Hacker News new | ask | show | jobs
by M95D 102 days ago
> there are so many phones with devicetree... and proprietary blobs controlling boot and running beneath ring 0

It's not the same!

A bootloader, once it loads the kernel and executes it, is overwritten in memory. No trace of it remains while the sistem is running - until the next boot. UEFI / ACPI / SMM continue to execute on the CPU after it finished booting, "under" the kernel, preempting it as they please.
1 comments
yjftsjthsd-h 102 days ago
I mean, it's not uniformly literally technically identical, but yes, an Android phone running its OS in ring 0 while other OSs run in other VMs on top of the EL2 (ring -1) hypervisor under the supervision of the Secure Monitor in L3 (ring -2) is very much in the same boat.

Suggested reading:

* https://www.maven-silicon.com/blog/privilege-levels-in-arm-a...

* https://projectzero.google/2017/02/lifting-hyper-visor-bypas...

* https://en.wikipedia.org/wiki/ARM_architecture_family#Securi...

* https://docs.samsungknox.com/admin/fundamentals/whitepaper/s... (in which Samsung uses firmware running under the kernel to protect against kernel exploits)

link
M95D 102 days ago
Oh, I didn't know that!

There goes freedom in the ARM world too.

link