Giving Mobile Security the Boot

Recommendations

Info

Android & TrustZone • <strong>Boot</strong>ROM/SBL loads TZ image of “secure OS” – Usually in a TZ partition on flash – Backup (identical) usually also present • Trustzone kernel usually an ELF image – Actual implementation is vendor-specific – Examples: Nvidia, Qualcomm • Linux Kernel communicates with TZ kernel via driver • Driver exports character device to user mode • (Usually) dedicated daemon to communicate with kernel (C) 2016 Jonathan Levin & Technologeeks.com - Share freely, but please cite source!
Android & TrustZone keystore com.android.application HAL gatekeeper HAL TZ Daemon (e.g. qseecomd) SVC 指令 Kernel 3 rd Party Android TZ Driver SMC 指令 Vendor Linux TZ OS (C) 2016 Jonathan Levin & Technologeeks.com - Share freely, but please cite source!
Page 1 and 2: Giving Mobile Security the Boot Jon
Page 3 and 4: morpheus@Zepyhr$ whoami ( 一点
Page 5 and 6: Boot Chains of Trust (C) 2016 Jonat
Page 7 and 8: Android Boot: The BootROM • Very
Page 9 and 10: Boot Chains of Trust Android Boot:
Page 11 and 12: Boot Chains of Trust Android Boot:
Page 13 and 14: The iOS Boot Sequence iOS Boot: The
Page 15 and 16: The iOS Boot Sequence iOS Boot: iBo
Page 17 and 18: Validating components: SHSH • Use
Page 19 and 20: Validating components: APTicket •
Page 21 and 22: iOS 10b1: Think different • Mista
Page 23 and 24: TrustZone 技 • Hardware support
Page 25 and 26: Android uses of TrustZone • Crypt
Page 27 and 28: iOS Uses of TrustZone • 32-bit: A
Page 29 and 30: Entering TrustZone (AArch32) • SM
Page 31 and 32: Exception Handling (AArch64) EL0 Ap
Page 33 and 34: AArch64 Exception Handling 0x000 Sy
Page 35 and 36: Case Study: KPP 0x000 Synchronous C
Page 37 and 38: KPP: Kernel Side morpheus@zephyr (~
Page 39 and 40: KPP Weakness (patched in 9.2) • P
Page 41: iOS 10 changes morpheus@zeyphr(~/..
Page 45 and 46: Android & TrustZone: Samsung root@s
Page 47 and 48: disarm # disarm will automatically
Page 49 and 50: Linux Kernel Support • Generic Tr
Page 51 and 52: References • ARM TrustZone docume

Giving Mobile Security the Boot

Create successful ePaper yourself

Delete template?

Save as template?