mFIT: A Bump-in-the-Wire Tool for Plug-and-Play Analysis of Rowhammer Susceptibility Factors

Understanding susceptibility to Rowhammer bit flips in DRAM (i.e., main memory) is vital to ensure reliability and security on today’s systems, particularly on multitenant cloud servers. However, existing tools for analyzing susceptibility either suffer from a lack of precision or are not broadly-compatible with cloud platforms. In this work, we introduce mFIT, a low-cost tool for characterizing Rowhammer susceptibility factors. mFIT operates as a “bump-inthe-wire” between the host’s memory controller and a DDR4 DRAM module, offering the ability to analyze both the host platform’s and DRAM’s influences on Rowhammer susceptibility. We show that mFIT offers “plug-and-play” support for analyzing the latest three generations of DDR4 server-grade DRAM modules from all three major DRAM manufacturers, using two different Intel server platforms. In addition to providing the first public evidence of worsening Rowhammer susceptibility in these modules, we show that mFIT can experimentally determine various factors’ roles in Rowhammer susceptibility. Using this knowledge, we demonstrate per-module “Rowhammeroptimal” data patterns that average 60% more bit flips than prior work, offering researchers insights on how to construct stronger Rowhammer attacks and defenses. We open-sourced mFIT’s design to help other researchers use our techniques to further the community’s understanding of Rowhammer and DRAM.