

# GD32 Security Protection bypass

#### Speaker: Alexey Kovrizhnykh

Security Researcher, Positive Technologies





- Reverse engineer, security researcher
- positive technologies
- Flare-On 2018-2020, 2022 winner
- Articles, speeches, research: <u>alexdandy.me</u>
  - Mostly checkm8 related stuff
    - for A5(X) SoCs
    - for T2
    - even for VGA Adapters

GD32



#### GigaDevice

- Founded in 2005
- Beijing, China
- NOR flash memory designer
- ARM Cortex-M MCUs GD32 introduced in 2013-2015
- RISC-V MCUs GD32V introduced in 2019





**Readout Protection** 



Software providers may need to protect their software intellectual property from malicious users or intrusive attacks

#### **Restrictions:**

- **Technologies:**
- STM RDP
- nRF APPROTECT
- GD Security Protection
- etc.

- Level 0
  - No restrictions
- Level 1
  - Flash memory is locked (in debug mode)
- Level 2
  - JTAG/SWD interface is disabled
  - Boot from RAM or System memory is disabled
  - Irreversible and cannot be downgraded





# Known Readout Protection bypasses/vulnerabilities

# Shedding too much Light on a Microcontroller's Firmware Protection

- Authors:
  - Johannes Obermaier
  - Stefan Tatschner
- Main target: STM32F0
- Cold-Boot Stepping
- Security Downgrade
- Debug Interface Exploit
- Links:
  - <u>Paper</u>
  - <u>Presentation</u>



2023

# Cold-Boot Stepping

- RDP1 SRAM is still available under debugging
- Developer must zero out sensitive data from memory
- CBS technique allows you to get intermediate states of SRAM
- Examples:
  - Firmware CRC32 verification in bootloader
  - Encrypted Firmware Update in bootloader
  - etc.





# UV-C Security Downgrade



- UV-C light erases flash memory cells (0 → 1)
- Flipping any bit in Option Bytes causes security downgrade (RDP2 → RDP1)





# Race condition in the debug interface



- STM32F0 in RDP1: only a (bus) access triggers flash lockdown
- If the first bus access targets flash memory, valid data is sometimes returned
- Allows you to extract the entire firmware in parts of 4 bytes
- Can be achieved using J-Link (with openocd) and software controllable relay





One Exploit to Rule Them All? On the Security of Drop-in Replacement and Counterfeit Microcontrollers

- Authors:
  - Johannes Obermaier
  - Marc Schink
  - Kosma Moczek
- Main targets: STM32F103 & clones (APM, CKS, GD)
- Multiple severe debug interface vulnerabilities
- Invasive hardware attacks on multi-die systems
- A power glitch exploiting software live-patching
- Links:
  - <u>Paper</u>

# Load Instruction Exploitation



- On some MCUs, the core still has direct access to the flash when RDP1 is enabled
- You can read/write core registers and the program counter, halt/resume the core, do step-by-step execution, etc.
- You can find the proper gadget by analyzing core states step-by-step (CKS32F103)
  - ldr rX, [rY]
- Sometimes you can write your own gadget into SRAM and execute it (GD32VF103)
- My keyboard firmware on Sonix SN32F248B was successfully dumped using this technique
- <u>nRF51822: Firmware dumping technique for an ARM Cortex-M0 SoC</u>

# Extraction via Exceptions

**FF ONE** 2023

- On an ARM Cortex-M the flash memory is accessed via two buses:
  - Data bus for data and debug accesses
  - Instruction bus for instruction and interrupt vector fetches
- On some MCUs the flash memory is blocked for the data bus but not for the instruction bus



