============ XEN and MIB3 ============ partitions ---------- The contents of the partitions taken from a chipoff. There's a large IVI partition containing partitions of its own. .. code:: bash (venv) ➜ MIB3 Top High mmls 32gb.bin GUID Partition Table (EFI) Offset Sector: 0 Units are in 4096-byte sectors Slot Start End Length Description 000: Meta 0000000000 0000000000 0000000001 Safety Table 001: ------- 0000000000 0000000255 0000000256 Unallocated 002: Meta 0000000001 0000000001 0000000001 GPT Header 003: Meta 0000000002 0000000005 0000000004 Partition Table 004: 000 0000000256 0000002815 0000002560 boot_a 005: 001 0000002816 0000005375 0000002560 boot_b 006: 002 0000005376 0000005887 0000000512 hyp_a 007: 003 0000005888 0000006143 0000000256 dtb_a 008: 004 0000006144 0000009727 0000003584 kerneldom0_a 009: 006 0000009728 0000012287 0000002560 initramfsdom0_a 010: 007 0000012288 0000102911 0000090624 systemdom0_a 011: 008 0000102912 0000109055 0000006144 system2dom0_a 012: 012 0000109056 0000113919 0000004864 kerneldomu1_a 013: 013 0000113920 0000114175 0000000256 dtbdomu1_a 014: 014 0000114176 0000116735 0000002560 initramfsdomu1_a 015: 015 0000116736 0000203775 0000087040 systemdomu1_a 016: 016 0000203776 0000209919 0000006144 system2domu1_a 017: 031 0000209920 0000210175 0000000256 align1 018: 032 0000210176 0000210687 0000000512 hyp_b 019: 033 0000210688 0000210943 0000000256 dtb_b 020: 034 0000210944 0000214527 0000003584 kerneldom0_b 021: 036 0000214528 0000217087 0000002560 initramfsdom0_b 022: 037 0000217088 0000307711 0000090624 systemdom0_b 023: 038 0000307712 0000313855 0000006144 system2dom0_b 024: 042 0000313856 0000318719 0000004864 kerneldomu1_b 025: 043 0000318720 0000318975 0000000256 dtbdomu1_b 026: 044 0000318976 0000321535 0000002560 initramfsdomu1_b 027: 045 0000321536 0000408575 0000087040 systemdomu1_b 028: 046 0000408576 0000414719 0000006144 system2domu1_b 029: 059 0000414720 0000418815 0000004096 system_error_dump 030: 069 0000418816 0000420863 0000002048 sys_ss 031: 070 0000420864 0000437247 0000016384 sys_persist 032: 071 0000437248 0000453631 0000016384 sys_irc 033: 072 0000453632 0000500735 0000047104 sys_misc1 034: 099 0000500736 0001063935 0000563200 ivi_opt 035: 100 0001063936 0007626751 0006562816 ivi 036: ------- 0007626752 0007627775 0000001024 Unallocated TFFS is a proprietary file system from Tuxera, with one mounter available `tffsmount `_, however, we had no success mounting this file system. Luckily, a fair bit of information can already be extracted from the binary by using a simple strings operation. In order to view the contents of a specific partition, it's best to extract and unzip the partitions of interest. .. code:: bash dd if=32gb.bin of=initramfsdom0_a.bin.gz skip=0000009728 count=2560 bs=4096 gunzip initramfsdom0_a.bin.gz mkdir initramfsdom0_a mv initramfsdom0_a.bin initramfsdom0_a cd initramfsdom0_a cpio -idmv < initramfsdom0_a.bin Alternative approach (not working for partitions within the IVI). ``python3 -m tffsmount 32gb.bin /tmp/mib3/tffsmount2 -o 0x1be00000`` .. code:: bash ➜ MIB3 Top High xxd 32gb.bin | grep .~.TFFS 03000000: eb7e 9054 4646 5320 2020 2000 0000 0000 .~.TFFS ..... 03006000: eb7e 9054 4646 5320 2020 2000 0000 0000 .~.TFFS ..... 17755d40: eb7e 9054 4646 5320 2020 2000 0000 0000 .~.TFFS ..... 1c800000: eb7e 9054 4646 5320 2020 2000 0000 0000 .~.TFFS ..... 1c806000: eb7e 9054 4646 5320 2020 2000 0000 0000 .~.TFFS ..... 2d2b5d40: eb7e 9054 4646 5320 2020 2000 0000 0000 .~.TFFS ..... 