Download presentation
Presentation is loading. Please wait.
1
Victor van der Veen and Kaveh Razavi
Flip Feng Shui Victor van der Veen and Kaveh Razavi
2
VUSec.net Binary Armoring Malware Analysis Hardware Vulnerabilities
We do more than just breaking stuff: Reverse engineering (no source code available: can we still protect the binary against attacks?) Fuzzing Software defenses (for example: Shrinkwrap made Google Chrome more secure) More on our website Binary Armoring Malware Analysis Hardware Vulnerabilities Mobile Security Software Reliability Software Testing Flip Feng NCSC – May 17, 2017 Introduction
3
Flip Feng Shui Even if we could build perfect software...
Your takeaway message of today Even if we could build perfect software... Flip Feng NCSC – May 17, 2017 Introduction
4
Flip Feng Shui Even if we could build perfect software...
Your takeaway message of today Even if we could build perfect software... Without any security bugs whatsoever... Flip Feng NCSC – May 17, 2017 Introduction
5
Flip Feng Shui Even if we could build perfect software...
Your takeaway message of today Even if we could build perfect software... Without any security bugs whatsoever... A single hardware bit flip can compromise it. Flip Feng NCSC – May 17, 2017 Introduction
6
Flip Feng Shui in 2016 The art of turning bit flips into a reliable compromise…
… of the cloud Hammering a Needle in the Software USENIX Security … of the browser Dedup Est IEEE Security & Privacy … of the mobile ACM CCS We will explain all three attacks in detail Dutch high quality research at top venues in computer security Best research group in the world in 2016 (better than MIT!) Flip Feng NCSC – May 17, 2017 Introduction
7
Flip Feng Shui Worldwide impact
ArsTechnica, WIRED, The Register, Infoworld, Slashdot, The Stack, Softpedia, Science Daily, CORDIS, Security Now!, Daily Mail, Tech Times, Fossbytes, The Inquirer, Hack Read, Threatpost Argentina (Segu-info), Austria (Der Standard), Belgium (DeMorgen), China (Freebuff, Sohu, EEPW), Czech Republic (Svět Androida), Denmark (Version2), France (Silicon, Le Monde Informatique, Informanews), Germany (Der Spiegel, Golem.de, Pro-Linux, Crn.de, JAXenter, Computer Bild, t3n Magazine, Netzwelt.de), Hungary (HWSW), Italy (Repubblica.it, Punto Informatico, Gadgetblog.it, Tutto Android), Mexico (PCWorld Mexico), The Netherlands (NU.nl, Tweakers.net, Crimesite), Norway (Digi.no), Poland (eGospodarka, Softonet, PCLab.pl, Dobreprogramy, PC Format, Telix.pl), Russia (Хакер, Securitylab.ru), Slovakia (Živé.sk), Spain (López Dóriga, CSO, El Android libre), Switzerland (Neue Zürcher Zeitung), Taiwan (iThome), Turkey (Teknokulis, CHIP, Webtekno), and Ukraine (KO). Powerful Bit-Flipping Attack Bruce Schneier This is a significant finding, thanks for Researching it Mark Seaborn, Google This is an issue that will affect almost any modern computer system Hugo Vincent, ARM Research We appreciate your assistance in helping to maintain and improve the security of our products. Cristina Formaini, Apple Flip Feng NCSC – May 17, 2017 Introduction
8
INTRODUCTION Flip Feng NCSC – May 17, 2017 Introduction
9
Flip Feng Shui Requirements
A reproducible hardware bit flip Rowhammer – a widespread DRAM issue Ability to target the bit flip Predictable memory management behavior Flip Feng NCSC – May 17, 2017 Introduction
10
Rowhammer Single-Sided Rowhammer A DRAM hardware glitch 1 1 1 1 1 1 1
1 1 1 1 1 1 1 1 1 1 1 1 Flip Feng NCSC – May 17, 2017 Introduction
11
Rowhammer Single-Sided Rowhammer A DRAM hardware glitch 1 1 1 1 1 1 1
1 1 1 1 1 1 1 1 1 1 1 1 Flip Feng NCSC – May 17, 2017 Introduction
12
Rowhammer Single-Sided Rowhammer A DRAM hardware glitch 1 1 1 1 1 1 1
1 1 1 1 1 1 1 1 1 1 1 1 Flip Feng NCSC – May 17, 2017 Introduction
13
Rowhammer Single-Sided Rowhammer A DRAM hardware glitch 1 1 1 1 1 1 1
1 1 1 1 1 1 1 1 1 1 1 1 Flip Feng NCSC – May 17, 2017 Introduction
14
Rowhammer Single-Sided Rowhammer A DRAM hardware glitch 1 1 1 1 1 1 1
1 1 1 1 1 1 1 1 1 1 1 1 Flip Feng NCSC – May 17, 2017 Introduction
15
Rowhammer Single-Sided Rowhammer A DRAM hardware glitch 1 1 1 1 1 1 1
1 1 1 1 1 1 1 1 1 1 1 1 Flip Feng NCSC – May 17, 2017 Introduction
16
Rowhammer Single-Sided Rowhammer A DRAM hardware glitch 1 1 1 1 1 1 1
1 1 1 1 1 1 1 1 1 1 1 1 Flip Feng NCSC – May 17, 2017 Introduction
17
Rowhammer Single-Sided Rowhammer A DRAM hardware glitch 1 1 1 1 1 1 1
