You'd have to have the operating system's cooperation, because it may be mapping individual 4k pages all over the place, and it's the only thing that has a chance of knowing how the memory is laid out on the actual chips.
<i> it is even a trade secret how data is striped across the different slots/banks </i>
If that is true, vs just the usual "you don't need to know" trash common these days, its crazy. A pretty good picture can be built up with just software timing analysis, but its hardly rocket science to hook a logic analyzer/scope up and determine bit swizzling and page/bank interleave. Plus, many of the more open BIOS vendors have tended to provide page/row/controller/socket interleave options for quite a while, partially because it can mean a 5-10% uplift for some applications to have it set one way or the other. Its been one of those how do you tune your memory system options for a couple decades now.
Doesn't the same thing to exploiting rowhammer though? If you're after specific data, how would you know what physical address to use, even if you knew the physical address of the target data?
Yes, but there is a difference between an attack being run by a low level hardware hacker vs. the software being run by average users. This is why I said it would be hard, you would need to encode a lot of low level hardware knowledge into your application.
This might only be useful in very specialized circumstances, like with kernel support on only a handful of carefully chosen hardware platforms. However, someone like Apple could do this on their systems, as they control both the kernel and the hardware. Sensitive memory locations could be cordoned off in special zones with buffering to prevent Rowhammer type attacks.