| $\begin{array}{c ccccccccccccccccccccccccccccccccccc$                                                                                                                                                                                            |             |    |    |    |    | ← VTOR |
|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-------------|----|----|----|----|--------|
| +0x20 8 9 10 11<br>+0x30 12 13 14 15<br>+0x40 16 17 18 19<br>+0x50 20 21 22 23<br>+0x60 24 25 26 27<br>+0x70 28 29 30 31<br>+0x10 4 5 6 7<br>+0x20 8 9 10 11<br>+0x30 12 13 14 15<br>+0x40 16 17 18 19<br>+0x50 20 21 22 23<br>+0x60 24 25 26 27 | )x0800 0000 |    | 1  | 2  | 3  | • VION |
| +0x30 12 13 14 15<br>+0x40 16 17 18 19<br>+0x50 20 21 22 23<br>+0x60 24 25 26 27<br>+0x70 28 29 30 31<br>+0x10 4 5 6 7<br>+0x20 8 9 10 11<br>+0x30 12 13 14 15<br>+0x40 16 17 18 19<br>+0x50 20 21 22 23<br>+0x60 24 25 26 27                    | +0x10       | 4  | 5  | 6  | 7  |        |
| $\begin{array}{c ccccccccccccccccccccccccccccccccccc$                                                                                                                                                                                            | +0x20       | 8  | 9  | 10 | 11 |        |
| $\begin{array}{c ccccccccccccccccccccccccccccccccccc$                                                                                                                                                                                            | +0x30       | 12 | 13 | 14 | 15 |        |
| $\begin{array}{c ccccccccccccccccccccccccccccccccccc$                                                                                                                                                                                            | +0x40       | 16 | 17 | 18 | 19 |        |
| $\begin{array}{c ccccccccccccccccccccccccccccccccccc$                                                                                                                                                                                            | +0x50       | 20 | 21 | 22 | 23 |        |
| $\begin{array}{c ccccccccccccccccccccccccccccccccccc$                                                                                                                                                                                            | +0x60       | 24 | 25 | 26 | 27 |        |
| $\begin{array}{c ccccccccccccccccccccccccccccccccccc$                                                                                                                                                                                            | +0x70       | 28 | 29 | 30 | 31 |        |
| +0x20891011 $+0x30$ 12131415 $+0x40$ 16171819 $+0x50$ 20212223 $+0x60$ 24252627                                                                                                                                                                  | )x0800 0080 |    | 1  | 2  | 3  | - VIOR |
| +0x3012131415+0x4016171819+0x5020212223+0x6024252627                                                                                                                                                                                             | +0x10       | 4  | 5  | 6  | 7  |        |
| +0x4016171819+0x5020212223+0x6024252627                                                                                                                                                                                                          | +0x20       | 8  | 9  | 10 | 11 |        |
| +0x50 20 21 22 23<br>+0x60 24 25 26 27                                                                                                                                                                                                           | +0x30       | 12 | 13 | 14 | 15 |        |
| +0x60 24 25 26 27                                                                                                                                                                                                                                | +0x40       | 16 | 17 | 18 | 19 |        |
|                                                                                                                                                                                                                                                  | +0x50       | 20 | 21 | 22 | 23 |        |
| +0x70 28 29 30 31                                                                                                                                                                                                                                | +0x60       | 24 | 25 | 26 | 27 |        |
|                                                                                                                                                                                                                                                  | +0x70       | 28 | 29 | 30 | 31 |        |

Exception(al) Failure - Breaking the STM32F1 Read-Out Protection

# **VTOR Control Flow Redirection**



- On GD32F103 flash memory access becomes locked down for all bus masters only if CPU debug module is enabled (C\_DEBUGEN bit in the DHCSR)
- Without enabling the debug module, we have access to SRAM, peripherals, etc.
- We can write a flash memory dumping firmware into SRAM
- But we cannot control the execution flow directly
- Instead, we indirectly redirect the control flow via the VTOR

#### DMA Access Exploitation



#### Figure 2-1. GD32F103x4/6/8/B block diagram



# Invasive Data Eavesdropping/ RDP Manipulation







# Invasive Data Eavesdropping/ RDP Manipulation

- We can gain access to the bonding wires for eavesdropping
- To decode the firmware, it is necessary to reverse the obfuscation mechanism: word- and bit-permutation. Hard, but possible.
- Instead, we can actively manipulate QSPI to downgrade the lock level
  - Flipping only two bits is enough





2023

# Shellcode Exec. via Glitch and FPB

- APM32F103, STM32F103
- Upload a two-stage exploit firmware to the SRAM with a debugger and shut down the debugger afterwards
- 2. VDD Glitch to release RDP lock
- 3. Boot from SRAM (first stage) using BOOTO/1 pins
  - Flash is still not available (cause booting from SRAM)
  - But we can configure FPB to patch resetvector fetch
  - FPB patch survive a device reset
- 4. Boot from FLASH using BOOT0/1 pins
  - Will actually run firmware from SRAM due to FPB configuration
  - Now the flash will be fully accessible





#### Other materials



- Microcontroller Readback Protection: Bypasses and Defenses
- <u>nRF52 Debug Resurrection (APPROTECT Bypass)</u>
- wallet.fail Hacking the most popular cryptocurrency hardware wallets
- <u>chip.fail Glitching the silicon of the Internet-of-Things</u>



# GigaVulnerability #1

WIIIII.

