Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sun, 3 Jun 2018 08:31:30 +0200
From: Greg KH <gregkh@...uxfoundation.org>
To: procmem <procmem@...eup.net>
Cc: kernel-hardening@...ts.openwall.com
Subject: Re: Nethammer and kernel network drivers

On Sat, Jun 02, 2018 at 05:41:09PM +0000, procmem wrote:
> Hello. Daniel provided more details on the problematic areas of the
> kernel and I quote what he said verbatim:
> 
> 
> > We have only found very outdated network drivers using clflush (old
> > windows ndis code). On ARM there are many drivers using uncached memory.
> > However, we have so far failed to produce enough memory traffic on ARM
> > to trigger a bit flip with Nethammer on any ARM device.
> > It should be possible though if you can make the ARM device handle
> >> =300MBit/s.
> > And that's the most plausible scenario.
> >
> > Anyway, searching for clflush or use of uncached memory is a good idea
> > to locate the critical spots.
> >
> > Intel CAT is (we believe) not used anywhere yet. And we must be careful
> > when it gets to the point where we introduce usage of CAT for QoS
> > mechanisms.
> >
> > However, my intuition tells me that most systems are not even vulnerable
> > to Rowhammer in the first place. Although the only prevalence studies we
> > have suggest otherwise (they find 60-80% are affected).

So Linux is not vulnerable to this at all?  That's good to know, thanks
for following up with this.

greg k-h

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.