Two CVE case study: how to use Android in the trusted zone-vulnerability warning-the black bar safety net

This article from the actual departure, about how to step by step use of Android in the trusted zone TrustZone on. Here I am using a Huawei hisilicon the Trusted Execution Environment Trusted Execution Environment, TEE on. First of all, I found one can gain kernel privilege vulnerabilities, and then I found a can in the TEE in the execution of arbitrary code vulnerability. The above test results show that Huawei hisilicon Trusted Execution Environment, any local application can execute shellcode the concept of feasibility.

Background
“The ARM®TrustZone®technology is a for a variety of client and server computing platforms, including phones, tablets, wearable devices and enterprise systems, security, system-wide method.” The use of a trusted regional technical development of the device capable of supporting a full Trusted Execution Environment. The Trusted Execution Environment to run in one is called“Safe Mode”special CPU mode, so safe mode using a memory and a security function it is possible for the normal use environment to hide itself. By this way, Android developers can provide a wide range of security features, such as fingerprint identification, Digital Rights Management（DRM）, kernel protection, Secure Boot and so on. You can be in the trusted zone official site or exploring genode. org to get more information.
Huawei hisilicon Trusted Execution Environment in line with the recent global Trusted Execution Environment of the platform specification, but its implementation was completely no documentation according to follow. By reverse it in the firmware, some log files, let me a General understanding of IT architecture:
! [](/Article/UploadPic/2016-12/20161222202047828. png? www. myhack58. com)
Below on the figure to do a brief description:
TZDriver “ev/tc_ns_client”is a kernel-level driver, it gives the user space of the client and the Trusted Execution Environment between the communication provides an interface, just as a high-pass secure executable environment QSEE“/dev/qseecom”the same. Both the only difference is that, in using Huawei hisilicon chip mate7 on each of the local applications are able to access TZDriver, and the high-pass qseecom can only be part of the system processes to access to.
TA is a Trusted Application to trust the application of the abbreviation, it is the elf File format. Each trusted application provides security-related services, such as safe storage TA_SecStorage, and secure boot, key storage, the original keystone, should the key store of error, translator’s note, the fingerprint recognition TA_FingerPrints, etc.
TEEGlobalTask is a Trusted Execution Environment in user mode the first trusted application. It is able to load the elf module can be an external call to the dispatcher to the other trusted application sub-service.
RTOSck is the Trusted Execution Environment of the core, it is Huawei independent research and development of real timeoperating system, with uC/OS-II is somewhat similar. RTOSck also includes a fingerprint identification drive, it can only be by TA_FingerPrints access, in order from the device on the sensor to read the fingerprint image.

CVE-2015-4421: the existence of the/dev/tc_ns_client vulnerability in
Secure monitor call, SMC is mainly used to enter the secure monitor mode and perform a secure monitor kernel service call. The command only in privileged mode execution. So if a user process attempts to secure the region for transmitting deformity of the SMC to the use of the Trusted Execution Environment, then it must first obtain kernel-level privileges.
“/dev/ tc_ns_client”is a kernel driver, it is possible for the user space of the client and the other kernel module providing ioctl interfaces. The client uses the its“TCAPI”with a secure area to communicate. Driver the file permission is“rw-rw-rw -”, which SE the context to“u: object_r: device: s0“with. In user mode, any client can access this driver.
The client uses TC_NS_ClientParam structure of the body to the driver transmit buffer pointer, and then the driver to the Trusted Execution Environment requests a secure monitor call, and the returned value is copied to the TC_NS_ClientParam in the pointer.
The following is TC_NS_ClientParam structure of the code:
typedef union {
struct {
unsigned int buffer; //ptr of buffer
unsigned int offset; //size of buffer
unsigned int size_addr;
} memref;
struct {
unsigned int a_addr; //ptr of a 4-bytes buffer
unsigned int b_addr; //ptr of a 4-bytes buffer
} value;
} TC_NS_ClientParam;
However, the driver at the border check in made a mistake. The pseudo-code as follows:
static int TC_NS_SMC_Call(TC_NS_ClientContext
*client_context,TC_NS_DEV_File *dev_file, bool is_global){
…
// Build TC_NS_SMC_CMD structure of the body
…
// Executes the SMC instruction
TC_NS_SMC(smc_cmd_phys);
// Copy smc_cmd. operation_phys the result to the caller
buffer(client_param. value)
if(client_operation->params[0]. value. a> 0xbfffffff){
//driver think the caller is from kernel space
*(u32 *)client_param->value. a_addr = operation-
>params[i]. value. a;
}
else{
//driver think the caller is from user space
copy_to_user (…);
}
if(client_operation->params[0]. value. b > 0xbfffffff){
*(u32 *)client_param->value. b_addr = operation-
>params[i]. value. b;
}
else{
copy_to_user (…);
}
…
}
If we are in user mode to send the kernel a pointer? The driver will directly replicate the results without using copy_to_user to. So we have the opportunity to give the kernel space is written to a given value. If the Trusted Execution Environment of the returned value is lower than the 0xc0000000, we just can“ret2user”to get root permissions.
Specific steps as shown below:
! [](/Article/UploadPic/2016-12/20161222202047697. png? www. myhack58. com)
I choose Trusted Execution Environment internal system time given as the return value. The Trusted Execution Environment in the global service provides a time of the query interface: cmd_id =“GLOBAL_CMD_ID_TEE_TIME” in.
The following is a“main_task”in the pseudo-code.
int get_sys_time()
{
int result; // r0@1
tag_TC_NS_Operation *v1; // r3@1
unsigned int v2; // [sp+0h] [bp-10h]@1
int v3; // [sp+4h] [bp-Ch]@1

[1] [2] next