Hacker News new | past | comments | ask | show | jobs | submit login

One wonders if this has already been used in a exploit.

A good first check for security companies - examine all known attacks for fence instructions, which are rare. (Without a fence instruction, hammering on the same addresses will just cycle the caches, and not go out to DRAM.) Look at the code near them for a hammering loop.

This is a promising attack, because it might be able to break through a virtual machine boundary.

A test for this should be shipped with major Linux distros, and run during install. When someone like Amazon, Rackspace, or Google sends back a few thousand machines as rejects, this will get fixed.




Fences neither guarantee, nor are required, to hit RAM. You are thinking of flush (for writes) and invalidate (for reads). Alternatively, just ping N+1 addresses that share a cache slot (where N is the way-ness of your cache).

(Fences guarantee only memory ordering, and are typically implemented by flushing to cache, not to RAM.)




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: