Intel lintlha tse mabapi le tse ncha ka li-processor tsa bona - (Microarchitectural Data Sampling). Joalo ka litlhaselo tse fetileng tsa Specter, mathata a macha a ka lebisa ho lutla ha data ea poraefete ho tsoa ho sistimi e sebetsang, mechini e sebetsang le lits'ebetso tse ling. Ho lumeloa hore mathata a ile a tsejoa ka lekhetlo la pele ke basebetsi ba Intel le balekane nakong ea tlhahlobo ea ka hare, ka mor'a moo bafuputsi ba ikemetseng ba fane ka tlhahisoleseding mabapi le mathata a tšoanang le Intel. Li-processor tsa AMD le ARM ha li amehe ke bothata.
E ipapisitse le mathata a khethiloeng ke bafuputsi ba Technical University of Graz (Austria) Litlhaselo tse ling tse sebetsang tsa likanale:
- () - e u lumella ho ntša tlhahisoleseding ea lekunutu ho tsoa lits'ebetsong tse ling, tsamaiso ea ts'ebetso, mechine ea sebele le li-enclave tse sirelelitsoeng (TEE, Trusted Execution Environment). Mohlala, bokhoni ba ho tseba nalane ea ho bula maqephe ho sebatli sa Tor se sebetsang mochining o mong oa nnete bo bontšitsoe, hammoho le ho khetholla linotlolo tsa phihlello le li-password tse sebelisoang lits'ebetsong;
- () - e lumella ho lutla ha tlhahisoleseling lipakeng tsa libaka tse fapaneng tse ka thoko ho li-processor tsa Intel, joalo ka li-buffers, li-buffers tsa polokelo le likou tsa thepa. Mehlala ea litlhaselo e bonts'oa ho hlophisa ho lutla ho tsoa lits'ebetsong tse ling, sistimi ea ts'ebetso, mechini e sebetsang le li-enclave tse sirelelitsoeng. Mohlala, e bonts'a mokhoa oa ho fumana litaba tsa motso oa password hash ho tloha /etc/shadow nakong ea liteko tsa netefatso ea nako le nako (tlhaselo e nkile lihora tsa 24);
Ho phaella moo, mohlala oa tlhaselo e sebelisang JavaScript le WebAssembly e bontšoa ha u bula leqephe le kotsi ka har'a mochine oa SpiderMonkey (ho li-browser tsa morao-rao tse feletseng, tlhaselo e joalo e ke ke ea etsahala ka lebaka la ho nepahala ha nako le mehato ea ho sireletsa khahlanong le Specter);
- () - e etsa hore ho khonehe ho bala lintlha tse sa tsoa ngoloa ke tsamaiso ea ts'ebetso le ho fumana mokhoa oa memori oa OS ho nolofatsa litlhaselo tse ling;
- - E sebelisa lintlafatso tsa CPU bakeng sa ho sebetsa le "buffer" mme e ka sebelisoa ho feta kernel address space randomization mechanism (KASLR), ho lekola boemo ba sistimi e sebetsang, kapa bakeng sa ho dutla ha mmoho le lisebelisoa tse ipapisitseng le mekhoa ea Specter.
Tsebisoa :
- CVE-2018-12126 - MSBDS (Microarchitectural Store Buffer Data Sampling), ho hlaphoheloa ha litaba tsa polokelo ea polokelo. E sebelisoa tlhaselong ea Fallout. Tekanyo ea kotsi e ikemiselitse ho ba lintlha tse 6.5 (CVSS);
- CVE-2018-12127 - MLPDS (Microarchitectural Load Port Data Sampling), ho hlaphoheloa ha likahare tsa koung ea mojaro. E sebelisoa tlhaselong ea RIDL. CVSS 6.5;
- CVE-2018-12130 - MFBDS (Microarchitectural Fill Buffer Data Sampling), ho hlaphoheloa ha litaba tsa ho tlatsa buffer. E sebelisoa ho litlhaselo tsa ZombieLoad le RIDL. CVSS 6.5;
- CVE-2019-11091 - MDSUM (Microarchitectural Data Sampling Uncacheable Memory), ho hlaphoheloa ha litaba tsa memori tse ke keng tsa khoneha. E sebelisoa tlhaselong ea RIDL. CVSS 3.8.
e tsebahalitse mathata a bokhoni ba ho sebelisa mekhoa ea tlhahlobo ea li-channel ho data ho meaho e menyenyane ea meralo eo lits'ebetso li sa fihlelleng ka kotloloho ho tsona. Re bua ka meaho e maemong a tlase joalo ka li-buffers tsa ho tlatsa (Line Fill Buffer), li-buffers tsa polokelo (Store Buffer) le likou tsa mojaro (Load Port), e leng li-blocks tse nyane ho feta cache ea boemo ba pele (L1D), cache ea data load. RDCL ) kapa L1TF (L1 Terminal Fault), mme ka hona e kenyeletse tlhahisoleseding e fokolang mme e ntjhafatswa ka matla.
Litlhaselo tse lehlakoreng la meaho e menyenyane ea meralo li thata haholo ho li etsa ha li bapisoa le mekhoa ea ho khutlisa likahare tsa cache mme li hloka ho lateloa le ho sekaseka lintlha tse ngata ho bona hore na li amana joang le liaterese tse itseng mohopolong (ha e le hantle, mohlaseli a ke ke a khona ho amohela lintlha tse itseng ka boomo. , empa e ka ba nako ea ho bokella ho lutla le ho sebelisa mekhoa ea lipalo ho theha bocha mefuta e meng ea data). Ho feta moo, tlhaselo e ama feela data ho mantlha e tšoanang ea 'mele ea CPU joalo ka khoutu ea mohlaseli.