1 1 1 1 1 1 1 1 1 1 1 1 Flip Feng NCSC – May 17, 2017 Introduction
18
Rowhammer Single-Sided Rowhammer A DRAM hardware glitch 1 1 1 1 1 1 1
1 1 1 1 1 1 1 1 1 1 1 1 Flip Feng NCSC – May 17, 2017 Introduction
19
Rowhammer Single-Sided Rowhammer A DRAM hardware glitch Aggressor row
1 1 1 1 Aggressor row 1 1 1 Victim row 1 1 1 1 1 1 Not every bit may flip Once a bit flips, we can often reproduce it Flip Feng NCSC – May 17, 2017 Introduction
20
Rowhammer SingleDouble-Sided Rowhammer A DRAM hardware glitch
1 1 1 1 Aggressor row 1 1 1 1 Victim row 1 Aggressor row 2 1 1 1 1 1 Sandwich the victim row by alternating accesses Increased chance of flipping a bit Flip Feng NCSC – May 17, 2017 Introduction
21
CPU Bypass the CPU cache DRAM Solution: cache flush
Tell the CPU to remove data from the cache Solution: cache eviction Read more data until the cache is full 1 1 1 1 CPU Cache 1 1 1 1 1 1 1 1 1 1 DRAM Flip Feng NCSC – May 17, 2017 Introduction
22
Flip Feng Shui Mechanics
Memory templating Scan memory for useful bit flips Land sensitive data Store sensitive data on a vulnerable location Reproduce the bit flip Modify the sensitive data to compromise the system We will use these three mechanics when describing the attacks Flip Feng NCSC – May 17, 2017 Introduction
23
HAMMERING A NEEDLE IN THE SOFTWARE STACK
SCENARIO 1 Kaveh Razavi, Ben Gras, Erik Bosman, Bart Preneel, Cristiano Giuffrida, and Herbert Bos HAMMERING A NEEDLE IN THE SOFTWARE STACK USENIX Security August 2016 Flip Feng NCSC – May 17, 2017 Scenario 1: Breaking the Cloud
24
Hammering a Needle in the Software Stack
Malicious VM in the cloud compromising neighbors Rowhammer + Memory Deduplication You can flip a bit in another VM What would YOU flip? Flip Feng NCSC – May 17, 2017 Scenario 1: Breaking the Cloud
25
Memory templating Hardware Layer Hypervisor Victim VM Attacker VM
Victim and Attacker share hardware Attacker has access to the same physical memory as the victim Attacker is root on his own VM: use cache flush to Rowhammer Victim VM Attacker VM Hypervisor Hardware Layer CPU – DRAM – Caches - …
26
Memory templating Hypervisor Victim VM Attacker VM
Victim and Attacker share hardware Attacker has access to the same physical memory as the victim Attacker is root on his own VM: use cache flush to Rowhammer Victim VM Attacker VM Hypervisor g
27
Memory templating Hypervisor Victim VM Attacker VM
Victim and Attacker share hardware Attacker has access to the same physical memory as the victim Attacker is root on his own VM: use cache flush to Rowhammer Victim VM Attacker VM Hypervisor
28
Memory templating Hypervisor Victim VM Attacker VM
Victim and Attacker share hardware Attacker has access to the same physical memory as the victim Attacker is root on his own VM: use cache flush to Rowhammer Victim VM Attacker VM Hypervisor
29
Memory templating Hypervisor Victim VM Attacker VM
Victim and Attacker share hardware Attacker has access to the same physical memory as the victim Attacker is root on his own VM: use cache flush to Rowhammer Victim VM Attacker VM Hypervisor
30
Bit Flip Memory templating Hypervisor Victim VM Attacker VM
Victim and Attacker share hardware Attacker has access to the same physical memory as the victim Attacker is root on his own VM: use cache flush to Rowhammer Victim VM Attacker VM Hypervisor Bit Flip
31
Land sensitive data Memory Deduplication Hypervisor Victim VM
Given a bit flip in the Attacker VM How do we force the Victim VM to store sensitive data here? Memory Deduplication Victim VM Attacker VM Hypervisor
32
Land sensitive data Memory deduplication
Operating System / Hypervisor searches for duplicate pages buf = malloc(...) xbff00000 0xbff40000 Victim VM xbff80000 buf = malloc(...) xbf610000 0xbf650000 Attacker VM xbf690000 Hypervisor 10100 10111 11100
33
Land sensitive data Memory deduplication
Operating System / Hypervisor searches for duplicate pages buf = malloc(...) xbff00000 0xbff40000 Victim VM xbff80000 buf = malloc(...) xbf610000 0xbf650000 Attacker VM xbf690000 Hypervisor 10100 10111 11100
34
Land sensitive data Memory deduplication
Operating System / Hypervisor searches for duplicate pages Frees the duplicated bytes from physical memory Updates the virtual address mapping But what should we flip? buf = malloc(...) xbff00000 0xbff40000 Victim VM xbff80000 buf = malloc(...) xbf610000 0xbf650000 Attacker VM xbf690000 Hypervisor 10111 10100 11100
35
Land sensitive data What should we land?
