Date: Tue, 01 Nov 2016 03:20:15 -0400 From: Daniel Micay <danielmicay@...il.com> To: kernel-hardening@...ts.openwall.com, Pavel Machek <pavel@....cz> Cc: Mark Rutland <mark.rutland@....com>, Kees Cook <keescook@...omium.org>, Peter Zijlstra <peterz@...radead.org>, Arnaldo Carvalho de Melo <acme@...hat.com>, kernel list <linux-kernel@...r.kernel.org>, Ingo Molnar <mingo@...hat.com>, Alexander Shishkin <alexander.shishkin@...ux.intel.com> Subject: Re: rowhammer protection [was Re: Getting interrupt every million cache misses] On Tue, 2016-11-01 at 07:33 +0100, Ingo Molnar wrote: > * Pavel Machek <pavel@....cz> wrote: > > > I'm not going to buy broken hardware just for a test. > > Can you suggest a method to find heavily rowhammer affected hardware? > Only by > testing it, or are there some chipset IDs ranges or dmidecode info > that will > pinpoint potentially affected machines? > > Thanks, > > Ingo You can read the memory timing values, but you can't know if they're reasonable for that hardware. Higher quality memory can have better timings without being broken. The only relevant information would be the memory model, combined with an expensive / time consuming effort to build a blacklist based on testing. It doesn't seem realistic, unless it's done in a coarse way based on brand and the date information. I don't know how to get this data on Linux. The CPU-Z tool for Windows knows how to obtain it but it's based on a proprietary library. You definitely don't need to buy broken hardware to test a broken hardware setup though. You just need a custom computer build where motherboards expose the memory timing configuration. You can make it more vulnerable by raising the refresh period (tREF). I wanted to play around with that but haven't gotten around to it. Download attachment "signature.asc" of type "application/pgp-signature" (834 bytes)
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.