Which of the following technologies can the developer enable on the ARM architecture to prevent this type of malware?

A junior developer is informed about the impact of new malware on an Advanced RISC Machine (ARM) CPU, and the code must be fixed accordingly. Based on the debug, the malware is able to insert itself in another process memory location.

Which of the following technologies can the developer enable on the ARM architecture to prevent this type of malware?
A . Execute never
B . No-execute
C . Total memory encryption
D . Virtual memory encryption

View Answer

Answer: A

Explanation:

Execute never is a technology that can be enabled on the ARM architecture to prevent malware

from inserting itself in another process memory location and executing code. Execute never is a

feature that allows each memory region to be tagged as not containing executable code by setting

the execute never (XN) bit in the translation table entry. If the XN bit is set to 1, then any attempt to

execute an instruction in that region results in a permission fault. If the XN bit is cleared to 0, then

code can execute from that memory region. Execute never also prevents speculative instruction

fetches from memory regions that are marked as non-executable, which can avoid undesirable side-

effects or vulnerabilities. By enabling execute never, the developer can protect the process memory

from being hijacked by malware.

Reference:

https://developer.arm.com/documentation/ddi0360/f/memory-management-unit/memory-access-control/execute-never-bits

https://developer.arm.com/documentation/den0013/d/The-Memory-Management-Unit/Memory-attributes/Execute-Never

https://developer.arm.com/documentation/ddi0406/c/System-Level-Architecture/Virtual-Memory-System-ArchitectureCVMSA-/Memory-access-control/Execute-never-restrictions-on-instruction-fetching