# How it all started: GD32E230





# J-Link tools vs openocd

- With default settings, J-Link tools are able to read DPIDR but **openocd** cannot
- Using a logic analyzer, we found out that DPIDR is readable with NRST is pulled-down
- Verified by manually pulling NRST to GND
- reset\_config srst\_only srst\_nogate connect\_assert\_srst
- Is it RDP2 or just a pin reconfiguration at startup?



Open On-Chip Debugger 0.12.0 Licensed under GNU GPL v2 For bug reports, read http://openocd.org/doc/doxygen/bugs.html Info : Listening on port 6666 for tcl connections Info : Listening on port 4444 for telnet connections Info : J-Link V9 compiled Sep 1 2016 18:29:50 Info : Hardware version: 9.60 Info : VTarget = 3.333 V Info : clock speed 100 kHz Info : SWD DPIDR 0x0bf11477

## GD32 Security Protection



- No protection (OB\_SPC = 0x5A)
- Protection level low (OB\_SPC not in {0x5A, 0xCC})
  - In debug mode, boot from SRAM or boot from boot loader mode, all operations to main flash is forbidden
  - If program back to no protection level a mass erase for main flash will be performed
- Protection level high (OB\_SPC = 0xCC)
  - When this level is programmed in debug mode, boot from SRAM or boot from boot loader mode is disabled
  - The main flash block is accessible by all operations from user code
  - The option byte cannot be erased

## What can we do in RESET?

- SRAM and Flash always read as zero
- Peripherals read but always return the reset value (expected)
- Debug registers work according to documentation

| > mww 0x20000000 0x1234 SRAM | 9 F F |
|------------------------------|-------|
| > mdw 0x20000000             |       |
| 0x20000000: 00000000         |       |
|                              | 2023  |
| >                            |       |
| > mdw 0x08000000 Flash       |       |
| 0×08000000: 00000000         |       |
|                              |       |
| >                            |       |
| > mdw 0x48000000 Peripherals |       |
| 0×48000000: 28000000         |       |
|                              |       |
| > mww 0x48000000 0x0         |       |
| > mdw 0x48000000             |       |
| 0x48000000: 28000000         |       |
|                              |       |
| > mdw 0xE000EDF0 Debug Units |       |
|                              |       |
| 0xe000edf0: 02000000         |       |
| > mww 0xE000EDF0 0x1         |       |
| > mdw 0xE000EDF0             |       |
| 0xe000edf0: 02000000         |       |
|                              |       |
| > mww 0xE000EDF0 0xA05F0001  |       |
| > mdw 0xE000EDF0             |       |
| 0xe000edf0: 02000001         |       |
|                              |       |
| >                            |       |
| > mdw 0xE0002008             |       |
| 0xe0002008: 00000000         |       |
|                              |       |
| > mww 0xE0002008 0x1234      |       |
| > mdw 0xE0002008             |       |
| 0xe0002008: 00001234         |       |

#### RDP2 or not RDP2?



- Still not 100% sure
- Decided to buy the same MCU, lock it and check
- MCU is easy to buy ...
- ... but not a dev board







#### RDP2 lock check result



- Same behavior as before
- Almost sure it's RDP2 on the target
- It's probably impossible to dump the firmware 🛞
- but...

# Maybe race?





# About SWD



- Two wires: SWCLK, SWDIO
- Packet-based protocol to read or write registers
- Arm Debug Interface Architecture Specification







| Address | Read      | Write  |  |
|---------|-----------|--------|--|
| 0x00    | IDCODE    | ABORT  |  |
| 0x04    | CTRL/STAT |        |  |
| 0x08    |           | SELECT |  |
| 0x0C    | RDBUFF    |        |  |

| Address | Function | Description                     |
|---------|----------|---------------------------------|
| 0x00    | CSW      | Control/Status<br>Word Register |
| 0x04    | TAR      | Transfer Address<br>Register    |
| 0x0C    | DRW      | Data Read/Write<br>Register     |







- 1. Preparation (interface reset, mode selection)
- 2. Read IDCODE (DPIDR)
- 3. Enable system & debug power domains
- 4. Select Bank 0x0 of MEM-AP
- 5. Configure CSW (e.g. 32-bit access without increments)
- 6. Configure TAR (target address)
- 7. Read DRW
  - 8. Read RDBUFF

# First attempt: libjaylink + J-Link



- Easy to implement
- Works fast
- Downside: no known way to control NRST in sync with SWD
  - Due to USB, there are large floating delays
- Discovery: SWD works when NRST is HIGH
  - For this we controlled NRST with our hands
  - We have some valid ACKs for the packets

#### RP2040 – New Hope





- Raspberry Pi Ltd
- 32-bit dual ARM Cortex-MO+ microcontroller
- 133 MHz (sometimes works fine at 250 MHz)



