[Arm-netbook] ARM's OOB para-virtualization & FreeZone in A10?
freebirds at fastmail.fm
freebirds at fastmail.fm
Wed Jul 4 22:41:15 BST 2012
I am in the process of purchasing from Tom Cubie two Sunlike UMPC-1021
netbooks with 1 GB RAM, 1.5 Ghz, 8 GB NAND flash and 4,000 mAh battery.
Specs are at
http://www.hksunlike.com/ArticleShow.asp?ArticleID=654.
But after today's research on Intel's and AMD's OOB (out of band)
virtualization in netbooks, I realized that my prior research on whether
ARM has OOB monitoring was incomplete because I did not include the
search term "virtualization." Indeed, "virtualization" brought up
articles regard ARM utilizing virtualization beyond its TrustZone. Now I
am afraid of ARM too! Is MIPS the only processor left that does not have
OOB monitoring? Is my only choice a Lemote Yeelong A3 which is not yet
available in the United States? Or going backwards in technology by
purchasing a Pentium 4 notebook prior to 2004 when Trusted Platform
Module (TPM) and prior to 2006 when Intel's AMT was installed in
laptops?
Before discussing ARM's OOB virtualization, here are articles on AMD's
implementing virtualization (AMD-V) in notebooks starting in 2006.
Thereby, a hacker can hack into the local LAN to hack into a netbook's
AMD's virtualization:
Powering ultrathin notebooks to blade servers, all AMD processors
shipped are designed to use AMD-V features.
http://sites.amd.com/us/business/it-solutions/virtualization/Pages/virtualization.aspx#2
"The Intel VT-x extensions can be disabled in the BIOS. Certain laptop
vendors have disabled the Intel VT-x extensions by default in their
CPUs.
The virtualization extensions cannot be disabled in the BIOS for AMD-V.
Refer to the following section for instructions on enabling disabled
virtualization extensions."
http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Virtualization_Administration_Guide/sect-Virtualization-Troubleshooting-Enabling_Intel_VT_and_AMD_V_virtualization_hardware_extensions_in_BIOS.html
http://www.webopedia.com/TERM/A/AMD_Virtualization.html
AMD also has Secure Execution Environment. Yet, AMD is not satisfied
with their own virtualization monitor AMD-V. AMD will be installing ARM
TrustZone into their i86 processors.
http://arstechnica.com/information-technology/2012/06/amd-to-add-arm-processors-to-boost-chip-security/
AMD's installing ARM TrustZone caused me to further research TrustZone.
The more I read on TrustZone and ARM's other virtualization monitoring,
the more confused I became. The best article on TrustZone I found is
http://www.openvirtualization.org/open-source-arm-trustzone.html.
However, I have doubts whether their Open Virtualization software offers
any protection from hackers hacking into TrustZone. Or if a hacker hacks
into Open Virtualization, does the hacker gain complete control of both
worlds? See: http://www.openvirtualization.org/
Luke Leighton wrote: "the reason why they're interested in the A10 is
because it does not have ARM "Trustzone" and it can be forcibly made to
boot from SD/MMC at the hardware level." ARM's TrustZone is in ARM
Cortex 6 and above. The Allwinner A10 has an ARM Cortex A8. ARM Cortex
A8 has TrustZone. I am assuming A10 is TrustZone capable.
Luke Leighton wrote: "If no handler's installed, it's entirely
quiescent, so an A10-style boot chain of rom-into-spl is (probably)
fine, even if the SoC is TrustZone-capable (at the very least, brom may
be small enough to audit to one's satisfaction.) Anyway, installation's
only possible in supervisor mode - if your adversary has that, you have
other problems."
Yey, my abuser's hackers have sniffed my root password. Yes, I have
other problems. But they are off topic so I won't discuss them here.
Is a handler installed in A10? Is there a method of removing or
disabling it TrustZone? Disabling may not be adequate. Hackers have
hacked into disabled Intel's processor serial number in BIOS,
Computrace, vPro, bluetooth, etc. They may be able to hack into a
disabled TrustZone.
The BeagleBoard, BeagleBone and DreamPlug have ARM Cortex A8 and have
TrustZone. They answered my question that they have TrustZone. However,
TrustZone is neither in their specifications on their websites nor in
wikipedia's specifications. CuBox has an ARMv7 which has both TrustZone
and ARM's virtualization extensions (VE). HOwever, CuBox's
specifications omit this. http://solid-run.com/products. Wikipedia only
mentions TrustZone. http://en.wikipedia.org/wiki/CuBox
Unfortunately, the Freedomboxfoundation as a whole is not concerned that
TrustZone and ARM's virtualization extensions are backdoors for hackers,
government, etc. A Freedombox implies safety and privacy but it's
hardware is neither. FreedomboxFoundation banned me from posting because
I raised questions on the safety of their hardware.
Rhombus'website discusses that the EOMA-PCMCIA CPU could be used as a
FreedomBox. It would be a safer and more private FreedomBox than the
DreamPlug if TrustZone was removed or disabled. Can Rhombus Tech request
that the Cortex A8 be customized for the EOMA-PCMCIA CPU to not include
TrustZone and ARM virtualization extensions? If not, the EOMA-PCMCIA CPU
should include in its specifications, ARM TrustZone and possibly ARM's
para-virtualization.
Open hardware is a contradiction in terms if it allows any type of
remote monitoring such as remote virtualization. Yet, the websites I
have looked at on open hardware such as Qi hardware at
http://en.qi-hardware.com/wiki/Main_Page, and
http://wiki.openhardware.org/Main_Page fail to discuss out of band
monitoring.
ARM's para-virtualization is separate from TrustZone. For example, ARM
Cortex A5 has para-virtualization but not TrustZone.
http://infocenter.arm.com/help/index.jsp?topic=/com.arm.doc.ddi0433a/CHDJBCFI.html
Does A10 and Cortex A8 have ARM's virtualization extensions? The
articles on ARM's virtualization mention Cortex A5, Cortex A7, Cortex A9
and Cortex A15 have it. They don't mention Cortex A8 but that does not
mean A8 doesn't have para-virtualization.
http://blogs.arm.com/smart-connected-devices/615-importance-of-hw-virtualization-in-arm-cortex-a7-biglittle-processing/
Virtual Machine Monitor (VMM) is Hypervisor: "TrustZone offers a
specialised type of Virtualization Only 2 ‘Worlds’ – not extendable
(except through paravirtualization) Although VMM can also span both
worlds Fourth privilege level is provided by CPU’s secure monitor mode
Non-symmetrical - The two ‘Worlds’ are not equal Secure world can access
both worlds (33bit addressing) Secure Apps Secure RTOS Secure Monitor
Normal World Secure World, TrustZone coexists alongside a VMM HARDWARE
(Memory, ARM CPU, I/O Devices) Guest Operating System1 App2 App1 (EPG)
Guest Operating System2 App2 App1 (Flash ) Virtual Machine Monitor (VMM)
or Hypervisor.
http://www.slideshare.net/xen_com_mgr/hardware-accelerated-virtualization-in-the-arm-cortex-processors
--
http://www.fastmail.fm - Email service worth paying for. Try it for free
More information about the arm-netbook
mailing list