|
|
|
|
|
|
by mindslight
4236 days ago
|
|
|
They're independent operating environments, but that doesn't mean their memories are isolated. It's commonly accepted that most mobile SoCs operate this way. See the diagram/text on page 2 of https://www.usenix.org/system/files/conference/woot12/woot12... . To the extent that a specific Qualcomm processor might avoid such a design, it's impossible to know due to their longstanding culture of security through obscurity. AFAIK, the Raspberry Pi is setup the same way, with the black box GPU being the master of the CPU that is commonly used to run Linux. This setup is only less problematic because the GPU lacks an unobservable network link. Even the i9100, with an independent modem, was found to be setup with shared memory for communication - http://redmine.replicant.us/projects/replicant/wiki/GalaxySI... Models like the Samsung i9300 have the modem chipset as an independent unit, although I've seen a block diagram indicating that the eMMC flash and modem RAM are in the same package, which is worrying. |
|
|
Modern Qualcomm basebands are restricted by an MMU and isolated from the main OS. Carriers wanted this because baseband exploits were such a common way for phones to get rooted. Additionally they have been hardened considerably in recent times, apparently modern Qualcomm basebands are much, much harder to hack than they once were. And they run now on a proprietary CPU design called, I think, Hexagon, which makes even just disassembling the thing a bit tricky.