35000000: eb7e 9054 4646 5320 2020 2000 0000 0000 .~.TFFS ..... 35006000: eb7e 9054 4646 5320 2020 2000 0000 0000 .~.TFFS ..... 49755d40: eb7e 9054 4646 5320 2020 2000 0000 0000 .~.TFFS ..... 4e800000: eb7e 9054 4646 5320 2020 2000 0000 0000 .~.TFFS ..... 4e806000: eb7e 9054 4646 5320 2020 2000 0000 0000 .~.TFFS ..... 5f2b5d40: eb7e 9054 4646 5320 2020 2000 0000 0000 .~.TFFS ..... 66400000: eb7e 9054 4646 5320 2020 2000 0000 0000 .~.TFFS ..... 66406000: eb7e 9054 4646 5320 2020 2000 0000 0000 .~.TFFS ..... 66c00000: eb7e 9054 4646 5320 2020 2000 0000 0000 .~.TFFS ..... 66c06000: eb7e 9054 4646 5320 2020 2000 0000 0000 .~.TFFS ..... 6ac00000: eb7e 9054 4646 5320 2020 2000 0000 0000 .~.TFFS ..... 6ac06000: eb7e 9054 4646 5320 2020 2000 0000 0000 .~.TFFS ..... 6ec00000: eb7e 9054 4646 5320 2020 2000 0000 0000 .~.TFFS ..... 6ec06000: eb7e 9054 4646 5320 2020 2000 0000 0000 .~.TFFS ..... 7a400000: eb7e 9054 4646 5320 2020 2000 0000 0000 .~.TFFS ..... 7a406000: eb7e 9054 4646 5320 2020 2000 0000 0000 .~.TFFS ..... 104000000: eb7e 9054 4646 5320 2020 2000 0000 0000 .~.TFFS ..... 104006000: eb7e 9054 4646 5320 2020 2000 0000 0000 .~.TFFS ..... 105974000: eb7e 9054 4646 5320 2020 2000 0000 0000 .~.TFFS ..... 10597a000: eb7e 9054 4646 5320 2020 2000 0000 0000 .~.TFFS ..... 129474000: eb7e 9054 4646 5320 2020 2000 0000 0000 .~.TFFS ..... 12947a000: eb7e 9054 4646 5320 2020 2000 0000 0000 .~.TFFS ..... 25fc00000: eb7e 9054 4646 5320 2020 2000 0000 0000 .~.TFFS ..... 25fc06000: eb7e 9054 4646 5320 2020 2000 0000 0000 .~.TFFS ..... 263c00000: eb7e 9054 4646 5320 2020 2000 0000 0000 .~.TFFS ..... 263c06000: eb7e 9054 4646 5320 2020 2000 0000 0000 .~.TFFS ..... 26fc00000: eb7e 9054 4646 5320 2020 2000 0000 0000 .~.TFFS ..... 26fc06000: eb7e 9054 4646 5320 2020 2000 0000 0000 .~.TFFS ..... 3afc00000: eb7e 9054 4646 5320 2020 2000 0000 0000 .~.TFFS ..... 3afc06000: eb7e 9054 4646 5320 2020 2000 0000 0000 .~.TFFS ..... 3dfc00000: eb7e 9054 4646 5320 2020 2000 0000 0000 .~.TFFS ..... 3dfc06000: eb7e 9054 4646 5320 2020 2000 0000 0000 .~.TFFS ..... 4dfc00000: eb7e 9054 4646 5320 2020 2000 0000 0000 .~.TFFS ..... 4dfc06000: eb7e 9054 4646 5320 2020 2000 0000 0000 .~.TFFS ..... 545400000: eb7e 9054 4646 5320 2020 2000 0000 0000 .~.TFFS ..... 545406000: eb7e 9054 4646 5320 2020 2000 0000 0000 .~.TFFS ..... 745400000: eb7e 9054 4646 5320 2020 2000 0000 0000 .~.TFFS ..... 745406000: eb7e 9054 4646 5320 2020 2000 0000 0000 .~.TFFS ..... The initramfs partitions contain the initial ramdisk, which is a cpio archive. The contents of the initramfs can be extracted using the following command: XEN, Domain0 and DomainU ------------------------ Virtual machines are essentially guest operating systems running on a device. Virtual machines share physical memory and can share hardware devices, creating security risks, allowing potential VM excapes. A mitigation is to have all hardware access isolated in a trusted execute environment (TEE), or in our case, this might already be the Domain0. The resources of the CPU and other peripherals are shared between the VMs, with the hypervisor managing the resources. In our case, Domain0 is the initial domain started by the Xen hypervisor on boot. Dom0 is an abbrevation of "Domain 0" (sometimes written as "domain zero" or the "host domain"). Dom0 is a privileged domain that starts first, and likely also has access to the hardware resources. *"Dom0 is the initial domain started by the Xen hypervisor on boot. Dom0 is an abbrevation of "Domain 0" (sometimes written as "domain zero" or the "host domain"). Dom0 is a privileged domain that starts first and manages the DomU unprivileged domains. The Xen hypervisor is not usable without Dom0. This is essentially the "host" operating system (or a "service console", if you prefer). As a result, Dom0 runs the Xen management toolstack, and has special privileges, like being able to access the hardware directly."