On Mon, Jan 05, 2015 at 05:57:24PM -0800, Andy Lutomirski wrote: > On Mon, Jan 5, 2015 at 5:47 PM, Kirill A. Shutemov <kir...@shutemov.name> > wrote: > > On Mon, Jan 05, 2015 at 11:50:04AM -0800, Andy Lutomirski wrote: > >> On Mon, Jan 5, 2015 at 11:23 AM, One Thousand Gnomes > >> <gno...@lxorguk.ukuu.org.uk> wrote: > >> >> In the meantime, I created test that actually uses physical memory, > >> >> 8MB apart, as described in some footnote. It is attached. It should > >> >> work, but it needs boot with specific config options and specific > >> >> kernel parameters. > >> > > >> > Why not just use hugepages. You know the alignment guarantees for 1GB > >> > pages and that means you don't even need to be root > >> > > >> > In fact - should we be disabling 1GB huge page support by default at this > >> > point, at least on non ECC boxes ? > >> > >> Can you actually damage anyone else's data using a 1 GB hugepage? > > > > hugetlbfs is a filesystem: the answer is yes. Although I don't see the > > issue as a big attach vector. > > What I mean is: if I map a 1 GB hugepage and rowhammer it, is it > likely that the corruption will be confined to the same 1 GB?
I don't know for sure, but it looks likely to me according to claim in the paper (8MB). But it still can be sombody else's data: 644 file on hugetlbfs mmap()ed r/o by anyone. When I read the paper I thought that vdso would be interesting target for the attack, but having all these constrains in place, it's hard aim the attack anything widely used. -- Kirill A. Shutemov -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
