我们用只访问内存的本地代码实现Rowhammer攻击。攻击在 Sandy Bridge, Ivy Bridge,Haswell and Skylake, 不同的 DDR3 and DDR4 都成功
我们用纯js实现了rowhammer
背景知识
DRAM 介绍
rowhammer 介绍
CPU cache 介绍 以及别人没文档的也被反向工程了,o1表示双核cpu哪个cache来存 [o1,o2]表示4核CPU哪个cache来存,有几款CPU能自适应替换规则orz
Cache Attacks and Cache Eviction Practical attacks on cryptographic algorithms have been explored thoroughly [8,31]. There are two main types of cache attacks called Prime+Probe and Flush+Reload 小总结: 他们的不同缺点:慢,兼容性差,手工循环列,用了反向工程,用了刷cache的指令,低剔除率
27: Oren, Y., Kemerlis, V.P., Sethumadhavan, S., Keromytis, A.D.: The Spy in the Sandbox: Practical Cache Attacks in JavaScript and their Implications. In: CCS’15 (2015)
降低刷新率并对于真实攻击并不现实,已有的工作已经研究了Rowhammer的可攻击流行度, 发现85%DDR3被测试是易受到rowhammer 位翻转进攻的.只有Haswell test system and the G.Skill DIMMs in the Skylake test system在默认设置下是不易收到进攻的。因此我们的结论并不否定之前的预测,并且我们必须假设还有百万数量级的系统依旧脆弱.
第一步 4.2说了利用的可利用位翻转,在页表里有1/3的bit用于物理地址。在临近的2MB的范围里的一个页表中一个可以利用的bit翻转改变了一个物理地址。在我们的测试机器上我们已经发现了这样的位翻转。 第二步 利用脚本释放除了两个被先hammer了的以外的其它页,因此包含位翻转的页也被释放了,申请数组要求浏览器储存虚拟地址空间区域,并按照第一次访问的映射到物理地址上,攻击者决定的最大数组大小也会触发页表分配在时间攻击,在我们所有测试系统中数组大小为1MB,我们只是访问,因此为每个1MB数组申请了4K页,因此每个页表有两个用户页面,The probability to place a group of page tables in the targeted 2MB region is ≈ 1/3
第三步 再次利用脚本触发翻转,有可能发现它的内存映射改变, 有1/3的可能性地址映射到攻击者的页表中,如果成功,攻击者现在改变那个页表就会有完全的访问系统的物理地址。我们的想法在最新版linux系统和最新版ff被证实, It does not work in Google Chrome due to the immediate allocation of all physical memory for an allocated 1MB array after a single access.
The operating system allocates memory in large physical memory frames (often 2MB) for reasons of optimization. Page tables, kernel pages and user pages are not allocated in the same memory frame, unless the system is close to out-ofmemory (i.e., allocating the last few kilobytes of physical memory). Thus, the most efficient Rowhammer attack (double-sided hammering) would not possible if the operating system memory allocator was less aggressive in near-outof-memory situations. Preventing (amplified) single-sided hammering is more difficult, as hammering across the boundaries of a 2MB region is possible.
read-only shared code and data, shared libraries should not be shared over processes that run at different privilege levels or under different users.
refresh rate.
TRR
ECC
相关工作
The initial work by Kim et al. [20] and Seaborn’s [36] root exploit made the scientific community aware of the security implications of a Rowhammer attack. However, to date, there have been very few other publications, focusing on different aspects than our work. Barbara Aichinger [1] analyzed Rowhammer faults in server systems where the problem exists in spite of ECC memory. She remarks that it will be difficult to fix the problem in the millions or even billions of DDR3 DRAMs in server systems. Rahmati et al. [34] have shown that bit flips can be used to identify a system based on the unique and repeatable error pattern that occurs at a significantly increased refresh interval. Our paper is the first to examine how to perform Rowhammer attacks based on cache eviction.1 Our cache eviction techniques facilitated cache side-channel attacks on ARM CPUs [22]. Concurrent and independent work by Aweke et al. [4] has also demonstrated bit flips without clflush on a Sandy Bridge laptop. They focus on countermeasures, whereas we focus on attacking a wider range of architectures and environments.
