Core Escalation

Unleashing the Power of Cross-Core Attack on Heterogeneous System

Guanxing Wen

#BHUSA @BlackHatEvents
 $ whoami

✤ Security Researcher @ Pangu Team in Shanghai

✤ Interested in bootloader, kernel, Trustzone

✤ Also a fan of pwning smart devices at hand

✤ Electric Vehicles, TV, speakers, POS …

✤ Twitter: @hhj4ck
EL3 Tour: Get The Ultimate Privilege
of Android Phone

Guanxing Wen

2019

Exploit the BL31 of Huawei P20

EL3 Tour: Get The Ultimate Privilege
of Android Phone

Guanxing Wen

2019

Exploit the bootrom of Huawei Mate30

Exploit the XXX of Huawei XXXX40
 Motivation

✤ Decrypt the rmwares of Mate40 (kirin9000)

✤ Xloader, Fastboot, TEEOS, BL31, LPM3, MODEM …

fi
 Motivation

✤ Decrypt the rmwares of Mate40 (kirin9000)

✤ Xloader, Fastboot, TEEOS, BL31, LPM3, MODEM …

✤ Bootrom exploit used to build the decryption oracle was dead

fi
 Motivation

✤ Decrypt the rmwares of Mate40 (kirin9000)

✤ Xloader, Fastboot, TEEOS, BL31, LPM3, MODEM …

✤ Bootrom exploit used to build the decryption oracle was dead

✤ The only solution I came up with is to follow the traditional approach

fi
 ARM Trustzone (ACPU)

Normal World Secure World

EL0 APP APP TA TA

EL1 Linux Kernel TEEOS

EL2 Hypervisor

EL3 Secure Monitor (BL31)

 ARM Trustzone (ACPU)

Normal World Secure World

EL0 APP APP TA TA

EL1 Linux Kernel TEEOS

EL2 Hypervisor

EL3 Secure Monitor (BL31)

 ARM Trustzone (ACPU)

Normal World Secure World

EL0 APP APP TA(ENC) TA(ENC)

EL1 Linux Kernel TEEOS(ENC)

EL2 Hypervisor

EL3 Secure Monitor (BL31)

 ARM Trustzone (ACPU)

Normal World Secure World

EL0 APP APP TA(ENC) TA(ENC)

EL1 Linux Kernel TEEOS(ENC)

EL2 Hypervisor

EL3 Secure Monitor (BL31)

 Find suitable TEE issues

✤ Logic bugs that work stably and can be exploited blindly

✤ No prior knowledge is required, such as gadgets or o sets

✤ Two primary attack surface

✤ BL31 & TEEOS

ff
 TEEOS

Tasks & Drivers

Examples of Tasks & Drivers

SECURE WORLD

‣ DRV_TIMER ‣ RPMB
TA TA TA TA TA

• Manages secure timers • RPMB filesystem

•
libc libgm libtee
Uses a normal world agent
libvendor

‣ GATEKEEPER
• Gatekeeper implementation ‣ SSA IPC

‣ KEYMASTER • Trusted Storage API

•
GTask
Uses a normal world agent
• Keymaster implementation

‣ PERMISSION_SERVICE ‣ TALOADER & TARUNNER Perm

Platdrv RPMB SSA TUI

•
Serv
glue between GlobalPlatform
• Permissions system for RPMB,
and OS-level APIs
SSA and TUI
IPC

Hexacon 2022
‣ PLATDRV ‣ TUI
•
hmsysmgr hmfilemgr
Trusted User Interface
• Platform drivers
implementation
• Interrupts, crypto engine, secure

element, fingerprint sensor, etc.

Secure Kernel
 SION
✤ Memory can switch between non-secure and secure dynamically

✤ Speeds up the decryption of DRM video streams

 SION
✤ Memory can switch between non-secure and secure dynamically

✤ Speeds up the decryption of DRM video streams

✤ SECMEM (TA) exports SION APIs to the normal world

CMD Function Name Description

1 sion_alloc registers physical pages into platdrv and update their DMSS bits
2 sion_free zero out related pages and update their DMSS bits
3 sion_map_iommu map operations related to iommu
4 sion_unmap_iommu unmap operations related to iommu
7 sion_con g set attribute bits of DMSS
8 sion_uncon g unset attribute bits of DMSS
fi
fi
 SION ALLOC

ion.heap_id_mask = 1 << ION_DRM_HEAP_ID

EL0
ioctl(open(“/dev/ion”), ION_IOC_ALLOC, &ion)

