ProHoster > Блог > labaran intanet > ARM yana yawo: an gano wani lahani na musamman don kai hari kan ƙididdigar ƙima

ARM yana yawo: an gano wani lahani na musamman don kai hari kan ƙididdigar ƙima

Don masu sarrafawa akan kewayon gine-ginen Armv8-A (Cortex-A). samu rashin lafiyarsa na musamman ga hare-haren tashoshi na gefe ta amfani da algorithms na ƙididdiga. ARM da kanta ta ba da rahoton wannan kuma ta ba da faci da jagorori don rage raunin da aka samu. Haɗarin ba haka ba ne mai girma, amma ba za a iya yin watsi da shi ba, saboda masu sarrafawa bisa tsarin gine-gine na ARM suna ko'ina, wanda ya sa haɗarin leaks ba zai yiwu ba dangane da sakamakon.

ARM yana yawo: an gano wani lahani na musamman don kai hari kan ƙididdigar ƙima

Rashin lahanin da ƙwararrun Google suka samu a cikin gine-ginen ARM an sanya masa suna Straight-Line Speculation (SLS) kuma an tsara shi a hukumance CVE-2020-13844. Dangane da ARM, raunin SLS wani nau'i ne na raunin Specter, wanda (tare da raunin Meltdown) ya zama sananne sosai a cikin Janairu 2018. A wasu kalmomi, wannan babban lahani ne a cikin hasashen ƙididdiga masu ƙima tare da harin tashoshi na gefe.

Ƙididdigar ƙididdiga na buƙatar sarrafa bayanai a gaba tare da rassa da yawa masu yiwuwa, kodayake ana iya watsar da waɗannan daga baya a matsayin ba dole ba. Hare-haren tashoshi na gefe suna ba da damar yin satar irin waɗannan bayanan tsaka-tsaki kafin a lalata su gaba ɗaya. Sakamakon haka, muna da na'urori masu ƙarfi masu ƙarfi da haɗarin zubewar bayanai.

Harin Hasashen Layin Madaidaici akan na'urori masu tushen ARM yana haifar da na'ura mai sarrafawa, duk lokacin da aka sami canji a rafin koyarwa, don canzawa zuwa aiwatar da umarnin da aka samu kai tsaye a cikin ƙwaƙwalwar ajiya, maimakon bin umarnin a cikin sabon rafin koyarwa. Babu shakka, wannan ba shine mafi kyawun yanayin zabar umarni don aiwatarwa ba, wanda maharin zai iya amfani da shi.

Don darajarta, ARM ba kawai ta fitar da jagorar masu haɓakawa ba don taimakawa guje wa haɗarin yaɗuwa ta hanyar harin Hasashen Layi madaidaiciya, amma kuma ya samar da faci don manyan tsarin aiki kamar FreeBSD, OpenBSD, Amintaccen Firmware-A da OP-TEE, da fitar da faci ga masu tara GCC da LLVM.

Kamfanin ya kuma bayyana cewa amfani da faci ba zai shafi aikin dandamali na ARM ba, kamar yadda ya faru a kan dandamalin Intel masu jituwa x86 tare da toshe raunin Specter da Meltdown. Koyaya, za mu iya koyo game da wannan daga tushe na ɓangare na uku, wanda zai ba da ainihin hoto na sabon rauni.



source: 3dnews.ru

Add a comment