Mekhoa e reriloeng ea ho khetholla likahare tsa meaho ea meaho e menyenyane e ipapisitse le taba ea hore meaho ena e sebelisoa nakong ea ho sebetsana le mekhelo (liphoso) kapa ts'ebetso ea mojaro le ea polokelo.
Nakong ea ts'ebetso e inahaneloang, likahare tsa meaho ea kahare li fetisetsoa ho li-register kapa li-cache bakeng sa ts'ebetso. Ts'ebetso e inahaneloang ha e phethehe 'me sephetho se lahliloe, empa litaba tse lebisitsoeng bocha li ka khethoa ho sebelisoa mekhoa ea tlhahlobo ea cache ea lehlakore.
Likou tsa meroalo li sebelisoa ke processor ho amohela data ho tsoa mohopolong kapa tsamaisong e nyane ea I/O le ho fana ka tlhaiso-leseling e fumanoeng ho lirekoto tsa CPU. Ka lebaka la ts'ebetso ea ts'ebetsong, lintlha tse tsoang lits'ebetsong tsa khale tsa ho jarolla li ntse li le likoung ho fihlela li ngotsoe ke data e ncha, e leng se etsang hore ho khonehe ho tseba ka mokhoa o sa tobang boemo ba data boema-kepeng ba ho jarolla ka ho laola mekhelo (liphoso) le SSE / AVX / Litaelo tsa AVX-512 tse kenyang data e fetang 64 bits. Tlas'a maemo a joalo, ts'ebetso ea mojaro e pepesa boleng ba data ba khale ho tloha meahong ea kahare ho isa ts'ebetsong e itšetlehileng ka eona. Ka mokhoa o ts'oanang, ho lutla ho hlophisitsoe ka "buffer" ea polokelo, e sebelisetsoang ho potlakisa ho ngolla cache ea CPU mme e kenyelletsa tafole ea liaterese, litekanyetso le lifolakha, hammoho le buffer ea ho tlatsa, e nang le data ha e so ka e le ka har'a cache ea L1 (cache-miss), ha nako e ntse e kenya ho tsoa ho li-cache tsa maemo a mang.
bothata Mefuta ea processor ea Intel e hlahisitsoeng ho tloha 2011 (ho tloha molokong oa 6). Tabeng ena, bofokoli ba hardware bo thibetsoe ho tloha ho mefuta e meng ea meloko ea 8 le ea 9 ea Intel Core le moloko oa 2 oa Intel Xeon Scalable (o ka hlahloba ho sebelisa ARCH_CAP_MDS_NO bit ho IA32_ARCH_CAPABILITIES MSR). Bofokoli le bona bo se bo ntse bo le teng maemong a firmware, microcode le sistimi e sebetsang. Intel e hakanya tahlehelo ea ts'ebetso ka mor'a ho kenya patch bakeng sa basebelisi ba bangata 3%. Ha Hyper-Threading e koaletsoe, ho senyeha ha ts'ebetso ho ka fihla ho 9% tekong ea SPECint_rate_base, ho fihla ho 11% ka lipalo tse feletseng tse sebetsang, le ho fihla ho 19% ho lisebelisoa tsa Java tse lehlakoreng la seva (le HT e lumelletsoe, ho batla ho se na tshebetso. nyeliso). Li-patches li na le tšusumetso e fokolang ts'ebetsong ea I / O.
Linux kernel e sireletsa khahlanong le MDS tsa kajeno 5.1.2, 5.0.16,
4.19.43, 4.14.119 le 4.9.176. Mokhoa oa ts'ireletso mabapi le ho hlakola likahare tsa li-buffers tsa meaho e menyenyane ka nako ea ho khutla ho tloha kernel ho ea sebakeng sa mosebelisi kapa ha o fetisetsa taolo ho sistimi ea baeti, eo ho eona taelo ea VERW e sebelisoang. Hore ts'ireletso e sebetse, e hloka tšehetso bakeng sa mokhoa oa MD_CLEAR, o kentsoeng ts'ebetsong ea morao-rao ea microcode. Bakeng sa ts'ireletso e felletseng, ho boetse ho khothaletsoa ho tima Hyper Threading. Ho lekola ho pepeseha ha sistimi ho bofokoli ho Linux kernel mohlokomeli "/sys/devices/system/cpu/vulnerabilities/mds". Ho laola ho kenyelletsoa ha mekhoa e fapaneng ea ho thibela ts'oaetso, "mds =" parameter e kenyelelitsoe kernel, e ka nkang litekanyetso "full", "full,nosmt" (e thibelang Hyper-Threads), "vmwerv" le “theoha”.
Lintlafatso tsa liphutheloana li se li lokollotsoe и , empa ha o fumanehe hajoale , и .
Tokiso ea ho thibela ho lutla ha data ho tsoa mechini e fumanehang hape bakeng sa Xen hypervisor. Ho sireletsa lisebelisoa tsa virtualization tse fanang ka taelo ea L1D_FLUSH pele o fetisetsa taolo ho mochine o mong oa sebele, le ho sireletsa li-enclave tsa Intel SGX, ntlafatso ea microcode e lekane.
Source: opennet.ru