Wata ƙungiyar masu bincike daga Vrije Universiteit Amsterdam ta buga kayan aikin Kasper, wanda aka tsara don gano ƙwayoyin cuta Linux Takaitattun lambobi waɗanda za a iya amfani da su don amfani da raunin Spectre-class wanda aiwatar da lambar hasashe ke haifarwa akan na'urar sarrafawa. Lambar tushe don kayan aikin an rarraba ta ƙarƙashin lasisin Apache 2.0.
Bari mu tuna cewa don aiwatar da hare-hare irin su Specter v1, wanda ke ba da damar tantance abubuwan da ke cikin ƙwaƙwalwar ajiya, ana buƙatar kasancewa a cikin lambar gata na wasu jerin umarni (na'urori), wanda ke haifar da hasashe na aiwatar da umarni. . Don dalilai na ingantawa, mai sarrafa na'ura ya fara aiwatar da irin waɗannan na'urori a cikin yanayin hasashe, sannan ya ƙayyade cewa tsinkayar reshe ba ta dace ba kuma ta mayar da ayyukan zuwa matsayinsu na asali, amma bayanan da aka sarrafa yayin aiwatar da hasashe ya ƙare a cikin cache da microarchitectural buffers yana samuwa don dawowa daga gare su ta amfani da hanyoyi daban-daban na ƙayyade sauran bayanan ta tashoshi na ɓangare na uku.
Kayan aikin da aka samo a baya don bincika na'urori don raunin Specter, dangane da neman samfuran al'ada, sun nuna babban matakin ƙimar ƙarya, yayin da bacewar na'urori na gaske da yawa (gwaji sun nuna cewa 99% na na'urorin da aka gano ta irin waɗannan kayan aikin ba za a iya amfani da su don kai hari ba. , kuma 33% na na'urori masu aiki waɗanda zasu iya kaiwa hari ba a lura dasu ba).
Don haɓaka ingancin gano na'urori masu matsala, Kasper yana ƙididdige raunin da maharin zai iya amfani da shi a kowane mataki na kai hare-haren ajin Specter - matsalolin da ke ba da izinin sarrafa bayanai ana yin su ne (misali, musanya bayanan maharan cikin tsarin ƙirar microarchitectural don yin tasiri na kisa na gaba ta amfani da su. Hare-haren ajin LVI), samun damar yin amfani da bayanan sirri (misali, lokacin da za ku wuce iyakoki ko amfani da ƙwaƙwalwar ajiya bayan an 'yantar da shi) da ɗora bayanan sirri (misali, ta hanyar nazarin yanayin cache na processor ko amfani da hanyar MDS).
A lokacin gwaji, kernel yana sadarwa da ɗakunan karatu na lokacin aiki na Kasper da kuma duba-binciken da aka yi bisa LLVM. Binciken yana kwaikwayon aiwatar da lambar hasashe ta amfani da hanyar dawo da wurin bincike wanda ke aiwatar da reshen lambar da ba a yi hasashe ba da gangan sannan ya koma yanayin asali kafin reshen ya faru. Kasper kuma yana ƙoƙarin kwaikwayon raunin software da hardware daban-daban, yana nazarin tasirin tasirin gine-gine da ƙananan gine-gine, kuma yana yin gwaje-gwaje masu ban mamaki na yiwuwar ayyukan masu hari. Ana amfani da tashar kernel ta DataFlowSanitizer don nazarin kwararar aiwatarwa. Linux, da kuma don gwada fuzzing, an gyara sigar kunshin syzkaller.
A lokacin duba kernel Linux Ta amfani da Kasper, an gano na'urori 1379 da ba a san su ba a baya waɗanda ke iya haifar da ɓullar bayanai yayin aiwatar da umarnin hasashe. An lura cewa wani ɓangare na waɗannan ne kawai zai iya haifar da matsaloli na gaske, amma don nuna cewa akwai barazana ta gaske, ba kawai ta ka'ida ba, an ƙirƙiri wani samfurin amfani da samfuri don ɗaya daga cikin guntun lambar da ke da matsala, wanda ke haifar da ɓullar bayanai daga ƙwaƙwalwar kernel.
source: budenet.ru
