Re: [PATCH RFC] mm: protect suid binaries against rowhammer with copy-on-read mappings
From: Konstantin Khlebnikov
Date: Thu Mar 19 2015 - 09:24:49 EST
On 19.03.2015 16:04, Vlastimil Babka wrote:
On 03/18/2015 12:41 PM, Konstantin Khlebnikov wrote:
On 18.03.2015 12:57, Kirill A. Shutemov wrote:
I don't think it worth it. The only right way to fix the problem is ECC
memory.
ECC seems good protection until somebody figure out how to break it too.
I doubt that kind of attitude can get us very far. If we can't trust the
hardware, we lose sooner or later.
Obviously ECC was designed for protecting against cosmic rays which
flips several bits. If attacker modifies whole cacheline he can chose
value which have the same ECC. I hope next generation of DRAM (or PRAM)
wouldn't be affected.
Software solution is possible: we can put untrusted applications into
special ghetto memory zone. This is relatively easy for virtual
machines. And it seems might work for normal tasks too (page-cache
pages should be doubled or handled in the way similar to copy-on-read
from that patch).
--
Konstantin
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/