# PIO (Programmed Input–Output)



- Two blocks, four state machines each
- The state machines simultaneously execute programs aimed at working with input/output, and independent from the main CPU cores
- Can replace FPGA in some cases. Many protocols can be implemented
  - common protocols (if there are not enough special hardware blocks): UART, I2C, and more.
  - not very common protocols (for MCU): WS2812, DVI, VGA, and so on.
  - custom protocols
- Wide application in hardware security, especially in glitches
  - PicoFly
  - <u>ChipSHOUTER-PicoEMP</u>
  - <u>Starlink User Terminal Modchip</u>

# <u>Picoprobe</u> → SwdHack

- Picoprobe allows a Pico/RP2040 to be used as a USB -> SWD/UART bridge
  - SWD implemented as PIO-program
- The PIO program was taken for SWD and the C function for it from Picoprobe
- Implementation of a simple debugger that sends certain packets and synchronously drives NRST according to the algorithm described earlier
- Control of it done over USB (UART)





# Success! SRAM read



| Logic Analyzer                                    | +291.60µs<br>▼ |     |           |         |     |         |   | µs +307.80µs |                                         |      |                                         |         |  |  |
|---------------------------------------------------|----------------|-----|-----------|---------|-----|---------|---|--------------|-----------------------------------------|------|-----------------------------------------|---------|--|--|
| SWD 0                                             | O SWD W AP4    | ОК) |           | 0x20000 | 008 |         | ) |              | <br>R APc                               | OK ( | 0x0                                     | 000000  |  |  |
| SWCLK <u>」                                   </u> |                |     | เกิดกิณฑิ |         |     | กกกกกกก |   |              | บบบบบบบบบบบบบบบบบบบบบบบบบบบบบบบบบบบบบบบ |      | บบบบบบบบบบบบบบบบบบบบบบบบบบบบบบบบบบบบบบบ | กกกกิกก |  |  |
| SWDIO <b>J <sup>—</sup> l _ x</b> 1               |                |     |           |         |     |         |   |              | +1.45µs/145                             |      |                                         |         |  |  |
| NRST J Z Z                                        | 2              |     |           |         |     |         |   |              |                                         |      |                                         |         |  |  |

| Logic Analyzer                                    |          | 3.60µs +365.40µs |    |     |          |       |    |
|---------------------------------------------------|----------|------------------|----|-----|----------|-------|----|
| SWD <u>0</u> D                                    | SWD      | RDBUFF           | ОК | 0x0 | )800186c |       |    |
| SWCLK <u>J <sup>—</sup> l _ <mark>II</mark> 0</u> |          |                  |    |     |          | תתתתת | ЛЛ |
| SWDIO <u>5 - 1 - 1</u>                            | <u> </u> |                  |    |     |          |       |    |
| NRST <u>」 1 1 2</u>                               |          | -<br>            |    |     |          |       |    |

| Logic Analyzer                                   |     |       |    |            | +367.50µs +369.00µs +370. |
|--------------------------------------------------|-----|-------|----|------------|---------------------------|
| SWD <u>0</u> D                                   | SWD | W APc | ОК | 0xdeadbeef |                           |
| SWCLK <u>5 <sup>–</sup> 1 – <mark>1</mark></u> 0 |     |       |    |            |                           |
| SWDIO <u>J – l _ I</u> 1                         |     |       |    |            |                           |
|                                                  |     |       |    |            |                           |

# SRAM write



## Results



- We can read/write SRAM, Peripherals
  - Option Bytes have been checked for RDP2
  - Write is almost useless because of reset
- Still no direct access to Flash memory 🛞
- Cold-Boot Stepping (CBS) can be adopted
- In simple cases, CBS is not needed, a snapshot of SRAM taken at certain moments when waiting is enough
  - Encrypted WB firmware was decrypted in this way
- Also discovered: the readout lock is activated based on CDBGPWRUP and can be deactivated without a power-on reset

### Next steps



- Test the vulnerability on other families of GD32 microcontrollers
- Difficulty in checking all microcontrollers
  - Need to select one chip per family
- Other difficulties
  - Possibly need to group some families of chips according to defined criteria
- Decision: one chip per common manual
- Sourcing
  - ChipDip very few options at that time (end of March 2023)
  - AliExpress almost all found (delivered at the beginning of May 2023)
  - Some were bought relatively recently (August 2023)







