Introduction

This paper was published in DIMVA 2016. In this paper, the author proposed a software-induced rowhammer attack. To demonstrate the effectiveness of their attack, the author presented a rowhammer attack using JavaScript on Firefox 39.0. In this post, I will first give background of Rowhammer attack and then how this paper deploy the attack from JavaScript.

Background

Bit Disturbance

The fisrt idea was appearing in ICSA 2014. In the paper[1], the author showed an phenomenon that by repeatedly accessing one row in cache, the bit in nearby rows may by flipped.

In the architecture of CPU, each cell lies at the intersection of two perpendicular wires: a wordline and a bit line.
An access to a rank occurs in three steps: (i) “opening” the desired row within a desired bank, (ii) accessing the desired columns from the row-buffer, and (iii) “closing” the row.
Since the charge stored in a DRAM cell is not persistent, charge in a cell needs to be refreshed after a period of time. On most architecture, the refresh time window is 64ms.

In general, disturbance errors occur whenever there is a strong enough interaction between two circuit components (e.g., capacitors, transistors, wires) that should be isolated from each other. Depending on which component interacts with which other component and also how they interact, many different modes of disturbance are possible.

Among them, the author identifies one particular disturbance mode that afflicts commodity DRAM chips from all three major manufacturers. When a wordline’s voltage is toggled repeatedly, some cells in nearby rows leak charge at a much faster rate. Such cells cannot retain charge for even 64ms.

Memory Fault Exploitation

The next problem is how to use a memory fault to launch a successful exploit.
Memory Corruption
Through corrupting the value of a pointer, the bit flip may cause a vulnerability similar to out-of-bound read/write.
A similar side channel attack was proposed in academic paper in 2003 [2]. The bit flip induced by cosmic ray is used for attacking virtual machine.

In the work of M. Seaborn, it proposed two realistic exploit via bit flipping:
Native Client (NaCl) sandbox escape in Chrome
Bit flips make instruction sequence unsafe.

Linux kernel privilege escalation
Privilege escalation in 7 easy steps
1. Allocate a large chunk of memory
2. Search for locations prone to flipping
3. Check if they fall into the “right spot” in a PTE for allowing the exploit
4. Return that particular area of memory to the operating system
5. Force OS to re-use the memory for PTEs by allocating massive quantities of address space
6. Cause the bitflip – shift PTE to point into page table
7. Abuse R/W access to all of physical memory
In practice, there are many complications

Rowhammer in Javascript

In the original rowhammer attack, the attacker needs to use/generate native code, such as CLFLUSH to repeatedly read value in memory. However, in most attacking scenarios of RCE, attackers cannot get such ability to use native code in the local machine. One way is to use provided script language to achieve same functionality.

Adaptive Cache Attack

The goal of the attack is to find a suitable eviction set and eviction strategy. An eviction strategy accesses addresses from an eviction set in a specific access pattern and can ideally be used as a replacement for clflush. Eviction set is commonly defined as a set of congruent addresses. The access pattern defines in which order addresses from the eviction set are accessed, including multiple accesses per address.
The following access pattern shows an eviction strategy on Haswell architecture:
Different from the LRU(Least Recently Used) strategy introduced in textbooks, Haswell adopted a Pseudo LRU in its implementation. According to the observation of the author, the best eviction strategy is shown as above. In a further step, the author proposed an Adaptive Cache Attack to find a dynamic eviction set and a dynamic eviction pattern.

cached(p) function tries to evict using the current eviction set and decides whether an access was cached or not based on the access time.

Double-sided Rowhammer

M. Seaborn found on all test machines a significantly higher probability for bit flips in a row N when hammering its neighbor rows N − 1 and N + 1. This technique is dubbed “double-sided hammering”.

The eviction sets are precomputed in the f_evist and s_evict using physical address mapping.

Implementation

The author observed that large typed arrays in JavaScript in all recent Firefox and Google Chrome versions on Linux are allocated 1MB aligned and use anonymous 2MB pages when possible.

The author reproduced bit flips with Javascript in Firefox and Chrome. The author built a tool which monitors the virtual address space of Firefox. Each time a 2MB page is allocated they store the virtual address and the time difference to the last allocation. This way they can detect the beginning of the allocation in JavaScript. In a second step, they build an inverted page table for the Firefox process. They then resolve the physical addresses they want to hammer to offsets within the JavaScript array. These offsets are then pasted into a field in the webpage to start hammering on the JavaScript array.

Evaluation

To quantify the advantage of the adaptive eviction strategy, the authors performed 12 million memory access on a fixed address which is supposedly evicted. They compared eviction using the LRU eviction strategy, their adaptive eviction strategy and for comparison.

Furthermore, the probability for bit flips in JavaScript and in native
code is almost the same. Thus, if a machine is vulnerable
using native code implementation it is vulnerable using
the JavaScript implementation as well.

Conclusion

Launching script-based side-channel attack has always been a hot topic in attacking techniques. In this paper, the author proposed a Javascript-based attack to trigger hardware fault with the same effect as native code.

Reference

Academic Paper:
[1] Flipping Bits in Memory Without Accessing Them: An Experimental Study of DRAM Disturbance Errors
[2] Using Memory Errors to Attack a Virtual Machine
Technical Report:
[3]Exploiting the DRAM rowhammer bug to gain kernel privileges
[4] Research report on using JIT to trigger RowHammer
[5] https://github.com/google/rowhammer-test