Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 2 Jun 2018 17:41:09 +0000
From: procmem <procmem@...eup.net>
To: Greg KH <gregkh@...uxfoundation.org>
Cc: kernel-hardening@...ts.openwall.com
Subject: Re: Nethammer and kernel network drivers

Hello. Daniel provided more details on the problematic areas of the
kernel and I quote what he said verbatim:


> We have only found very outdated network drivers using clflush (old
> windows ndis code). On ARM there are many drivers using uncached memory.
> However, we have so far failed to produce enough memory traffic on ARM
> to trigger a bit flip with Nethammer on any ARM device.
> It should be possible though if you can make the ARM device handle
>> =300MBit/s.
> And that's the most plausible scenario.
>
> Anyway, searching for clflush or use of uncached memory is a good idea
> to locate the critical spots.
>
> Intel CAT is (we believe) not used anywhere yet. And we must be careful
> when it gets to the point where we introduce usage of CAT for QoS
> mechanisms.
>
> However, my intuition tells me that most systems are not even vulnerable
> to Rowhammer in the first place. Although the only prevalence studies we
> have suggest otherwise (they find 60-80% are affected).
>



Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