ProHoster > Pūnaewele > nūhou pūnaewele > Ke lele nei ʻo ARM: ua ʻike ʻia kahi haʻahaʻa kūʻokoʻa no ka hoʻouka ʻana i ka computing speculative

Ke lele nei ʻo ARM: ua ʻike ʻia kahi haʻahaʻa kūʻokoʻa no ka hoʻouka ʻana i ka computing speculative

No nā mea hana ma kahi ākea o Armv8-A (Cortex-A). loaa ʻO kona nāwaliwali kūʻokoʻa i nā hoʻouka ʻaoʻao ʻaoʻao me ka hoʻohana ʻana i nā algorithms computing speculative. Ua hōʻike ʻo ARM ponoʻī i kēia a hāʻawi i nā pā a me nā alakaʻi e hoʻēmi i ka nāwaliwali i loaʻa. ʻAʻole nui ka pōʻino, akā ʻaʻole hiki ke haʻalele ʻia, no ka mea, aia nā mea hana i hoʻokumu ʻia ma ka hoʻolālā ARM ma nā wahi āpau, kahi e hiki ʻole ai ke ʻike ʻia ka hopena o nā leaks i nā hopena.

Ke lele nei ʻo ARM: ua ʻike ʻia kahi haʻahaʻa kūʻokoʻa no ka hoʻouka ʻana i ka computing speculative

ʻO ka haʻahaʻa i ʻike ʻia e ka poʻe loea Google ma nā hale hoʻolālā ARM i kapa inoa ʻia ʻo Straight-Line Speculation (SLS) a ua koho ʻia ʻo CVE-2020-13844. Wahi a ARM, ʻo ka vulnerability SLS kahi ʻano o ka vulnerability Specter, ka mea (me ka vulnerability Meltdown) i ʻike nui ʻia ma Ianuali 2018. I nā huaʻōlelo ʻē aʻe, he palupalu maʻamau kēia i nā mīkini helu speculative me kahi hoʻouka ʻaoʻao ʻaoʻao.

Pono ka hoʻopili helu ʻana i ka ʻikepili ma mua o kekahi mau lālā hiki, ʻoiai e hoʻolei ʻia kēia mau mea ma hope he mea pono ʻole. Hiki i nā ʻaoʻao ʻaoʻao ke ʻaihue ʻia nā ʻikepili waena ma mua o ka luku ʻia ʻana. ʻO ka hopena, loaʻa iā mākou nā mea hana ikaika a me ka pilikia o ka leakage data.

ʻO ka hoʻouka ʻana o ka Straight-Line Speculation ma luna o nā kaʻina hana e pili ana i ka ARM, ke hoʻololi nei ka mea hana, ke hoʻololi ʻia ke kahawai aʻo, i ka hoʻokō ʻana i nā ʻōlelo aʻo i loaʻa pololei ma ka hoʻomanaʻo, ma kahi o ka hahai ʻana i nā kuhikuhi i ke kahawai aʻo hou. ʻIke loa, ʻaʻole kēia ka hiʻohiʻona maikaʻi loa no ke koho ʻana i nā ʻōlelo aʻoaʻo e hoʻokō, hiki ke hoʻohana ʻia e ka mea hoʻouka.

No kāna hōʻaiʻē, ʻaʻole i hoʻokuʻu wale ʻo ARM i nā alakaʻi hoʻomohala e kōkua i ka pale ʻana i ka hopena o ka leakage ma o ka Straight-Line Speculation attack, akā ua hāʻawi pū kekahi i nā ʻāpana no nā ʻōnaehana hana nui e like me FreeBSD, OpenBSD, Trusted Firmware-A a me OP-TEE, a ua hoʻokuʻu ʻia nā ʻāpana no ka GCC a me LLVM compilers.

Ua ʻōlelo pū ka hui ʻaʻole e hoʻopili ka hoʻohana ʻana i nā pā i ka hana o nā platform ARM, e like me ka mea i hana ʻia ma nā x86-compatible Intel platforms me nā vulnerabilities Spectre a me Meltdown i kāohi ʻia. Eia nō naʻe, hiki iā mākou ke aʻo e pili ana i kēia mai nā kumu ʻaoʻao ʻekolu, e hāʻawi i kahi kiʻi pahuhopu o ka nāwaliwali hou.



Source: 3dnews.ru

Pākuʻi i ka manaʻo hoʻopuka