EL1 ion_secsg_heap_allocate -> secmem_tee_exec_cmd

SEL0 sion_ioctl alloc buff_id <=> ion pages

secmem platdrv
 SION ALLOC
struct ion_buffer {
u64 magic;
union {
struct rb_node node;
struct list_head list;
ion.heap_id_mask = 1 << ION_DRM_HEAP_ID };
EL0 struct ion_device *dev;
ioctl(open(“/dev/ion”), ION_IOC_ALLOC, &ion) struct ion_heap *heap;
unsigned long flags;
unsigned long private_flags;
size_t size;
void *priv_virt;
EL1 ion_secsg_heap_allocate -> secmem_tee_exec_cmd struct mutex lock;
int kmap_cnt;
void *vaddr;
struct sg_table *sg_table;
struct list_head attachments;
SEL0 sion_ioctl alloc buff_id <=> ion pages char task_comm[TASK_COMM_LEN];
pid_t pid;
secmem platdrv #if defined(CONFIG_ION_HISI_SECSG)
unsigned int id;
#endif
};
 SION MAP

EL0 ion.fd vma SEL0

TEEC_ION_INPUT sion_map_user

EL1 ion.fd buff.id buff.id ion pages SEL1

 CVE-2022-46762

✤ Each module assumes other modules for input validation

✤ NW kernel should never be a rewall for SW

✤ EL0 can invoke sion_alloc directly with arbitrary physical address

✤ The same goes for sion_free

fi
 Bind ion fd, bu id and ion page

sion_alloc
ion.fd buff.id buff.id ion pages

ff
 Unbind bu id and ion page

sion_alloc
ion.fd buff.id buff.id ion pages

sion_free
buff.id buff.id ion pages
ff
 Rebind the bu id and target page

sion_alloc
ion.fd buff.id buff.id ion pages

sion_free
buff.id buff.id ion pages

sion_alloc
buff.id buff.id any pages
ff
 Make use of the malformed bu id

✤ CHINADRM_COMMON_TA

✤ A substitute of widevine

✤ Cleartext need no decryption

✤ Decryption = memmove

✤ Overwrite any SW pages?

ff
 A Small Setback

✤ hmsysmgr blacklists mmap

✤ 0x13000000-0x13101000

✤ 0x13102000-0x13600000

✤ 0x13600000-0x19600000
 START END USAGE
10000000 105FFFFF sensorhub-shmemext
10600000 1063FFFF sensorhub-shmem
10640000 106BFFFF sensorhub-share-mem
106C0000 108BFFFF iommu_pgtable
108C0000 109BEFFF fka-mem
109BF000 109BFFFF mntndump
109C0000 10ABFFFF ivp
114C0000 11CBFFFF hhee
11CC0000 11D3FFFF lpmx-core
11D40000 11DFFFFF lpmcu
11E00000 127FFFFF sensorhub-s
12800000 12FFFFFF npu-tiny
13000000 135FFFFF bl31
13600000 165FFFFF secos
16600000 16AFFFFF voiceid
2CE00000 2D9FFFFF sec_camera
2DA00000 2E97FFFF hifi-base
2E980000 2F37FFFF npu-sec
2F380000 2F8FFFFF hifi-data
2F900000 3015FFFF bbox-mem
30160000 3025FFFF dp-dhcp
30260000 3035FFFF pstore-mem
30360000 3075FFFF npu_ai_ts_fw
30760000 3105FFFF npu_ai_server
36500000 3A3FFFFF logo-buffer
3A400000 3FFFFFFF fastboot-cma-mem
40000000 4FFFFFFF hisi_cma
50000000 5ABFFFFF hisi_iris_static_cma
60000000 63FFFFFF tiny_cma
90000000 9FFFFFFF hisi_smemheap_cma
A0000000 B127FFFF modem-s
2CE00000 2D9FFFFF sec_camera
2DA00000 2E97FFFF hifi-base
2E980000 2F37FFFF npu-sec
2F380000 2F8FFFFF hifi-data
2F900000 3015FFFF bbox-mem
30160000 3025FFFF dp-dhcp
30260000 3035FFFF pstore-mem
30360000 3075FFFF npu_ai_ts_fw
30760000 3105FFFF npu_ai_server
36500000 3A3FFFFF logo-buffer
3A400000 3FFFFFFF fastboot-cma-mem
40000000 4FFFFFFF hisi_cma
50000000 5ABFFFFF hisi_iris_static_cma
60000000 63FFFFFF tiny_cma
90000000 9FFFFFFF hisi_smemheap_cma
A0000000 B127FFFF modem-s
A bigger picture
 ARM Trustzone (ACPU)

