Using Memory Allocation Schemes in Linux to Exploit DRAM Vulnerability: with Rowhammer as a Case Study
share
Modern operating systems use a number of different techniques and mechanisms to improve system throughput and performance. But some of these optimizations can passively leak crucial side-channel information regarding sensitive data that is being processed and stored in the system. In this paper, we talk about one such optimization mechanism prevalent in modern Linux based operating system, called page frame cache, which is an integral part of physical memory allocation subsystem. It is a purely software cache storing the page frames that are recently being released by the process or processes running on the corresponding CPU. We show that an adversary can force the kernel to allocate specific page frames to a victim process, running on the same CPU. We also discuss about the possibility of a practical scenario where the adversary can conduct Rowhammer attack to induce bit flips in the victim's page using only user level privilege.
READ FULL TEXT
