Uncovering DRAM RowHammer Protection Mechanisms

Uncovering DRAM RowHammer Protection Mechanisms
Slide Note
Embed
Share

DRAM RowHammer vulnerability exposes critical reliability and security issues, leading to the exploration of Target Row Refresh (TRR) techniques like U-TRR. This research delves into a new methodology, custom RowHammer patterns, and implications, shedding light on the effectiveness and security guarantees of TRR. By profiling row retention times and examining TRR refresh mechanisms, U-TRR uncovers innovative RowHammer access patterns, highlighting the challenges and opportunities for more secure solutions.

  • DRAM
  • RowHammer
  • U-TRR
  • Security
  • Vulnerability
mas_cor
mas_cor Follow

Uploaded on Feb 18, 2025 | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.

Download Presentation

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.

E N D

Presentation Transcript

  1. U-TRR Uncovering in-DRAM RowHammer Protection Mechanisms: A New Methodology, Custom RowHammer Patterns, and Implications Hasan Hassan Yahya Can Tugrul Jeremie S. Kim Victor van der Veen Kaveh Razavi Onur Mutlu

  2. Summary DRAM RowHammer vulnerability leads to critical reliability and security issues Target Row Refresh (TRR): a set of obscure, undocumented, and proprietary RowHammer mitigation techniques Is TRR fully secure? How can we validate its security guarantees? A new methodology that leverages dataretention failures to uncover the inner workings of TRR and study its security U-TRR 1) Profile the retention time of a row R 2) Find when TRR refreshes R to understand the underlying TRR mechanism High-Level Operation All 45 modules we test are vulnerable 15x Vendor A DDR4 modules 15x Vendor B DDR4 modules 15x Vendor C DDR4 modules 99.9% of rows in a DRAM bank experience at least one RowHammer bit flip New U-TRR RowHammer access patterns Up to 7 RowHammer bit flips in an 8-byte dataword, making ECC ineffective U-TRR can enable more secure RowHammer solutions 2

  3. Outline 1. DRAM Operation Basics 2. RowHammer & Target Row Refresh 3. The U-TRR Methodology 4. Observations & New RowHammer Access Patterns 5. RowHammer Bit Flip Analysis 6. Takeaways and Conclusion 3

  4. DRAM Organization DRAM Bank DRAM Cell DRAM Row Memory Bus Memory Controller CPU Sense Amplifier 4

  5. Accessing DRAM DRAM Bank DRAM Cell Activate DRAM Row Precharge Read/ Write Sense Amplifier 5

  6. DRAM Cell Leakage Each cell encodes information in leaky capacitors wordline access transistor charge leakage paths capacitor bitline Stored data is corrupted if too much charge leaks (i.e., the capacitor voltage degrades too much) 6 [Patel+, ISCA 17]

  7. DRAM Refresh Refresh Operations Refresh Window 100% Capacitor voltage (Vdd) Vmin 0% time REF REF REF Periodic refresh operations preserve stored data 7 [Patel+, ISCA 17]

  8. Outline 1. DRAM Operation Basics 2. RowHammer & Target Row Refresh 3. The U-TRR Methodology 4. Observations & New RowHammer Access Patterns 5. RowHammer Bit Flip Analysis 6. Takeaways and Conclusion 8

  9. The RowHammer Vulnerability DRAM Chip Row 0 Row 0 Victim Row Row 1 Row 1 Row 1 Victim Row open closed open open closed Aggressor Row Row 2 Row 2 Row 2 Row 2 Row 2 Row 2 Victim Row Row 3 Row 3 Row 3 Victim Row Row 4 Row 4 Repeatedly opening (activating) and closing (precharging) a DRAM row causes RowHammer bit flips in nearby cells 9

  10. Target Row Refresh (TRR) DRAM vendors equip their DRAM chips with a proprietary mitigation mechanisms known as Target Row Refresh (TRR) Key Idea: TRR refreshes nearby rows upon detecting an aggressor row TRR-equipped DRAM Chip Row 0 Row 1 Row 2 Row 3 Row 4 REF T R R Memory Controller closed open Aggressor detected: Row 2 Refresh neighbor rows TRR-induced refreshes 10

  11. The Problem with TRR TRR is obscure, undocumented, and proprietary We cannot easily study the security properties of TRR 11

  12. Goal Study in-DRAM TRR mechanisms to understand how they operate 1 assess their security 2 secure DRAM completely against RowHammer 3 12

  13. Outline 1. DRAM Operation Basics 2. RowHammer & Target Row Refresh 3. The U-TRR Methodology 4. Observations & New RowHammer Access Patterns 5. RowHammer Bit Flip Analysis 6. Takeaways and Conclusion 13

