Paper: Copy-on-Flip: Hardening ECC Memory Against Rowhammer Attacks. Andrea Di Dio, Koen Koning, Herbert Bos, Cristiano Giuffrida. In NDSS, February 2023.
The CoF kernel can be built and installed like any other version of the Linux kernel.
N.B. The current code has been written to be optimized and functional on the experimental setup outlined in the paper (Section VII). In order to adapt it to different bare metal systems you will have to set the relevant config flags and adapt the code accordingly (e.g., manually redirect slabs using the SLAB_COF and ___GFP_COF).
To quickly view the changes we made to the vanilla 5.4.1 kernel, you can look at the cof.patch file. This can be applied as follows:
- Get the v5.4.1 vanilla kernel version:
git clone git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git git checkout v5.4.1
- Apply the patch:
git apply cof.patch
- Copy over the kernel config:
cp cof_kernel/.config linux-stable/
- Build and install the kernel:
make -j`nproc` make modules_install sudo make install