The Arm Cortex-A76 is a high-performance CPU core designed for mobile, embedded and infrastructure applications. It offers several security features to help protect against attacks and ensure safe and reliable operation.
TrustZone Security Extensions
The Cortex-A76 implements Arm TrustZone technology to provide a hardware-level security foundation. TrustZone divides the CPU into two worlds – a secure world for trusted code and resources, and a normal world for regular applications. This allows sensitive code and data to be isolated from the rest of the system software.
There are separate secure and non-secure states with associated CPU modes, registers, memory regions and peripherals. Switching between the worlds is tightly controlled via monitor mode software. The monitor code serves as the gatekeeper and protects the boundary between secure and non-secure operations.
TrustZone helps enable various security use cases like secure boot, trusted execution environments, authentication, DRM and payment systems. The secure world can provide a safe haven for tasks like cryptographic operations and key management.
Cortex-A76 supports a secure boot process to validate firmware integrity. Upon reset, the CPU begins execution in the secure world. The bootloader verifies signatures of firmware images before allowing them to execute. This prevents compromised or unauthorized code from being loaded.
The public key for image verification is stored in one-time programmable non-volatile memory. This guarantees the integrity of the key used for validating boot artifacts and prevents rollbacks to older revoked keys.
Trusted Execution Environment
A trusted execution environment (TEE) can be implemented in the Cortex-A76 secure world using TrustZone. The TEE provides an isolated sandbox for secure applications and trusted services. It protects confidentiality and integrity of assets even from privileged malicious software.
Example TEE features include isolated execution, secure storage, attestation and tamper resistance. Vendors like Trustonic, Linaro and Qualcomm have TEE solutions based on Arm TrustZone.
Pointer Authentication (PAC)
Cortex-A76 implements pointer authentication, a feature new in the Armv8.3 architecture. It protects against control flow hijacking by signing and authenticating pointers.
Function pointers are signed with a 64-bit Pointer Authentication Code (PAC) when they are stored to memory. The PAC is derived from the pointer value, context and a secret key. It gets encoded into unused bits of the pointer to create a signed pointer.
When a signed pointer is loaded back, the CPU uses the key to authenticate the PAC and verifies that the pointer value has not been modified. This detects control flow redirection attacks like Return Oriented Programming (ROP) that tamper with call or return addresses.
There are two PAC variants for code and data pointers respectively. Code pointers use QARMA to generate PACs while data pointers rely on a simpler XOR-encryption scheme. The algorithm provides probabilistic protection against brute force guessing of valid PACs.
AArch64 Address Space Layout Randomization
Address Space Layout Randomization (ASLR) is supported for the AArch64 execution state in Cortex-A76. It randomizes the locations of code and data areas each time a process runs.
This makes it difficult for an attacker to redirect control to injectable payload code via memory corruption bugs. The randomized offset effectively creates a moving target defense against ROP and return-to-libc attacks.
The ASLR mechanisms randomize positions of key areas like the text segment (code), stack, heap and memory mapped files. The extent of randomization depends on the amount of available virtual address space.
Branch Target Indicators
As an additional defense against ROP attacks, the Cortex-A76 uses Branch Target Indicators (BTIs) to protect indirect branch targets. BTIs act as signatures that mark valid branch destinations.
Indirect branches like function returns require a BTI token match at the target address. The CPU checks this and raises an exception if the token is invalid. BTIs are stored in the branch predictor structures.
This feature is enabled when pointer authentication is active, since PAC signing of code pointers allows BTIs to be safely reused across processes. The BTI system further frustrates code reuse attacks that try to chain gadgets from valid code.
The Cortex-A76 implements optional extensions for accelerated cryptography and memory tagging. These are useful security features for trusted execution and anti-exploitation defenses.
The Cryptographic Extension provides hardware acceleration for cipher, hash, AES and SHA operations used in protocols like TLS/SSL, VPNs and disk encryption.
It offers dedicated instructions for AES encryption/decryption, SHA-1/SHA-2 hash algorithms and finite field multiplication for public-key ciphers like RSA or ECC. This improves performance and power efficiency for secure communications and data storage.
Memory Tagging Extension
The Memory Tagging Extension allows associating metadata tags with memory regions. These tags can be used to mark sensitive data buffers and enforce controls on their use.
Hardware checks verify that accesses to tagged regions are allowed per their permissions. The extension also enables tagged pointers that track bounds or allocation status for safe array/pointer operations.
Tag-based monitoring of this kind helps prevent exploits like buffer overflows, out-of-bounds access and use-after-free. It offers an additional layer of defense together with other mitigations like ASLR, stack canaries and control flow integrity.
Here we examine some representative attacks that exploit CPU vulnerabilities, and how the Cortex-A76 security features can help mitigate them.
Code injection attacks try to introduce and execute malicious payload code by hijacking control flow. Methods include stack/buffer overflows or corrupting function pointers.
Cortex-A76 pointer authentication forces attackers to correctly forge PAC values to redirect control flow. ASLR randomizes code locations to prevent executing injected payloads. BTIs also protect valid branch targets from unauthorized redirection.
Return Oriented Programming
ROP attacks chain together short instruction sequences ending in return instructions. The Cortex-A76 uses pointer authentication to sign return addresses stored on the stack, defeating modified return targets.
ASLR randomization prevents finding useful ROP gadgets. BTIs mark valid return sites to detect illegal control transfers. Stack canaries can also detect stack tampering used in setting up ROP payloads.
This attack tries to change execution privilege level in an unauthorized manner. Malware may exploit bugs or misconfigurations to gain elevated OS privileges.
TrustZone provides isolation between the secure and normal worlds, preventing privilege escalation across worlds. EL3 is the highest exception level controlling switches between worlds. Hypervisors can also constrain guest OS privileges.
Side Channel Attacks
Sensitive data like encryption keys can be stolen by monitoring side channels like power usage, electro-magnetic leaks or timing. This allows decryption without directly accessing the keys.
The Cortex-A76 implements features to make side channel attacks more difficult. Cache ways can be partitioned to avoid data leakage between tasks via shared cache state. Cryptographic acceleration also reduces software side channels.
Security Development Guidelines
Here are some key guidelines for building secure software using capabilities offered by the Cortex-A76 and related Arm technologies:
- Utilize TrustZone to isolate sensitive processing in the secure world. Restrict interactions across worlds.
- Enable secure boot with verified firmware images to protect the bootchain.
- Implement pointer authentication and ASLR for runtime application protection.
- Use branch target indicators as an additional control flow integrity defense.
- Leverage cryptographic extensions for efficient crypto and memory tagging.
- Partition system resources like caches to prevent side channel leaks across tasks.
- Adopt safe programming languages (Rust, Swift) to limit memory safety issues.
- Employ other techniques like stack canaries, sanitizers and fuzzing to catch bugs.
A defense-in-depth approach across hardware, OS, libraries and application layers is key to building robust systems resilient to attack.
The Cortex-A76 provides modern security capabilities to enable safe computing on ARM-based systems. Pointer authentication thwarts control flow attacks. TrustZone and TEEs facilitate trusted code execution. Cryptographic and memory tagging extensions assist in data protection.
These CPU features establish a hardware root of trust to build secure platforms. Software has to leverage the capabilities correctly via secure development practices. A layered security approach offers the best protection against vulnerabilities and malicious exploitation.