Ua hōʻike ʻo Intel i ka ʻike e pili ana i kahi papa hou o ka ʻikepili leaks ma o nā microarchitectural structures o nā kaʻina hana, e ʻae ai, ma o ka hoʻopunipuni ʻana i ka mīkini MMIO (Memory Mapped Input Output), e hoʻoholo i ka ʻike i hana ʻia ma nā cores CPU ʻē aʻe. No ka laʻana, hiki i nā nāwaliwali ke lawe ʻia i ka ʻikepili mai nā kaʻina hana ʻē aʻe, nā enclaves Intel SGX, a i ʻole nā mīkini virtual. He kikoʻī wale nā mea palupalu i nā CPU Intel; ʻaʻole pili nā mea hana mai nā mea hana ʻē aʻe e nā nāwaliwali.
Hōʻike ʻia nā nāwaliwali i nā ʻano CPU Intel like ʻole, me nā mea hana e pili ana iā Haswell, Skylake, IceLake, Broadwell, Lakefield, Kabylake, Cometlake a me Rocketlake microarchitectures, a me Xeon EP/EX, Scalable a me kekahi mau mea kikowaena kikowaena Atom. No ka hoʻokō ʻana i kahi hoʻouka kaua, koi ʻia ke komo ʻana i ka MMIO, no ka laʻana, hiki ke loaʻa i nā ʻōnaehana virtualization e hāʻawi i ka hiki ke komo i ka MMIO no nā ʻōnaehana malihini i hoʻomalu ʻia e ka mea hoʻouka. Pono paha kahi hoʻoponopono no nā ʻōnaehana e hoʻohana ana i nā enclaves kaʻawale Intel SGX (Software Guard Extensions).
ʻO ka pale ʻana i ka vulnerability e koi i ka microcode update a me ka hoʻohana ʻana i nā ʻano palekana polokalamu hou e pili ana i ka hoʻohana ʻana i ka ʻōlelo aʻoaʻo VERW e hoʻomaʻemaʻe i nā ʻike o ka microarchitectural buffers i ka wā e hoʻi mai ai mai ka kernel i kahi mea hoʻohana a i ka wā e hoʻololi ai i ka mana i ka ʻōnaehana malihini. Hoʻohana ʻia ka pale like no ka pale ʻana i nā hōʻeha i ʻike mua ʻia o nā papa MDS (Microarchitectural Data Sampling), SRBDS (Special Register Buffer Data Sampling) a me TAA (Transactional Asynchronous Abort).
Ma ka ʻaoʻao microcode, ua manaʻo ʻia nā hoʻololi e pono ai e hoʻokō i ka palekana i ka Mei microcode update no Intel CPUs (IPU 2022.1). I loko o ka Linux kernel, hoʻopaʻa ʻia ka pale i kahi papa hoʻouka hou i nā hoʻokuʻu 5.18.5, 5.15.48, 5.10.123, 5.4.199, 4.19.248, 4.14.284, a me 4.9.319. No ka nānā ʻana i ka ʻike ʻana o ka ʻōnaehana i nā mea nāwaliwali i MMIO a loiloi i ka hana o kekahi mau mea pale, ua hoʻohui ʻia ka faila "/sys/devices/system/cpu/vulnerabilities/mmio_stale_data" i ka Linux kernel. No ka hoʻomalu ʻana i ka hoʻopili ʻana o ka pale, ua hoʻokō ʻia ka kernel boot parameter "mmio_stale_data", hiki ke lawe i nā waiwai "piha" (hiki i ka hoʻomaʻemaʻe ʻana i nā buffers ke neʻe nei i kahi mea hoʻohana a i ka VM), "piha, nosmt" ( e like me ka "piha" + hoʻopau hou i ka SMT/Hyper- Threads) a me ka "off" (palekana ʻole). Hāʻawi ʻia nā hoʻoponopono kaʻawale no ka Xen hypervisor a me ka ʻōnaehana hana Qubes.
ʻO ke kumu o ka papa i ʻike ʻia o nā nāwaliwali, ʻo ia kekahi mau hana e alakaʻi i ke kope ʻana a i ʻole ka neʻe ʻana i ka ʻikepili i koe ma hope o ka hoʻokō ʻana i nā cores CPU ʻē aʻe mai kekahi buffer microarchitectural i kekahi. ʻO nā mea palupalu ma MMIO e ʻae i kēia koena ʻikepili e hoʻoneʻe ʻia mai nā mea hoʻokaʻawale microarchitectural buffers i nā papa inoa ʻike ʻike ʻia a i ʻole nā buffer CPU. Ua ʻike ʻia ʻekolu ala no ka unuhi ʻana i ke koena ʻikepili ma o MMIO:
- ʻO DRPW (Device Register Partial Write, CVE-2022-21166) he pilikia me ka mālama hewa ʻana i nā kākau i kekahi mau papa inoa MMIO. Inā ʻoi aku ka liʻiliʻi o ka ʻikepili i kākau ʻia ma mua o ka nui o ka papa inoa, a laila e kope pū ʻia nā ʻike koena mai nā pahu hoʻopihapiha i loko o ka papa inoa. ʻO ka hopena, hiki i kahi kaʻina hana i hoʻomaka i kahi hana kākau piha ʻole i ka papa inoa MMIO ke loaʻa ka ʻikepili i koe i loko o nā microarchitectural buffers mai nā hana i hana ʻia ma nā cores CPU ʻē aʻe.
- ʻO SBDS (Shared Buffers Data Sampling, CVE-2022-21125) he leak o ke koena ʻikepili mai kahi pahu hoʻopihapiha hoʻopihapiha paʻa i ka kernel ma muli o ka neʻe ʻana mai nā buffer waena maʻamau i nā kernels āpau.
- SBDR (Shared Buffers Data Read, CVE-2022-21123) - ua like ka pilikia me SBDS, akā ʻokoʻa i kēlā ʻikepili koena hiki ke hoʻopau i nā hale CPU i ʻike ʻia e nā noi. Hōʻike ʻia nā pilikia SBDS a me SBDR ma nā kaʻina hana no nā ʻōnaehana mea kūʻai aku a ma ka ʻohana kikowaena Intel Xeon E3.
Source: opennet.ru