Ubuthathaka buchongiwe kwi-Linux 6.2 kernel (CVE-2023-1998) ekhubaza ukhuseleko ngokuchasene neSpecter v2 uhlaselo oluvumela ukufikelela kwimemori yezinye iinkqubo ezisebenza kwii-SMT ezahlukeneyo okanye i-Hyper Threading threads, kodwa kwi-core processor core efanayo. Ukuba sesichengeni, phakathi kwezinye izinto, kunokusetyenziselwa ukuququzelela ukuvuza kwedatha phakathi koomatshini benyani kwiinkqubo zamafu. Umba uchaphazela kuphela i-Linux 6.2 kernel kwaye ibangelwa kukuphunyezwa okungalunganga kokulungiswa okwenzelwe ukunciphisa i-overhead ebalulekileyo xa usebenzisa ukhuseleko kwiSpecter v2. Ukuba sesichengeni kwalungiswa kwisebe lovavanyo le-Linux 6.3 kernel.
Kwisithuba somsebenzisi, ukukhusela kuhlaselo lweSpecter, iinkqubo zinokukhetha ukuvala ukuphunyezwa komyalelo oqikelelwayo nge-prctl PR_SET_SPECULATION_CTRL okanye zisebenzise isihluzo sefowuni esekwe kwiseccomp. Ngokutsho kwabaphandi abachonge ingxaki, ukulungelelaniswa okungalunganga kwi-6.2 kernel kushiye oomatshini ababonakalayo ubuncinane omnye umnikezeli wefu omkhulu ngaphandle kokukhuselwa okufanelekileyo, nangona ukufakwa kwe-spectre-BTI yokuhlasela imodi yokuthintela nge-prctl. Ukuba sesichengeni kukwazibonakalisa kwiiseva eziqhelekileyo ezine-6.2 kernel, eziqaliswe ngokusetyenziswa kwe-"spectre_v2=ibrs" isicwangciso.
Ingundoqo yokuba sesichengeni kukuba xa ukhetha i-IBRS okanye i-eIBRS iindlela zokukhusela, ukulungelelaniswa okwenziwe kukhubaziwe ukusetyenziswa kwe-STIBP (i-Single Thread Indirect Branch Predictors) indlela, eyimfuneko ukuvala ukuvuza xa usebenzisa iteknoloji ye-multithreading ngexesha elinye (i-SMT okanye i-Hyper-Threading). Kwangaxeshanye, imowudi ye-eIBRS kuphela ibonelela ngokhuseleko ekuvuzeni phakathi kwemicu, kodwa hayi imowudi ye-IBRS, ekubeni kunye nayo i-IBRS bit, ebonelela ngokhuseleko lokuvuza phakathi kwee-cores ezinengqiqo, iyacinywa ngenxa yezizathu zokusebenza xa ulawulo lubuyela kwindawo yomsebenzisi, okwenza ukuba imicu yomsebenzisi-indawo ingakhuselwanga ekuhlaselweni kweklasi yeSpecter v2.
umthombo: opennet.ru