  14. Overview of U-TRR U-TRR: A new methodology to uncover the inner workings of TRR Key idea: Use data retention failures as a side channel to detect when a row is refreshed by TRR 14

  15. High-Level U-TRR Operation U-TRR has two main components: Row Scout (RS) and TRR Analyzer (TRR-A) Row Scout: finds a set of DRAM rows that meet certain requirements as needed by TRR-A and identifies the data retention times of these rows TRR Analyzer: uses RS-provided rows to distinguish between TRR-induced and regular refreshes, and thus builds an understanding of the underlying TRR mechanism Row Scout (RS) Profiling Configuration aggressor (A) row addr. dummy (D) row addr. hammering mode number of rounds Experiment Configuration row group layout row group count bank range ... A/D hammer counts REF count ... TRR Analyzer (TRR-A) Retention Profiled Rows (RPR) RPRs refreshed by TRR-induced refresh Analysis 15

  16. Row Scout (RS) Goal: Identify a list of useful DRAM rows and their retention times Row Scout must find: Rows with consistent* retention times To correctly infer whether a row has been refreshed Multiple rows that are located at certain configurable distances and have the sameretention time (i.e., Row Group) To observe whether TRR can refresh multiple rows at the same time Row Scout (RS) Profiling Configuration aggressor (A) row addr. dummy (D) row addr. hammering mode number of rounds Experiment Configuration row group layout row group count bank range ... A/D hammer counts REF count ... TRR Analyzer (TRR-A) Retention Profiled Rows (RPR) RPRs refreshed by TRR-induced refresh Analysis * The retention time of a DRAM row may change over time due to Variable Retention Time (VRT) effects 16

  17. Row Scout (RS) Operation Profiling the retention time of a DRAM row: 1) write data 2) wait for T 3) check for retention bit flips YES increase T 5 Find DRAM rows with retention time T 1 NO Enough row groups pass? NO Retention Profiled Rows (RPR) 6 row addresses Are the candidates enough? YES Combine rows to match the group layout row groups 2 candidate row groups Verify retention time consistency 4 V V V Row Group: 17

  18. TRR Analyzer (TRR-A) Goal: Use RS-provided rows to determine when TRR refreshes a victim row High-level Operation: 1) Run a certain DRAM access pattern (i.e., RowHammer attack) 2) Monitor retention failures in RS-provided rows to determine when TRR refreshes any of these rows 3) Develop an understanding of the underlying TRR operation Row Scout (RS) Profiling Configuration aggressor (A) row addr. dummy (D) row addr. hammering mode number of rounds Experiment Configuration row group layout row group count bank range ... A/D hammer counts REF count ... TRR Analyzer (TRR-A) Retention Profiled Rows (RPR) RPRs refreshed by TRR-induced refresh Analysis 18

  19. TRR Analyzer (TRR-A) Operation Expecting no retention failures in V Retention Profiled Rows (RPR) Expecting retention failures in V Reset TRRs internal state Issue REFs Hammer A [and D] Read V and check for bit flips Initialize V and A time T/2 T V V V Row Group: aggressor (A) row addr. dummy (D) row count hammering mode number of rounds A A Configuration Experiment V: victim (RS-provided) rows A: aggressor rows D: dummy rows TRR-A helps to understand how TRR operates based on when Retention Profiled Rows are refreshed by TRR A/D hammer counts REF count 19

  20. Outline 1. DRAM Operation Basics 2. RowHammer & Target Row Refresh 3. The U-TRR Methodology 4. Observations & New RowHammer Access Patterns 5. RowHammer Bit Flip Analysis 6. Takeaways and Conclusion 20

  21. DRAM Testing Infrastructure We implement U-TRR using FPGA-based SoftMC[Hassan+, HPCA 17] modified to support DDR4 DRAM SoftMC provides fine-grained control over DRAM commands, timing parameters and temperature 15x Vendor A DDR4 modules We analyze 45 DDR4 DRAM modules from three vendors 15x Vendor B DDR4 modules Table 1 in our paper provides more information about the analyzed modules 15x Vendor C DDR4 modules 21

  22. Key Observations: Vendor A Refresh Types: Regular Refresh (RR) TRR-capable Refresh (TREF1 and TREF2) TREF1 TREF2 time RR RR RR RR RR RR RR RR RR RR RR RR RR RR RR RR 8x regular refresh 8x regular refresh Observation: TRR tracks potentially aggressor rows using a Counter Table Counter Table TREF1: Refreshes the victims of row ID with the largest counter value row ID row ID counter value counter value TREF2 pointer 16 entries TREF 2: Refreshes the victims of row ID that TREF2 pointer refers to row ID counter value 22

