TRUSTNONE: a TrustZone vulnerability

Fire Water has disclosed TRUSTNONE, a TrustZone vulnerability, related to signed comparison on unsigned user input leading to arbitrary read/write capabilities of secure memory/registers in an ARM TrustZone implementation.

“Discovered and documented by Sean Beaupre (beaups)”

“This vulnerability was successfully exploited to unlock the Motorola Droid Turbo’s bootloader.”

Click to access TRUSTNONE_1.0-11282015.pdf

TrustZone exploration series

“Bits, Please!” has a very nice blog post on understanding TrustZone implementation on Qualcomm Snapdragon SOC:

Watch for the next blog:

In the next blog post, I’ll cover more details about Qualcomm’s TrustZone implementation, and the vulnerability I discovered and exploited within its kernel. “

TrustZone in AMD Pro APUs

Bruno Ferreira has a story in TechReport on TrustZone support in new AMD Pro APUs:

AMD goes Pro with TrustZone-enabled APUs

AMD has released a Pro family of APUs and management tools targeted at business environments. These APUs hail from the Godavari and Carrizo families, and come in both mobile and desktop flavors. According to AMD, its new Pro A12 mobile APU is “the first [HSA-compliant] commercial processor in the industry.” It’s also the first APU with support for ARM’s TrustZone, for system-wide separation of software execution environments. The mobile Pro A12 packs in four CPU cores with a 3.4 GHz Turbo clock, alongside an R7-series GPU with 512 compute units clocked at 800 MHz. The inclusion of an HEVC decoder is also a nice bonus. A similar part exists in the Pro-series desktop APU lineup, with four cores and Turbo speeds of 4.1 GHz. Along with the hardware, AMD has released its companion Pro Control Center software, which offers centralized system management features like system health monitoring, traffic shaping, and USB port blocking. If this whole thing sounds similar to Intel’s vPro, you’re probably right. Still, AMD’s take has a few unique features. AMD already has a few partners on board. HP is using Pro APUs in  its “AMD Elite” family of products, and Lenovo is building around these chips with its M79 Tower. More AMD Pro products should be coming soon.

Full story:

Microsoft and ARM collaborate on DRM/secure media solutions

ARM and Microsoft have announced support of integration of technologies that enable DERM on ARM systems, using Microsoft PlayReady and W3C Encrypted Media Extensions (EME):

Press release excerpt:

The major development in this solution is the integration of Microsoft’s PlayReady DRM with W3C EME, OpenCDM, Chromium and Linaro’s Open Portable Trusted Execution Environment (OP-TEE) on ARM TrustZone® technology. The secure media solution has been implemented on an STMicroelectronics STiH410 SoC with an ARM Cortex®-A9 processor at its core. The new solution integrates the following key components: W3C EME, Microsoft PlayReady DRM Porting Kit v3.0, OP-TEE, OpenCDM, and Chromium v43.

“The Linaro Digital Home Group is extremely pleased to deliver this open source secure media solution to the embedded developer community” said Mark Gregotski, Director of the Linaro Digital Home Group. “This collaboration demonstrates how a commercial DRM, such as Microsoft’s PlayReady, can be integrated into a security framework comprised of open-source components, including the Linaro Open Portable TEE running on ARM TrustZone. We hope this will be the catalyst to accelerate the deployment of secure DRM solutions employing open source software.”

“This is a key milestone that showcases how Microsoft PlayReady DRM works cross-platform in a standard way. We are excited about the collaboration with Linaro, ARM, OP-TEE and OpenCDM. This reference implementation simplifies and accelerates the ability of partners to build rich experiences to deliver secure media solutions, while providing market leading content protection using Microsoft PlayReady” said Dave Bossio, Group Program Manager, Windows Devices Group, Security at Microsoft Corporation.

“Trust is key to future media business models, as valuable content must be protected from server to screen,” said Shiv Ramamurthi, Director, Home Segment Marketing, ARM. “The pay TV ecosystem will see immediate content security benefits from the integration of ARM TrustZone and Microsoft PlayReady DRM technology. This latest open source initiative led by the Linaro Home Group is a milestone in the enablement of next-generation secure content and media experiences for consumers.”

