Boka revatsvagiri kubva kuYunivhesiti yeVirginia neYunivhesiti yeCalifornia vakaratidza rudzi rutsva rwekurwiswa kweiyo microarchitectural zvimiro zveIntel uye AMD processors, yakaonekwa panguva yekudzoreredza engineering yehusina kunyorwa CPU kugona. Iyo yakarongwa nzira yekurwisa inosanganisira kushandiswa kwepakati micro-op cache mune processors, iyo inogona kushandiswa kudzoreredza ruzivo rwakaunganidzirwa panguva yekufungidzira kuitiswa kwemirairo.
Nezvinangwa zvekugadzirisa, processor inotanga kuita mimwe mirairo mukufungidzira, pasina kumirira kuverenga kwakapfuura kuti ipedze, uye kana ikaona kuti kufanotaura hakuna kurongeka, inodzosera kuvhiya kumamiriro ayo ekutanga, asi data rakagadziriswa panguva. kufungidzira kuurayiwa kunoiswa mu cache, zviri mukati mazvo zvinogona kutsanangurwa.
Zvinocherechedzwa kuti iyo nzira nyowani inokunda zvakanyanya iyo Specter v1 kurwisa, inoita kuti kurwiswa kuve kwakaoma kuona uye hakuvharwe nenzira dziripo dzedziviriro kubva kudivi-chiteshi kurwiswa kwakagadzirirwa kuvharira kusasimba kunokonzerwa nekufungidzira kuurayiwa kwemirairo (semuenzaniso, kushandiswa. yeLFENCE yekuraira inovhara kudonha mumatanho ekupedzisira ekufungidzira execution , asi haidzivirire kubva pakudonha kuburikidza ne microarchitectural zvimiro).
Iyo nzira inobata Intel uye AMD processor modhi yakaburitswa kubva 2011, kusanganisira iyo Intel Skylake uye AMD Zen akatevedzana. MaCPU emazuva ano anotyora mirairo yakaoma processor kuita yakapusa RISC-senge madiki-mashandiro, ayo akachengetwa mune yakaparadzana cache. Iyi cache yakasiyana zvakanyanya kubva kune yepamusoro-level cache, haiwanikwe zvakananga uye inoita serukova buffer yekukurumidza kuwana mibairo yekudhidha mirairo yeCISC muRISC microinstructions. Zvisinei, vatsvakurudzi vakawana nzira yekugadzira mamiriro ezvinhu anomuka apo cache inosvika kukakavara uye inobvumira munhu kutonga zviri mukati me micro-operation cache nekuongorora misiyano munguva yekuuraya yezvimwe zviito.
Iyo micro-operation cache muIntel processors yakakamurwa zvine chekuita neCPU tambo (Hyper-Threading), nepo AMD Zen processors vachishandisa yakagovaniswa cache, iyo inogadzira mamiriro ekudonha kwedata kwete mukati metambo imwe chete yekuuraya, asiwo pakati petambo dzakasiyana muSMT. (inogoneka data leakage pakati pekodhi inomhanya pane dzakasiyana zvine musoro CPU cores).
Vatsvaguri vakurudzira nzira yekutanga yekuona shanduko mune micro-operation cache uye akati wandei kurwisa mamiriro anobvumira kugadzira yakavanzika data chiteshi chekufambisa uye kushandisa kodhi isina njodzi kuburitsa chakavanzika data, zvese mukati mechiitiko chimwe chete (semuenzaniso, kuburitsa data data paunenge uchiita. yechitatu-bato kodhi mumainjini ane JIT uye mumashini chaiwo), uye pakati pe kernel uye maitiro munzvimbo yemushandisi.
Pakuronga mutsauko weSpecter kurwisa vachishandisa micro-operation cache, vaongorori vakakwanisa kuita 965.59 Kbps nechiyero chekukanganisa che 0.22% uye 785.56 Kbps pakushandisa kukanganisa kugadzirisa, kana iri nyaya yekuronga kuvuza mukati mekero imwechete. nzvimbo uye ropafadzo level. Nekudonha kunotora nhanho dzakasiyana dzeropafadzo (pakati pe kernel uye userspace), kushanda kwaiva 85.2 Kbps nekugadzirisa kukanganisa kwakawedzerwa uye 110.96 Kbps nechiyero chekukanganisa kwe4%. Pakurwisa AMD Zen processors, kugadzira kuvuza pakati peakasiyana ane musoro CPU cores, kuita kwacho kwaive 250 Kbps nechiyero chekukanganisa che5.59% uye 168.58 Kbps nekugadzirisa kukanganisa. Kuenzaniswa neyemhando yepamusoro Specter v1 nzira, kurwisa kutsva kwaive 2.6 nguva nekukurumidza.
Zvinotarisirwa kuti kudzivirira kubva ku micro-op cache kurwiswa kunoda shanduko inoderedza kuita kupfuura kana iwe wakagonesa Specter kurwisa kudzivirira. Sekukanganisika kwakaringana, zvinokurudzirwa kuvhara kurwiswa kwakadaro kwete nekudzima caching, asi pamwero wekutarisa zvisizvo uye kuona cache nyika dzakajairwa kurwiswa.
Sezviri muSpecter kurwisa, kuronga kudonha kubva kukernel kana mamwe maitiro kunoda kuitwa kweimwe kutevedzana kwemirairo (magajeti) padivi pemaitiro emunhu anenge abatwa, zvichitungamira mukufungidzira kuurayiwa kwemirairo. Zvinenge zana zvigadziriso zvakafanana zvakawanikwa muLinux kernel, iyo ichabviswa, asi maworkaround echizvarwa chavo anowanikwa nguva nenguva, semuenzaniso, ane chekuita nekumhanyisa zvakagadzirirwa zvirongwa zveBPF mukernel.
Source: opennet.ru