On 05/21/2017 04:34 PM, xet7 wrote:
Can anvil kernel module protections for rowhammer be added to Qubes?
https://news.ycombinator.com/item?id=12822490
Ideally to fix this issue you would buy quality RAM that is made
properly to avoid rowhammer (ask OEMs for test results, the large ones
have them) there are modules out there that can't be exploited even if
you half the refresh rate.
Mitigating this can only be done in libre firmware, you would have to
buy an open source init coreboot system (most "coreboot" systems such as
purism are not actually open source for hw init) and lower the DRAM
refresh rate (within spec) until you don't see any flips. Lowering the
refresh rate is how the major laptop OEM's do it at least.
I don't consider a kernel module a real mitigation as you have to apply
it each and every time you upgrade your kernel on most systems unless
you use ex: gentoo where you can auto-patch.
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/qubes-users/302fab57-a787-c7dd-0a62-f46a01618daa%40gmx.com.
For more options, visit https://groups.google.com/d/optout.