By: Etienne Lorrain (etienne_lorrain.delete@this.yahoo.fr), January 8, 2021 1:18 am
Room: Moderated Discussions
Linus Torvalds (torvalds.delete@this.linux-foundation.org) on January 7, 2021 10:04 am wrote:
> Chester (lamchester.delete@this.gmail.com) on January 7, 2021 5:00 am wrote:
> > > Linus
> >
> > Except if we're talking about malicious attacks, researchers figured out they could flip three bits
> > and cause an undetectable error.
>
> BS.
>
> They could do so only by causing a lot of single-bit flips
>
> Why is this so hard to understand? ECC would detect the attack.
> It really is that simple, and that's a fundamental fact.
>
> People who argue about undetectable 3-bit flips are incompetent and don't understand
> what they are talking about. They are either actively trying to be bad actors,
> or they have bought into the fairy tale from the bad actors.
>
> And yes, in some theoretical universe you could have a single 3-bit flip without getting any single-bit
> flips. Anything can happen in theory. But that's like worrying about a meteorite targeting you
> personally. It's simply not a realistic worry, and it's not an argument against ECC.
>
> Do you argue against airbags because they wouldn't save
> you from being killed in your car by a stray meteorite?
>
> Can you really not see how stupid your argument is?
>
> Linus
I just want to comment on that part:
> And yes, in some theoretical universe you could have a single 3-bit flip without getting any single-bit
> flips.
People assume the single bit errors are corrected in the backing memory when detected, which is different than correcting only the value read.
Correcting the backing memory is a lot more complex than just correcting the value read and hoping for the best later-on, i.e. that someone somewhere will overwrite that cache line and by doing so correct the ECC error.
You can and will detect single bit error in a cacheline that is not exclusively own by your processor core (another core may store a mutex on that line), or in a write-protected page, or in a page shared by a DMA engine.
So to generate 3-bit flips you generate three 1 bit flips at the same address, and hope they are on different bits number.
> Chester (lamchester.delete@this.gmail.com) on January 7, 2021 5:00 am wrote:
> > > Linus
> >
> > Except if we're talking about malicious attacks, researchers figured out they could flip three bits
> > and cause an undetectable error.
>
> BS.
>
> They could do so only by causing a lot of single-bit flips
>
> Why is this so hard to understand? ECC would detect the attack.
> It really is that simple, and that's a fundamental fact.
>
> People who argue about undetectable 3-bit flips are incompetent and don't understand
> what they are talking about. They are either actively trying to be bad actors,
> or they have bought into the fairy tale from the bad actors.
>
> And yes, in some theoretical universe you could have a single 3-bit flip without getting any single-bit
> flips. Anything can happen in theory. But that's like worrying about a meteorite targeting you
> personally. It's simply not a realistic worry, and it's not an argument against ECC.
>
> Do you argue against airbags because they wouldn't save
> you from being killed in your car by a stray meteorite?
>
> Can you really not see how stupid your argument is?
>
> Linus
I just want to comment on that part:
> And yes, in some theoretical universe you could have a single 3-bit flip without getting any single-bit
> flips.
People assume the single bit errors are corrected in the backing memory when detected, which is different than correcting only the value read.
Correcting the backing memory is a lot more complex than just correcting the value read and hoping for the best later-on, i.e. that someone somewhere will overwrite that cache line and by doing so correct the ECC error.
You can and will detect single bit error in a cacheline that is not exclusively own by your processor core (another core may store a mutex on that line), or in a write-protected page, or in a page shared by a DMA engine.
So to generate 3-bit flips you generate three 1 bit flips at the same address, and hope they are on different bits number.