Intel microcode update inogadzirisa (CVE-2019-14607) kuburikidza nekunyengedza kwesimba remagetsi uye frequency control mechanism muCPU, tanga kukuvadzwa kune zviri mukati memasero edata, kusanganisira munzvimbo dzinoshandiswa kuverengera muIntel SGX enclaves. Kurwiswa uku kunonzi Plundervolt, uye zvinogona kubvumira mushandisi wenzvimbo kuti akwidzire maropafadzo avo pahurongwa, kukonzera kurambwa kwesevhisi uye kuwana ruzivo rwe data.
Kurwiswa kwacho kune ngozi chete mumamiriro ekunyengedza nekuverenga muSGX enclaves, nekuti inoda kodzero dzemidzi muhurongwa kuita. Muchiitiko chakareruka, munhu anorwisa anogona kuwana kukanganisa kweruzivo rwakagadziriswa mune enclave, asi mune zvakanyanya kuomarara mamiriro, mukana wekudzokorora makiyi akavanzika akachengetwa mune enclave inoshandiswa encryption uchishandisa iyo RSA-CRT uye AES-NI algorithms haisi iyo. kunze. Iyo tekinoroji inogona zvakare kushandiswa kugadzira zvikanganiso mukutanga kururamisa algorithms kumutsa kushaya simba paunenge uchishanda nendangariro, semuenzaniso, kuronga kupinda kune imwe nzvimbo iri kunze kwemuganho weiyo yakagoverwa buffer.
Prototype kodhi yekuita kurwisa paGitHub
Izvo zvakakosha zveiyo nzira ndeyekusika mamiriro ekuitika kwezvisingatarisirwi data huori panguva yekuverenga muSGX, kubva iyo kushandiswa kwekunyorera uye ndangariro kusimbiswa mune enclave haidziviriri. Kuunza kukanganisa, zvakazoitika kuti zvaigoneka kushandisa yakajairwa software interfaces yekudzora frequency uye voltage, inowanzo shandiswa kuderedza mashandisiro emagetsi panguva yekusashanda kwehurongwa uye kumisa kuita kwakanyanya panguva yebasa rakasimba. Frequency uye voltage maitiro anotenderera chip yese, kusanganisira kukanganisa kwekombuta mune yakasarudzika enclave.
Nekuchinja magetsi, unogona kugadzira mamiriro ayo kubhadharisa hakuna kukwana kudzoreredza ndangariro sero mukati meCPU, uye kukosha kwayo kunoshanduka. Musiyano wakakosha kubva pakurwisa ndeyokuti RowHammer inokubvumira kuti uchinje zviri mukati mezvimedu zvega muDRAM ndangariro nekuverenga data kubva kumaseru akavakidzana, nepo Plundervolt ichikutendera kuti uchinje mabheti mukati meCPU kana iyo data yatotakurwa kubva mundangariro kuti iverenge. Ichi chimiro chinokutendera kuti upfuure kutendeseka kutonga uye encryption masisitimu anoshandiswa muSGX yedata mundangariro, sezvo hunhu huri mundangariro hunoramba hwakarurama, asi hunogona kukanganiswa panguva yekushanda navo mhedzisiro isati yanyorwa kundangariro.
Kana kukosha kwakagadziridzwa uku kuchishandiswa mukuwedzeredza kwemaitiro ekunyorera, zvinobuda zvinorambwa nezwi risiri iro. Kuve nekugona kubata mubati muSGX kuti encrypt data yayo, anorwisa anogona, zvichikonzera kutadza, kuunganidza nhamba nezve shanduko mune yakabuda ciphertext uye, mumaminetsi mashoma, kudzorera kukosha kwekiyi yakachengetwa mu enclave. Mavara ekutanga ekuisa uye echokwadi anobuda neciphertext anozivikanwa, kiyi haichinji, uye kubuda kweciphertext isiriyo kunoratidza kuti chimwe chikamu chakakanganiswa kuhukoshi hwakapesana.
Mushure mekuongorora mapairi emhando dzechokwadi uye dzakaora maciphertexts akaunganidzwa panguva yekutadza kwakasiyana, uchishandisa nzira dzekusiyanisa kutadza kuongorora (DFA, ) Inogona makiyi anokwanisika anoshandiswa kuAES symmetric encryption, uyezve, nekuongorora kupindirana kwemakiyi mumaseti akasiyana, sarudza kiyi yaunoda.
Mhando dzakasiyana dzeIntel processors dzinokanganiswa nedambudziko, kusanganisira Intel Core CPUs ine 6
Chizvarwa chechigumi, pamwe nechizvarwa chechishanu uye chechitanhatu cheXeon E10, chizvarwa chekutanga uye chechipiri cheIntel Xeon Scalable, Xeon D,
Xeon W naXeon E.
Rega tikuyeuchidze kuti tekinoroji yeSGX () yakaonekwa muchizvarwa chechitanhatu Intel Core processors (Skylake) uye nhevedzano yemirairo inobvumira mushandisi-level application yekugovera yakavharwa ndangariro nzvimbo - enclaves, izvo zviri mukati hazvigone kuverengwa kana kugadziridzwa kunyangwe nekernel uye kodhi inomhanya mune ring0, SMM uye VMM modes. Izvo hazvigoneke kuendesa kutonga kune kodhi mune enclave uchishandisa echinyakare kusvetuka mabasa uye manipulations ane marejista uye stack; kuendesa kutonga kune enclave, yakanyatso gadzirwa rairo inoshandiswa iyo inoita cheki chechiremera. Mune ino kesi, iyo kodhi yakaiswa mune enclave inogona kushandisa classical yekufona nzira kuti uwane mabasa mukati meiyo enclave uye yakakosha mirairo yekudaidza ekunze mabasa. Enclave memory encryption inoshandiswa kudzivirira kubva kune hardware kurwisa sekubatanidza kune DRAM module.
Source: opennet.ru