Bafuputsi ba NCC Group liphetho tsa mahala tsa tlhahlobo ea morero , mokhoa oa sebele oa ho sebetsa (RTOS), o reretsoeng ho hlomella lisebelisoa tse lumellanang le mohopolo oa Inthanete oa Lintho (IoT, Internet of Things). Nakong ea tlhahlobo ho ile ha senoloa ho Zephyr le ho ba kotsing e 1 ho MCUboot. Zephyr e ntse e ntlafatsoa ka ho kenya letsoho ha lik'hamphani tsa Intel.
Ka kakaretso, bofokoli ba 6 bo ile ba khetholloa ka har'a marang-rang a marang-rang, 4 ka kernel, 2 ka khetla ea litaelo, 5 ho batsamaisi ba mohala oa tsamaiso, 5 ho subsystem ea USB le 3 mochine oa ntlafatso ea firmware. Litaba tse peli li nkoa e le tsa bohlokoa, tse peli li phahame, tse 9 li itekanetse, tse 9 li tlaase, 'me tse 4 li lokela ho hlahlojoa. Mathata a bohlokoa a ama IPv4 stack le MQTT parser, tse kotsi li ama polokelo ea boima ba USB le bakhanni ba USB DFU. Nakong ea tlhahiso ea tlhahisoleseling, litokiso li ne li lokiselitsoe feela bakeng sa bofokoli ba 15 bo kotsi ka ho fetisisa; mathata a lebisang ho hanetsoeng ha litšebeletso kapa a amanang le mefokolo ea mekhoa e meng ea ts'ireletso ea kernel a lula a sa lokisoe.
Ho na le ts'oaetso e ka sebelisoang habonolo sethaleng sa IPv4 stack, e lebisang bobolung ba mohopolo ha o sebetsana le lipakete tsa ICMP tse fetotsoeng ka tsela e itseng. Bothata bo bong bo tebileng bo fumanoe ho MQTT protocol parser, e bakoang ke khaello ea ho hlahloba bolelele ba sebaka sa hlooho e nepahetseng 'me ho ka lebisa ho ts'ebetsong ea khoutu e hole. Litaba tse fokolang tsa ho haneloa ha litšebeletso li fumanoa ho IPv6 stack le ts'ebetsong ea protocol ea CoAP.
Mathata a mang a ka sebelisoa hampe sebakeng sa heno ho baka ho haneloa ha litšebeletso kapa ho etsa khoutu boemong ba kernel. Bongata ba bofokoli bona bo amana le khaello ea licheke tse nepahetseng tsa likhang tsa mehala ea sistimi, 'me li ka lebisa libakeng tse sa lumellaneng tsa mohopolo oa kernel ho ngolloa le ho baloa ho tsoa. Mathata a boetse a atoloha ho khoutu ea ts'ebetso ea mohala ka boeona-ho letsetsa nomoro ea mohala oa sistimi ho fella ka phallo e felletseng. Kernel e boetse e supa mathata ts'ebetsong ea ts'ireletso ea ASLR (adress space randomization) le mokhoa oa ho beha matšoao a canary holim'a stack, e leng se etsang hore mekhoa ena e se ke ea sebetsa.
Mathata a mangata a ama USB stack le bakhanni ka bomong. Mohlala, mathata a polokelong ea boima ba USB a ka etsa hore buffer e khaphatsehe le ho kenya khoutu boemong ba kernel ha sesebelisoa se hoketsoe ho moamoheli oa USB o laoloang ke mohlaseli. Ho ba kotsing ho USB DFU, mokhanni oa ho kenya firmware e ncha ka USB, e u lumella ho kenya setšoantšo sa firmware se fetotsoeng ka har'a Flash e ka hare ea microcontroller ntle le ho sebelisa encryption le ho feta mokhoa o sireletsehileng oa boot ka ho netefatsa likarolo tse sebelisang signature ea digital. Ho feta moo, khoutu e bulehileng ea bootloader e ile ea ithutoa , eo ho eona ho ileng ha fumanoa bofokoli bo le bong,
e ka lebisang ho khaphatseha ha buffer ha u sebelisa protocol ea SMP (Simple Management Protocol) holim'a UART.
Hopola hore ho Zephyr, ke sebaka se le seng feela sa liaterese tse arolelanoang lefatšeng ka bophara (SASOS, Single Address Space Operating System) e fanoeng bakeng sa lits'ebetso tsohle. Khoutu e ikhethileng ea kopo e kopantsoe le kernel e ikhethileng ea ts'ebeliso ho theha mochini o sebetsang oa monolithic o ka kengoang le ho tsamaisoa ho hardware e itseng. Lisebelisoa tsohle tsa sistimi li khethoa ka nako ea ho bokella, ho fokotsa boholo ba khoutu le ho eketsa ts'ebetso. Setšoantšo sa sistimi se ka kenyelletsa feela likarolo tsa kernel tse hlokahalang ho tsamaisa ts'ebeliso.
Hoa hlokomeleha hore har'a melemo ea bohlokoa ea Zephyr ntshetsopele ka polokeho. hore methati eohle ea nts'etsopele e kena methating e tlamang ea ho netefatsa ts'ireletso ea khoutu: tlhahlobo e makatsang, tlhahlobo e tsitsitseng, tlhahlobo ea ho kenella, tlhahlobo ea khoutu, tlhahlobo ea ts'ebetso ea morao-rao le mohlala oa lits'oso.
Source: opennet.ru