G5 Doctoral dissertation (article)
Manipulating the ARM hypervisor and TrustZone (2021)
Ben Yehuda, R. (2021). Manipulating the ARM hypervisor and TrustZone [Doctoral dissertation]. Jyväskylän yliopisto. JYU Dissertations, 406. http://urn.fi/URN:ISBN:978-951-39-8752-7
JYU authors or editors
Publication details
All authors or editors: Ben Yehuda, Raz
eISBN: 978-951-39-8752-7
Journal or series: JYU Dissertations
eISSN: 2489-9003
Publication year: 2021
Number in series: 406
Number of pages in the book: 1 verkkoaineisto (73 sivua, 120 sivua useina numerointijaksoina, 26 numeroimatonta sivua)
Publisher: Jyväskylän yliopisto
Place of Publication: Jyväskylä
Publication country: Finland
Publication language: English
Persistent website address: http://urn.fi/URN:ISBN:978-951-39-8752-7
Publication open access: Openly available
Publication channel open access: Open Access channel
Abstract
ARM architecture keeps extending, and new features are added in each edition of this processor’s architecture. We examine the various techniques to manipulate the ARM hypervisor. In this work, we present a new execution context in the Linux operating system, which we refer to as the hyplet. The hyplet is a technique in which a function of a regular Linux process is executed in the hypervisor. It is through the use of the hyplet that an additional security layer is put inside an executing Linux process, inaccessible to common user space or kernel space privileges. Also, the hyplet provides an infrastructure for a CFI (Control Flow Inspection) technique named C-FLAT, a virtual disk used to trap intruders (honeypot), and a method to acquire coherent memory images for forensics. The acquisition is performed slowly, thereby reduces heat and power, and therefore a good solution for battery-based devices such as smartphones. Also, we show that the hyplet, compared to other RPC (Remote Procedure Call) techniques, provides an extremely fast RPC among Linux Processes. Through the hyplet, it is also possible to execute ISR (interrupt service routine) in a regular user-space Linux process. In Linux it is possible to offload a processor, usually to reduce power. We combined offloading a processor and the hyplet to demonstrate hard real-time. This technology is referred to as the offline hyplet. The offline hyplet demonstrates high-resolution timers, 20Khz, on a relatively slow ARM processor, executing a userspace routine inside a regular Linux process. Other than that, our research presents the hyperwall, a technology to protect network cards. Lastly, we provide a tutorial for a DMA attack on TrustZone running the OP-TEE operating system.
Keywords: processors; data security; virtualisation; Linux
Free keywords: hypervisor; TrustZone; ARM; virtualization; real-time; safety
Contributing organizations
Ministry reporting: Yes
Reporting Year: 2021