Recently, the Google engineers have announced details about a critical vulnerability identified as CVE-2024-56161. Baptized under the name of EntrySign, this failure allows to evade the digital signature verification mechanism during microcode update on AMD processors using the first four generations of the Zen microarchitecture.
EntrySign affects a wide range of processors, allows an attacker to bypass security controls that ensure the integrity of microcode, potentially opening the door to malicious modifications to hardware behavior.
About vulnerability
The origin of this vulnerability lies in the use of the AES-CMAC algorithm during digital signature verification instead of a trusted hash function. AMD used this algorithm to sign the microcode, using a private RSA key and adding a public key to the patch.
The verification process involves the processor comparing the hash of the public key embedded during manufacturing with the hash of the key specified in the patch. However, since CMAC was used, which is actually not a hash function but an authentication code message transmission, a security breach has opened.
CMAC is based on the AES algorithm and uses XOR operations to combine blocks of data, but because it is not designed to be collision resistant, it allows an attacker who knows the encryption key to calculate intermediate values that compensate for changes in the input, leaving the result of the operation unchanged.
Both Intel and AMD designed unique RISC-based microcode instruction sets, both undocumented, but conceptually similar to other RISC instruction sets such as ARM or RISC-V. Like software, implementing complex hardware correctly is a challenge; historically, this has led to multiple well-known bugs, such as Intel's FDIV bug on the Pentium in 1994.
AMD supplies a single encryption key for AES-CMAC in all its processors from Zen 1 to Zen 4, meaning that if someone extracts this key from one CPU, they can apply it to all the others. In fact, researchers have found that these processors use a known key, extracted from an example in the NIST SP 800-38B guidelines.
This has allowed, in theory, to generate false patches by replacing the patch's public key with one that produces the same hash, and select collisions for the digital signature. Such collisions are achieved by adding an additional block of seemingly random data to the microcode, so that the modified patch retains AMD's original digital signature.
To address this problemTo explore new ways to manipulate microcode in AMD processors, Google engineers They developed Zentool, a collection of combined tools for microcode patch examination, including limited disassembly, creation of microcode patches using a limited amount of reverse engineering assembly.
Zentool has been designed to facilitate the analysis and modification of microcode, offering a series of commands that allow from editing parameters and replacing instructions to loading the modified microcode into the CPU and correcting the digital signature of the patch.
For example, the command “zentool edit” enables editing of parameters in microcode files, while “zentool print” displays detailed information about the internal structures of the microcode. Likewise, “zentool load” loads the microcode into the CPU, and “zentool resign” recalculates the digital signature, taking into account the changes made. In addition, the package includes utilities such as mcas and mcop, which provide assembler and disassembler functionality for working directly with the microcode.
The capabilities of Zentool allows developers to prepare and apply their own patches on AMD Zen processors. As an illustrative example, a patch has been prepared that modifies the logic of the RDRAND instruction. After applying this patch, the RDRAND instruction stops generating pseudo-random sequences and starts to consistently return the number 4, thus demonstrating the power of modifying the microcode and altering the expected behavior of the processor.
It is worth mentioning that Zentool comes with a detailed guide about the RISC86 microarchitecture used in AMD's microcode, as well as an instructional note explaining how to create custom microcode. The guide shows, among other things, how to design new processor instructions, modify the behavior of existing instructions, and load those changes directly into the CPU.
Finally, if you are interested in knowing more about it, you can consult the details in the following link