From: Pavel Machek <pavel@ucw.cz>
To: Mark Rutland <mark.rutland@arm.com>
Cc: Kees Cook <keescook@chromium.org>,
Peter Zijlstra <peterz@infradead.org>,
Arnaldo Carvalho de Melo <acme@redhat.com>,
kernel list <linux-kernel@vger.kernel.org>,
Ingo Molnar <mingo@redhat.com>,
Alexander Shishkin <alexander.shishkin@linux.intel.com>,
"kernel-hardening@lists.openwall.com"
<kernel-hardening@lists.openwall.com>
Subject: Re: [kernel-hardening] rowhammer protection [was Re: Getting interrupt every million cache misses]
Date: Mon, 31 Oct 2016 09:27:05 +0100 [thread overview]
Message-ID: <20161031082705.GA2863@amd> (raw)
In-Reply-To: <20161028140522.GH5806@leverpostej>
[-- Attachment #1: Type: text/plain, Size: 1917 bytes --]
Hi!
> On Fri, Oct 28, 2016 at 01:21:36PM +0200, Pavel Machek wrote:
> > > Has this been tested on a system vulnerable to rowhammer, and if so, was
> > > it reliable in mitigating the issue?
> > >
> > > Which particular attack codebase was it tested against?
> >
> > I have rowhammer-test here,
> >
> > commit 9824453fff76e0a3f5d1ac8200bc6c447c4fff57
> > Author: Mark Seaborn <mseaborn@chromium.org>
>
> ... from which repo?
>
> > I do not have vulnerable machine near me, so no "real" tests, but
> > I'm pretty sure it will make the error no longer reproducible with the
> > newer version. [Help welcome ;-)]
>
> Even if we hope this works, I think we have to be very careful with that
> kind of assertion. Until we have data is to its efficacy, I don't think
> we should claim that this is an effective mitigation.
Ok, so it turns out I was right. On my vulnerable machine, normally
bug is reproducible in less than 500 iterations:
Iteration 432 (after 1013.31s)
error at 0xda7cf280: got 0xffffffffffffffef
Iteration 446 (after 1102.56s)
error at 0xec21ea00: got 0xffffffefffffffff
Iteration 206 (after 497.50s)
error at 0xd07d1438: got 0xffffffffffffffdf
Iteration 409 (after 1350.96s)
error at 0xbd3b9108: got 0xefffffffffffffff
Iteration 120 (after 326.08s)
error at 0xe398c438: got 0xffffffffffffffdf
With nohammer, I'm at 2300 iterations, and still no faults.
Daniel Gruss <daniel@gruss.cc> claims he has an attack that can do 30
flips a second on modern hardware. I'm not going to buy broken
hardware just for a test. Code is at
https://github.com/IAIK/rowhammerjs/tree/master/native . Would someone
be willing to get it running on vulnerable machine and test kernel
patches?
Thanks,
Pavel
--
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html
[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 181 bytes --]
next prev parent reply other threads:[~2016-10-31 8:27 UTC|newest]
Thread overview: 56+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-10-26 20:54 Getting interrupt every million cache misses Pavel Machek
2016-10-27 8:28 ` Peter Zijlstra
2016-10-27 8:46 ` Pavel Machek
2016-10-27 9:15 ` Peter Zijlstra
2016-10-27 9:11 ` Pavel Machek
2016-10-27 9:33 ` Peter Zijlstra
2016-10-27 20:40 ` [kernel-hardening] " Kees Cook
2016-10-27 20:40 ` Kees Cook
2016-10-27 21:27 ` [kernel-hardening] rowhammer protection [was Re: Getting interrupt every million cache misses] Pavel Machek
2016-10-27 21:27 ` Pavel Machek
2016-10-28 7:07 ` [kernel-hardening] " Ingo Molnar
2016-10-28 7:07 ` Ingo Molnar
2016-10-28 8:50 ` [kernel-hardening] " Pavel Machek
2016-10-28 8:50 ` Pavel Machek
2016-10-28 8:59 ` [kernel-hardening] " Ingo Molnar
2016-10-28 8:59 ` Ingo Molnar
2016-10-28 11:55 ` [kernel-hardening] " Pavel Machek
2016-10-28 11:55 ` Pavel Machek
2016-10-28 9:04 ` [kernel-hardening] " Peter Zijlstra
2016-10-28 9:04 ` Peter Zijlstra
2016-10-28 9:27 ` [kernel-hardening] " Vegard Nossum
2016-10-28 9:27 ` Vegard Nossum
2016-10-28 9:35 ` [kernel-hardening] " Ingo Molnar
2016-10-28 9:35 ` Ingo Molnar
2016-10-28 9:47 ` [kernel-hardening] " Vegard Nossum
2016-10-28 9:47 ` Vegard Nossum
2016-10-28 9:53 ` [kernel-hardening] " Mark Rutland
2016-10-28 11:27 ` Pavel Machek
2016-10-28 11:27 ` Pavel Machek
2016-10-28 9:51 ` [kernel-hardening] " Mark Rutland
2016-10-28 11:21 ` Pavel Machek
2016-10-28 14:05 ` Mark Rutland
2016-10-28 14:18 ` Peter Zijlstra
2016-10-28 18:30 ` Pavel Machek
2016-10-28 18:48 ` Peter Zijlstra
2016-11-02 18:13 ` Pavel Machek
2016-10-28 17:27 ` Pavel Machek
2016-10-29 13:06 ` Daniel Gruss
2016-10-29 19:42 ` Pavel Machek
2016-10-29 20:05 ` Daniel Gruss
2016-10-29 20:14 ` Daniel Gruss
2016-10-29 21:05 ` Pavel Machek
2016-10-29 21:07 ` Daniel Gruss
2016-10-29 21:45 ` Pavel Machek
2016-10-29 21:49 ` Daniel Gruss
2016-10-29 22:01 ` Pavel Machek
2016-10-29 22:02 ` Daniel Gruss
2016-10-31 8:27 ` Pavel Machek [this message]
2016-10-31 14:47 ` Mark Rutland
2016-10-31 21:13 ` Pavel Machek
2016-10-31 22:09 ` Mark Rutland
2016-11-01 6:33 ` Ingo Molnar
2016-11-01 7:20 ` Daniel Micay
2016-11-01 7:53 ` Daniel Gruss
2016-11-01 8:10 ` Pavel Machek
2016-11-01 8:13 ` Daniel Gruss
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20161031082705.GA2863@amd \
--to=pavel@ucw.cz \
--cc=acme@redhat.com \
--cc=alexander.shishkin@linux.intel.com \
--cc=keescook@chromium.org \
--cc=kernel-hardening@lists.openwall.com \
--cc=linux-kernel@vger.kernel.org \
--cc=mark.rutland@arm.com \
--cc=mingo@redhat.com \
--cc=peterz@infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.