RAM, bam, awww ... man! Boffins defeat Rowhammer protections

Ever since Rowhammer first emerged, there's been something of an arms race between researchers and defenders, and the boffins firing the latest shot reckon they've beaten all available protections.

In the two years since Google first showed how forced bit-flipping could cause memory errors and create a takeover vector, boffins have worked on hardware and software mitigations on one side, and new attacks on the other.

An Austrian-American-Australian collaboration this week offered up the worst of bad news: all the current defences can be defeated – and their attack can work remotely, including against cloud-based systems.

In this paper, the eight collaborators ^* present an attack they call “one-location hammering”.

This offers a new way to trigger the bug, they write: “we do not hammer multiple DRAM rows but only keep one DRAM row constantly open. Our new exploitation technique, opcode flipping, bypasses recent isolation mechanisms by flipping bits in a predictable and targeted way in userspace binaries”.

To make sure their attack is predictable, the boffins “replace conspicuous and memory-exhausting spraying and grooming techniques” with what they call “memory waylaying”. This tricks the operating system into putting target pages at physical memory locations controlled by the attacker.

Time to start again

The researchers say current Rowhammer mitigations fail in the face of their attack.

It's easy to defeat static analysis, they write, by running code within Intel SGX enclaves; this also defeats mitigations based on performance counters.

Single-location hammering gets around a third mitigation, software that analyses memory access patterns; and defences based on physical memory isolation are the target of their “opcode flipping”.

“Opcode flipping exploits the fact that bit flips in opcodes can yield different, yet valid opcodes”, the paper says. They demonstrate the technique against the sudo command, “allowing exploitation of any of the 29 offsets in the sudo binary to gain root privileges”.

To get around protections that work by analysing the memory footprint of a Rowhammer attack, the researchers' “memory waylaying”. This “performs replacement-aware page cache eviction, using only page cache pages. These pages are not visible in the system memory utilization as they can be evicted any time and hence, are considered as available memory. Consequently, memory waylaying never causes the system to run out of memory.”

As already mentioned, the researchers claimed their attack could work against cloud-based systems. Since taking out a machine on AWS or Azure clouds would bring down the wrath of giants, they tested the attack on configurations designed to simulate cloud servers (Haswell- and Skylake-based servers). ®

^* Graz University of Technology's Daniel Gruss, Moritz Lipp, Michael Schwarz, Jonas Juffinger and Wolfgang Schoechl; Daniel Genkin of the University of Maryland and University of Pennsylvania; and Sioli O’Connell and Yuval Yarom of the University of Adelaide, the last also of CSIRO's Data61)