Cryptographic keys + Domain names Scenario 1: Breaking the Cloud
36
Reproduce the bit flip Cryptographic keys
Public RSA key from .ssh/authorized_keys Victim VM Attacker VM Hypervisor ssh-rsa AAAAB3NzaC1yc2EAAAADAQABl8h0VfRbC7naVs...
37
Reproduce the bit flip Cryptographic keys
Public RSA key from .ssh/authorized_keys Flipping a bit changes the public/private key pair Victim VM Attacker VM Hypervisor ssh-rsa AAAAB4NzaC1yc2EAAAADAQABl8h0VfRbC7naVs...
38
Reproduce the bit flip Cryptographic keys
Public RSA key from .ssh/authorized_keys Flipping a bit changes the public/private key pair New public key is easy to factorize Victim VM Attacker VM P = ... Q = ... Hypervisor ssh-rsa AAAAB4NzaC1yc2EAAAADAQABl8h0VfRbC7naVs...
39
Reproduce the bit flip Cryptographic keys
Public RSA key from .ssh/authorized_keys Flipping a bit changes the public/private key pair New public key is easy to factorize Attacker computes the new private key and gets SSH access Victim VM id_rsa = ... Attacker VM Hypervisor ssh-rsa AAAAB4NzaC1yc2EAAAADAQABl8h0VfRbC7naVs...
40
Reproduce the bit flip Cryptographic keys + domain names
Domain name used for apt-get upgrade Victim VM Attacker VM Hypervisor security.ubuntu.com/ubuntu
41
Reproduce the bit flip Cryptographic keys + domain names
Domain name used for apt-get upgrade Flipping a bit changes the domain name used to pull updates Attacker hosts malicious ls command at ubunvu.com Victim VM Attacker VM Hypervisor security.ubunvu.com/ubuntu
42
Reproduce the bit flip Cryptographic keys + domain names
Domain name used for apt-get upgrade Flipping a bit changes the domain name used to pull updates Attacker hosts malicious ls command at ubunvu.com Packages are signed: also flip a bit in the GPG keychain Victim VM Attacker VM Hypervisor security.ubunvu.com/ubuntu
43
Reproduce the bit flip Cryptographic keys + domain names
Domain name used for apt-get upgrade Flipping a bit changes the domain name used to pull updates Attacker hosts malicious ls command at ubunvu.com Packages are signed: also flip a bit in the GPG keychain Victim VM Attacker VM Hypervisor /etc/apt/trusted.gpg: mQGiBEFEnz8RBAC7Ls... security.ubunvu.com/ubuntu
44
Reproduce the bit flip Cryptographic keys + domain names
Domain name used for apt-get upgrade Flipping a bit changes the domain name used to pull updates Attacker hosts malicious ls command at ubunvu.com Packages are signed: also flip a bit in the GPG keychain Victim VM Attacker VM Hypervisor /etc/apt/trusted.gpg: mQGiBDFEnz8RBAC7Ls... security.ubunvu.com/ubuntu
45
Reproduce the bit flip Cryptographic keys + domain names
Domain name used for apt-get upgrade Flipping a bit changes the domain name used to pull updates Attacker hosts malicious ls command at ubunvu.com Packages are signed: also flip a bit in the GPG keychain Attacker computes the new GPG key and signs his backdoored ls Victim VM Attacker VM Hypervisor /etc/apt/trusted.gpg: mQGiBDFEnz8RBAC7Ls... security.ubunvu.com/ubuntu
46
Reproduce the bit flip Cryptographic keys + domain names
Domain name used for apt-get upgrade Flipping a bit changes the domain name used to pull updates Attacker hosts malicious ls command at ubunvu.com Packages are signed: also flip a bit in the GPG keychain Attacker computes the new GPG key and signs his backdoored ls Wait for victim to apt-get upgrade Victim VM Attacker VM Hypervisor /etc/apt/trusted.gpg: mQGiBDFEnz8RBAC7Ls... security.ubunvu.com/ubuntu
47
Scenario 1: Breaking the Cloud
Disclosure Contacted NCSC on June 9, 2016 Good job on contacting vendors and affected parties! GPG Patch so that self-signed keys are no longer valid Bought some domains for ubuntu/debian ubunvu.com ubuftu.com ubunte.com ubuntt.com ubuntw.com ubun4u.com ubunuu.com dabian.org ddbian.org debiaf.org debicn.org debial.org debiqn.org debien.org And more... Flip Feng Surf – May 17, 2017 Scenario 1: Breaking the Cloud
48
DEDUP EST MACHINA SCENARIO 2 IEEE Security & Privacy (Oakland)
