From mboxrd@z Thu Jan 1 00:00:00 1970 Date: Sun, 3 Jun 2018 08:31:30 +0200 From: Greg KH Subject: Re: Nethammer and kernel network drivers Message-ID: <20180603063130.GA28847@kroah.com> References: <078f9b83-44d9-e7b2-6608-41a88e23b63e@riseup.net> <20180602094327.GA16667@kroah.com> <617047d2-8bdd-fc57-d3b1-f1404138c474@riseup.net> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <617047d2-8bdd-fc57-d3b1-f1404138c474@riseup.net> To: procmem Cc: kernel-hardening@lists.openwall.com List-ID: On Sat, Jun 02, 2018 at 05:41:09PM +0000, procmem wrote: > Hello. Daniel provided more details on the problematic areas of the > kernel and I quote what he said verbatim: > > > > We have only found very outdated network drivers using clflush (old > > windows ndis code). On ARM there are many drivers using uncached memory. > > However, we have so far failed to produce enough memory traffic on ARM > > to trigger a bit flip with Nethammer on any ARM device. > > It should be possible though if you can make the ARM device handle > >> =300MBit/s. > > And that's the most plausible scenario. > > > > Anyway, searching for clflush or use of uncached memory is a good idea > > to locate the critical spots. > > > > Intel CAT is (we believe) not used anywhere yet. And we must be careful > > when it gets to the point where we introduce usage of CAT for QoS > > mechanisms. > > > > However, my intuition tells me that most systems are not even vulnerable > > to Rowhammer in the first place. Although the only prevalence studies we > > have suggest otherwise (they find 60-80% are affected). So Linux is not vulnerable to this at all? That's good to know, thanks for following up with this. greg k-h