Reflections on Trusting TrustZone

Reflections on Trusting TrustZone

Black Hat via YouTube Direct link

What is Written to Response Header?

18 of 25

18 of 25

What is Written to Response Header?

Class Central Classrooms beta

YouTube videos curated by Class Central.

Classroom Contents

Reflections on Trusting TrustZone

Automatically move to the next video in the Classroom when playback concludes

  1. 1 Intro
  2. 2 What is TrustZone?
  3. 3 TrustZone Architecture
  4. 4 Real-World Uses
  5. 5 Prior Work
  6. 6 Motivation
  7. 7 Toolchain
  8. 8 Attack Surface
  9. 9 Attacker Assumptions
  10. 10 QSEE SCM Interface
  11. 11 SCM Call-by-Register Convention
  12. 12 SCM Command Structures
  13. 13 Structure Sanity Checking
  14. 14 Secure Memory Checking Pseudocode
  15. 15 Review: Integer Overflow
  16. 16 Integer Overflow Vulnerability
  17. 17 Pathological Command Buffer
  18. 18 What is Written to Response Header?
  19. 19 Sorcery!
  20. 20 Building Better Primitives
  21. 21 Choosing A New Write Primitive
  22. 22 SMC Handler Table
  23. 23 SMC Table Extension Attack
  24. 24 Arbitrary TZ Code Execution
  25. 25 Lessons Learned

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.