Erik Bosman, Kaveh Razavi, Herbert Bos, and Cristiano Giuffrida DEDUP EST MACHINA IEEE Security & Privacy (Oakland) May 2016 Flip Feng Surf – May 17, 2017 Scenario 2: Breaking the Browser
49
Aim: compromise the browser process from JavaScript
Dedup Est Machina Compromise Microsoft Edge with all defenses up without a software vulnerability Use memory deduplication as a side channel to leak pointers The leaked pointers are useful in the Flip Feng Shui attack Aim: compromise the browser process from JavaScript Flip Feng Surf – May 17, 2017 Scenario 2: Breaking the Browser
50
Scenario 2: Breaking the Browser
Memory templating Use cache eviction buffers to read from memory JavaScript Array JavaScript Typed Array Flip Feng Surf – May 17, 2017 Scenario 2: Breaking the Browser
51
Scenario 2: Breaking the Browser
Memory templating Hammering Strategy JavaScript Array JavaScript: no physical addresses Single-sided Rowhammer Javascript bit flips! Rowbuffer: find bank conflicts Cache coloring: find cache sets probablistic double-sided Flip Feng Surf – May 17, 2017 Scenario 2: Breaking the Browser
52
Land sensitive data JavaScript References JavaScript Array
Flip Feng Surf – May 17, 2017 Scenario 2: Breaking the Browser
53
Land sensitive data JavaScript References JavaScript Array Typed Array
Flip Feng Surf – May 17, 2017 Scenario 2: Breaking the Browser
54
Land sensitive data JavaScript References JavaScript Array Typed Array
vtable pointer size Flip Feng Surf – May 17, 2017 Scenario 2: Breaking the Browser
55
Land sensitive data JavaScript References JavaScript Array Typed Array
Flip Feng Surf – May 17, 2017 Scenario 2: Breaking the Browser
56
Land sensitive data JavaScript References JavaScript Array Typed Array
Counterfeit Object vtable pointer size Flip Feng Surf – May 17, 2017 Scenario 2: Breaking the Browser
57
Scenario 2: Breaking the Browser
Reproduce the bit flip JavaScript Array Typed Array Counterfeit Object vtable pointer size Flip Feng Surf – May 17, 2017 Scenario 2: Breaking the Browser
58
Scenario 2: Breaking the Browser
Reproduce the bit flip JavaScript Array Typed Array Counterfeit Object vtable pointer size Flip Feng Surf – May 17, 2017 Scenario 2: Breaking the Browser
59
Scenario 2: Breaking the Browser
Reproduce the bit flip JavaScript Array Typed Array Counterfeit Object vtable pointer size Flip Feng Surf – May 17, 2017 Scenario 2: Breaking the Browser
60
Scenario 2: Breaking the Browser
Reproduce the bit flip JavaScript Array Typed Array Counterfeit Object vtable pointer size Flip Feng Surf – May 17, 2017 Scenario 2: Breaking the Browser
61
Scenario 2: Breaking the Browser
Reproduce the bit flip JavaScript Array Typed Array Counterfeit Object vtable pointer size Flip Feng Surf – May 17, 2017 Scenario 2: Breaking the Browser
62
Scenario 2: Breaking the Browser
Reproduce the bit flip Counterfeit Object vtable pointer size Flip Feng Surf – May 17, 2017 Scenario 2: Breaking the Browser
63
Scenario 2: Breaking the Browser
Reproduce the bit flip Counterfeit Object Arbitrary read/write over memory Take over Edge without a software bug vtable pointer size Flip Feng Surf – May 17, 2017 Scenario 2: Breaking the Browser
64
Scenario 2: Breaking the Browser
Disclosure Talked to Microsoft on March 7, 2016 Memory deduplication was disabled on July 18, 2016 Most innovative research! Black Hat USA 2016 Flip Feng Surf – May 17, 2017 Scenario 2: Breaking the Browser
65
Scenario 3: Breaking the Mobile
Victor van der Veen, Yanick Fratantonio, Martina Lindorfer, Daniel Gruss, Clementine Maurice, Giovani Vigna, Herbert Bos, Kaveh Razavi, and Cristiano Giuffrida DRAMMER ACM CCS October 2016 Flip Feng Surf – May 17, 2017 Scenario 3: Breaking the Mobile
66
Scenario 3: Breaking the Mobile
Drammer Can we use Rowhammer to root Android phones? Targeting ARM instead of x86 Android devices do not have memory deduplication Exploit behavior of underlying memory allocator Flip Feng Surf – May 17, 2017 Scenario 3: Breaking the Mobile
