Getting arbitrary code execution in TrustZone's kernel from any context

(All the vulnerabilities have been responsibly disclosed and fixed. I will post the CVE IDs and timelines in the following posts.)


What's the Goal?

Transcendence. From Android, that is.

This is going to be a series of blog posts detailing a chain of vulnerabilities that I've discovered which will enable us to escalate our privileges from any user up to the highest privilege of all - executing our code within TrustZone itself.

Since I only have my personal Android device, a Nexus 5 powered by a Snapdragon 800 SoC, I will focus on the TrustZone platform present on my device - Qualcomm's TrustZone implementation.

It should be noted that Qualcomm's TrustZone platform is present on all devices powered by Qualcomm SoCs, however, they also allow OEMs to make modifications and additions to this platform, which I will go into in more detail in later blog posts.

Also, I believe objectively Qualcomm's TrustZone implementation is a good target since the Snapdragon SoCs are quite ubiquitous and can be found in a very wide range of devices (which isn't surprising, considering Qualcomm has a very large market share in the smartphone chipset market).

Android & Security

Over the years many security mechanisms  have been added to Android, and existing ones have been improved.

While the underlying security architecture hasn't changed, the defences have become quite formidable on modern devices, to the point where gaining high privileges can become quite a difficult task, many times requiring more than a single vulnerability.

If you haven't already, I recommend that you read Google's "Android Security Overview", which explains the security architecture and lists most of the security mechanisms which are currently in use.

(For the rest of these blog posts, I'm going to assume that you are at least somewhat familiar with Android's security architecture).

What is TrustZone?


(First, an obligatory TrustZone schematic from ARM Ltd.)

According to ARM Ltd., TrustZone is:

"...a system-wide approach to security for a wide array of client and server computing platforms, including handsets, tablets, wearable devices and enterprise systems. Applications enabled by the technology are extremely varied but include payment protection technology, digital rights management, BYOD, and a host of secured enterprise solutions."

In short, this means TrustZone is a system which is meant to enable "secure execution" on a target device.

In order to execute secure TrustZone code, a specific processor is designated. This processor can execute both non-secure code (in the "Normal World") and secure code (in the "Secure World"). All other processors are limited to the "Normal World" only.

TrustZone is used for various purposes on Android devices, for example:
  • Verifying kernel integrity (TIMA)
  • Using the Hardware Credential Storage (used by "keystore", "dm-verity")
  • Secure Element Emulation for Mobile Payments
  • Implementing and managing Secure Boot
  • DRM (e.g. PlayReady)
  • Accessing platform hardware features (e.g. hardware entropy)
In order to secure the whole system, and not just the application processor,  specific bits on the system bus are set when entering "Secure World"  and unset when returning to the "Normal World".

Peripherals are able to access the state of these bits and therefore can deduce whether or not we are currently running in the secure world or not.

How does TrustZone's security model work? 


ARM also has a short technical overview of how TrustZone's Secure Model works, which is worth a read.

To achieve secure execution, the boundary between TrustZone and non-TrustZone code must be defined. This is achieved by defining two "worlds" - "Secure World" (TrustZone) and "Normal World" (in our case, Android).

As you know, when in the "Normal World" there is a security boundary between code running in "User-mode" and code running in "Supervisor-mode" (Kernel-mode).

The distinction between the different modes is managed by the Current Program Status Register (CPSR):

The five mode bits (marked by "M" in the image above), control the current execution mode. In the case of the Linux kernel, User Mode (b10000) is used for regular user code, and Supervisor Mode (b10011) is used for kernel code.

And yet, there's something missing here - there's no bit to indicate what is the currently active "world". That is because there is a separate register used for that - the Secure Configuration Register (SCR):

This register is a co-processor register, in CP15 c1, which means it can be accessed using the MRC/MCR opcodes.

As with the CPSR register, the "Normal World" cannot modify the SCR register directly. It can, however, execute an SMC opcode, which is the equivalent of a SWI for regular supervisor mode calls. SMC is short for Supervisor Mode Call, and is the opcode which can be used to issue requests directly to the TrustZone kernel.

Also, it should be noted that the SMC opcode can only be called from a supervisor context, which means that regular user code cannot use the SMC opcode.

In order to actually call TrustZone related functionality, the supervisor code, in our case, the Linux kernel, must register some sort of service which can be used to call the relevant SMC calls when needed.

In the case of Qualcomm, this is achieved by a device driver called "qseecom" - short for Qualcomm Secure Execution Environment Communication. We'll talk more about this driver in the later blog posts, so hang tight.

Putting it all together

So the road ahead is pretty long - in order to get to TrustZone code execution from a user-mode Android application with no permissions, we'll need the following privilege escalation vulnerabilities:
  • Escalation from an Android application with no permissions to a privileged Android user.
  • Escalation from a privileged Android user to code execution in the Linux kernel.
  • Escalation from the Linux kernel to code execution in the TrustZone kernel.
So if this seems like it might interest you, keep reading!

In the next blog post, I'll cover more details about Qualcomm's TrustZone implementation, and the vulnerability I discovered and exploited within its kernel.


  1. Hello laginimaineb,

    Thank you very much for your wonderful blog!

    I would like to get you your opinion on the following:

    Is the "non-secured world" the only entry point to get into the TZ? Can the TZ be, for example, interrupt driven from the secure side?

