Re: resistance against single-even upsets

Tue, 14 Mar 2023 09:36:20 -0700 

Good god, imagine this bit flip happened *anywhere else*, like in the
page tables, or in the code or data or stack of chrome, or basically
*anywhere*

Shall we change them all?

Shall we change the compiler to not allow checks like this?

Shall we wait for a compiler diff from you?

p...@delphinusdns.org wrote:

> >Synopsis:    can we resist agains bit flipping?
> >Category:    system
> >Environment:
>       System      : OpenBSD 7.2
>       Details     : OpenBSD 7.2 (GENERIC.MP) #2: Thu Nov 24 23:53:03 MST 2022
>                        
> r...@syspatch-72-arm64.openbsd.org:/usr/src/sys/arch/arm64/compile/GENERIC.MP
> 
>       Architecture: OpenBSD.arm64
>       Machine     : arm64
> >Description:
>       https://en.wikipedia.org/wiki/Single-event_upset
> 
>       A single event upset gave someone in belgium who was in a poll, 4096
>       extra votes.  When I think about this bit flip and look at the kernel
>       code for an ultra secure operating system there is not much stopping
>       someone to try an attack during a cosmic storm or increased solar
>       activity.  Perhaps a bit flips somewhere in the CPU or RAM?
> 
> pjp@polarstern$ grep sourceroute ip_input.c
> int     ip_dosourceroute = 0;
>                         if (!ip_dosourceroute) {
>         if (!ip_dosourceroute)
>                     &ip_dosourceroute);
> 
>       Like here.  As you know someone found something last week if this were
> enabled.  But the way this check is.  It doesn't check for the low bit set to
> one but it checks for the inverted value, so if the 12th bit was flipped in a
> solar storm ip_dosourceroute would now be 4096.  And the system would be wide
> open.
> 
> >How-To-Repeat:
>       Hackers probably check the weather report like 
>       https://spaceweather.com/ for increased solar activity and then fill
>       the CPU caches with attempts to get a bit flip happening.  The odds
>       aren't in their favour but who knows they may get lucky. 
> >Fix:
>       I propose all these variables to be monitored occasionally with a CRC
> check and if there is a bit flip happening to unset it to the right value.
> This is a lot of work but may be worth it.  OpenBSD would never be faring to
> space right?  I have no code but trying to think around how to do this.
> 
> 
> dmesg:
> cut
>

Reply via email to