ANVIL: Software-based protection against next-generation rowhammer attacks

Zelalem Birhanu Aweke, Salessawi Ferede Yitbarek, Rui Qiao, Reetuparna Das, Matthew Hicks, Yossi Oren, Todd Austin

ACM SIGPLAN Notices 51 (4), 743-755, 2016

Ensuring the integrity and security of the memory system is critical. Recent studies have shown serious security concerns due to “rowhammer” attacks, where repeated accesses to a row of memory cause bit flips in adjacent rows. Recent work by Google’s Project Zero has shown how to leverage rowhammer-induced bit-flips as the basis for security exploits that include malicious code injection and memory privilege escalation. Being an important security concern, industry has attempted to defend against rowhammer attacks. Deployed defenses employ two strategies: (1) doubling the system DRAM refresh rate and (2) restricting access to the CLFLUSH instruction that attackers use to bypass the cache to increase memory access frequency (i.e., the rate of rowhammering). We demonstrate that such defenses are inadequte: we implement rowhammer attacks that both avoid using the CLFLUSH instruction and cause …