HN2new | past | comments | ask | show | jobs | submitlogin

I would guess if you're a big VM hosting provider and you have thousands of VMs all running the same version of Windows or Linux distro, that it could add up to some real savings to have them share common pages.


I guess so.

Seems the savings would be somewhat offset by having your whole business destroyed because its easy to crack.


Conceptually, it's safe. UNIX distributions routinely do the equivalent operation within single machines, it's a fundamental part of their operating model.

It's just that in the face of defective hardware, it's not safe. But this is not surprising, because nothing is safe, so it isn't particularly a criticism of page sharing. This specific attack may have used it, but Rowhammer is a powerful tool. This is not the only way it can be used; it is merely an exemplar.


cant you limit sharing to Read/eXecute pages only?


Isn't rowhammer done purely by read operations?


Yep. In DRAM, reads are destructive, so every time you read a row, you have to write that row back.


from what I remember you need control (=ability to write to) over adjacent rows?




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: