On Tue, Mar 14, 2023 at 01:17:00PM -0500, Scott Cheloha wrote: > > On Mar 14, 2023, at 11:32 AM, p...@delphinusdns.org wrote: > > > >> Synopsis: can we resist agains bit flipping? > >> Category: system > >> Environment: > > System : OpenBSD 7.2 > > Details : OpenBSD 7.2 (GENERIC.MP) #2: Thu Nov 24 23:53:03 MST 2022 > > r...@syspatch-72-arm64.openbsd.org:/usr/src/sys/arch/arm64/compile/GENERIC.MP > > > > Architecture: OpenBSD.arm64 > > Machine : arm64 > >> Description: > > https://en.wikipedia.org/wiki/Single-event_upset > > > > A single event upset gave someone in belgium who was in a poll, 4096 > > extra votes. When I think about this bit flip and look at the kernel > > code for an ultra secure operating system there is not much stopping > > someone to try an attack during a cosmic storm or increased solar > > activity. Perhaps a bit flips somewhere in the CPU or RAM? > > > > pjp@polarstern$ grep sourceroute ip_input.c > > int ip_dosourceroute = 0; > > if (!ip_dosourceroute) { > > if (!ip_dosourceroute) > > &ip_dosourceroute); > > > > Like here. As you know someone found something last week if this were > > enabled. But the way this check is. It doesn't check for the low bit set > > to > > one but it checks for the inverted value, so if the 12th bit was flipped in > > a > > solar storm ip_dosourceroute would now be 4096. And the system would be > > wide > > open. > > > >> How-To-Repeat: > > Hackers probably check the weather report like > > https://spaceweather.com/ for increased solar activity and then fill > > the CPU caches with attempts to get a bit flip happening. The odds > > aren't in their favour but who knows they may get lucky. > >> Fix: > > I propose all these variables to be monitored occasionally with a CRC > > check and if there is a bit flip happening to unset it to the right value. > > This is a lot of work but may be worth it. OpenBSD would never be faring to > > space right? I have no code but trying to think around how to do this. > > Why wouldn't you just buy ECC memory? > > https://en.wikipedia.org/wiki/ECC_memory >
Good idea, but nothing is perfect of course :) An interesting read and research: https://www.vusec.net/projects/eccploit/ -- Kind regards, Hiltjo
