No nā mea hana ma kahi ākea o Armv8-A (Cortex-A).
ʻO ka haʻahaʻa i ʻike ʻia e ka poʻe loea Google ma nā hale hoʻolālā ARM i kapa inoa ʻia ʻo Straight-Line Speculation (SLS) a ua koho ʻia ʻo CVE-2020-13844. Wahi a ARM, ʻo ka vulnerability SLS kahi ʻano o ka vulnerability Specter, ka mea (me ka vulnerability Meltdown) i ʻike nui ʻia ma Ianuali 2018. I nā huaʻōlelo ʻē aʻe, he palupalu maʻamau kēia i nā mīkini helu speculative me kahi hoʻouka ʻaoʻao ʻaoʻao.
Pono ka hoʻopili helu ʻana i ka ʻikepili ma mua o kekahi mau lālā hiki, ʻoiai e hoʻolei ʻia kēia mau mea ma hope he mea pono ʻole. Hiki i nā ʻaoʻao ʻaoʻao ke ʻaihue ʻia nā ʻikepili waena ma mua o ka luku ʻia ʻana. ʻO ka hopena, loaʻa iā mākou nā mea hana ikaika a me ka pilikia o ka leakage data.
ʻO ka hoʻouka ʻana o ka Straight-Line Speculation ma luna o nā kaʻina hana e pili ana i ka ARM, ke hoʻololi nei ka mea hana, ke hoʻololi ʻia ke kahawai aʻo, i ka hoʻokō ʻana i nā ʻōlelo aʻo i loaʻa pololei ma ka hoʻomanaʻo, ma kahi o ka hahai ʻana i nā kuhikuhi i ke kahawai aʻo hou. ʻIke loa, ʻaʻole kēia ka hiʻohiʻona maikaʻi loa no ke koho ʻana i nā ʻōlelo aʻoaʻo e hoʻokō, hiki ke hoʻohana ʻia e ka mea hoʻouka.
No kāna hōʻaiʻē, ʻaʻole i hoʻokuʻu wale ʻo ARM i nā alakaʻi hoʻomohala e kōkua i ka pale ʻana i ka hopena o ka leakage ma o ka Straight-Line Speculation attack, akā ua hāʻawi pū kekahi i nā ʻāpana no nā ʻōnaehana hana nui e like me FreeBSD, OpenBSD, Trusted Firmware-A a me OP-TEE, a ua hoʻokuʻu ʻia nā ʻāpana no ka GCC a me LLVM compilers.
Ua ʻōlelo pū ka hui ʻaʻole e hoʻopili ka hoʻohana ʻana i nā pā i ka hana o nā platform ARM, e like me ka mea i hana ʻia ma nā x86-compatible Intel platforms me nā vulnerabilities Spectre a me Meltdown i kāohi ʻia. Eia nō naʻe, hiki iā mākou ke aʻo e pili ana i kēia mai nā kumu ʻaoʻao ʻekolu, e hāʻawi i kahi kiʻi pahuhopu o ka nāwaliwali hou.
Source: 3dnews.ru