Backdoor in the Core - Altering the Intel x86 Instruction Set at Runtime

Presented at DEF CON 31 (2023), Aug. 11, 2023, 12:30 p.m. (45 minutes)

In this work, we present the novel results of our research on Intel CPU microcode. Building upon prior research on Intel Goldmont CPUs, we have reverse-engineered the implementations of complex x86 instructions, leading to the discovery of hidden microcode which serves to prevent the persistence of any changes made. Using this knowledge, we were able to patch those discovered sections, allowing us to make persistent microcode changes from userspace on Linux. We have developed and improved microcode tracing tools, giving us deeper insight into Intel Atom microcode than was previously possible, by allowing more dynamic analysis of the ROM. Along with this presentation, we provide a C library for making microcode changes and documentation on the reverse-engineered microcode. We show that vendor updates to the microcode, which cannot be verified by the user, impose a security risk by demonstrating how a Linux system can be compromised through a backdoor within a CPU core's microcode. REFERENCES: Intel TXE POC: https://github.com/chip-red-pill/IntelTXE-PoC Exploit used to gain Red Unlock. uCodeDisam: https://github.com/chip-red-pill/uCodeDisasm First research (to the best of our knowledge) allowing for dumping microcode ROM as well as a publicly available disassembler for Intel's microcode. Undocumented x86 instructions to control the CPU at the micro-architecture level in modern Intel processors: https://github.com/chip-red-pill/udbgInstr https://github.com/chip-red-pill/udbgInstr/blob/main/paper/undocumented_x86_insts_for_uarch_control.pdf From the research above, two undocumented instructions intended for debug perpuse at Intel were found. This layed the groundwork for us to experiment and test the behavior of microcode operations. Custom Processing Unit: https://github.com/pietroborrello/CustomProcessingUnit Custom Processing Unit is the first dynamic analysis framework able to hook, patch and trace microcode from a UEFI application

Presenters:

• Alexander Skovsende - Grad Student at Technical University of Denmark
• Alexander Dalsgaard Krog - Vulnerability Researcher at Vectorize
  Alexander Dalsgaard Krog is a Vulnerability Researcher at Vectorize with a focus on the low level, close to the hardware, and this talk will be no exception. He has a passion for binary exploitation and together with his prior team at Lyrebirds discovered the critical bug Cable Haunt, affecting millions of devices with a vulnerability allowing remote code execution. Both him and his co-speaker Alexander Skovsende are also heavily invested in CTF and have played a big role in putting the Danish team Kalmarunionen on top of the scoreboard in many CTFs.

Links:

• https://forum.defcon.org/node/245757

Similar Presentations:

• REcon Brussels 2018 / Decompiler internals: microcode
• Black Hat USA 2018 / Decompiler Internals: Microcode
• Black Hat USA 2022 / Custom Processing Unit: Tracing and Patching Intel Atom Microcode