46

# Success table

| Family   | MCU          | Release | RDP2 | GigaVulnerability #1 |
|----------|--------------|---------|------|----------------------|
| GD32F1x0 | GD32F130C8T6 | AJ2139  |      |                      |
| GD32F3x0 | GD32F330C8T6 | PJ2146  |      | No                   |
| GD32F4xx | GD32F405RGT6 | JJ2239  | Yes  |                      |
| GD32L23x | GD32L233RCT6 | MJ2306  | res  |                      |
| GD32E23x | GD32E230K8T6 | JJ2125  |      | Yes                  |
| GD32E50x | GD32E503VCT6 | MJ2119  |      |                      |
| GD32C10x | GD32C103CBT6 | JJ2232  |      |                      |
| GD32E10x | GD32E103CBT6 | JJ2153  |      |                      |
| GD32F20x | GD32F205VCT6 | AJ2139  | No   |                      |
| GD32F30x | GD32F303CGT6 | JJ2121  |      |                      |
| GD32F403 | GD32F403RGT6 | JJ2117  |      |                      |





# GigaVulnerability #2

WIIIII.

# CDBGPWRUPREQ



- As noted earlier, the readout protection lock is triggered when the Debug Domain is enabled (CDBGPWRUPREQ)
- Theory: maybe the readout protection lock can be disabled the same way in runtime?
- Proven: Yes! It can be used for RDP1 bypass
- Use the debugger to load into SRAM and run the firmware for dumping
  - Use UART as the dumping channel
- 2. Reset DP CDBGPWRUPREQ bit (openocd: chip.dap dpreg 0x4 0x0)
- 3. Signal the firmware to begin dumping
- 4. ???

### 5. PROFIT

# Success table



| Family   | MCU          | Release | RDP2 | GigaVulnerability #1 | GigaVulnerability #2 |
|----------|--------------|---------|------|----------------------|----------------------|
| GD32F1x0 | GD32F130C8T6 | AJ2139  |      |                      | Yes                  |
| GD32F3x0 | GD32F330C8T6 | PJ2146  |      | Νο                   | No                   |
| GD32F4xx | GD32F405RGT6 | JJ2239  | Yes  |                      | Yes                  |
| GD32L23x | GD32L233RCT6 | MJ2306  | res  |                      | No                   |
| GD32E23x | GD32E230K8T6 | JJ2125  |      | Yes                  |                      |
| GD32E50x | GD32E503VCT6 | MJ2119  |      |                      |                      |
| GD32C10x | GD32C103CBT6 | JJ2232  |      |                      |                      |
| GD32E10x | GD32E103CBT6 | JJ2153  |      |                      | Yes                  |
| GD32F20x | GD32F205VCT6 | AJ2139  | No   |                      |                      |
| GD32F30x | GD32F303CGT6 | JJ2121  |      |                      |                      |
| GD32F403 | GD32F403RGT6 | JJ2117  |      |                      |                      |



# GigaVulnerability #3

WIIIII.

# Comeback to F-series



- SWD not working immediately after high NRST
- Accidental discovery: the attack works after power-up reset!
  - Power off
  - Pull NRST to GND
  - Power on
- Race window is much larger than in the E-series
  - More than 1600  $\mu S$  on GD32F130 vs ~20  $\mu S$  on GD32E230
  - Seems useless, because all SRAM is in an uninitialized state
- Can we get something useful out of this?

# First attempts



- Manipulation with VTOR?
  - Seems to take a reset value anyway
- Core debugging?
  - It seems that if I enable C\_DEBUG during the race window, the core won't start (even in RDP0)
- Voltage Glitch?

# Power-Analysis



| )ms |                       | +10.00ms | +15.00ms | +20.00ms | +25.00ms |
|-----|-----------------------|----------|----------|----------|----------|
|     |                       | <b>.</b> |          |          |          |
|     |                       | <br>     |          |          |          |
|     |                       |          |          |          |          |
|     |                       |          | 32 times | S        |          |
|     |                       |          |          |          |          |
|     | andranandranandranand |          |          |          |          |

# Power-Analysis



| +0.50r |                                         |                                                   | 50ms +2.00 |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                |                                         | 00ms +3.50                     |
|--------|-----------------------------------------|---------------------------------------------------|------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-----------------------------------------|--------------------------------|
|        |                                         |                                                   |            |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                |                                         |                                |
|        |                                         |                                                   |            |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                |                                         |                                |
|        | ,                                       | <sup>ĸ</sup> ₩₩₩₩₩₩₩₩₩₩₩₩₩₩₩₩₩₩₩₩₩₩₩₩₩₩₩₩₩₩₩₩₩₩₩₩ |            | and and a state of the state of | ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,  |                                |
|        | Mananananananananananananananananananan | สมพรรมสมพรรมสมพรรม                                |            | na an a                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       | n na ann ann ann ann ann ann ann ann an | ทางการสถาสารสุขาวสารอาสารสการส |
|        |                                         | 1.8ms                                             |            |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                |                                         |                                |
|        |                                         |                                                   |            |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                |                                         |                                |
|        |                                         |                                                   |            |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                |                                         |                                |
|        |                                         |                                                   |            |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                |                                         |                                |