67
Scenario 3: Breaking the Mobile
Memory Templating Bypassing the CPU cache Cache eviction Explicit cache flush (clflush instruction) Does this work on ARM? Too slow Privileged Of course not Flip Feng Surf – May 17, 2017 Scenario 3: Breaking the Mobile
68
Memory templating Bypass the CPU cache
Sometimes CPU caches are detrimental Offload specific tasks to dedicated hardware Devices for graphics / audio / … CPU gets to do other tasks in parallel GPU DMA: Direct Memory Access 1 1 1 1 CPU Cache 1 1 1 1 1 1 1 1 1 1 DRAM Flip Feng Surf – May 17, 2017 Scenario 3: Breaking the Mobile
69
Scenario 3: Breaking the Mobile
Land sensitive data Threat-Model Recent Android OS without memory deduplication (too costly) Unprivileged app wants to get root access Goal: read/write access to anywhere in memory Find administrative kernel data structures for our process Overwrite our own uid to get root access Approach Land a Page Table at the vulnerable location Flip a bit in a Page Table Entry! Flip Feng Surf – May 17, 2017 Scenario 3: Breaking the Mobile
70
Land sensitive data Page tables
Mapping virtual addresses to physical addresses 1 … 0x080000 0x040000 0x0c0000 0x100000 0x140000 Hello World 0xb6a57000 buf = malloc(8196); sprintf(buf, “Hello World”); 0xb6a58000 Virtual Address Physical Address (binary) 0xb6a57000 0x140000 0b 0xb6a58000 0x0c0000 0b Page table Virtual Address Physical Address (binary) 0xb6a57000 0x140000 0b 0xb6a58000 0x0c0000 0b Where are page tables stored? In memory! Flip Feng Surf – May 17, 2017 Scenario 3: Breaking the Mobile
71
Land sensitive data Page tables
Mapping virtual addresses to physical addresses buf = malloc(8196); sprintf(buf, “Hello World”); 0x040000 1 1 1 … 0x080000 0xb6a57000 1 1 1 … 0x0c0000 0xb6a58000 World 1 1 … 0x100000 Virtual Address Physical Address (binary) 0xb6a57000 0x140000 0b 0xb6a58000 0x0c0000 0b 1 1 1 … 0x140000 Hello 1 … Page table Virtual Address Physical Address (binary) 0xb6a57000 0x140000 0b 0xb6a58000 0x0c0000 0b What if we flip a bit in a page table? Modify mappings! Flip Feng Surf – May 17, 2017 Scenario 3: Breaking the Mobile
72
Land sensitive data Page tables
Mapping virtual addresses to physical addresses buf = malloc(8196); sprintf(buf, “Hello World”); 0x040000 1 1 1 … 0x080000 0xb6a57000 1 1 1 … 0x0c0000 0xb6a58000 World 1 1 … 0x100000 Virtual Address Physical Address (binary) 0xb6a57000 0x140000 0b 0xb6a58000 0x0c0000 0b 1 1 1 … 0x140000 Hello 1 … Page table Virtual Address Physical Address (binary) 0xb6a57000 0x140000 0b 0xb6a58000 0x0c0000 0b What if we flip a bit in a page table? Modify mappings! Flip Feng Surf – May 17, 2017 Scenario 3: Breaking the Mobile
73
Land sensitive data Page tables
Mapping virtual addresses to physical addresses buf = malloc(8196); sprintf(buf, “Hello World”); 0x040000 1 1 1 … 0x080000 0xb6a57000 1 1 1 … 0x0c0000 0xb6a58000 World 1 1 … 0x100000 Virtual Address Physical Address (binary) 0xb6a57000 0x100000 0b 0xb6a58000 0x0c0000 0b 1 1 1 … 0x140000 Hello 1 … Page table Virtual Address Physical Address (binary) 0xb6a57000 0x100000 0b 0xb6a58000 0x0c0000 0b What if we flip a bit in a page table? Modify mappings! Flip Feng Surf – May 17, 2017 Scenario 3: Breaking the Mobile
74
Land sensitive data Page tables
Mapping virtual addresses to physical addresses buf = malloc(8196); sprintf(buf, “Hello World”); 0x040000 1 1 1 … 0x080000 0xb6a57000 1 1 1 … 0x0c0000 0xb6a58000 World 1 1 … 0x100000 Virtual Address Physical Address (binary) 0xb6a57000 0x100000 0b 0xb6a58000 0x0c0000 0b 1 1 1 … 0x140000 Hello 1 … Page table Virtual Address Physical Address (binary) 0xb6a57000 0x100000 0b 0xb6a58000 0x0c0000 0b What if we flip a bit in a page table? Modify mappings! Flip Feng Surf – May 17, 2017 Scenario 3: Breaking the Mobile
75
Land sensitive data Page tables
