On 03/17/2015 02:21 AM, Andy Lutomirski wrote: > On Mon, Mar 16, 2015 at 5:49 PM, Mark Seaborn <mseab...@chromium.org> wrote: >> On 16 March 2015 at 14:11, Pavel Machek <pa...@ucw.cz> wrote: >> >>> Can we do anything about that? Disabling cache flushes from userland >>> should make it no longer exploitable. >> >> Unfortunately there's no way to disable userland code's use of >> CLFLUSH, as far as I know. >> >> Maybe Intel or AMD could disable CLFLUSH via a microcode update, but >> they have not said whether that would be possible. > > The Intel people I asked last week weren't confident. For one thing, > I fully expect that rowhammer can be exploited using only reads and > writes with some clever tricks involving cache associativity. I don't > think there are any fully-associative caches, although the cache > replacement algorithm could make the attacks interesting.
I've been thinking the same. But maybe having to evict e.g. 16-way cache would mean accessing 16x more lines which could reduce the frequency for a single line below dangerous levels. Worth trying, though :) BTW, by using clever access patterns and measurement of access latencies one could also possibly determine which cache lines alias/colide, without needing to read pagemap. It would just take longer. Hugepages make that simpler as well. I just hope we are not going to disable lots of stuff including clflush and e.g. transparent hugepages just because some part of the currently sold hardware is vulnerable... Vlastimil > --Andy > > -- > To unsubscribe, send a message with 'unsubscribe linux-mm' in > the body to majord...@kvack.org. For more info on Linux MM, > see: http://www.linux-mm.org/ . > Don't email: <a href=mailto:"d...@kvack.org";> em...@kvack.org </a> > -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
