Giving Mobile Security the Boot

Recommendations

Info

Boot Chains of Trust Android Boot: Kernel + initrd • Kernel is same ol’ Linux, but compiled for ARMv7/v8 • InitRD ( 初始 RAM 磁盘 ) contains root (/) file system – /init daemon and other vital daemons – /init.rc configuration files – SEPolicy (SELinux 的策略 ) which is enforced on device • Crucial components for security so bundled together – Kernel + initrd is in one partition – Aboot verifies hash of partition before loading (if locked) BootROM SBL ABoot Kernel + initrd (C) 2016 Jonathan Levin & Technologeeks.com - Share freely, but please cite source!
Boot Chains of Trust Android Boot: DM-Verity • Extends boot-chain by taking hash of /system – /system is read-only, so in theory should not be modified • /system mounted through device mapper, as dm# device • All I/O flows through device mapper, verifies hashes – Incorrect hash causes I/O error • In practice nice idea, but utterly useless ( 不中用 ) – System-less root methods root but leave /system untouched. BootROM SBL ABoot Kernel + initrd /system (C) 2016 Jonathan Levin & Technologeeks.com - Share freely, but please cite source!
Page 1 and 2: Giving Mobile Security the Boot Jon
Page 3 and 4: morpheus@Zepyhr$ whoami ( 一点
Page 5 and 6: Boot Chains of Trust (C) 2016 Jonat
Page 7 and 8: Android Boot: The BootROM • Very
Page 9: Boot Chains of Trust Android Boot:
Page 13 and 14: The iOS Boot Sequence iOS Boot: The
Page 15 and 16: The iOS Boot Sequence iOS Boot: iBo
Page 17 and 18: Validating components: SHSH • Use
Page 19 and 20: Validating components: APTicket •
Page 21 and 22: iOS 10b1: Think different • Mista
Page 23 and 24: TrustZone 技 • Hardware support
Page 25 and 26: Android uses of TrustZone • Crypt
Page 27 and 28: iOS Uses of TrustZone • 32-bit: A
Page 29 and 30: Entering TrustZone (AArch32) • SM
Page 31 and 32: Exception Handling (AArch64) EL0 Ap
Page 33 and 34: AArch64 Exception Handling 0x000 Sy
Page 35 and 36: Case Study: KPP 0x000 Synchronous C
Page 37 and 38: KPP: Kernel Side morpheus@zephyr (~
Page 39 and 40: KPP Weakness (patched in 9.2) • P
Page 41 and 42: iOS 10 changes morpheus@zeyphr(~/..
Page 43 and 44: Android & TrustZone keystore com.an
Page 45 and 46: Android & TrustZone: Samsung root@s
Page 47 and 48: disarm # disarm will automatically
Page 49 and 50: Linux Kernel Support • Generic Tr
Page 51 and 52: References • ARM TrustZone docume

Giving Mobile Security the Boot

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?