# Power-Analysis



|                                                                      |                                                            |                            |               | +0.50ms                          |                                                                            |
|----------------------------------------------------------------------|------------------------------------------------------------|----------------------------|---------------|----------------------------------|----------------------------------------------------------------------------|
|                                                                      |                                                            |                            |               |                                  |                                                                            |
|                                                                      |                                                            |                            |               |                                  |                                                                            |
| <mark>₩₩₩₩₩₩₩₩₩₩₩₩₩₩₩₩₩₩₩₩₩₩₩₩₩₩₩₩₩₩₩₩₩₩₩₩</mark>                    |                                                            |                            |               |                                  |                                                                            |
| <mark>ॷॖॖॖॖॖॖॖ</mark> ॴॖॖॖॾॻॖॖॣॾॶॖॾॾॖॖॾॾॶॾॶॾॶॾॶॾॶॾॶॾॶॾॶॾॶॾॶॾॶॾॶॾॶॾॶॾ | <b>₰</b> ৾੶੶ੑੑੑੑੑੑਫ਼ਫ਼ੑੑਫ਼੶ਫ਼ੑੑਫ਼ਫ਼ੑਫ਼੶ਗ਼ੑਫ਼ਜ਼ੑਫ਼ਖ਼ੑਖ਼ਜ਼ੑੑ | ╾ᡲ═ᡗ┉ᢪ┉ᡗ╥╬╼ᡭ┉ੵਸ਼ਫ਼ਖ਼๛ਖ਼๛ਖ਼ | <b>┉</b><br>┉ | ╻╾ <b>╬╍╗╍╗╗╔╖╗╧╌╗╧╌╢┷╬╍┠╸</b> ┚ | ╼╬┈ <b>╗╒╾┊╼┋┍╌╏╍┑┟╩╎┍╍</b> ╏╍┥┶┥ <mark>╞</mark> ┎╍╻╍╸┍╼┥ <sup>┝┷</sup> ╻╸ |
|                                                                      |                                                            |                            | 54 times      |                                  |                                                                            |
|                                                                      |                                                            |                            |               |                                  |                                                                            |

# Power-Analysis: interpretation of results



|                                                                                 | +3.5                                                                                                            |
|---------------------------------------------------------------------------------|-----------------------------------------------------------------------------------------------------------------|
|                                                                                 |                                                                                                                 |
|                                                                                 |                                                                                                                 |
|                                                                                 | , and a state of the |
|                                                                                 | a da anta da                                                                |
| Bootloader<br>192×16=0xC00 bytes<br>Bootloader<br>64×16=0x400 bytes<br>32 times |                                                                                                                 |
| III???Option BytesFirst half of Flash2×16 bytes0x400×32=32KiB                   |                                                                                                                 |
|                                                                                 |                                                                                                                 |

# My First Voltage Glitcher (which doesn't work)



### Power control



IRLML2502 N-channel MOSFET like in ChipWhisperer-Lite

# Another attack through SWD

- Core, SRAM, FMC all tested
- Many untested peripherals TBD
- Maybe something will be useful even after disabling SWD
- Let's start simple