Normal World Secure World

EL0 APP APP TA TA

EL1 Linux Kernel TEEOS

EL2 Hypervisor

EL3 Secure Monitor (BL31)

ARM Trustzone (ACPU)

Normal World (NW) Secure World (SW)

AXI BUS
ARM Trustzone (ACPU)

Normal World (NW) Secure World (SW)

AXI BUS
 ARM Trustzone (ACPU)

Normal World (NW) Secure World (SW)

SCR.NS = 1 SCR.NS = 0

AXI BUS
 ARM Trustzone (ACPU)

Normal World (NW) Secure World (SW)

SCR.NS = 1 SCR.NS = 0

AXI BUS

TZASC TZPC AXI-to-APB

DRAM
DRAM DRAM
DRAM
DRAM Peripherals
 ARM Trustzone (ACPU)

ACPU

AXI BUS

TZASC TZPC AXI-to-APB

DRAM
DRAM DRAM
DRAM
DRAM Peripherals
 ARM Trustzone (SOC)

ACPU MODEM GPU ISP LPMCU IOMCU UFS

AXI BUS

TZASC TZPC AXI-to-APB

DRAM
DRAM DRAM
DRAM
DRAM Peripherals
 ARM Trustzone (SOC)

ACPU MODEM GPU ISP LPMCU IOMCU UFS

AXI BUS

TZASC TZPC AXI-to-APB

DRAM
DRAM DRAM
DRAM
DRAM Peripherals
 START END USAGE
10000000 105FFFFF sensorhub-shmemext
10600000 1063FFFF sensorhub-shmem
10640000 106BFFFF sensorhub-share-mem
106C0000 108BFFFF iommu_pgtable
108C0000 109BEFFF fka-mem
109BF000 109BFFFF mntndump
109C0000 10ABFFFF ivp
114C0000 11CBFFFF hhee
11CC0000 11D3FFFF lpmx-core
11D40000 11DFFFFF lpmcu
11E00000 127FFFFF sensorhub-s
12800000 12FFFFFF npu-tiny
13000000 135FFFFF bl31
13600000 165FFFFF secos
16600000 16AFFFFF voiceid
 Pivot to IOMCU

✤ load_and_run sensorhub.img (ARM Cortex M7, not encrypted)

 Pivot to IOMCU

✤ load_and_run sensorhub.img (ARM Cortex M7, not encrypted)

✤ Tamper its memory with a thorough overwrite

 Pivot to IOMCU

✤ load_and_run sensorhub.img (ARM Cortex M7, not encrypted)

✤ Tamper its memory with a thorough overwrite

✤ Crash dump (RDR) revealed that 0x1248d000 gets executed

✤ IOMCU reboots itself, without interfering entire system

 Pivot to IOMCU

✤ load_and_run sensorhub.img (ARM Cortex M7, not encrypted)

✤ Tamper its memory with a thorough overwrite

✤ Crash dump (RDR) revealed that 0x1248d000 gets executed

✤ IOMCU reboots itself, without interfering entire system

✤ A secure master can raise AWPROT=0, ARPROT=0

 Pivot to LPMCU

✤ SRAM of LPMCU is accessible from IOMCU

✤ #de ne SOC_IOMCU_LP_RAM_BASE_ADDR (0x5FF50000)

fi
 Pivot to LPMCU

✤ SRAM of LPMCU is accessible from IOMCU

✤ #de ne SOC_IOMCU_LP_RAM_BASE_ADDR (0x5FF50000)

✤ Dump the SRAM of LPMCU into crash dump (RDR) of IOMCU

fi
 Pivot to LPMCU

✤ SRAM of LPMCU is accessible from IOMCU

✤ #de ne SOC_IOMCU_LP_RAM_BASE_ADDR (0x5FF50000)

