Reverse engineering Intel DRAM addressing and reproduction of blacksmith

Abstract

Rowhammer is a widely known computer hardware vulnerability in recent years which breaks the fundamental limitations of DRAM technology by repeatedly accessing in order to cause bitflips in the adjacent rows. Understanding and analyzing the effect of Rowhammer in various architectures is a primary need for enhancing system security and mitigating potential risks against RowHammer. This paper presents the development of a novel library for reverse engineering DRAM address functions, enabling efficient mapping and analysis of physical memory addresses across diverse DRAM architectures. The library accelerates the much-needed extraction of address-mapping functions, which is a pivotal part for the determination of the Rowhammer vulnerability in diverse architectures. We integrate the extracted address mappings with the Blacksmith fuzzer, a state-of-the-art Rowhammer testing tool, and deploy it on our targeted machines with three distinct architectures. Our experiments analyze and compare the Rowhammer effects across these platforms, evaluating metrics such as activation interval, refresh rates, bit flip distribution, and the potential for reliable exploitation. The results reveal architecture-specific characteristics of Rowhammer susceptibility and highlight the effectiveness of the proposed library in automating and streamlining DRAM address function extraction. Our findings offer interesting insights into the variations in Rowhammer susceptibility across architectures which contributes to the ongoing efforts of designing resilient systems and develop standardized testing methodologies for hardware vulnerabilities.