Abaphandi abavela kwiYunivesithi yaseBirmingham, ngaphambili eyaziwa ngokuphuhlisa iPlundervolt kunye neVoltPillager, baye bachonga ubuthathaka (CVE-2022-43309) kwezinye iibhodi ze-motherboards ezivumela i-CPU ukuba ikhubazeke ngokwasemzimbeni ngaphandle kokukwazi ukubuyiswa kwayo okulandelayo. Ubuthathaka, obunekhowudi ye-PMFault, bunokusetyenziswa ukonakalisa abancedisi apho umhlaseli angenako ukufikelela ngokomzimba, kodwa unokufikelela okunelungelo kwinkqubo yokusebenza, efunyenwe, umzekelo, ngokuxhaphaza ubuthathaka obungabhalwanga okanye ukubamba iziqinisekiso zomlawuli.
Undoqo wendlela ecetywayo kukusebenzisa ujongano lwe-PMBus, olusebenzisa iprotocol ye-I2C, ukunyusa amandla ombane anikezelwe kwiprosesa kumaxabiso abangela umonakalo kwitshiphu. I-interface ye-PMBus idla ngokusetyenziswa kwi-VRM (iModyuli ye-Voltage Regulator), enokufikelelwa ngokuguqulwa komlawuli we-BMC. Ukwenza uhlaselo kwiibhodi ezixhasa i-PMBus, ngaphezu kwamalungelo omlawuli kwinkqubo yokusebenza, kufuneka ube ne-software yokufikelela kwi-BMC (i-Baseboard Management Controller), umzekelo, nge-IPMI KCS (I-Keyboard Controller Style) interface, ngokusebenzisa Ethernet, okanye ngokudanyaza i-BMC kwinkqubo yangoku.
Umba ovumela uhlaselo ukuba lwenziwe ngaphandle kokwazi iiparameters zokuqinisekisa kwi-BMC iqinisekisiwe kwiibhodi ze-Supermicro motherboards ngenkxaso ye-IPMI (X11, X12, H11 kunye ne-H12) kunye ne-ASRock, kodwa ezinye iibhodi zeseva ezinokufikelela kwi-PMBus nazo. abachaphazelekayo. Ngexesha lovavanyo, xa i-voltage yonyuswa ukuya kwi-2.84 volts kwezi bhodi, iiprosesa ezimbini ze-Intel Xeon zonakaliswe. Ukufikelela kwi-BMC ngaphandle kokwazi iiparamitha zokuqinisekisa, kodwa ngokufikelela kweengcambu kwinkqubo yokusebenza, kusetyenziswe ubuthathaka kwindlela yokuqinisekisa i-firmware, eyenza kube lula ukulayisha uhlaziyo lwe-firmware olulungisiweyo kwisilawuli se-BMC, kunye nokwenzeka ufikelelo olungagunyaziswanga nge-IPMI KCS.
Indlela yokutshintsha i-voltage nge-PMBus ingasetyenziselwa ukwenza uhlaselo lwe-Plundervolt, oluvumela, ngokunciphisa i-voltage ukuya kumaxabiso amancinci, kubangele umonakalo kwimixholo yeeseli zedatha kwi-CPU esetyenziselwa izibalo kwiindawo ezizimeleyo ze-Intel SGX. kunye nokuvelisa iimpazamo kwii-algorithms ezichanekileyo ekuqaleni. Umzekelo, ukuba utshintsha ixabiso elisetyenziswe kuphinda-phindo ngexesha lenkqubo yoguqulelo oluntsonkothileyo, imveliso iya kuba yi-ciphertext engachanekanga. Ngokukwazi ukufikelela kumphathi kwi-SGX ukubethela idatha yayo, umhlaseli angakwazi, ngokubangela ukungaphumeleli, ukuqokelela izibalo malunga neenguqu kwi-ciphertext yemveliso kwaye abuyisele ixabiso lesitshixo esigcinwe kwi-SGX enclave.
Izixhobo zokwenza uhlaselo kwiibhodi zeSupermicro kunye ne-ASRock, kunye nesixhobo sokujonga ukufikelela kwi-PMBus, zipapashwa kwi-GitHub.
umthombo: opennet.ru