“ST has been a strong contributor to the Open Portable Trusted Execution Environment (OP-TEE) in open source, a key enabler for this integration. As a natural step forward, ST is pleased its STiH410 platform is being used as a vehicle for this effort and for an exciting demo at IBC 2015,” said Yingchih Yang, Advanced System and Security Officer of the Consumer Product Division in STMicroelectronics. “Such Linaro contributions will facilitate premium content consumption across various devices including smartphones, tablets, and set-top-boxes, meeting strong market expectations.”

Genode OS v15.05

Found on Joanna’s Twitter feed:

Genode is new to me. Genode Labs makes the “Genode OS Framework”. Genode is a new OS, not a new Linux distribution. It is “a GPLv2-licensed construction kit for building specialized operating systems out of small building blocks including different kernels, device drivers, protocol stacks, and applications”. This current release is a major release for Genode. The new documentation is a large 472 page PDF. The current release adds “rudimentary GPT” support. GPT aside, I don’t see any other UEFI-related technology support, only “BIOS” references to firmware.

Version 15.05 represents the most substantial release in the history of Genode. It is packed with profound architectural improvements, new device drivers, the extension of the supported base platforms, and a brand new documentation.

We understand the complexity of code and policy as the most fundamental security problem shared by modern general-purpose operating systems. Because of high functional demands and dynamic workloads, however, this complexity cannot be avoided. But it can be organized. Genode is a novel OS architecture that is able to master complexity by applying a strict organizational structure to all software components including device drivers, system services, and applications.”

“The current implementation can be compiled for 8 different kernels: Linux, L4ka::Pistachio, L4/Fiasco, OKL4, NOVA, Fiasco.OC, Codezero, and a custom kernel for running Genode directly on ARM-based hardware. Whereas the Linux version serves us as development vehicle and enables us to rapidly develop the generic parts of the system, the actual target platforms of the framework are microkernels. There is no ‘perfect’ microkernel – and neither should there be one. If a microkernel pretended to be fit for all use cases, it wouldn’t be ‘micro’. Hence, all microkernels differ in terms of their respective features, complexity, and supported hardware architectures.

Genode allows the use of each of the kernels listed above with a rich set of device drivers, protocol stacks, libraries, and applications in a uniform way. For developers, the framework provides an easy way to target multiple different kernels instead of tying the development to a particular kernel technology. For kernel developers, Genode contributes advanced workloads, stress-testing their kernel, and enabling a variety of application use cases that would not be possible otherwise. For users and system integrators, it enables the choice of the kernel that fits best with the requirements at hand for the particular usage scenario.

Inverse Path’s USB Armoury supports Genode as of 15.02:  “The Genode OS Framework supports the USB armory since version 15.02 implementing a TrustZone Secure virtual-machine monitor (VMM) supervising Linux running in the Normal world. Support is in the very early stages. The Linux kernel requires minimal patching to be executed in the Normal world, at the moment Martin Stein from Genode Labs provides a repository with a patched kernel.

TrustZone TEE vulnerability for Huawei Mate 7

Found on @ABazhaniuk’s Twitter feed:

Security Advisory – Two Privilege Escalation Vulnerabilities in Huawei Mate 7 Smartphones

The tzdriver module of Huawei Mate 7 smartphone has an input check error, which allows the user-mode application to modify kernel-mode memory data and maybe make system break down or application elevate privilege. (Vulnerability ID: HWPSIRT-2015-03011) These Vulnerabilities have been assigned Common Vulnerabilities and Exposures (CVE) ID: CVE-2015-4421. The TEEOS module of Huawei Mate 7 smartphone which is used to realize the function of fingerprint identification has an input check error, which enables the attackers with the root permission to modify kernel-mode memory data of TEEOS module, which could make system break down, TEEOS be tampered or malicious code execution. (Vulnerability ID: HWPSIRT-2015-03012) These Vulnerabilities have been assigned Common Vulnerabilities and Exposures (CVE) ID: CVE-2015-4422.

HWPSIRT-2015-03011: Attackers can write data into an invalid address to crash the system or elevate their privileges through elaborate applications.

HWPSIRT-2015-03012: After privilege escalation, attackers can craft malicious applications to crash the TEEOS or execute arbitrary code on the TEEOS.

Temporary Fix: None

See the Huawei Security Advisory for full details:

There’s also a Github sample:

“With two vulnerabilities,any installed application is able to execute arbitrary code in TEE of Huawei Mate7 . This source code is a PoC which may read fingerprint image from sensor(FPC1020) on Mate 7.”