In this paper, we presented Rowhammer.js, an implementation of the Rowhammer attack using fast cache eviction to trigger the Rowhammer bug with only regular memory accesses. It is the first work to investigate eviction strategies to defeat complex cache replacement policies. This does not only enable to trigger Rowhammer in JavaScript, it also benefits research on cache attacks as it allows to perform attacks on recent and unknown CPUs fast and reliably. Our fully automated attack runs in JavaScript through a remote website and can gain unrestricted access to systems. The attack technique is independent of CPU microarchitecture, programming language and execution environment. The majority of DDR3 modules are vulnerable and DDR4 modules can be vulnerable too. Thus, it is important to discover all Rowhammer attack vectors. Automated attacks through websites pose an enormous threat as they can be performed on millions of victim machines simultaneously.
code1a: mov (X), %eax // Read from address X mov (Y), %ebx // Read from address Y clflush (X) // Flush cache for address X clflush (Y) // Flush cache for address Y // mfence // In CMU paper, but not actually needed jmp code1a
两个变体: PNaCl(on open web. Runs pexe (LLVM bitcode): compiled to nexe by in-browser translator. No CLFLUSH?),NNaCl(in Chrome Web Store. Could use CLFLUSH.)
作者用的是NaCl :-)
利用 NaCl
安全命令序列:
1 2 3 4
andl $~31, %eax // Truncate address to 32 bits // and mask to be 32-byte-aligned. addq %r15, %rax // Add %r15, the sandbox base address. jmp *%rax // Indirect jump.
NaCl 沙箱模型:
防止跳到x86指令中间(意思是比如一条指令是 01 02 03 那么禁止跳到 02 开始的位置)
直接跳转目标只能用32位 对齐地址
位翻转导致部安全的方式
可能导致允许跳转到非32位对齐的地址
制作很多这个序列的备份 – 动态创代码(找寻位翻转 – 代码可读性)
利用改变寄存器号(13%的位翻转可利用,测试驱动开发)
NaCl 沙箱地址空间(1GB~4GB)
名
读写执性
大小
stack (initial thread)
read+write
available for mmap()
anything but exec
nexe rwdata segment
read+write
variable size
nexe rodata segment
read
variable size
dynamic code area
read+exec
~256MB
nexe code segment
read+exec
variable size
NaCl syscall trampolines
read+exec
64k
zero page
no access
64k
隐藏不安全代码的方法 in NaCl
已存在利用”跳到代码中间”的技术Existing technique for exploiting non-bundle-aligned jump:
20ea0: 48 b8 0f 05 eb 0c f4 f4 f4 f4
movabs $0xf4f4f4f40ceb050f, %rax
隐藏以后: 20ea2: 0f 05 syscall
20ea4: eb 0c jmp … // Jump to next hidden instr
20ea6: f4 hlt // Padding
NaCl 减轻rowhammer的方法
不允许 CLFLUSH
也许对Hide code并没办法
利用 Kernel
x86页表条目(PTE)是密集的可信的
他们控制物理内存访问权限,位翻转可以导致一个进程有权限访问另一个物理地址
利用的目标: 得到页表访问权->得到所有物理地址的访问权
尽量增大位翻转的有用性(用页表spray物理地址,先检测有用和可重复的位)
x86-64 Page Table Entries (PTEs)
Page table is a 4k page containing array of 512 PTEs
不定长 public static int add(int… a) { // 定义不定长参数方法 int s = 0; for (int i = 0; i < a.length; i++) // 根据参数个数做循环操作 s += a[i]; // 将每个参数累加 return s; // 将计算结果返回 } add(1,2, 3,4, 5,6, 7, 8, 9);
10.10 接口 向上转型
A instanceof B;A和B的关系要是 A extends B or B extends A//返回A是否为B的子类 抽象类不能实例化
new innerClass 11.07; 接口向上转型 直接调用内部类 11.08 e.printStackTrace;//catch (MyException e)