  23. Circumventing Vendor As TRR Counter Table Approach:Ensure an aggressor row is discarded from the Counter Table prior to a REF command A1 A2 row ID row ID counter value counter value 16 entries row ID counter value RR TREF1TREF2 REF ACT ([A1, A2]) ACT(D1) ACT(D2) ACT(D16) REF N+1 times N times N+1 times N+1 times Ai: aggressor row Di: dummy row [A1, A2] not refreshed by TRR This RowHammer access pattern requires synchronizing accesses with REF commands Circumventing Vendor A s TRR by discarding the actual aggressor rows from the Counter Table 23

  24. Key Observations: Vendor B Refresh Types: Regular Refresh (RR) TRR-capable Refresh (TREF) TREF TREF TREF TREF time RR RR RR RR RR RR RR RR RR RR RR RR 3x regular refresh 3x regular refresh 3x regular refresh 3x regular refresh Observation 1: TRR probabilistically samples the address of an activated row Observation 2: A newly-sampled row overwrites the previously-sampled one TREF: Refreshes the victims of the last sampled row 24

  25. Circumventing Vendor Bs TRR Approach: Maximize the dummy rowhammers after hammering the aggressor rows and before the next TREF ACT(D1) ACT ([A1, A2]) TREF TREF N times M times [A1, A2] not refreshed by TRR Circumventing Vendor B s TRR by making it replace a sampled aggressor row by sampling a dummy row 25

  26. Key Observations: Vendor C Refresh Types: Regular Refresh (RR) TRR-capable Refresh (TREF) TREF TREF time RR RR RR RR RR RR RR RR 16x regular refresh 16x regular refresh Observation 1: TRR detects an aggressor row only among the first 2K ACT commands issued after a TREF Observation 2: Rows activated earlier within the 2K ACT commands are more likely to be detected by TRR TREF: Detects an aggressor row only among the first 2K ACT commands while favoring the earlier activations more 26

  27. Circumventing Vendor Cs TRR Approach: Hammer dummy rows before aggressor rows to maximizethe probability of TRR detecting a dummy row ACT([A1, A2]) TREF TREF ACT(D1) N times M times [A1, A2] not refreshed by TRR Circumventing Vendor C s TRR by first hammering dummy rows to make aggressor rows less likely to be detected 27

  28. Outline 1. DRAM Operation Basics 2. RowHammer & Target Row Refresh 3. The U-TRR Methodology 4. Observations & New RowHammer Access Patterns 5. RowHammer Bit Flip Analysis 6. Takeaways and Conclusion 28

  29. Bypassing TRR with New RowHammer Access Patterns We craft new RowHammer access patterns that circumvent TRR of three major DRAM vendors On the 45 DDR4 modules we test, the new access patterns cause a large number of RowHammer bit flips 29

  30. Effect on Individual Rows All 45 modules we tested are vulnerable to our new RowHammer access patterns Our RowHammer access patterns cause bit flips in more than 99.9% of the rows Why are some modules less vulnerable? 1)Fundamentally less vulnerable to RowHammer 2)Different TRR mechanisms 3)Unique row organization 30

  31. Effect on Individual Rows All 45 modules we tested are vulnerable to our new RowHammer access patterns Our RowHammer access patterns cause bit flips in more than 99.9% of the rows Why are some modules less vulnerable? 1)Fundamentally less vulnerable to RowHammer 2)Different TRR mechanisms 3)Unique row organization Our access patterns successfully circumvent the TRR implementations of all three major DRAM vendors 31

  32. Can ECC Protect Against Our Access Patterns? ECC DRAM Module DATA ECC METADATA 16 bits 16 bits 16 bits 16 bits 16 bits 2-byte ECC symbol 10-byte codeword 8-byte dataword corrects 1 bit/symbol ECC Engine detects 2 bits/symbols Memory Controller 32

  33. Bypassing ECC with New RowHammer Patterns Vendor A Vendor B Vendor C Modules from all three vendors have many 8-byte data chunks with 3 and more (up to 7) RowHammer bit flips Conventional DRAM ECC cannot protect against our new RowHammer access patterns 33

  34. Other Observations and Results in the Paper More observations on the TRRs of the three vendors Detailed description of the crafted access patterns Hammers per aggressor row sensitivity analysis Observations and results for individual modules 34

