Abstract:
---------------
In the last decade the industry has seen a large amount of research released around Intel platform security. Since the release of CHIPSEC, the industry has had a tool to quickly analyze their Intel platform against a secure baseline for misconfigurations. As a result of this, it has become more difficult to find misconfigured Intel platforms from major OEMs.
As we dove into the platform security realm ourselves, we noticed a complete lack of focus and analysis of AMD platforms. This was a surprise to us due to the popularity and significantly growing market share of AMD.
In this presentation we start with an overview of how secure boot works under the hood and showcase various vulnerabilities and implementation mistakes our team has found. We will then dive into interesting architectural differences across Intel and AMD that make up for the security of the platform. Additionally, we’re going to present details and proof of concepts for several vulnerabilities found in the targeted platforms. These include unlocked SMRAM regions, SPI flash misconfigurations, as well as memory corruption and race conditions issues in SMM modules.
All these details have been flushed into a tool that we developed which can be used by end users to quickly verify that their systems are free from common misconfigurations.
#secureboot #hardwaresecurity #hardwear_io
----------------------------------------------------------------------------------------------------------------------
Website: hardwear.io
Twitter: hardwear_io
LinkedIn: www.linkedin.com/company/hardwear.io-hardwaresecurityconferenceandtraining/
Facebook: hardwear.io
0:00 Introduction
0:36 Outline
1:58 Lack of Documentation
3:21 SMM in a Nutshell
4:48 SMRAM Protection
6:07 Unlocked TSEG on Acer Swift 3
6:41 SMM Unlock Key?
7:16 SMM Key Backdoor
7:44 SMM Callout Protections
9:06 SPI Flash Basics
9:25 ROM Protected Range
10:57 SPI Restricted Commands
11:44 SPI Controller Programming
12:35 SPI Read Demo
14:11 The Case of Asus Strix G513QR.330
15:46 The Story of a Dangerous SMI Handler
16:57 The Interesting Code
17:55 The Disabled SMI Interface
19:07 Exploiting the Bug
20:57 SMRAM Analysis
22:37 ROM Armor in a Nutshell
23:11 The Whitelisted SPI Regions
24:13 AmdPspRomArmor3Smm Flow
25:25 Host PSP Communication
27:35 Late Deregistration
31:08 Finding the PSB Configuration
32:28 PSB Fuse Register
33:11 Example of a good configuration
36:47 What is an SMM Supervisor?
38:36 SmmSupervisorBinRelease
41:40 Example of a Demoted SMI Handler
42:14 Legacy Supervisor Syscalls
43:15 Protection via Paging
43:38 Attack Surface
44:03 SmmSupvBin Format
45:07 Project Mu is a fork()
45:59 SMM Supervisor Policy Analysis
49:10 Conclusions (2/3)