✤ Dump the SRAM of LPMCU into crash dump (RDR) of IOMCU

✤ Patch LPMCU RDR related code to get code execution

✤ RDR is triggered during a crash of IOMCU

fi
 Mountain Top: LPMCU
✤ A secure master (ARM Cortex M3), de nitely

✤ LPM3.img runs in this core after bootrom and xloader

✤ Recent mitigations only accumulated more privilege for the LPMCU

✤ DMSS control is shifted from ACPU to LPMCU

✤ dma_transfer() is powerful enough to hack into other cores

✤ Even DDR belongs to ACPU

fi
Acquire ACPU EL3 privilege

stp x29, x30, [sp, -0x10]!

tst x0, 1
beq exec
ldr w3, [x1]
str w3, [x2]
b end
exec:
blr x3
str x0, [x6]
end:
tlbi alle3
dsb ish
isb
ldp x29, x30, [sp], 0x10
ret

Patch BL31 (adding a RWX smc handler)

Establish a Decryption Oracle

Patch TEEOS (platdrv)

DEMO: Firmware Decryption
 Core Escalation

LPMCU

IOMCU

ACPU EL0 ACPU EL3

What else lies under this attack model?
 ARM Trustzone (SOC)

ACPU MODEM GPU ISP LPMCU IOMCU UFS

AXI BUS

TZASC TZPC AXI-to-APB

DRAM
DRAM DRAM
DRAM
DRAM Peripherals
 ARM Trustzone (SOC)

ACPU MODEM GPU ISP LPMCU IOMCU UFS

AXI BUS

TZASC TZPC AXI-to-APB

Peripherals
Peripherals
DRAM Peripherals
 ARM Trustzone (SOC)

Peripherals Peripherals Peripherals Peripherals Peripherals

AXI BUS

TZASC TZPC AXI-to-APB

DRAM
UFS
IOMCU
LPMCU
ISP
GPU
MODEM
ACPU
 Cross-Core Communication

ACPU MODEM GPU ISP LPMCU IOMCU UFS

 Cross-Core Attack Surface

✤ ACPU <=> LPMCU, MODEM <=> HIFI, ISP <=> GPU …

✤ DMA

✤ Mailbox

✤ Shared memory

✤ Hardware speci c issues

fi
DMA
 DMA

DMA Attacks: Trial And Error

Modem EDMA: FAIL IOMCU DMA: SUCCESS (on 980)

How To Tame Your Unicorn

Daniel Komaromy Lorant Szabo

TASZK Security Labs

#BHUSA @BlackHatEvents

• CVE-2021-22432
• Why do these fail/succeed though?
#BHUSA @BlackHatEvents
 Mailbox
✤ Key component of the cross-core communication architecture

✤ Hardware-based module with registers and exported small bu ers

Mailboxes
SOURCE
0x40 … DSET
DCLR
DSTATUS
ACPU 0x40 NO. 17 MODE LPMCU
IMASK
ICLR
0xFE101000 0x40 … SEND 0xBE101000
DATA[0x20]

ff
CVE-2020-36600

ACPU LPMCU
 Shared Memory

✤ Common usage

✤ State synchronization, data transfer and logging

✤ Pointer, o set, length on shared memory are not reliable

ff
 CVE-2022-46322
DRAM
Page Table Page Table
ACPU RDR_VA RDR_PA RDR_PA 0xC1800000 RDR_PA ISP
… …

EL0 access RDR by mmap(/dev/isplog) EL3 updates the page table of ISP
 CVE-2022-46322
DRAM
Page Table Page Table
ACPU RDR_VA RDR_PA RDR_PA 0xC1800000 RDR_PA ISP
… …

EL0 access RDR by mmap(/dev/isplog) EL3 updates the page table of ISP
 Hardware speci c issues

✤ Internal sram exposed

✤ Registers exposed: SCTRL, TZPC …

✤ Lack of bootchain veri cation

✤ Secure master runs its image in unprotected memory

fi
fi
Abstract thinking was nice, but it's code o'clock!
 CVE-2022-48353

✤ ISP is actually a secure master

✤ Think of face recognition

 CVE-2022-48353

✤ ISP is actually a secure master

✤ Think of face recognition

✤ ISP does not verify its rmware

✤ shellcode injection in a single line of command

mount --bind isp_fw_mod.elf /odm/etc/firmware/isp_fw.elf

fi
 Mitigations of Cross-Core Attack
✤ DMSS & CFGBUS: think of TZASC & TZPC

✤ DMSS maintains a DDR permission table for each master

✤ Each cell declares if a subrange of DDR is allowed to be accessed

with Normal/Secure AWPROT/ARPROT

✤ CFGBUS manages MMIO access

✤ Each table declares if a group of masters are allowed to access a

range of MMIO
 ISP

✤ Cannot RW DDR without ACPU EL3 setting up its IOMMU

✤ Cannot RW 0xFFE00000 - 0xFFFFFFFF (blocked by CFGBUS)