* Data can be shared between domains using XenStore - an information storage space between domains maintained by Xenstored. Dom0 is the only domain with direct access to hardware, with DomU being an unprivileged domain, which need to communicate with Dom0 to access hardware. Multiple DomU can be created. Sharing devices between Dom0 and DomU. *"To access devices that are to be shared between domains, like the disks and network interfaces, the DomUs must communicate with Dom0. This is done by using a two-part driver. The FrontendDriver must be written for the OS used in the DomU, and uses XenBus, XenStore, shared pages, and event notifications to communicate with the BackendDriver, which lives in Dom0 and fulfils requests. To the applications and the rest of the kernel, the FrontendDriver just looks like a normal network interface, disk, or whatever. "* MCLF, MobiCore or Trustonic --------------------------- Looking through ``systemdom0_a`` at ``3000000``, we find three 'tabin' files with some hash as a filename, and ``MCLF`` in the header. These are likely trusted applets, running in the secure world. MCLF format (source: quarkslab0 and `kinibi` OS). .. figure:: images/mclf_format.png :alt: MCLF header :align: center These files contain a MCLF header when viewing the file header. MCLF is a Mobicore Loadable Format .. code:: bash ➜ gradle-8.11 cd /tmp/mib3/tffsmount/3000000/opt/tee/ta ➜ ta ls 22546a5c7c8658b2b9159ca48a7f9272.tabin 2c0ba9cc522252ddaf45af9a79eab69f.tabin c4ad25cde4205d90ae7642155cd60556.tabin Quarkslab on MCLF: `A Deep Dive Into Samsung's TrustZone (Part 1) ` and `A Deep Dive Into Samsung's TrustZone (Part 2) `. Trusted applets ^^^^^^^^^^^^^^^ Communication between secure and normal world are done using software interrupts and 'World Shared Memory' buffers. These WSM allow transfer of data. A ``MCLib`` - Mobicore Library - is used to communicate between trustlets. In our case: libMcClient.so, located at ``usr/lib/libMcClient.so``, which in turn communicates with a daemon: ``usr/bin/mcDriverDaemon`` (in systemdom0). *"This library is not loaded dynamically by the trustlets. The address of the McLib's handler is written into them at load time and then used as a regular function as shown in the code snippet given below. The tlApi number is passed into R0 and the arguments in the rest of the general purpose registers or on the stack, depending on the number of arguments.""* This MobiCore library is loaded at runtime. The trustlet command handlers provide an attack surface for higher privileged processes. Secure drivers are another type of applets, with higher privileges and access to hardware and additional Supervisor Calls (SVC). They are typically multithreaded, into a main, a normal world handler, a system/trustlet handler and an ISR thread handler. .. figure:: images/trusted_app_mobicore_worldshares.png :alt: Mobicore world shares :align: center Direct communication with a secure world driver is possible from the nowrmal world, using the shared buffer between both worlds, which passes the arguments for the secure world driver. The secure world