Boka revatsvagiri kubva kuSwitzerland Higher Technical School muZurich, iyo Yemahara University yeAmsterdam neQualcomm vakaburitsa nzira itsva yeRowHammer yekurwisa inoshandura zvirimo mabhii ega ega e dynamic random access memory (DRAMS).
Kurwisa kwacho kwakanzi codenamed Blacksmith akazvizivisa saCVE-2021-42114 uye izvo zvinobata akawanda maDDR4 machipi, ayo akadzivirirwa kubva kune yaimbozivikanwa nzira dzekirasi yeRowHammer, asi neiyi mutsauko mutsva vanobatwa nedambudziko.
Kune vasingazive kuti ikurwisa rudzii RowHammer, ndinogona kukuudzai kuti izvi inokutendera kuti ushatise zviri mukati mememory bits nekuverenga cyclic data kubva kumaseru ekurangarira akavakidzana. Sezvo DRAM iri maviri-dimensional array yemasero, rimwe nerimwe rine capacitor uye transistor, kutora kuenderera kuverenga munzvimbo imwechete yendangariro kunoguma nekushanduka kwevoltage uye anomalies, zvichikonzera kurasikirwa kudiki kwechaji. Kana kuverenga kwakanyanya kwakakwirira, ipapo sero yevavakidzani inogona kurasikirwa nehuwandu hwakakwana hwekubhadhara uye kutenderera kunotevera kuberekwa patsva hakuzove nenguva yekudzorera mamiriro ayo epakutanga, izvo zvichaita kuti kuchinja kwehuwandu hwemashoko akachengetwa muchitokisi. .
Kuti udzivirire kubva kuRowHammer, chipmakers vakaronga nzira yeTRR (Target Row Refresh), iyo inodzivirira kubva kune huwori hwemasero mumitsara yakatarisana, asi sezvo dziviriro yakavakirwa pamusimboti we "kuchengetedzwa nekusajeka", haina kugadzirisa dambudziko pamudzi, asi yakadzivirirwa chete kubva kune dzinozivikanwa zviitiko zvakakosha, iyo yakafambisa kutsvaga nzira dzekunzvenga dziviriro. Somuenzaniso, muna May, Google yakakurudzira nzira yeHalf-Double, iyo isina kukanganiswa neTRR kuchengetedza, sezvo kurwiswa kwacho kwakabata maseru aive asiri padhuze nekwaaivavarira.
Nzira itsva ye Blacksmith inopa imwe nzira yekupfuura kudzivirira kweTRR, zvichibva pane inhomogeneous kurapwa ine ma frequency akasiyana kune maviri kana anopfuura aggressor cheni kuti akonzere kudonha kwemutoro.
Kuti uone iyo yekurangarira yekusvika pateni inotungamira kurodha kupisa, yakakosha fuzzer yakagadziriswa, iyo inongosarudza iyo inorwisa paramita yeimwe chip, kusiyanisa kurongeka, kusimba uye systematization yekuwana maseru.
Nzira yakadaro, iyo isingabatanidzi nekutarisana nemasero akafanana, inoita kuti nzira dzekudzivirira dzeTRR ikozvino dzive dzisingabatsiri, iyo imwe nzira kana imwe inoderedzwa kusvika pakuverenga nhamba yekudzokororwa kudana kumasero uye, pakusvika kune mamwe maitiro , tanga recharging. kubva kumasero akavakidzana. PaBlacksmith, iyo nzira yekuwana yakapararira pamusoro pemasero akawanda kamwechete pamativi akasiyana echinangwa, ichibvumira kubhadharisa kuvuza pasina kusvika pachikumbaridzo kukosha.
Iyo nzira yakave inoshanda zvakanyanya kupfuura yakambotaurwa nzira dzekunzvenga TRR- Vatsvagiri vakakwanisa kuwana kukanganisa zvishoma pamakumi mana akasiyana eDDR40 memory machipi achangobva kutengwa kubva kuSamsung, Micron, SK Hynix, uye mugadziri asingazivikanwe (mugadziri haana kutaurwa pa4 machipi). Sekuenzanisa, nzira yeTRRespass yakambotaurwa nevatsvagiri vakafanana yakave inoshanda kune gumi nematatu chete emakumi mana nemaviri machipi akaedzwa panguva iyoyo.
Kazhinji kutaura, zvinofungidzirwa kuti nzira Blacksmith inoshanda kune 94% yeese DRAM machipi pamusikaAsi maererano nevatsvakurudzi, mamwe machipisi ari panjodzi uye ari nyore kurwisa kupfuura mamwe. Kushandisa kukanganisa kugadzirisa makodhi (ECC) uye kupeta kaviri chiyero chekuzorodza pamachipisi hakupe dziviriro yakakwana, asi inoomesa mashandiro.
Zvinokosha kuziva kuti dambudziko harigone kuvharwa pamachipisi akatoburitswa uye rinoda kuisirwa dziviriro nyowani padanho rehardware, saka kurwiswa kucharamba kwakakosha kwemakore mazhinji.
Semienzaniso inoshanda, nzira dzekushandisa Blacksmith kushandura zviri mukati mememory peji tafura entries (PTE, peji tafura yekupinda) kuti uwane kernel ropafadzo, inoshatisa RSA-2048 yeruzhinji kiyi yakachengetwa mundangariro muOpenSSH (unogona kuunza kiyi yeruzhinji. mune yekune dzimwe nyika virtual muchina kuenzanisa kiyi yepachivande yeanorwisa kuti ubatanidze kumushini wemunhu anenge abatwa) uye pfuura cheki yemvumo nekugadzirisa iyo sudo process memory kuti uwane midzi ropafadzo. Zvichienderana nechip, kushandura chinangwa bhiti kunotora pakati pemasekonzi matatu nemaawa akati wandei kuti kurwisa kuitike.
Finalmente kana iwe uchifarira kuziva zvakawanda nezvazvo, unogona kutarisa ruzivo Mune inotevera chinongedzo.