FF

# Peripheral: PIN pull-up



| Logic Analyzer                                   | .00µs | +10300.00µs | +10310.00µs | +10320.00µs | +10330.00µs | +10340.00µs | +10350.00µs | +10360.00µs | +10370.00µs | +10380.00µs | +10390.00µs | +10400.00µs | +10410.00µs | +10420.00µs | +10430.00µs | +10440.00µs | +1045( |
|--------------------------------------------------|-------|-------------|-------------|-------------|-------------|-------------|-------------|-------------|-------------|-------------|-------------|-------------|-------------|-------------|-------------|-------------|--------|
| -                                                |       |             |             |             |             |             |             |             |             |             |             |             |             |             |             |             | 1      |
| SWD 0 D                                          | SWD   | 0x480000    |             | 0x00000200  | <b>)</b>    |             |             | 0x48000014  |             | 0x0000000   |             |             | ( 0x4       | 8000014     | Ox0000      | 200         |        |
| SWCLK <u>」 </u>                                  |       |             |             |             |             |             |             |             |             |             |             |             |             |             |             |             |        |
| SWDIO <u>J – I I</u>                             |       |             |             |             |             |             |             |             |             |             |             |             |             |             |             |             |        |
| GPIO A9 <u>Ј – </u> 1 <u>– </u> 1 <mark>2</mark> |       |             |             |             |             |             |             |             |             |             |             |             |             |             |             |             |        |

```
// GD32F1x0 GPI0
// rcu
swd_memwrite_noreset(0x40021014, 0x00020014); swdsleep(); // gpioa
// gpio
swd_memwrite_noreset(0x48000000, 0x28040000); swdsleep(); // gpio A9 output mode
swd_memwrite_noreset(0x48000014, 1 << 9); swdsleep(); // gpio A9 HIGH
swd_memwrite_noreset(0x48000014, 0); swdsleep(); // gpio A9 LOW
swd_memwrite_noreset(0x48000014, 1 << 9); swdsleep(); // gpio A10 HIGH
swd_memwrite_noreset(0x48000014, 0); swdsleep(); // gpio A9 LOW</pre>
```

## Peripheral: UART





#### // GD32F1x0 GPI0

#### // rcu

swd\_memwrite\_noreset(0x40021014, 0x00020014); swdsleep(); // gpioa
swd\_memwrite\_noreset(0x40021018, 0x00004000); swdsleep(); // usart0

#### // gpio

swd\_memwrite\_noreset(0x48000000, 0x28280000); swdsleep(); // gpio A9-A10 AF swd\_memwrite\_noreset(0x48000004, 0x00000000); swdsleep(); // output mode swd\_memwrite\_noreset(0x48000008, 0x0c000000); swdsleep(); // output speed swd\_memwrite\_noreset(0x4800000c, 0x24140000); swdsleep(); // pull-up/down cfg swd\_memwrite\_noreset(0x48000024, 0x00000110); swdsleep(); // AF select (USART0)

#### // usart

swd\_memwrite\_noreset(0x40013800, 0x0000000c); swdsleep(); swd\_memwrite\_noreset(0x40013808, 0x00000080); swdsleep(); swd\_memwrite\_noreset(0x4001380c, 0x00000045); swdsleep(); swd\_memwrite\_noreset(0x40013800, 0x0000000d); swdsleep();

swd\_memwrite\_noreset(0x40013828, 'F'); swdsleep();

# Peripheral: UART+DMA from RAM?





| <pre>swd_memwrite_noreset(0x20000000,</pre> | <pre>0xdeadbeef);</pre> | <pre>swdsleep();</pre>    |              |
|---------------------------------------------|-------------------------|---------------------------|--------------|
| <pre>swd_memwrite_noreset(0x40020020,</pre> | 0x00000004);            | <pre>swdsleep(); //</pre> | DMA_CHxCNT   |
| <pre>swd_memwrite_noreset(0x40020024,</pre> | 0x40013828);            | <pre>swdsleep(); //</pre> | DMA_CHxPADDR |
| <pre>swd_memwrite_noreset(0x40020028,</pre> | 0x20000000);            | <pre>swdsleep(); //</pre> | DMA_CHxMADDR |
| <pre>swd_memwrite_noreset(0x4002001C,</pre> | 0x00000091);            | <pre>swdsleep(); //</pre> | DMA_CHxCTL   |

# Peripheral: UART+DMA from FLASH???



| Logic Analyzer                              | +10.64ms +12.77ms +14.90ms +17.03ms +19.15ms +21.28ms +23.41ms +25.54ms +27.67ms +29.79ms +31.92ms +34 |
|---------------------------------------------|--------------------------------------------------------------------------------------------------------|
| SWD 0 D                                     | SWD                                                                                                    |
| 0:UART2 D                                   | 0:UART: RX/TX                                                                                          |
| SWCLK <u>572_</u> 0                         |                                                                                                        |
| SWDIO <u>J – l – l</u> 1                    |                                                                                                        |
| GPIO A9 <mark>Ј <sup>—</sup> Ղ _ Ղ 2</mark> |                                                                                                        |
|                                             | +18.53881ms/1853881                                                                                    |

