Series : Bridging Software Craftsmanship and Bare-Metal Firmware (Trusted Firmware – A)

Part 1: The Foundations of Firmware Construction Introduction: What is Software Construction? In this inaugural part of our series on Trusted Firmware-A (TF-A), we begin by examining Software Construction, the central, hands-on activity of creating software. While "coding" is often used as a shorthand, true construction involves substantial professional judgment. It is not merely the mechanical… Continue reading Series : Bridging Software Craftsmanship and Bare-Metal Firmware (Trusted Firmware – A) →

Time-of-Check Time-of-Use (TOCTOU) Vulnerabilities: A Developer’s Guide

In software development, TOCTOU refers to a situation where a program checks the state of a resource (such as a file, memory, or a variable) at one point in time and then uses the results of that check later. However, during the time between the check and the actual use, the resource’s state can change… Continue reading Time-of-Check Time-of-Use (TOCTOU) Vulnerabilities: A Developer’s Guide →

Essentials of RISC V

In the ever-evolving world of processors, a new architecture is making waves: RISC-V (pronounced "risk-five"). But what exactly is RISC-V, and why should you care? In this blog post, we'll break down the essentials of RISC-V, making it easy for beginners to understand its core principles and potential impact. We'll explore its advantages, applications, and… Continue reading Essentials of RISC V →

Understanding Stack Canaries and Code Protection

Introduction: In the realm of computer security, the protection of software applications against various vulnerabilities and attacks is of paramount importance. One such crucial defense mechanism is the stack protection feature, often implemented through the use of a stack canary. This safeguard is especially prevalent in languages like C, where manual memory management can introduce… Continue reading Understanding Stack Canaries and Code Protection →

Volatile : Source code to assembly, Processor execution flow

In C programming, a volatile variable can change its value unexpectedly due to multiple threads, modification by an external device, or an external process. The tutorial analyzes and compares how the assembly output, compiled from C source code, differs based on the use of a volatile int variable and a non-volatile int variable. Volatile variables can affect compiler optimizations and are frequently used in embedded systems where the most current variable value is crucial. The choice to use volatile or not depends on the program's specific requirements and the expected behavior of the variables.

RISC V debug musings (Machine Mode)

This series aims to create expertise to debug RISC V processor while doing bare-metal firmware development. In this post we will discuss Machine mode debug capabilities. Machine Mode debug Let's first understand Machine mode registers - mstatus, mepc, mcause, mtval mstatus is a control and status register (CSR) in the RISC-V architecture that controls privileged… Continue reading RISC V debug musings (Machine Mode) →

Structure Alignment

CPU accesses memory by a single memory word at a time. Depending processor architecture, a word size varies - 8, 16, 24, 32, or 64 bits. Special purpose processors, such as DSPs may use other sizes, ie. 9, 12, 18, 24, 26, 36, 39, 40, 48, and 60 bits.Memory is byte addressable and arranged sequentially.… Continue reading Structure Alignment →

Oops ! Volatile

While translating source code to machine code, compiler applies various optimisations. Compiler cleans excess machine code to reduce executable size and increase speed of execution, saves memory, CPU cycle etc. if a variable needs to be changed from outside compiler should not apply optimisation, since an optimisation might not check the variable at all in… Continue reading Oops ! Volatile →