and the cloud. Then we moved towards Android devices showing how to root them with bit flips. This time we wanted to show that also mobile phones can be attacked remotely via the browser.
Meet GLitch: the first instance of a remote Rowhammer exploit on ARM Android devices. This makes it possible for an attacker who controls a malicious website to get remote code execution on a smartphone without relying on any software bug.
You want to know what makes this attack even cooler? It is carried out by the GPU. This is the first GPU-accelerated Rowhammer attack.[…]

https://www.vusec.net/projects/glitch/

 

Standard
Uncategorized

Arm announces security features in Cortex-M35P

On Wednesday, 2nd May we announced a range of IP to protect silicon from physical attacks, extending our portfolio of Arm security IP to bring physical security within reach of any IoT product. Our new IP, all marked with a “P” tag for physical security, includes: the Cortex-M35P processor, as well as a new suite of security IP with added side-channel attack protection (CryptoIsland-300P and CryptoCell-312P). This post describes how the benefits and features of the Cortex-M35P bring anti-tampering protection to the widely-supported, user-friendly Cortex-M processor to guard against physical attacks, providing access to new markets for your product.[…]

https://www.arm.com/products/processors/securcore

https://community.arm.com/processors/b/blog/posts/arm-cortex-m35p-multilayered-security-at-heart-of-your-device

Standard
Uncategorized

ARM: documents CSDB (Consumption of Speculative Data Barrier) instruction

Hmm, I can’t find the updated docs that Igor mentions above.

https://developer.arm.com/support/security-update/latest-news/cache-speculation-issues-update

http://infocenter.arm.com/help/index.jsp?topic=/com.arm.doc.ddi0406c/index.html

https://alastairreid.github.io/natural-specs/
https://alastairreid.github.io/ARM-v8a-xml-release/
https://alastairreid.github.io/dissecting-ARM-MRA/
https://alastairreid.github.io/arm-v8_3/
https://developer.arm.com/products/architecture/a-profile/exploration-tools

Standard