Mapping virtual addresses to physical addresses buf = malloc(8196); sprintf(buf, “Hello World”); 0x040000 1 1 1 … 0x080000 0xb6a57000 1 1 1 … 0x0c0000 0xb6a58000 World 1 1 … 0x100000 Virtual Address Physical Address (binary) 0xb6a57000 0x100000 0b 0xb6a58000 0x0c0000 0b 1 1 1 … 0x140000 Hello 1 … Page table Virtual Address Physical Address (binary) 0xb6a57000 0x100000 0b 0xb6a58000 0x0c0000 0b Page tables give us read/write access to anywhere in memory Flip Feng Surf – May 17, 2017 Scenario 3: Breaking the Mobile
76
Land sensitive data Page tables
Mapping virtual addresses to physical addresses buf = malloc(8196); sprintf(buf, “Hello World”); 0x040000 1 1 1 … 0x080000 0xb6a57000 1 1 1 … 0x0c0000 0xb6a58000 World 1 1 … 0x100000 Virtual Address Physical Address (binary) 0xb6a57000 0x100000 0b 0xb6a58000 0x040000 0b 1 1 1 … 0x140000 Hello 1 … Page table Virtual Address Physical Address (binary) 0xb6a57000 0x100000 0b 0xb6a58000 0x040000 0b By modifying existing entries… Flip Feng Surf – May 17, 2017 Scenario 3: Breaking the Mobile
77
Land sensitive data Page tables
Mapping virtual addresses to physical addresses buf = malloc(8196); sprintf(buf, “Hello World”); 0x040000 1 1 1 … 0x080000 0xb6a57000 1 1 1 … 0x0c0000 0xb6a58000 World 1 1 … 0x100000 Virtual Address Physical Address (binary) 0xb6a57000 0x100000 0b 0xb6a58000 0x040000 0b 0xb6a59000 0x080000 0b 0xb6a59000 1 1 1 … 0x140000 Hello 1 … Page table Virtual Address Physical Address (binary) 0xb6a57000 0x100000 0b 0xb6a58000 0x040000 0b 0xb6a59000 0x080000 0b By modifying existing entries… or by adding new ones Flip Feng Surf – May 17, 2017 Scenario 3: Breaking the Mobile
78
Land sensitive data Page tables
Mapping virtual addresses to physical addresses buf = malloc(8196); sprintf(buf, “Hello World”); 0x040000 1 1 1 … 0x080000 0xb6a57000 1 1 1 … 0x0c0000 0xb6a58000 World 1 1 … 0x100000 Virtual Address Physical Address (binary) 0xb6a57000 0x100000 0b 0xb6a58000 0x040000 0b 0xb6a59000 0x080000 0b 0xb6a59000 1 1 1 … 0x140000 Hello 1 … Page table Virtual Address Physical Address (binary) 0xb6a57000 0x100000 0b 0xb6a58000 0x040000 0b 0xb6a59000 0x080000 0b By modifying existing entries… or by adding new ones Flip Feng Surf – May 17, 2017 Scenario 3: Breaking the Mobile
79
Land sensitive data Phys Feng Shui (intuition)
Physical memory Flip Feng Surf – May 17, 2017 Scenario 3: Breaking the Mobile
80
Land sensitive data Phys Feng Shui (intuition)
Running applications before Drammer Flip Feng Surf – May 17, 2017 Scenario 3: Breaking the Mobile
81
Land sensitive data Phys Feng Shui (intuition)
Step 1. Allocate large chunks of memory Flip Feng Surf – May 17, 2017 Scenario 3: Breaking the Mobile
82
Land sensitive data Phys Feng Shui (intuition)
Step 2. Search for bit flips Flip Feng Surf – May 17, 2017 Scenario 3: Breaking the Mobile
83
Land sensitive data Phys Feng Shui (intuition)
Step 2. Search for bit flips Flip Feng Surf – May 17, 2017 Scenario 3: Breaking the Mobile
84
Land sensitive data Phys Feng Shui (intuition)
Step 2. Search for bit flips (got one!) Flip Feng Surf – May 17, 2017 Scenario 3: Breaking the Mobile
85
Land sensitive data Phys Feng Shui (intuition)
Step 3. Allocate small chunks Flip Feng Surf – May 17, 2017 Scenario 3: Breaking the Mobile
86
Land sensitive data Phys Feng Shui (intuition)
Step 3. Allocate small chunks Flip Feng Surf – May 17, 2017 Scenario 3: Breaking the Mobile
87
Land sensitive data Phys Feng Shui (intuition)
Step 3. Allocate small chunks Flip Feng Surf – May 17, 2017 Scenario 3: Breaking the Mobile
88
Land sensitive data Phys Feng Shui (intuition)
Step 4. Release vulnerable chunk Flip Feng Surf – May 17, 2017 Scenario 3: Breaking the Mobile
89
Land sensitive data Phys Feng Shui (intuition)
Step 5. Generate a new page table Virtual Address Physical Address 0xb6a57000 0x100000 0xb6a58000 0x040000 0xb6a59000 0x080000 Flip Feng Surf – May 17, 2017 Scenario 3: Breaking the Mobile
90
Scenario 3: Breaking the Mobile
Reproduce the bit flip Flip Feng Surf – May 17, 2017 Scenario 3: Breaking the Mobile
91
Scenario 3: Breaking the Mobile
Reproduce the bit flip Flip Feng Surf – May 17, 2017 Scenario 3: Breaking the Mobile