  35. Outline 1. DRAM Operation Basics 2. RowHammer & Target Row Refresh 3. The U-TRR Methodology 4. Observations & New RowHammer Access Patterns 5. RowHammer Bit Flip Analysis 6. Takeaways and Conclusion 35

  36. Conclusion Target Row Refresh (TRR): a set of obscure, undocumented, and proprietary RowHammer mitigation techniques We cannot easily study the security properties of TRR Is TRR fully secure? How can we validate its security guarantees? A new methodology that leverages dataretention failures to uncover the inner workings of TRR and study its security U-TRR All 45 modules we test are vulnerable 15x Vendor A DDR4 modules 15x Vendor B DDR4 modules 15x Vendor C DDR4 modules 99.9% of rows in a DRAM bank experience at least one RowHammer bit flip New U-TRR RowHammer access patterns Up to 7 RowHammer bit flips in an 8-byte dataword, making ECC ineffective TRR does not provide security against RowHammer U-TRR can facilitate the development of new RowHammer attacks and more secure RowHammer protection mechanisms 36

  37. U-TRR Uncovering in-DRAM RowHammer Protection Mechanisms: A New Methodology, Custom RowHammer Patterns, and Implications Hasan Hassan Yahya Can Tugrul Jeremie S. Kim Victor van der Veen Kaveh Razavi Onur Mutlu

Related


The Organization of DRAM Subsystem Components

The Organization of DRAM Subsystem Components

mallory
Computer Architecture: Understanding SRAM and DRAM Memory Technologies

Computer Architecture: Understanding SRAM and DRAM Memory Technologies

klay
High-Throughput True Random Number Generation Using QUAC-TRNG

High-Throughput True Random Number Generation Using QUAC-TRNG

vishnu
SIMDRAM: An End-to-End Framework for Bit-Serial SIMD Processing Using DRAM

SIMDRAM: An End-to-End Framework for Bit-Serial SIMD Processing Using DRAM

khadija
Mitigation of DMA-based Rowhammer Attacks on ARM

Mitigation of DMA-based Rowhammer Attacks on ARM

baylee
Insights into DRAM Power Consumption and Design Concerns

Insights into DRAM Power Consumption and Design Concerns

emberly
Dram Shop Act and Premises Liability for Bar and Tavern Owners

Dram Shop Act and Premises Liability for Bar and Tavern Owners

juna
Improving GPGPU Performance with Cooperative Thread Array Scheduling Techniques

Improving GPGPU Performance with Cooperative Thread Array Scheduling Techniques

marmaduke
Enhancing Multi-Node Systems with Coherent DRAM Caches

Enhancing Multi-Node Systems with Coherent DRAM Caches

weld_les
Enhancing Memory Cache Efficiency with DRAM Compression Techniques

Enhancing Memory Cache Efficiency with DRAM Compression Techniques

trav_45
Architecting DRAM Caches for Low Latency and High Bandwidth

Architecting DRAM Caches for Low Latency and High Bandwidth

fpiro
RowPress: A New Read Disturbance Phenomenon in Modern DRAM Chips

RowPress: A New Read Disturbance Phenomenon in Modern DRAM Chips

ami_dom
Managing DRAM Latency Divergence in Irregular GPGPU Applications

Managing DRAM Latency Divergence in Irregular GPGPU Applications

mayt_93
Panopticon: Complete In-DRAM Rowhammer Mitigation

Panopticon: Complete In-DRAM Rowhammer Mitigation

monta
Understanding DRAM Errors: Implications for System Design

Understanding DRAM Errors: Implications for System Design

arta766
Transparent Hardware Management of Stacked DRAM for Memory Systems

Transparent Hardware Management of Stacked DRAM for Memory Systems

wnutt
Understanding Latency Variation in Modern DRAM Chips

Understanding Latency Variation in Modern DRAM Chips

glei
Power Consumption in Memory-Intensive Databases

Power Consumption in Memory-Intensive Databases

reeg_811
Enhancing DRAM Performance with ChargeCache: A Novel Approach

Enhancing DRAM Performance with ChargeCache: A Novel Approach

migisi
Intelligent DRAM Cache Strategies for Bandwidth Optimization

Intelligent DRAM Cache Strategies for Bandwidth Optimization

igart
Enhancing Data Movement Efficiency in DRAM with Low-Cost Inter-Linked Subarrays (LISA)

Enhancing Data Movement Efficiency in DRAM with Low-Cost Inter-Linked Subarrays (LISA)

bradi
CLR-DRAM: Dynamic Capacity-Latency Trade-off Architecture

CLR-DRAM: Dynamic Capacity-Latency Trade-off Architecture

nurs_aws

More Related Content