Ulwazi seludaluliwe mayelana nokuhlaselwa okusha kwama-Intel processors - i-AEPIC Leak (CVE-2022-21233), okuholela ekuvuzeni kwedatha eyimfihlo evela ezindaweni ezizimele ze-Intel SGX (Software Guard eXtensions). Udaba luthinta isizukulwane se-10, se-11, nese-12 sama-Intel CPUs (okuhlanganisa nochungechunge olusha lwe-Ice Lake ne-Alder Lake) futhi lubangelwa iphutha lezakhiwo elivumela ukufinyelela kudatha engaqalisiwe esele kumarejista e-APIC (Advanced Programmable Interrupt Controller) ngemva kwesikhathi esidlule. imisebenzi.
Ngokungafani nokuhlaselwa kwe-Specter class, ukuvuza kwe-AEPIC Leak kwenzeka ngaphandle kokusetshenziswa kwezindlela zokuthola kabusha ngokusebenzisa iziteshi zezinkampani zangaphandle - ulwazi mayelana nedatha eyimfihlo idluliselwa ngokuqondile ngokuthola okuqukethwe kwamarejista aboniswa ekhasini lememori le-MMIO (i-memory-mapped I/O) . Ngokuvamile, ukuhlasela kukuvumela ukuthi unqume idatha edluliselwe phakathi kwenqolobane yezinga lesibili nelokugcina, kuhlanganise nokuqukethwe kwamarejista kanye nemiphumela yemisebenzi efundwayo evela enkumbulweni, eyayicutshungulwe ngaphambilini kumgogodla ofanayo we-CPU.
Njengoba ukwenza ukuhlasela kuyadingeka ukufinyelela emakhasini angokwenyama we-APIC MMIO, i.e. idinga amalungelo omlawuli, indlela ilinganiselwe ekuhlaseleni izigcawu ze-SGX lapho umlawuli engenakho ukufinyelela okuqondile. Abacwaningi benze amathuluzi abavumela ukuthi bakhombe okhiye be-AES-NI kanye ne-RSA abagcinwe ku-SGX, kanye nokhiye besitifiketi se-Intel SGX kanye namapharamitha akhiqiza inombolo okungahleliwe phakathi kwamasekhondi ambalwa. Ikhodi yokuhlasela yashicilelwa ku-GitHub.
I-Intel imemezele ukulungiswa ngendlela yesibuyekezo se-microcode esizosebenzisa ukusekelwa kokushaywa kwe-buffer futhi sengeze izinyathelo ezengeziwe zokuvikela idatha ye-enclave. Ukukhishwa okusha kwe-SDK kwe-Intel SGX kuphinde kwalungiswa ngezinguquko ukuvimbela ukuvuza kwedatha. Onjiniyela bezinhlelo zokusebenza nama-hypervisors bayanconywa ukuthi basebenzise imodi ye-x2APIC esikhundleni semodi ye-xAPIC yefa, lapho kusetshenziswa khona ukubhaliswa kwe-MSR esikhundleni se-MMIO ukuze kufinyelelwe amarejista e-APIC.
Source: opennet.ru