qemu-discuss
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Does reboot clear RAM?


From: Jakob Bohm
Subject: Re: Does reboot clear RAM?
Date: Tue, 12 Nov 2019 02:20:34 +0100
User-agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.9.1

On 11/11/2019 20:27, Joachim Durchholz wrote:
Am 11.11.19 um 15:35 schrieb Jakob Bohm:
On physical machines, the following mechanisms are common:

1. DRAM chips physically loose their contents after a few seconds of power
   off,

I am by no way an expert, but the forensic experts tell me that data can persist for *minutes*. Of course, the first bits flip after a few seconds. But you don't get a guarantee that everything is zeroed.
I also hear that temperature plays a really big role here.

There's a difference between reading faded bits with special analogue equipment
after artificially cooling chips way below what the datasheet allows, and
reading the digital bits at normal temperature, voltage etc.

3. On x86 and x86_64 PCs, the IBM compatible BIOS typically does a memory    test and wipe during actual boot, but not upon a software initiated boot.
    This PC BIOS rule exists for the following two purposes:

3.1 Older guest operating systems use a software reset to switch the CPU
   from "protected mode" to "real mode" because the historical 80286 CPU
   chip had no other way to return to real mode and returning to real mode
   was needed to invoke BIOS APIs.

3.2 Signalling if such a non-wiping boot is desired (for speed or other
   reasons) is officially done by writing a magic value in one of the
   well-known BIOS global addresses, if this global address has not been
   set to one of those magic values, and the global RTC register with
   related semantics have not been so set either, the BIOS (in qemu's
   case SEABIOS) should do the wipe as part of the POST (Power-On-Self-Test),
   otherwise it should skip that and most other parts of the POST.

How does the BIOS do the wipe? Because zeroing out all memory should take some noteiceable time on today's large RAM, even with GHz machines (RAM bus speed has increased far more slowly than typical RAM size, so the time should have been increasing). I can imagine some fast PCI burst transfers to quickly zero memory, but does anybody have realistic data, or information about how it's being done in practice?

The slowness of manually zeroing and probing all of RAM was the original
reason for the rule back in 1981.  I suspect modern hardware uses some
low level trickery in the DRAM interface controller to speed up zeroing
all DRAM cells.





reply via email to

[Prev in Thread] Current Thread [Next in Thread]