>Synopsis: can we resist agains bit flipping?
>Category: system
>Environment:
System : OpenBSD 7.2
Details : OpenBSD 7.2 (GENERIC.MP) #2: Thu Nov 24 23:53:03 MST 2022
r...@syspatch-72-arm64.openbsd.org:/usr/src/sys/arch/arm64/compile/GENERIC.MP
Architecture: OpenBSD.arm64
Machine : arm64
>Description:
https://en.wikipedia.org/wiki/Single-event_upset
A single event upset gave someone in belgium who was in a poll, 4096
extra votes. When I think about this bit flip and look at the kernel
code for an ultra secure operating system there is not much stopping
someone to try an attack during a cosmic storm or increased solar
activity. Perhaps a bit flips somewhere in the CPU or RAM?
pjp@polarstern$ grep sourceroute ip_input.c
int ip_dosourceroute = 0;
if (!ip_dosourceroute) {
if (!ip_dosourceroute)
&ip_dosourceroute);
Like here. As you know someone found something last week if this were
enabled. But the way this check is. It doesn't check for the low bit set to
one but it checks for the inverted value, so if the 12th bit was flipped in a
solar storm ip_dosourceroute would now be 4096. And the system would be wide
open.
>How-To-Repeat:
Hackers probably check the weather report like
https://spaceweather.com/ for increased solar activity and then fill
the CPU caches with attempts to get a bit flip happening. The odds
aren't in their favour but who knows they may get lucky.
>Fix:
I propose all these variables to be monitored occasionally with a CRC
check and if there is a bit flip happening to unset it to the right value.
This is a lot of work but may be worth it. OpenBSD would never be faring to
space right? I have no code but trying to think around how to do this.
dmesg:
cut