✤ #de ne SOC_ACPU_DMSS_BASE_ADDR (0xFFE80000)

✤ #de ne SOC_ACPU_LP_RAM_BASE_ADDR (0xFFF50000)

fi
fi
 ISP

✤ Cannot RW DDR without ACPU EL3 setting up its IOMMU

✤ Cannot RW 0xFFE00000 - 0xFFFFFFFF (blocked by CFGBUS)

✤ #de ne SOC_ACPU_DMSS_BASE_ADDR (0xFFE80000)

✤ #de ne SOC_ACPU_LP_RAM_BASE_ADDR (0xFFF50000)

✤ Can RW 0xFE252000 - 0xFE252400 (CFGBUS Registers)

fi
fi
 CFGBUS
REGs 2.0.0.222 2.0.0.243
0xFE2520BC 0x4DA000 0x01A000
master bits
0xFE2520C0 0xFFFE00 0x03FE00
0xFE2520C4 00000000 00000000
0xFE2520C8 0 0
0xFE2520CC 0x14 0x15 log₂(size)
0xFE2520D0 0 0
0xFE2520D4 0 0
0xFE2520D8 0x3 0x2 rw permission
0xFE2520DC 0x3 0x3
0xFE2520E0 0xF 0xF
0xFE2520E4 0 0
0xFE2520E8 0x10000 0x10000
0xFE2520EC 0x00000 0x00000
0xFFE00000 + 2 ** 0x15 = 0x100000000
 CFGBUS
REGs 2.0.0.243
0xFE252044 0x002000
0xFE252048 0x03FE00
0xFE25204C 00002000 offset
0xFE252050 0
0xFE252054 0x0a
0xFE252058 0
0xFE25205C 0
0xFE252060 0x2
0xFE252064 0x3
0xFE252068 0xF
0xFE25206C 0
0xFE252070 0x10000
0xFE252074 0x00000
0xFE250000 + 0x2000 = 0xFE252000
0xFE252000 + 2 **0xa = 0xFE252400
 Con gure CFGBUS
REGs 2.0.0.243 [0xfe25200c] <= 0x00
0xFE252044 0x002000 [0xfe252008] <= 0x00
0xFE252048 0x03FE00
[0xfe25240c] <= 0x00
0xFE25204C 00002000
0xFE252050 0
[0xfe25248c] <= 0x00
0xFE252054 0x0a [0xfe252018] <= 0x00
0xFE252058 0 [0xfe252020] <= 0x0F
0xFE25205C 0 . . .
0xFE252060 0x2 [0xfe252014] <= 0xBA
0xFE252064 0x3
[0xfe252008] <= 0x0F
0xFE252068 0xF
0xFE25206C 0 [0xfe25200c] <= 0x01
0xFE252070 0x10000 [0xfe252008] <= 0x1F
0xFE252074 0x00000 [0xfe252018] <= 0x08
fi
 Con gure CFGBUS
REGs 2.0.0.243 [0xfe25200c] <= 0x00
0xFE252044 0x002000 [0xfe252008] <= 0x00
0xFE252048 0x03FE00
[0xfe25240c] <= 0x00
0xFE25204C 00002000 Disable
0xFE252050 0
[0xfe25248c] <= 0x00
0xFE252054 0x0a [0xfe252018] <= 0x00
0xFE252058 0 [0xfe252020] <= 0x0F
0xFE25205C 0 . . .
0xFE252060 0x2 [0xfe252014] <= 0xBA
0xFE252064 0x3
[0xfe252008] <= 0x0F
0xFE252068 0xF
0xFE25206C 0 [0xfe25200c] <= 0x01
0xFE252070 0x10000 [0xfe252008] <= 0x1F
0xFE252074 0x00000 [0xfe252018] <= 0x08
fi
 Con gure CFGBUS
REGs 2.0.0.243 [0xfe25200c] <= 0x00
0xFE252044 0x002000 [0xfe252008] <= 0x00
0xFE252048 0x03FE00
[0xfe25240c] <= 0x00
0xFE25204C 00002000
0xFE252050 0
[0xfe25248c] <= 0x00
0xFE252054 0x0a [0xfe252018] <= 0x00
0xFE252058 0 [0xfe252020] <= 0x0F
0xFE25205C 0 . . . Config
0xFE252060 0x2 [0xfe252014] <= 0xBA
0xFE252064 0x3
[0xfe252008] <= 0x0F
0xFE252068 0xF
0xFE25206C 0 [0xfe25200c] <= 0x01
0xFE252070 0x10000 [0xfe252008] <= 0x1F
0xFE252074 0x00000 [0xfe252018] <= 0x08
fi
 Con gure CFGBUS
REGs 2.0.0.243 [0xfe25200c] <= 0x00
0xFE252044 0x002000 [0xfe252008] <= 0x00
0xFE252048 0x03FE00
[0xfe25240c] <= 0x00
0xFE25204C 00002000
0xFE252050 0
[0xfe25248c] <= 0x00
0xFE252054 0x0a [0xfe252018] <= 0x00
0xFE252058 0 [0xfe252020] <= 0x0F
0xFE25205C 0 . . .
0xFE252060 0x2 [0xfe252014] <= 0xBA
0xFE252064 0x3
[0xfe252008] <= 0x0F
0xFE252068 0xF
0xFE25206C 0 [0xfe25200c] <= 0x01 Enable
0xFE252070 0x10000 [0xfe252008] <= 0x1F
0xFE252074 0x00000 [0xfe252018] <= 0x08
fi
 Disable CFGBUS
REGs 2.0.0.243 [0xfe25200c] <= 0x00
0xFE252044 0x002000 [0xfe252008] <= 0x00
0xFE252048 0x03FE00
[0xfe25240c] <= 0x00
0xFE25204C 00002000
0xFE252050 0
[0xfe25248c] <= 0x00
0xFE252054 0x0a [0xfe252018] <= 0x00
0xFE252058 0 [0xfe252020] <= 0x0F
0xFE25205C 0 . . .
0xFE252060 0x2 [0xfe252014] <= 0xBA
0xFE252064 0x3
[0xfe252008] <= 0x0F
0xFE252068 0xF
0xFE25206C 0 [0xfe25200c] <= 0x01
0xFE252070 0x10000 [0xfe252008] <= 0x1F
0xFE252074 0x00000 [0xfe252018] <= 0x08
 ACPU EL0 -> ISP -> LPMCU -> ACPU EL3

