[Arm-netbook] ARM's OOB para-virtualization & FreeZone in A10?

Gordan Bobic gordan at bobich.net
Thu Jul 5 22:15:53 BST 2012 

On 07/05/2012 10:05 PM, freebirds at fastmail.fm wrote:
> Gordon Bobic, I greatly appreciate your advice on firewall and snort. I
> will follow through with it.
>
> The Toshiba AC100 has ARM Cortex A9.

It's derived from the A9. I haven't looked, but it wouldn't surprise me 
if some things are not in it (e.g. NEON isn't in it).

> Yesterday, I posted that Cortex A9
> has FreeZone and ARM's virtualization extensions. Thus, I cannot buy it.

As I said before, you haven't actually provided any evidence whatsoever 
that it is specifically virtualization extensions that are the cause of 
your problems here. If this alone was sufficient to make the machine 
inherently remotely compromisable then there wouldn't be a single 
machine made in the last 6 years that isn't remotely exploitable. Since 
that clearly isn't the case, I would be inclined to not make any 
sweeping statements on the subject. But hey, you're free to do whatever 
you like. :)

> Yesterday, I asked on the ARM forum whether Cortex A8 has virtualization
> extensions. See
> http://forums.arm.com/index.php?/topic/16021-para-virtualization-in-cortex-a8/
>
> Cortex A8 does not have some support for virtualization. Cortex A9 does,
> so I am not going to buy it. I am still concerned about TrustZone in
> Cortex A8. Their answers are:
>
> All the Cortex-A processors (A5, A7, A8, A9 and A15) support TrustZone
> (or the Security Extensions to given them the ARM ARM name)!
>
> The Cortex-A15 and Cortex-A7 additionally support the Virtualization
> extensions, making it much easier to do hardware/full virtualization.

Well, the other option available is the Genesi Efika. Less than half the 
CPU (more like a quarter if you're counting the OC capability of the 
AC100), but it's A8 based. Nevertheless, see what I said above - I am 
absolutely not convinced that your problem is solely based on 
virtualization extensions. Something else is almost certainly going on. 
Something less convoluted and more obvious.

> The A9/A5 have some support for virtualization, but not as much. So
> you'd have to go the software approach. The A8 (from memory) as no
> specific virtualization support, so again you'd have to go the software
> approach.
>
> To answer the final part - ALL Cortex-A8 processors will AWLAYS support
> TrustZone. That doesn't mean you have to use it.
>
> Para-virtualization is a software-only solution for virtualizing
> operating system software. Almost any CPU can implement
> para-virtualization ...

This is a good point. Until relatively recently we had a lovely kernel 
module called kqemu that enabled achieving nearly the same performance 
as with virtualization extensions, but without any virtualization 
support in hardware. It is now deprecated, but the point is that if the 
perp can gain root access to your machine which is required to mess 
around with injecting a malicious kernel module that would be required 
to leverage the virtualization capabilities against you, the game is 
long lost.

Gordan

More information about the arm-netbook mailing list