Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sun, 3 Jun 2018 13:23:28 +0000
From: procmem <procmem@...eup.net>
To: Greg KH <gregkh@...uxfoundation.org>
Cc: kernel-hardening@...ts.openwall.com
Subject: Re: Nethammer and kernel network drivers



Greg KH:
> On Sat, Jun 02, 2018 at 05:41:09PM +0000, procmem wrote:
>> Hello. Daniel provided more details on the problematic areas of the
>> kernel and I quote what he said verbatim:
>>
>>
>>> We have only found very outdated network drivers using clflush (old
>>> windows ndis code). On ARM there are many drivers using uncached memory.
>>> However, we have so far failed to produce enough memory traffic on ARM
>>> to trigger a bit flip with Nethammer on any ARM device.
>>> It should be possible though if you can make the ARM device handle
>>>> =300MBit/s.
>>> And that's the most plausible scenario.
>>>
>>> Anyway, searching for clflush or use of uncached memory is a good idea
>>> to locate the critical spots.
>>>
>>> Intel CAT is (we believe) not used anywhere yet. And we must be careful
>>> when it gets to the point where we introduce usage of CAT for QoS
>>> mechanisms.
>>>
>>> However, my intuition tells me that most systems are not even vulnerable
>>> to Rowhammer in the first place. Although the only prevalence studies we
>>> have suggest otherwise (they find 60-80% are affected).
>
> So Linux is not vulnerable to this at all?  That's good to know, thanks
> for following up with this.
>
> greg k-h
>

I interpreted this to mean that there is a major problem with ARM
drivers but the only backstop is the current gen of hardware being
underpowered. Also it would be best to put a kernel comment about sec
implications of Intel CAT for those who want to enable/use it IMHO.

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.