driver can then access the hardware directly. Kibini ^^^^^^ Kibini is part of SBoot, and is probably extracteable Wahrheit is visible after uboot (see boot logs from a normal/working MIB3 boot). XEN logs -------- Xen logs of a normal boot flow. .. code:: bash [PASS] Succeed to load LDFW => Return value : 3 S8=> Return value : 0 Xen 4.8.0 [ 0.201928] [ 0.560934] [0: swapper/0: 1] Initramfs unpacking failed: junk in compressed archive [wahrheit] Version: 0.2.7 [wahrheit] Build-ID: 765ac35fe6cda5bb5458f05858e77cc392034b3c2676bdb8783143fe43fb58fb [ 0.757925] [ 1.116930] [2: esoinsmod: 1222] vbb xen-vbb: driver probed successfully(VBB : 20171226) [ 0.761554] [ 1.120560] [2: esoinsmod: 1222] BQ buffer-queue: buffer-queue driver probed successfully(BUFQ : 20190322) Done setting up Dom0 Parsing config from /vm/linux-ivi-vm/linux-ivi-vm_ufs_c3_a.cfg svdm will be executed. clk is applied pinctrl is applied vinput is applied pcie is applied pvusb is applied SIGNATURE VALID OR UNIT NOT FUSED: 0xC9200000 SIGNATURE VALID OR UNIT NOT FUSED: 0xC1080000 (DU1) [ 0.389911] [ 3.030438] Initramfs unpacking failed: junk in compressed archive (DU1) [ 0.505209] [ 3.145737] vbufq vbufq-0: vbufq_fe_probe: probed success. nodename(device/vbufq/0), ver(VBQ : 20170824) (DU1) [wahrheit] Version: 0.2.7 (DU1) [wahrheit] Build-ID: 765ac35fe6cda5bb5458f05858e77cc392034b3c2676bdb8783143fe43fb58fb (XEN) [ 3.309333] mm.c:1523:d0v0 gnttab_mark_dirty not implemented yet (DU1) RUNMODE=normal (DU1) ESO_SKU=177811101011100000 (DU1) SOC_SKU=003-00000-0307-011 Buildname = CL33_MIB3H_AU_ER_G4x_2002403PROD HW_REV = 011 (DU1) scandir: No such file or directory INIT DONE DAEMON: [DM Ver] omx(1.0).date(191118).hv2.2-1946.2-PR47.2 (DU1) INIT DONE CHALLENGE [INFO] : Started. (DU1) CHALLENGE [INFO] : Started. OOC 4.25.6-DEVELOPMENT [OOC:INF] OocApplication: All files already present. [OOC:INF] StartupManager [OOC:INF] SuspendNotifyClient: Connected [OOC:INF] OocApplication: run [OOC:INF] RunmodeMgr: Invalid MMX boot index found: -> assume A [OOC:INF] rstp init frame: c4 80 80 80 [OOC:INF] RSTP init frame: RSC reports boot path: boot path A [OOC:INF] Systemstate: Runmode updated: normal [OOC:INF] SystemState: Request delay: 'Online Delay' = '1' [OOC:INF] AsiOocPwrman started successfully [OOC:INF] SystemState: Power State: MMI_STANDBY_PWR_SAVE_2, reason: 0x0 [OOC:INF] SystemState: Clamp States: Clamp S: 0, Clamp 15: 0 [OOC:INF] SystemState: Display State: display1: 0 [OOC:INF] SystemState: Display State: display2: 0 [OOC:INF] AsiPersistenceClient: sizes: 1, 1 [OOC:INF] AsiPersistenceClient: alive [OOC:INF] AsiPersistenceClient: S2R: active [OOC:INF] SystemState: S2R enabled: 1 (changed: 1) [OOC:INF] Startup: Timer running (init: 118569 ms) [OOC:INF] SystemState: ZR Active (Startup): 1 (changed: 1) [OOC:INF] SystemState: Sent ZrActive request: 1 [AIO:ERR] epoll_ctl: add of file descriptor failed: File exists CURRENT BOOTCYCLE (SYS): 615 [OOC:INF] AsiOoclClient: Proxy alive [OOC:INF] AsiOoclClient: Proxy alive: state: true [OOC:INF] SystemState: Updated 'IVI is running': 1 tracing fsid is NOT available (state -1 | listsize 8 | FOD 2 | EL 0/0 | B2109BAD6D) [OOC:INF] AsiServiceMgr: Startup Finished from Service Manager [OOC:INF] SystemState: Startup Finished on SYS [OOC:INF] AsiPwrman: MMXEVENT_ETHERNET_PHONE: app 2, state: 1 [OOC:INF] SystemState: PmouMmxEventEthernetPhone changed: 1 tracing fsid is NOT available (state -1 | listsize 8 | FOD 2 | EL 0/0 | B2109BAD6D) (DU1) [ 18.191454] [ 20.831982] Call trace: