@laginimaineb "the utilisation of hardware components remains as it is, and is currently not mitigated against": not sure I understand 100%
-
-
Replying to @scarybeasts @laginimaineb
Could the host driver apply physical mem range restrictions to the WiFi SoC DMA if it wanted to, or are we screwed?
2 replies 0 retweets 0 likes -
Replying to @scarybeasts
I don't know. There are IOMMUs for other components, it's not clear if one can be used for the Wi-Fi chip. Same applies for Exynos.
2 replies 0 retweets 0 likes -
Replying to @laginimaineb
Sooo... can of worms time. Can code on the cellular SoCs smash arbitrary physical RAM too?
4 replies 0 retweets 1 like -
Replying to @scarybeasts
Can of worms time indeed :) The best way to answer that would be to try it out; does anyone have a modem exploit they'd like to volunteer?
2 replies 0 retweets 1 like -
Replying to @laginimaineb
Won't the "patch the firmware" trick work? (And if arbitrary DMA works, it is of course MANDATORY to find a modem 0day to finish the chain)
1 reply 0 retweets 0 likes -
Replying to @scarybeasts @laginimaineb
Baseband generally falls into the same group of stuff as TrustZone kernel/apps and the early boot chain: dedicated verified fw partition.
1 reply 0 retweets 0 likes -
If anything the OS is treated as a less trusted component than the baseband. Qualcomm seems to view OS as an unimportant baseband accessory.
2 replies 1 retweet 0 likes
Yes, this is the backwards thinking of pretty much all the vendors since pretty much forever...
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.