92
Scenario 3: Breaking the Mobile
Evaluation Device #flips 1st exploitable flip after LG Nexus 51 1058 116s LG Nexus 54 - LG Nexus 55 747,013 1s LG Nexus 4 1,328 7s OnePlus One 3,981 942s Motorola Moto G (2013) 429 441s LG G4 (ARMv8 – 64-bit) 117,496 5s Bit flips on 18 out of 27 tested devices Flip Feng Surf – May 17, 2017 Scenario 3: Breaking the Mobile
93
Scenario 3: Breaking the Mobile
Evaluation Device #flips 1st exploitable flip after LG Nexus 51 1058 116s LG Nexus 54 - LG Nexus 55 747,013 1s LG Nexus 4 1,328 7s OnePlus One 3,981 942s Motorola Moto G (2013) 429 441s LG G4 (ARMv8 – 64-bit) 117,496 5s Flip Feng Surf – May 17, 2017 Scenario 3: Breaking the Mobile
94
Scenario 3: Breaking the Mobile
Evaluation Device #flips 1st exploitable flip after LG Nexus 51 1058 116s LG Nexus 54 - LG Nexus 55 747,013 1s LG Nexus 4 1,328 7s OnePlus One 3,981 942s Motorola Moto G (2013) 429 441s LG G4 (ARMv8 – 64-bit) 117,496 5s Flip Feng Surf – May 17, 2017 Scenario 3: Breaking the Mobile
95
Scenario 3: Breaking the Mobile
Evaluation Device #flips 1st exploitable flip after LG Nexus 51 1058 116s LG Nexus 54 - LG Nexus 55 747,013 1s LG Nexus 4 1,328 7s OnePlus One 3,981 942s Motorola Moto G (2013) 429 441s LG G4 (ARMv8 – 64-bit) 117,496 5s Flip Feng Surf – May 17, 2017 Scenario 3: Breaking the Mobile
96
Scenario 3: Breaking the Mobile
Evaluation Device #flips 1st exploitable flip after LG Nexus 51 1058 116s LG Nexus 54 - LG Nexus 55 747,013 1s LG Nexus 4 1,328 7s OnePlus One 3,981 942s Motorola Moto G (2013) 429 441s LG G4 (ARMv8 – 64-bit) 117,496 5s After the 1st exploitable flip, exploitation takes at most 22 seconds Flip Feng Surf – May 17, 2017 Scenario 3: Breaking the Mobile
97
Scenario 3: Breaking the Mobile
Evaluation Device #flips 1st exploitable flip after LG Nexus 51 1058 116s LG Nexus 54 - LG Nexus 55 747,013 1s LG Nexus 4 1,328 7s OnePlus One 3,981 942s Motorola Moto G (2013) 429 441s LG G4 (ARMv8 – 64-bit) 117,496 5s After the 1st exploitable flip, exploitation takes at most 22 seconds Drammer test app reported bit flips on: Google Pixel, OnePlus 3, Galaxy Note 7, … Flip Feng Surf – May 17, 2017 Scenario 3: Breaking the Mobile
98
Scenario 3: Breaking the Mobile
Disclosure Contacted Google with suggested mitigations on July 25, 2016 (91 days before #CCS16) “Can you publish at another conference, later this year?” “What if we support you financially?” Flip Feng Surf – May 17, 2017 Scenario 3: Breaking the Mobile
99
Disclosure (best) DUTCH CYBER SECURITY RESEARCH PAPER AWARD
Contacted Google with suggested mitigations on July 25, 2016 (91 days before #CCS16) “Ok, could you then perhaps obfuscate some parts of the paper?” Rewarded $4000 Partial hardening in November’s updates “We will continue to work on a longer term solution” (best) DUTCH CYBER SECURITY RESEARCH PAPER AWARD Flip Feng Surf – May 17, 2017 Scenario 3: Breaking the Mobile
100
CONCLUSION Now what? Flip Feng Surf – May 17, 2017 Conclusion
101
Flip Feng Shui Deterministic Rowhammer exploitation by VUSec
We break your cloud We break your browser We break your mobile Yes, we are also working on software defenses… Software was never designed to deal with bit flips Software defenses are in early stages and easily bypassed Even hardware mitigations are currently still optional You cannot fix Rowhammer Flip Feng Surf – May 17, 2017 Conclusion
102
Implications Rowhammer, the silent killer since 2010
A lot of DRAM chips have been manufactured since With 83% affected DDR3 modules, this is a widespread issue More research is necessary to understand the impact Rowhammer is not going away Bit flips reported on both DDR4 and the latest smartphones What is next? Do you still trust hardware? Will there be a Rowhammer 2.0? Flip Feng Surf – May 17, 2017 Conclusion
103
More details, demos, statistics, and Drammer test app https://vusec
@vvdveen @gober Flip Feng Surf – May 17, 2017 Conclusion
104
Did you not have enough yet?
