On 05/21/2017 04:34 PM, xet7 wrote:

Can anvil kernel module protections for rowhammer be added to Qubes?

https://news.ycombinator.com/item?id=12822490

Ideally to fix this issue you would buy quality RAM that is made properly to avoid rowhammer (ask OEMs for test results, the large ones have them) there are modules out there that can't be exploited even if you half the refresh rate.

Mitigating this can only be done in libre firmware, you would have to buy an open source init coreboot system (most "coreboot" systems such as purism are not actually open source for hw init) and lower the DRAM refresh rate (within spec) until you don't see any flips. Lowering the refresh rate is how the major laptop OEM's do it at least.

I don't consider a kernel module a real mitigation as you have to apply it each and every time you upgrade your kernel on most systems unless you use ex: gentoo where you can auto-patch.

--
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/302fab57-a787-c7dd-0a62-f46a01618daa%40gmx.com.
For more options, visit https://groups.google.com/d/optout.

Reply via email to