ImPress: Securing DRAM Against Data-Disturbance Errors via Implicit Row-Press Mitigation

TL;DR

ImPress is a novel mitigation technique that protects DRAM from both Rowhammer and Row-Press vulnerabilities without performance overheads or reducing the Rowhammer threshold, by treating long-open rows as activations.

Contribution

ImPress introduces an implicit mitigation approach that is compatible with existing solutions and does not require restricting row-open-time or redesigning Rowhammer defenses.

Findings

ImPress effectively neutralizes Row-Press attacks.

It maintains the Rowhammer threshold while providing security.

Compatible with both in-DRAM and controller-based trackers.

Abstract

DRAM cells are susceptible to Data-Disturbance Errors (DDE), which can be exploited by an attacker to compromise system security. Rowhammer is a well-known DDE vulnerability that occurs when a row is repeatedly activated. Rowhammer can be mitigated by tracking aggressor rows inside DRAM (in-DRAM) or at the Memory Controller (MC). Row-Press (RP) is a new DDE vulnerability that occurs when a row is kept open for a long time. RP significantly reduces the number of activations required to induce an error, thus breaking existing RH solutions. Prior work on Explicit Row-Press mitigation, ExPress, requires the memory controller to limit the maximum row-open-time, and redesign existing Rowhammer solutions with reduced Rowhammer threshold. Unfortunately, ExPress incurs significant performance and storage overheads, and being a memory controller-based solution, it is incompatible with in-DRAM trackers. In this paper, we propose Implicit Row-Press mitigation (ImPress), which does not restrict row-open-time, is compatible with memory controller-based and in-DRAM solutions and does not reduce the tolerated Rowhammer threshold. ImPress treats a row open for a specified time as equivalent to an activation. We design ImPress by developing a Unified Charge-Loss Model, which combines the net effect of both Rowhammer and Row-Press for arbitrary patterns. We analyze both controller-based (Graphene and PARA) and in-DRAM trackers (Mithril and MINT). We show that ImPress makes Rowhammer solutions resilient to Row-Press transparently, without affecting the Rowhammer threshold.