| Logic Analyzer           |            | +28.41ms                          | +28.60ms | +28.78ms  |           |             |              | +29.53ms     |           |           |           | +30.28ms  | +30.46m:            |
|--------------------------|------------|-----------------------------------|----------|-----------|-----------|-------------|--------------|--------------|-----------|-----------|-----------|-----------|---------------------|
| SWD                      | <u>D</u>   | SWD                               |          |           |           |             |              |              |           |           |           |           | Zoom i              |
| 0:UART                   | 2 <u>D</u> | 0:UART: RX/TX<br>0:UART: Warnings | [00]     | [20] [00] | [20] [91] | [01] [00] [ | 08] [D9] [0: | 1] [00] [08] | [D9] [01] | [00] [08] | [D9] [01] | [00] [08] | [D9] [01]<br>Zoom i |
| SWCLK <u>」-1</u>         | 0          |                                   | 0x2      | 200020    | 00 0x0    | 800019      | 1 0x08       | 30001D9      | 0x080     | 3001D9    | 0x080     | 001D9 `   |                     |
| SWDIO <u>J – l – </u> I  | 1          |                                   |          |           |           |             |              |              |           |           |           |           |                     |
| GPIO A9 <u>Ј – 1</u> _ 1 | 2          |                                   |          |           |           |             |              |              |           | ]         |           |           |                     |

# Success table



| Family   | MCU          | Release | RDP2 | GigaVulnerability #1 | GigaVulnerability #2 | GigaVulnerability #3 |
|----------|--------------|---------|------|----------------------|----------------------|----------------------|
| GD32F1x0 | GD32F130C8T6 | AJ2139  |      |                      | Yes                  |                      |
| GD32F3x0 | GD32F330C8T6 | PJ2146  | Yes  | No<br>               | No                   | Yes                  |
| GD32F4xx | GD32F405RGT6 | JJ2239  |      |                      | Yes                  |                      |
| GD32L23x | GD32L233RCT6 | MJ2306  |      | Yes                  | No                   |                      |
| GD32E23x | GD32E230K8T6 | JJ2125  |      |                      |                      | No                   |
| GD32E50x | GD32E503VCT6 | MJ2119  |      |                      |                      |                      |
| GD32C10x | GD32C103CBT6 | JJ2232  |      |                      |                      |                      |
| GD32E10x | GD32E103CBT6 | JJ2153  |      |                      | Yes                  |                      |
| GD32F20x | GD32F205VCT6 | AJ2139  | No   |                      |                      |                      |
| GD32F30x | GD32F303CGT6 | JJ2121  |      |                      |                      |                      |
| GD32F403 | GD32F403RGT6 | JJ2117  |      |                      |                      |                      |

# FMC: E/L vs F family



- GD32E23x
  - 0~2 waiting time within 64K bytes when CPU executes an instruction
- Almost the same for GD32L23x
- E/L doesn't cache flash pages on startup
- Small delay on each reset to read Option Bytes (~20µS, acceptable)
- Small race window on each reset

- GD32F1x0
  - No waiting time within 32K bytes when CPU executes an instruction
  - A long delay when fetching 32K ~ 64K bytes data from flash
- Long delay on power-on reset (~18ms)
  - Needed to fill the cache
- Option Bytes also cached
- Big race window on power-on reset
- No race window on other resets

# Success table



| Family   | MCU          | Release | RDP2 | GigaVulnerability #1 | GigaVulnerability #2 | GigaVulnerability #3 |
|----------|--------------|---------|------|----------------------|----------------------|----------------------|
| GD32F1x0 | GD32F130C8T6 | AJ2139  | Yes  |                      | Yes                  |                      |
| GD32F3x0 | GD32F330C8T6 | PJ2146  |      | No                   | No                   | Yes                  |
| GD32F4xx | GD32F405RGT6 | JJ2239  |      |                      | Yes                  |                      |
| GD32L23x | GD32L233RCT6 | MJ2306  |      | Yes                  | No                   |                      |
| GD32E23x | GD32E230K8T6 | JJ2125  |      |                      | Yes                  | No                   |
| GD32E50x | GD32E503VCT6 | MJ2119  |      |                      |                      |                      |
| GD32C10x | GD32C103CBT6 | JJ2232  |      |                      |                      |                      |
| GD32E10x | GD32E103CBT6 | JJ2153  |      |                      |                      |                      |
| GD32F20x | GD32F205VCT6 | AJ2139  | No   |                      |                      |                      |
| GD32F30x | GD32F303CGT6 | JJ2121  |      |                      |                      |                      |
| GD32F403 | GD32F403RGT6 | JJ2117  |      |                      |                      |                      |

Results



- Lots of experience in security of microcontrollers
- New techniques to bypass readout protection
- Three vulnerabilities reported to GigaDevice

# Conclusions



- Some implementations of readout protection technologies are far from perfect
- Consider this when developing your own devices
  - Restriction of physical access to the chip
  - Control the accessibility of the end-product
  - Other points
- In any case, one day your defense will be broken.
   Be prepared for this





###