BACKUP SLIDES Did you not have enough yet? Flip Feng Surf – May 17, 2017 Backup
105
Rowhammer Rowhammer Disturbance error! A DRAM hardware glitch
Memory cells (capacitors) have a natural discharge rate refresh every 64ms Activating neighboring cells increases the discharge rate Rowhammer Victim cell is charged to represent 1 Neighboring cells are accessed frequently Victim cell leaks charge below a certain threshold When read, victim cell is interpreted 0 Disturbance error! Flip Feng Surf – May 17, 2017 Backup
106
Memory templating Select the aggressor rows
Dedicated hardware devices might be stupid Simple devices cannot translate virtual to physical mappings Shared memory must be contiguous DMA can behave very much like Huge Pages buf = gralloc(…) 0xbff00000 0x040000 1 1 1 … 0xbff40000 0x080000 1 1 1 … 0xbff80000 0x0c0000 1 1 … 0xbffc0000 0x100000 1 1 1 … 0xc 0x140000 1 … Flip Feng Surf – May 17, 2017 Backup
107
Select the Aggressor Rows
DRAM works with physical memory addresses Software works with virtual addresses Unpredictable mapping of virtual to physical addresses How do we select the addresses to read from? buf = malloc(…) 0xbff00000 0x040000 1 1 1 … 0xbff40000 0x080000 1 1 1 … 0xbff80000 0x0c0000 1 1 … 0xbffc0000 0x100000 1 1 1 … 0xc 0x140000 1 … Flip Feng Surf – May 17, 2017 Backup
108
Select the Aggressor Rows
DRAM works with physical memory addresses Software works with virtual addresses Unpredictable mapping of virtual to physical addresses How do we select the addresses to read from? buf = malloc(…) 0xbff00000 0x040000 1 1 1 … 0xbff40000 0x080000 1 1 1 … 0xbff80000 0x0c0000 1 1 … 0xbffc0000 0x100000 1 1 1 … 0xc 0x140000 1 … Flip Feng Surf – May 17, 2017 Backup
109
Select the Aggressor Rows
Solution: single sided Rowhammer Pick any two addresses and ‘just’ hammer Less interference between rows, so less bit flips Still good enough with buggy DRAM buf = malloc(…) 0xbff00000 0x040000 1 1 1 … 0xbff40000 0x080000 1 1 1 … 0xbff80000 0x0c0000 1 1 … 0xbffc0000 0x100000 1 1 1 … 0xc 0x140000 1 … Flip Feng Surf – May 17, 2017 Backup
110
Select the Aggressor Rows
Solution: pagemap Special file that holds the mapping of virtual to physical addresses /proc/self/pagemap buf = malloc(…) 0xbff00000 0x040000 1 1 1 … 0xbff40000 0x080000 1 1 1 … 0xbff80000 0x0c0000 1 1 … 0xbffc0000 0x100000 1 1 1 … 0xc 0x140000 1 … Flip Feng Surf – May 17, 2017 Backup
111
Select the Aggressor Rows
Solution: pagemap Special file that holds the mapping of virtual to physical addresses Solution: huge pages Virtual allocations mapped to physically contiguous memory buf = malloc(…) 0xbff00000 0x040000 1 1 1 … 0xbff40000 0x080000 1 1 1 … 0xbff80000 0x0c0000 1 1 … 0xbffc0000 0x100000 1 1 1 … 0xc 0x140000 1 … Flip Feng Surf – May 17, 2017 Backup
Similar presentations
© 2025 SlidePlayer.com Inc.
All rights reserved.