On 19.03.2015 16:04, Vlastimil Babka wrote:
On 03/18/2015 12:41 PM, Konstantin Khlebnikov wrote:
On 18.03.2015 12:57, Kirill A. Shutemov wrote:
I don't think it worth it. The only right way to fix the problem is ECC
memory.
ECC seems good protection until somebody figure out how to break it too.
I doubt that kind of attitude can get us very far. If we can't trust the
hardware, we lose sooner or later.
Obviously ECC was designed for protecting against cosmic rays which
flips several bits. If attacker modifies whole cacheline he can chose
value which have the same ECC. I hope next generation of DRAM (or PRAM)
wouldn't be affected.
Software solution is possible: we can put untrusted applications into
special ghetto memory zone. This is relatively easy for virtual
machines. And it seems might work for normal tasks too (page-cache
pages should be doubled or handled in the way similar to copy-on-read
from that patch).
--
Konstantin
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@xxxxxxxxx. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@xxxxxxxxx";> email@xxxxxxxxx </a>