Iqela labaphandi abavela kwiYunivesithi yaseGraz yeTekhnoloji (eAustria), eyaziwayo ngaphambili ngokuphuhlisa iindlela zokuhlasela , , ΠΈ , iqhube uphando kwi-hardware elungiselelwe ngokukodwa kwiiprosesa ze-AMD kunye iindlela ezimbini ezintsha zohlaselo lwesitishi esisecaleni esisebenzisa ukuvuza kwedatha ngexesha lokusebenza kwe-L1 cache channel prediction mechanism ye-AMD processors. Ubuchule bunokusetyenziswa ukunciphisa ukusebenza kokhuseleko lwe-ASLR, ukubuyisela izitshixo ekuphunyezweni kwe-AES esengozini, kunye nokwandisa ukusebenza kohlaselo lweSpecter.
Iingxaki zichongiwe ekuphunyezweni kwendlela yokuqikelela isitishi (indlela yokuqikelela) kwi-CPU yenqanaba lokuqala ledatha yedatha (L1D), esetyenziselwa ukuqikelela ukuba yeyiphi ijelo yecache equlethe idilesi ethile yememori. Ulungiselelo olusetyenziswa kwi-AMD processors lusekwe ekujongweni kwe-ΞΌ-tag (ΞΌTag). ΞΌIthegi ibalwa ngokufaka umsebenzi othile we-hash kwidilesi yenyani. Ngexesha lokusebenza, i-injini yokuqikelela umjelo isebenzisa i-ΞΌTag ukumisela itshaneli ye-cache kwitafile. Ngaloo ndlela, i-ΞΌTag ivumela iprosesa ukuba izithintele ukufikelela kuphela kwitshaneli ethile, ngaphandle kokukhangela kuzo zonke iinketho, ezinciphisa kakhulu ukusetyenziswa kwamandla e-CPU.
Ngexesha lobunjineli obubuyela umva ukuphunyezwa kwenkqubo yokuxela kwangaphambili kwizizukulwana ezahlukeneyo zeprosesa ze-AMD ezikhutshiweyo ukusuka ngo-2011 ukuya ku-2019, iindlela ezimbini zokuhlaselwa kwejelo elisecaleni zachongwa:
- I-Collide+Probe-ivumela umhlaseli ukuba alandele ukufikelela kwimemori kwiinkqubo ezisebenza kumbindi we-CPU efanayo. Undoqo wendlela kukusebenzisa iidilesi zenyani ezibangela ungqubano kumsebenzi we-hash osetyenziswayo ukubala ΞΌTag ukulandelela ukufikelela kwimemori. Ngokungafaniyo nohlaselo lwe-Flush + Reload kunye ne-Prime + Probe esetyenziswa kwi-Intel processors, i-Collide + Probe ayisebenzisi imemori ekwabelwana ngayo kwaye isebenza ngaphandle kolwazi lweedilesi zendawo.
- Layisha + Phinda ulayishe - ikuvumela ukuba uchaze ngokuchanekileyo umkhondo wokufikelela kwimemori kumbindi we-CPU efanayo. Indlela isekwe kwinto yokuba iseli yenkumbulo yomzimba ingaba kwi-cache ye-L1D kanye. Ezo. Ukufikelela kwimemori enye yeseli kwidilesi eyahlukileyo yenyani kuya kubangela ukuba iseli ikhutshwe kwi-L1D cache, ivumela ufikelelo lwenkumbulo ukulandelwa. Nangona uhlaselo luxhomekeke kwimemori ekwabelwanayo ngayo, ayigungxuli imigca ye-cache, ivumela uhlaselo olufihlakeleyo olungakhuphi idatha kwi-cache yenqanaba lokugqibela.
Ngokusekwe kwiCollide + Probe kunye neLayisha + Reload + ubuchule, abaphandi babonise iimeko ezininzi zohlaselo lwesitishi esisecaleni:
- Ithuba lokusebenzisa iindlela zokuququzelela umjelo ofihlakeleyo wonxibelelwano olungathanga ngqo phakathi kweenkqubo ezimbini, ukuvumela ukuhanjiswa kwedatha ngesantya ukuya kwi-588 kB ngesibini, kubonisiwe.
- Ukusebenzisa ungqubano kwi-ΞΌTag, kwakunokwenzeka ukunciphisa i-entropy kwiintlobo ezahlukeneyo ze-ASLR (Idilesi yeNdawo yokuBela ngokuKhethekileyo) kwaye udlule ukhuseleko lwe-ASLR kwikernel kwinkqubo yeLinux ehlaziywe ngokupheleleyo. Ukubanakho ukwenza uhlaselo lokunciphisa i-ASLR entropy zombini kwizicelo zomsebenzisi kunye nokusebenzisa ikhowudi yeJavaScript eyenziwe kwindawo yebhokisi yesanti kunye nekhowudi esebenza kwenye indawo yeendwendwe ibonisiwe.
- Ngokusekwe kwindlela yeCollide+Probe, kwaphunyezwa uhlaselo lokubuyisela isitshixo soguqulelo oluntsonkothileyo kuphumezo olusesichengeni (ngokusekwe ) Uguqulelo oluntsonkothileyo lwe-AES.
- Ngokusebenzisa indlela ye-Collide + Probe njengendlela yokufumana idatha, i-Specter attack yakwazi ukukhupha idatha yangasese kwi-kernel ngaphandle kokusebenzisa imemori ekwabelwana ngayo.
Ukuba sesichengeni kwenzeka kwiiprosesa ze-AMD ezisekwe kwi-microarchitectures
IBulldozer, Piledriver, Steamroller, Zen (Ryzen, Epic), Zen+ kunye neZen2.
I-AMD yazisiwe ngalo mbandela nge-23 ka-Agasti ka-2019, kodwa ukuza kuthi ga ngoku ngolwazi malunga nokuthintela ukuba sesichengeni. Ngokwabaphandi, ingxaki inokuvalwa kwinqanaba lohlaziyo lwe-microcode ngokubonelela ngeebhithi ze-MSR ukukhetha ukukhubaza inkqubo yokuqikelela isitishi, kufana noko kwenziwa yi-Intel ukulawula ukukhubaza iindlela zokuqikelela isebe.
umthombo: opennet.ru