So where will we go now?
The researchers said that each the RTX 3060 and RTX 6000 cards are vulnerable. Changing BIOS defaults to enable IOMMU closes the vulnerability, they said. Short for input-output memory management unit, IOMMU maps device-visible virtual addresses to physical addresses on the host memory. It will possibly be used to make sure parts of memory off-limits.
“Within the context of our attack, an IOMMU can simply restrict the GPU from accessing sensitive memory locations on the host,” Kwong explained. “IOMMU is, nevertheless, disabled by default within the BIOS to maximise compatibility and since enabling the IOMMU comes with a performance penalty attributable to the overhead of the address translations.”
A separate mitigation is to enable Error Correcting Codes (ECC) on the GPU, something Nvidia allows to be done using a command line. Like IOMMU, enabling ECC incurs some performance overhead since it reduces the general amount of obtainable workable memory. Further, some Rowhammer attacks can overcome ECC mitigations.
GPU users should understand that the one cards known to be vulnerable to Rowhammer are the RTX 3060 and RTX 6000 from the Ampere generation, which were introduced in 2020. It wouldn’t be surprising if newer generations of graphics cards from Nvidia and others are vulnerable to the identical varieties of attacks, but since the pace of educational research typically lags far behind the faster speed of product rollouts, there’s no way now to know.
Top-tier cloud platforms typically provide security levels that go well beyond those available by default on hobbyist and consumer machines. One other thing to recollect: There aren’t any known instances of Rowhammer attacks ever being actively utilized in the wild.
The true value of the research is to place GPU makers and users alike on notice that Rowhammer attacks on these platforms have the potential to upend security in serious ways. More details about GDDRHammer and GeForge is out there here.
