dram-physical-memory.md (5141B)
1 +++ 2 title = 'DRAM (physical memory)' 3 +++ 4 5 # DRAM (physical memory) 6 Memory requests: 7 1. Translate virtual address to physical address (MMU) 8 2. Check caches to see if location has been cached 9 3. If not, access DRAM via memory controller 10 11 DRAM = dynamic random access memory: 12 - last parallel bus: 64 bits bus for data, 72 with ECC 13 - organised in memory cells, 1-bit data 14 - each cell has 1 capacitor + 1 access transistor 15 - charge/discharge capacitor to store 1/0 bit value 16 - capacitors slowly discharge, so need periodic refresh (unlike SRAM) 17 - refreshed typically every 8ms-64ms 18 19 Memory controller uses channels to talk to DRAM, each channel has a memory bus of 64 bits of data (set of pins to transfer info). 20 Multiple channels for bus-level parallelism 21 22 DIMMs are memory modules, 1 or more per channel. 23 24 Ranks are collection of on-DIMM chips, each works independently but only can use data bus at any given time. Memory operations are rank-level in nature. 25 26 Chips are in a rank, all are active during a memory request, providing different data (so data bus is partitioned across chips). They can be 2x, 4x, 8x (for the number of bits they provide). 27 28 Each chip has multiple banks, commonly 16 (DDR4). 29 30 Each bank has multiple rows, for example 64k rows. Access one row at a time in bank to serve memory request. 31 32 Each row has a number of columns, e.g. 1k columns with 1 byte per column. See row as logically spanning across all chips on given rank. 33 34 ## Reading from and writing to DRAM 35 Row buffer of given bank logically spans across all chips in a rank. To read/write a row, need to first load it into row buffer ('activate' it). After activating a row, the original data is gone, only preserved in the row buffer. 36 37 1. Activate the row, placing it in the row buffer. 38 2. Read from all chips 1 byte at a time, takes 8 requests to get full cache line. 39 3. Precharge or row close to 'save' the data back to the row (maybe, depends on policy) 40 - Open row policy 41 - row kept open after access, optimizing for access locality 42 - misses are more costly, need precharge 43 - Closed row policy: 44 - precharge after access 45 - expect misses, eliminate precharge latency 46 - Memory controllers also use proprietary policies 47 48 ## DRAM address mapping 49 Physical address space != DRAM address space. 50 51 Memory controller decides mapping from physical to DRAM addresses, and the mapping has an impact on performance (and security). 52 53 ## Side channel attacks on DRAM 54 Proprietary in DRAM subsystem: 55 - memory controller policies: precharge, refresh, scheduling 56 - physical to DRAM mapping 57 - data encoding on bus 58 59 Side channels need shared resource between different parties. 60 61 Timing side channel: "something" leaks depending on how fast the operation is 62 - operations on activated rows are fast 63 - operations on non-activated rows are slower, they need to be activated first (and others must be precharged) 64 - detecting import bits for bank selection: accessing alternating rows causes bank conflicts because of row buffer miss, must precharge + activate -- can find out which bits select bank 65 - can be done remotely, software-only. but cannot look at data bits, cannot easily reconstruct address selection functions. 66 67 You can also probe the bus directly using an oscilloscope, and send requests for very different physical addresses. 68 ## Rowhammer 69 Works because of DRAM defect on memory modules. 70 71 Under certain conditions, the capacitors quickly leak charge, causing bits to flip. 72 All the attacker has to do from software is activate the same rows numerous times within a refresh interval. 73 74 If you repeatedly access row 0 and 2 in the same bank (aggressor rows), the capacitors in the middle row (row 1, victim row) leak charge and the data is corrupted. 75 76 Can be useful for e.g. privilege escalation, flipping bits in page tables. 77 78 Mitigations: 79 - hardware: 80 - ECC memory: automatically correct bit flips 81 - target row refresh: refresh neighboring rows of rows being hammered 82 - software: 83 - disable features: pagemap for unprivileged users, disable DMA allocators, memory deduplication 84 - other mitigations (ZebRAM, Drammer, Hammertime) 85 86 ECC memory: 87 - data bus has 72 bits instead of 64 88 - ECC bits have info for error correction 89 - ECC function is secret, part of memory controller 90 - figuring it out: 91 - probe the pins -- possible, but expensive 92 - inject errors on bus, monitor behavior of ECC implementation (choose pins to make sure that short-circuiting flips a bit) 93 - using data patterns, recover full ECC function 94 95 ## Cold boot attack 96 Threat model: stolen laptop, DRAM holds secrets 97 98 DRAM cells keep charge for a while even if not refreshed, especially if cold. 99 100 Steps: 101 1. Cool down DIMMs with a spray 102 2. Shut down laptop 103 3. USB-boot into malicious OS, or move DIMM 104 4. Read any sensitive data 105 106 Mitigation: data scrambling -- memory controller randomizes data encoding when writing data to DRAM. 107 ## Address translation 108 MMU: multiple address spaces 109 - virtualize physical memory 110 - flexible memory management 111 - isolation and protection 112 113 Program the MMU using page tables. 114 Modern architectures use four-level page tables (PML4).