Hacker News new | past | comments | ask | show | jobs | submit login

How would this be patched? I'm assuming that this will require ucode/hardware patching as trustzone is implemented in hardware?



If TrustZone itself has a bug, that would require a hardware patch. Luckily it seems that this bug was an issue with the code running on the chip.

With TrustZone, some code is running in the secure domain and can read or write to both secure and non-secure memory. You need to find some bug in the secure code to "trick" the secure code into copying data from secure memory to non-secure memory.


My understanding was that there's a signed TrustZone binary that's more or less an ELF that runs in secure mode.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: