Tux

@TuxSH

Reverse-enginner/software developer. This is a strictly personal account, my views are my own and do not represent my employer.

France
Vrijeme pridruživanja: lipanj 2012.
Rođen/a 1997.

Tweetovi

Blokirali ste korisnika/cu @TuxSH

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @TuxSH

  1. Prikvačeni tweet
    29. lip 2019.

    We are very proud to present you with the new release of Luma3DS, v10.0! NTP client, blue light filters, lots of cheat engine improvements, many new debugger features, and more! Check it out at !

    Prikaži ovu nit
    Poništi
  2. 26. sij

    for spinlocks, should non-temporal (prfm pstl1strm) or temporal (prfm pstl1keep) store-prefetches be used?

    Poništi
  3. proslijedio/la je Tweet
    25. sij

    We're slowly getting back on track... coming soon ( ͡° ͜ʖ‌‌‌‌‌‌‌‌‌‌‌‌‌‌‌‌‌‌‌‌‌‌‌‌‌├┬┴┬┴

    Poništi
  4. 18. sij

    Guess which part of the reference manual qemu's generic TLB impl isn't compliant with? :^)

    Poništi
  5. 16. sij

    or dc civac?

    Prikaži ovu nit
    Poništi
  6. 16. sij

    (assuming only one guest, guest has all cpus, no security considerations -- basically in my case EL2 would just be a debugger)

    Prikaži ovu nit
    Poništi
  7. 16. sij

    Hm, so what's the way to *properly* copy guest (EL1) memory into the hypervisor, knowing EL1 and EL2 have different translation regimes (and thus different attributes for the same regions ...) but the same caches? Is it to copy PAR.ATTR to the MAIR & map the page each time?

    Prikaži ovu nit
    Poništi
  8. 14. sij

    I'm referring to and which make the matter very clear (the latter has very clear diagrams in annex exposing what can go wrong)

    Prikaži ovu nit
    Poništi
  9. 14. sij

    Thankfully this svc has never been made accessible on retail

    Prikaži ovu nit
    Poništi
  10. 14. sij

    Multiple Arm slides in Linux events: cache maintenance by set/way is dangerous, breaks virtualization, breaks cache coherency; should only be used for CPU power on/off no one: Nintendo: implements svcFlushEntireDataCache which does DC CISW (only on the current core)

    Prikaži ovu nit
    Poništi
  11. 6. sij

    oh TVAL existing means having a bit to trap CNTPCT separately is useless because one can just retrive its actual value by writing n to TVAL and computing CVAL-n, henceforth bypassing the hypervisor

    Prikaži ovu nit
    Poništi
  12. 6. sij

    me: why does Nintendo always write cntp_el0+timeout to CVAL instead of directly writing to timeout to TVAL? arch. reference manual: Bits[63:32] RES0, "TimerValue is treated as a signed 32-bit integer" yikes

    Prikaži ovu nit
    Poništi
  13. 6. sij

    "Normal" kernels (e.g. linux): *uses virtual Armv8 timer registers* Switch kernel: *accesses physical timer directly, uses virtual timer regs are extra scratch regs for crashes* ffs

    Prikaži ovu nit
    Poništi
  14. 31. pro 2019.

    Just Berlin Tegel restroom things:

    Poništi
  15. 30. pro 2019.

    Real-life illustration of recent Ams commits:

    Poništi
  16. 30. pro 2019.
    Poništi
  17. proslijedio/la je Tweet
    28. pro 2019.

    For those who would like to check it out, here is the ropchain implementation of LazyPixie that I presented in my talk at

    Poništi
  18. 27. pro 2019.

    Have the arm11 post-exploitation + arm9 + arm9 post exploitation payload too:

    Poništi
  19. 27. pro 2019.

    Hey guys here's my kernel exploit (+ pov) writeup talked about in his talk:

    Poništi
  20. 23. pro 2019.

    Welp I watched for the 4th time last Saturday

    Poništi
  21. 13. pro 2019.
    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·