✤ Disable CFGBUS

✤ Pivot to LPMCU by RW its SRAM

✤ Enable BL31 patching by updating DMSS Table of LPMCU

✤ Use dma_transfer() to patch BL31 with a RWX SMC handler

 ACPU EL0 -> ISP -> LPMCU -> ACPU EL3

✤ Disable CFGBUS

✤ Pivot to LPMCU by RW its SRAM

✤ Enable BL31 patching by updating DMSS Table of LPMCU

✤ Use dma_transfer() to patch BL31 with a RWX SMC handler

✤ DEMO: Screen Passcode Bypass

DEMO: Screen Passcode Bypass
 Key Takeaways

✤ Interactions between di erent cores should be explored

✤ Cross-Core attacks can be a powerful technique to exploit

✤ Vendors should exercise caution when adding new cores to the SW

ff
 Key Takeaways

✤ Interactions between di erent cores should be explored

✤ May discover new paths for privilege escalation

✤ Cross-Core attacks can be a powerful technique to exploit

✤ Vendors should exercise caution when adding new cores to the SW

ff
 Key Takeaways

✤ Interactions between di erent cores should be explored

✤ Cross-Core attacks can be a powerful technique to exploit

✤ Do I mention ASLR, CFI, PXN, PAN, PAC, MTE ?

✤ Vendors should exercise caution when adding new cores to the SW

ff
 Key Takeaways

✤ Interactions between di erent cores should be explored

✤ Cross-Core attacks can be a powerful technique to exploit

✤ Vendors should exercise caution when adding new cores to the SW

✤ With each additional core, the complexity of writing bug-free software

increases exponentially
ff
Credit
Tielei Wang
John Dickson

#BHUSA @BlackHatEvents
 Questions?
@hhj4ck

Meet + Greet: Aug 9, 17:00 – 17:30

Booth 3241 - Meetup Lounge, Business Hall #BHUSA @BlackHatEvents