Zambiri zawululidwa za kuwukira kwatsopano kwa ma processor a Intel - AEPIC Leak (CVE-2022-21233), yomwe imatsogolera kutulutsa kwachinsinsi kuchokera ku Intel SGX (Software Guard eXtensions) yakutali. Nkhaniyi ikukhudza mibadwo ya 10, 11, ndi 12 ya Intel CPUs (kuphatikiza mndandanda watsopano wa Ice Lake ndi Alder Lake) ndipo imayamba chifukwa cha zolakwika zamamangidwe zomwe zimalola mwayi wopeza chidziwitso chotsalira mu APIC (Advanced Programmable Interrupt Controller) m'mbuyomu. ntchito.
Mosiyana ndi kuwukira kwa Specter class, kutayikira kwa AEPIC Leak kumachitika popanda kugwiritsa ntchito njira zochira kudzera munjira za anthu ena - zambiri zokhudzana ndi zinsinsi zimaperekedwa mwachindunji ndikupeza zomwe zili m'marejista omwe akuwonetsedwa patsamba la kukumbukira la MMIO (memory-mapped I/O) . Nthawi zambiri, kuukira kumakupatsani mwayi wodziwa zomwe zimasamutsidwa pakati pa ma cache a gawo lachiwiri ndi lomaliza, kuphatikiza zomwe zili m'kaundula ndi zotsatira za ntchito zowerengera kuchokera kukumbukira, zomwe zidasinthidwa kale pachimake cha CPU.
Popeza kuchita chiwonongeko ndikofunikira kukhala ndi mwayi wopeza masamba akuthupi a APIC MMIO, i.e. imafuna maudindo otsogolera, njirayo imangokhala yolimbana ndi ma SGX enclaves omwe woyang'anira alibe mwayi wolunjika. Ofufuza apanga zida zomwe zimawalola kuzindikira makiyi a AES-NI ndi RSA osungidwa mu SGX, komanso makiyi a certification a Intel SGX ndi magawo a jenereta a pseudo-random manambala mkati mwa masekondi angapo. Khodi yachiwembucho idasindikizidwa pa GitHub.
Intel yalengeza kukonza mwanjira yakusintha kwa ma microcode komwe kumathandizira kuthamangitsa buffer ndikuwonjezera njira zina zotetezera deta ya enclave. Kutulutsidwa kwatsopano kwa SDK kwa Intel SGX kwakonzedwanso ndi zosintha kuti mupewe kutulutsa kwa data. Opanga machitidwe opangira opaleshoni ndi ma hypervisors akulimbikitsidwa kuti agwiritse ntchito x2APIC mode m'malo mwa cholowa cha xAPIC, momwe zolembera za MSR zimagwiritsidwa ntchito m'malo mwa MMIO kuti zipeze zolembera za APIC.
Source: opennet.ru