    If a task can be done with the need of the HLOS arguments (like a periodic routine checking some integrity) do you think it can be called through an interrupt?

    Thank you and keep posting this very interesting stuff!


    1. Hello Fabrice,

      Thanks for reading!

      Yes - interrupts *can* be a source into TrustZone, and in fact are in many cases. For example, on Qualcomm devices there are peripherals in charge of segregating different memory areas to different processors; when a violation occurs, the TrustZone kernel catches and handles the interrupt triggered, etc.

      As for period tasks - this is also true. For example, there is a watchdog process which checks that other processors on the SoC are still "alive". This is implemented by a periodic interrupt which is handled by the TrustZone kernel causing it to check that the processors have written a "heartbeat" to a shared memory location.


    2. Hello Gal,

      Thanks for you answer and sorry for the delay (I did not get the notification).
      This is actually the answer I got from ARM community.

      What I understood is that the interrupt to be used is FIQ rather than IRQ.
      1) IRQ's will be handled by HLOS
      2) FIQ's will be handled by TZ

      If you have more data on the topic (code or tutorials) I will be pleased to get it.

      Thanks again for your work!


  2. Typo: If a task can be done WITHOUT the need of the HLOS arguments

  3. This comment has been removed by the author.

  4. Dear Gal,

    Very insightful blog.
    Thank you

  5. Hi @laginimaineb, awesome blog! May i request a way to contact you pl? thanks, kaiwan.

  6. Thank you for awesome writeup. It if truth be told used to be an amusement account it. Glance complex to more brought agreeable from you! Also Check: YoWhatsApp Apk & WhatsApp Groups.

  7. Amazing Article sir, Thank you for giving the valuable Information really awesome.

    Thank you, sir



  8. You should check out this Whatsapp mod known as Yowhatsapp apk, it has more features.

  9. amazing information thanks for sharing this article

  10. Ac market App is a one stop goal for all broke, MOD applications like GBWhatsApp and diversions which will enable you to get fascinating and valuable Ac market apk download at zero expense.

  11. This is Very very nice article. Everyone should read. Thanks for sharing. Don't miss WORLD'S BEST CarGamesDownload

  12. You should use GBWhatsApp Latest version download on your phone to unlock more features of your smartphone.

  13. if you are looking for best whatsapp group link then visit here whatsapp group link

  14. India's one of the most popular T20 Cricket Tournament IPL Next Season Coming soon. Here you can check
    Vivo IPL 2020 Points Table Vivo IPL 2020 Schedule Information.

  15. Do you interested in Free Mobile Recharge or Gift prizes. If son then you can visit Amazon Quiz Answer
    Free Recharge Tricks for amazing tips and tricks

  16. Checkout some Recharge Tricks to get some offers for free

  17. This is such an awesome asset, to the point that you are giving and you give it away for nothing. I adore seeing blog that comprehend the benefit of giving a quality asset to free.jogos online 2019
    play Games friv
    school friv

  18. Thanks for sharing this article. For more Online Shopping Offers Whatsapp Groups you can visit
    Whatsapp groups
    Whatsapp groups links
    Whatsapp groups Invite links

  19. This is a great article. It is very helpful. Thanks for sharing.Check also:
    Whatsapp Group Link
    Whatsapp Group Names
    Douchebag Workout 2 Cheats List

  20. This comment has been removed by the author.

  21. This is a great article. It is very helpful for all people. Thanks for sharing.
    If you like to watch Hollywood and Bollywood movie or if you searching movie download website in India.
    You can check below. Here We have shared Indian Most popular movie download website where you can download all Hindi, Tamil, Telugu movie for free. check below:
    RdxHD Movie

  22. Bangladesh Education Board will publish PSC Exam Result and JSC Exam Result on the same day. All students are waiting to get their
    Exam Result. Bangladesh Education Board will publish PSC and JSC Exam Result on their official website. We also shared all information
    about PSC and JSC Exam Result in 2019. Check below.
    PSC Result 2019
    PSC Result 2019 Dhaka Board
    JSC Result 2019
    JSC Result 2019 Dhaka Board

  23. Thanks for sharing this article. For more Online oreder Offers,Coupons & promo Codes you can visit
    Uber Eats promo code
    Uber Eats coupons
    Uber Eats offers
    Uber eats today promo code

  24. I am very happy to see this post because it is very useful for me because there is so much information in it. I always like to read quality and I'm happy that I got this thing in your post. Thanks for sharing the best article post. visit Pepperfry coupons pepperfry furniture offers pepperfry Sofa

  25. Great post I must say and thanks for the information. Education is definitely a sticky subject. However, it is still among the leading topics of

    our time. I appreciate your post and look forward to more.
    best way to install apps quickly
    boost up work speed in windows 10

  26. Information looks informative.

  27. These is the best app SHAREit to transfer the data form one mobile to other mobile with fast transfer of all files and data and it available for the PCs and MAC and also for the iOS mobiles.

  28. Thanks for sharing such posts with us. This is really very interesting topic for your readers to grab more knowledge about it. For more updates on Online Shopping Coupons , please visit.

  29. It’s impressive that you are getting thoughts from this article as well as from our argument made at this time.Here is my webpage
    shareit for pc
    xender for pc

  30. I am very happy to see this post because it is very useful for me because there is so much information in it. I always like to read quality and I'm happy that I got this thing in your post. Thanks for sharing the best article post. visit Big basket offers Big basket coupons