Ƙungiyar masu bincike daga Vrije Universiteit Amsterdam, ETH Zurich da Qualcomm nazarin tasirin kariya daga hare-haren aji da ake amfani da su a cikin kwakwalwan ƙwaƙwalwar DDR4 na zamani , ba ka damar canza abinda ke ciki na daidaitattun raƙuman ƙwaƙwalwar ajiya mai ƙarfi (DRAM). Sakamakon ya kasance abin takaici kuma kwakwalwan kwamfuta DDR4 daga manyan masana'antun har yanzu suna nan m ().
Rashin lahani na RowHammer yana ba da damar abubuwan da ke cikin ɓangarorin ƙwaƙwalwar ajiya guda ɗaya su lalace ta hanyar karanta bayanan cyclically daga sel ƙwaƙwalwar da ke kusa. Tunda memorin DRAM tsari ne mai girma biyu na sel, kowanne ya ƙunshi capacitor da transistor, ci gaba da karantawa na yankin ƙwaƙwalwar ajiya ɗaya yana haifar da jujjuyawar wutar lantarki da abubuwan da ke haifar da ƙarancin caji a cikin sel makwabta. Idan ƙarfin karatun ya yi girma sosai, to tantanin halitta na iya rasa isasshe babban adadin caji kuma sake sakewa na gaba ba zai sami lokaci don dawo da asalinsa ba, wanda zai haifar da canji a darajar bayanan da aka adana a cikin tantanin halitta. .
Don toshe wannan tasirin, kwakwalwan kwamfuta na DDR4 na zamani suna amfani da fasahar TRR (Target Row Refresh), wanda aka ƙera don hana ƙwayoyin cuta lalacewa yayin harin RowHammer. Matsalar ita ce, babu wata hanya ɗaya don aiwatar da TRR kuma kowane CPU da masu sana'a na ƙwaƙwalwar ajiya suna fassara TRR a hanyarta, suna amfani da zaɓin kariya na kansa kuma baya bayyana cikakkun bayanan aiwatarwa.
Nazarin hanyoyin toshe RowHammer da masana'antun ke amfani da su ya sa ya zama sauƙi nemo hanyoyin ketare kariyar. Bayan dubawa, ya nuna cewa ka'idar da masana'antun ke yi " (tsaro ta cikin duhu) lokacin aiwatar da TRR yana taimakawa kawai don kariya a lokuta na musamman, yana rufe hare-hare na yau da kullun da ke sarrafa canje-canje a cikin cajin sel a cikin layuka ɗaya ko biyu kusa.
Abubuwan amfani da masu binciken suka kirkira yana ba da damar duba yiwuwar kwakwalwan kwamfuta zuwa bambance-bambancen bangaranci na harin RowHammer, wanda a cikinsa yunƙurin rinjayar cajin ake yin layuka da yawa na ƙwayoyin ƙwaƙwalwa lokaci guda. Irin waɗannan hare-haren na iya ƙetare kariyar TRR waɗanda wasu masana'antun ke aiwatarwa kuma suna haifar da ɓarna bit ɗin ƙwaƙwalwar ajiya, har ma da sabbin kayan masarufi tare da ƙwaƙwalwar DDR4.
Daga cikin 42 DIMMs da aka yi nazari, nau'ikan 13 sun zama masu rauni ga bambance-bambancen da ba daidai ba na harin RowHammer, duk da kariyar da aka ayyana. SK Hynix, Micron da Samsung ne suka samar da samfuran matsala 95% na kasuwar DRAM.
Baya ga DDR4, an kuma yi nazarin kwakwalwan kwamfuta na LPDDR4 da aka yi amfani da su a cikin na'urorin hannu, waɗanda kuma suka zama masu kula da bambance-bambancen ci gaba na harin RowHammer. Musamman, ƙwaƙwalwar da aka yi amfani da ita a cikin Google Pixel, Google Pixel 3, LG G7, OnePlus 7 da Samsung Galaxy S10 wayowin komai da ruwan ya shafa.
Masu bincike sun sami damar sake haifar da dabarun amfani da yawa akan kwakwalwan kwamfuta na DDR4 matsala. Misali, ta amfani da RowHammer- don PTE (Shigarwar Shafin Shafi) ya ɗauki daga daƙiƙa 2.3 zuwa sa'o'i uku da daƙiƙa goma sha biyar don samun gatan kwaya, ya danganta da guntuwar da aka gwada. don lalacewa ga maɓallin jama'a da aka adana a ƙwaƙwalwar ajiya, RSA-2048 ya ɗauki daga 74.6 seconds zuwa 39 minutes 28 seconds. ya ɗauki mintuna 54 da daƙiƙa 16 don ƙetare ƙa'idodin takaddun shaida ta hanyar gyaran ƙwaƙwalwar ajiyar tsarin sudo.
An buga abin amfani don bincika kwakwalwan ƙwaƙwalwar ajiyar DDR4 da masu amfani ke amfani da su . Don samun nasarar kai hari, ana buƙatar bayani game da tsarar adireshi na zahiri da ake amfani da su a cikin mai sarrafa ƙwaƙwalwar ajiya dangane da bankuna da layuka na ƙwayoyin ƙwaƙwalwar ajiya. An kuma haɓaka wani abin amfani don tantance shimfidar wuri , wanda ke buƙatar gudu a matsayin tushen. Nan gaba kadan kuma buga aikace-aikace don gwada ƙwaƙwalwar ajiyar waya.
Kamfanoni и Don kariya, sun ba da shawarar yin amfani da ƙwaƙwalwar gyaran kuskure (ECC), masu kula da ƙwaƙwalwar ajiya tare da Matsakaicin Ƙididdiga Mai Ƙarfafa (MAC), da amfani da ƙarin adadin wartsakewa. Masu bincike sun yi imanin cewa ga kwakwalwan kwamfuta da aka riga aka fitar babu wata mafita don tabbatar da kariya daga Rowhammer, da kuma amfani da ECC da haɓaka yawan haɓaka ƙwaƙwalwar ajiya ya zama mara amfani. Misali, an gabatar da shi a baya hare-hare akan ƙwaƙwalwar DRAM ta ketare kariyar ECC, kuma yana nuna yuwuwar kai hari ta hanyar DRAM daga и Gudun JavaScript a cikin browser.
source: budenet.ru