vvdveen
commented
6 years ago The last update for the Nexus 5 disabled the ION contiguous heap to prevent Rowhammer attacks. Your output shows that the app is unable to get any contiguous memory.
Closed T-TROUCHKINE closed 6 years ago
vvdveen
commented
6 years ago The last update for the Nexus 5 disabled the ION contiguous heap to prevent Rowhammer attacks. Your output shows that the app is unable to get any contiguous memory.
T-TROUCHKINE
commented
6 years ago Thank you for this answer !
Hello,
I have a LG Nexus 5 with Hammerhead on Android 6.0.1. I think I am in you article situation but when I run your code it looks like there is nothing happening. This is the command I'm trying with the corresponding result.
///// COMMAND $> ./rh_test -a -c 2500000 -d3
///// RESULT [EXHAUST] - order 10 (4096 KB) - got 0 chunks [EXHAUST] - order 9 (2048 KB) - got 0 chunks [EXHAUST] - order 8 (1024 KB) - got 0 chunks [EXHAUST] - order 7 ( 512 KB) - got 0 chunks [EXHAUST] - order 6 ( 256 KB) - got 0 chunks [EXHAUST] - order 5 ( 128 KB) - got 0 chunks [EXHAUST] - order 4 ( 64 KB) - got 0 chunks [EXHAUST] allocated 0 KB (0 MB) [DEFRAG] Additionally got 0 chunks of size 4096 KB (0 bytes in total = 0 MB) Page block order: 10 Pages per block: 1024 Free pages count per migrate type at order 0 1 2 3 4 5 6 7 8 9 10 Node 0, zone Normal, type Unmovable 57 46 13 1 1 1 0 1 0 2 1 Node 0, zone Normal, type Reclaimable 0 9 7 1 1 0 0 0 0 0 0 Node 0, zone Normal, type Movable 0 0 0 1 2 1 0 4 9 5 135 Node 0, zone Normal, type Reserve 0 0 0 0 0 0 0 0 0 0 1 Node 0, zone Normal, type CMA 0 0 1 0 0 0 1 0 1 1 3 Node 0, zone Normal, type Isolate 0 0 0 0 0 0 0 0 0 0 0 Node 0, zone HighMem, type Unmovable 41 35 13 3 0 0 0 0 0 0 0 Node 0, zone HighMem, type Reclaimable 0 0 0 0 0 0 0 0 0 0 0 Node 0, zone HighMem, type Movable 553 44 2 0 0 0 0 0 0 0 0 Node 0, zone HighMem, type Reserve 54 17 3 1 0 0 0 0 0 0 0 Node 0, zone HighMem, type CMA 1364 3245 458 11 0 0 0 0 0 0 0 Node 0, zone HighMem, type Isolate 0 0 0 0 0 0 0 0 0 0 0 Number of blocks type Unmovable Reclaimable Movable Reserve CMA Isolate Node 0, zone Normal 31 3 151 1 4 0 Node 0, zone HighMem 36 0 170 1 76 0 [RS] Trying getprop [RS] ro.product.model: Nexus 5 [RS] ro.product.name: hammerhead [RS] ro.product.board: hammerhead [RS] ro.board.platform: msm8974 [RS] known model: LG Nexus 5 [MAIN] Row size: 65536 [EXHAUST] - order 10 (4096 KB) - got 0 chunks [EXHAUST] - order 9 (2048 KB) - got 0 chunks [EXHAUST] - order 8 (1024 KB) - got 0 chunks [EXHAUST] - order 7 ( 512 KB) - got 0 chunks [EXHAUST] - order 6 ( 256 KB) - got 0 chunks [EXHAUST] allocated 0 KB (0 MB) [TMPL] - Bytes allocated: 0 (0 MB) [TMPL] - Time: 1457894997 [TMPL] - Start templating [TMPL] - bytes hammered: 0 (0 MB) [TMPL] - median readtime: 0 [TMPL] - unique flips: 0 (1-to-0: 0 / 0-to-1: 0) [TMPL] - exploitable flips: 0 [TMPL] - time spent: 0 seconds /////
I really think I could have bit flips but nothing happen, I have the impression there is no memory allocated through the ION API and then no real hammering.
Am I missing something ?