Abacwaningi abavela eNyuvesi yaseBirmingham, phambilini eyaziwa ngokuthuthukisa ukuhlasela kwe-Plundervolt neVoltPillager, bathole ubungozi (CVE-2022-43309) kwamanye amabhodi omama weseva avumela i-CPU ukuthi ikhubazeke ngokomzimba ngaphandle kokuba nokwenzeka kokululama kwayo okulandelayo. Ukuba sengozini, okuqanjwe ngekhodi ye-PMFault, kungasetshenziswa ukulimaza iziphakeli lapho umhlaseli angakwazi ukufinyelela khona ngokomzimba, kodwa abe nokufinyelela okukhethekile ohlelweni lokusebenza, okutholwe, ngokwesibonelo, ngokusebenzisa ubungozi obungashayiwe noma ukuvimba iziqinisekiso zomlawuli.
Ingqikithi yendlela ehlongozwayo ukusebenzisa isixhumi esibonakalayo se-PMBus, esisebenzisa iphrothokholi ye-I2C, ukukhulisa amandla kagesi anikezwe iphrosesa kumanani adala umonakalo ku-chip. Isixhumi esibonakalayo se-PMBus sivamise ukusetshenziswa ku-VRM (Imojuli yesilawuli se-Voltage), engafinyelelwa ngokukhohlisa isilawuli se-BMC. Ukuze wenze ukuhlasela kwamabhodi asekela i-PMBus, ngaphezu kwamalungelo omlawuli ohlelweni lokusebenza, kufanele ube nokufinyelela kwesofthiwe ku-BMC (Baseboard Management Controller), isibonelo, ngokusebenzisa i-IPMI KCS (Isitayela Sokulawula Ikhibhodi), ngokusebenzisa Ethernet, noma ngokukhanyisa i-BMC kusistimu yamanje.
Inkinga evumela ukuhlaselwa kwenziwe ngaphandle kokwazi imingcele yokuqinisekisa ku-BMC iqinisekisiwe kuma-motherboards e-Supermicro asekelwa yi-IPMI (X11, X12, H11 ne-H12) kanye ne-ASRock, kodwa amanye amabhodi eseva akwazi ukufinyelela i-PMBus nawo akhona. abathintekayo. Ngesikhathi sokuhlolwa, lapho i-voltage inyuswa yaba ngu-2.84 volts kulawa mabhodi, amaphrosesa amabili e-Intel Xeon wonakala. Ukufinyelela i-BMC ngaphandle kokwazi imingcele yokuqinisekisa, kodwa ngokufinyelela kwezimpande ohlelweni olusebenzayo, ubungozi bendlela yokuqinisekisa i-firmware yasetshenziswa, okwenze kwaba nokwenzeka ukulayisha isibuyekezo se-firmware esilungisiwe kusilawuli se-BMC, kanye nokwenzeka ukufinyelela okungagunyaziwe nge-IPMI KCS.
Indlela yokushintsha i-voltage nge-PMBus ingase futhi isetshenziselwe ukwenza ukuhlasela kwe-Plundervolt, okuvumela, ngokwehlisa i-voltage kumanani amancane, ukudala umonakalo kokuqukethwe kwamaseli edatha ku-CPU asetshenziselwa izibalo ezindaweni ezizimele ze-Intel SGX. kanye nokukhiqiza amaphutha kuma-algorithms alungile ekuqaleni. Isibonelo, uma ushintsha inani elisetshenziswe ekuphindaphindeni phakathi nenqubo yokubethela, okukhiphayo kuzoba umbhalo oyimfihlo ongalungile. Ngokukwazi ukufinyelela isibambi ku-SGX ukuze sibethele idatha yayo, umhlaseli angakwazi, ngokubangela ukwehluleka, aqongelele izibalo mayelana nezinguquko kumbhalo we-ciphertext okukhiphayo futhi abuyisele inani lokhiye ogcinwe ku-SGX enclave.
Amathuluzi okuhlasela amabhodi e-Supermicro kanye ne-ASRock, kanye nensiza yokuhlola ukufinyelela ku-PMBus, ashicilelwe ku-GitHub.
Source: opennet.ru