Chikwata chevaongorori kubva kuTechnical University yeGraz (Austria) uye Helmholtz Center for Information Security (CISPA) yakaburitsa ruzivo nezve kusagadzikana (CVE-2021-26318) mune ese AMD processors izvo zvinoita kuti zvikwanise kuita Meltdown-kirasi. side-channel kurwisa (pakutanga zvaifungidzirwa kuti AMD processors haina kukanganiswa neMeltdown vulnerability). Mune mazwi anoshanda, kurwiswa kwacho kunogona kushandiswa kumisikidza nzira dzekutaurirana dzakavanda, kutarisa chiitiko mu kernel, kana kuwana ruzivo nezve kero mu kernel ndangariro kunzvenga chengetedzo yeKASLR uchiri kushandisa kusasimba mu kernel.
AMD inoona zvisina kufanira kutora matanho akakosha kuvharisa dambudziko, sezvo kusadzivirirwa, sekurwiswa kwakafanana kwakawanikwa muna Nyamavhuvhu, hakushandiswi zvishoma mumamiriro ezvinhu chaiwo, kunoganhurirwa nemiganhu iripo yenzvimbo yekero kero uye inoda kuvepo kwevamwe. yakagadzirira-yakagadzirwa sequences yemirairo (gadgets) mu kernel. Kuti varatidze kurwiswa, vaongorori vakaisa yavo kernel module ine yakawedzerwa gadget. Mumamiriro ezvinhu chaiwo, vanorwisa vanogona kushandisa, semuenzaniso, kugara vachibuda munjodzi muBPF subsystem kutsiva inoteedzana inodiwa.
Kuchengetedza kubva kurudzi rutsva urwu rwekurwisa, AMD yakakurudzira kushandisa nzira dzakachengeteka dzekodha dzinobatsira kuvharira Meltdown kurwiswa, sekushandisa LFENCE mirairo. Vatsvagiri vakaona dambudziko vanokurudzira kugonesa kuomesesa ndangariro peji tafura yega (KPTI), iyo yaimboshandiswa chete kune Intel processors.
Munguva yekuyedza, vaongorori vakakwanisa kuburitsa ruzivo kubva kukernel kuenda kune imwe nzvimbo yevashandisi nekumhanya kwe52 bytes pasekondi, zvichipihwa kuvepo kwegajeti mukernel inoita oparesheni "kana (offset < data_len) tmp = LUT[data[offset] *4096];” . Nzira dzinoverengeka dzakataurwa dzekudzoreredza ruzivo kuburikidza nematanho epadivi anozopedzisira apinda mu cache panguva yekufungidzira kuuraya. Nzira yekutanga yakavakirwa pakuongorora kutsauka munguva yekuitwa kweiyo processor rairo "PREFETCH" (Prefetch + Nguva), uye yechipiri pakuchinja shanduko yekushandiswa kwesimba paunenge uchiita "PREFETCH" (Prefetch + Power).
Rangarira kuti iyo yemhando yepamusoro Meltdown vulnerability yakavakirwa pachokwadi chekuti panguva yekufungidzira yekuitwa kwemirairo, processor inokwanisa kuwana yakavanzika data nzvimbo uye yobva yarasa mhedzisiro, sezvo rombo rakaiswa rinorambidza kupinda kwakadaro kubva kune mushandisi maitiro. Muchirongwa ichi, chivharo chekufungidzira chinopatsanurwa kubva kukodhi huru nebazi rine zvirevo, iro mumamiriro ezvinhu chaiwo rinogara richipisa, asi nekuda kwekuti chirevo chechirevo chinoshandisa kukosha kwakaverengerwa iyo processor yaasingazive panguva yekukurumidza kuuraya. iyo kodhi, sarudzo dzese dzebazi dzinoitwa zvekufungidzira.
Sezvo mashandiro ekufungidzira anoitwa anoshandisa cache yakafanana nemirairo inowanzoitwa, zvinogoneka panguva yekufungidzira kuuraya kuisa mamaki mucache anoratidza zviri mukati mezvimedu zvega munzvimbo yekurangarira yakavanzika, uyezve mune inowanzo itwa kodhi kuona kukosha kwavo kuburikidza nenguva. ongororo inowana kune yakachengetwa uye isina-cached data.
Source: opennet.ru