Ithimba labacwaningi abavela eNyuvesi Yamahhala yase-Amsterdam lishicilele ikhithi yamathuluzi ye-Kasper eklanyelwe ukuhlonza amazwibela ekhodi ku-Linux kernel engasetshenziswa ukuxhaphaza ubungozi be-Specter-class okubangelwa ukukhishwa kwekhodi ecatshangelwayo kuphrosesa. Ikhodi yomthombo yekhithi yamathuluzi isatshalaliswa ngaphansi kwelayisensi ye-Apache 2.0.
Masikhumbule ukuthi ukuze senze ukuhlaselwa okufana ne-Specter v1, okwenza kube nokwenzeka ukunquma okuqukethwe yinkumbulo, ukuba khona kwekhodi enelungelo lokulandelana kwemiyalelo ethile (amagajethi) kuyadingeka, okuholela ekukhishweni kokuqagela kwemiyalelo. . Ngezinjongo zokuthuthukisa, iphrosesa iqala ukusebenzisa amagajethi anjalo ngemodi yokuqagela, bese inquma ukuthi ukubikezela kwegatsha akuzange kuthethelelwe futhi ibuyisela ukusebenza esimweni sayo sangempela, kodwa idatha ecutshungulwe ngesikhathi sokuqagela igcina kunqolobane kanye nezigcinalwazi ze-microarchitectural futhi iyatholakala ukuze ibuyiswe kubo kusetshenziswa izindlela ezihlukahlukene zokunquma idatha eyinsalela ngamashaneli ezinkampani zangaphandle.
Amathuluzi ayetholakala ngaphambilini okuskena amagajethi okuba sengozini kweSpecter, okusekelwe ekusesheni amaphethini avamile, abonise izinga eliphezulu kakhulu lamagajethi angamanga, kuyilapho engekho amagajethi amaningi angempela (ukuhlola kubonise ukuthi u-99% wamagajethi akhonjwe amathuluzi anjalo awakwazanga ukusetshenziselwa ukuhlasela. , kanye no-33% wamagajethi asebenzayo angaholela ekuhlaselweni awazange anakwe).
Ukuze kuthuthukiswe ikhwalithi yokuhlonza amagajethi ayinkinga, i-Kasper imodeli yokukhubazeka umhlaseli angayisebenzisa esinyathelweni ngasinye sokuhlasela kwesigaba se-Specter - izinkinga ezivumela ukulawulwa kwedatha ziyamodela (isibonelo, ukufaka idatha yomhlaseli endaweni yezakhiwo ezincane ukuze kuthonye ukwenziwa kokuqagela okulandelayo kusetshenziswa. Ukuhlasela kwesigaba se-LVI), thola ukufinyelela olwazini oluyimfihlo (isibonelo, lapho weqa imingcele yebhafa noma usebenzisa inkumbulo ngemva kokuba ikhululiwe) futhi ivuze ulwazi oluyimfihlo (isibonelo, ngokuhlaziya isimo senqolobane yokucubungula noma ukusebenzisa indlela ye-MDS).
Lapho kuhlolwa, i-kernel ixhunywe nemitapo yolwazi yesikhathi sokusebenza ye-Kasper futhi ihlola esebenza ezingeni le-LLVM. Inqubo yokuhlola ilingisa ukwenziwa kwekhodi ecatshangelwayo, esetshenziswa kusetshenziswa indlela yokuhlola indawo yokubuyisela, esebenzisa ngokuqondile igatsha lekhodi elibikezelwe ngokungalungile, bese ibuyela emuva esimweni sokuqala ngaphambi kokuba igatsha liqale. I-Kasper iphinde izame ukulingisa ubungozi obuhlukahlukene besofthiwe ne-hardware, ihlaziye umthelela wezakhiwo nezakhiwo ezincane, futhi yenze ukuhlolwa kwe-fuzz kwezenzo zomhlaseli ezingaba khona. Ukuze kuhlaziywe ukugeleza kokusayinda, imbobo ye-DataFlowSanitizer ye-Linux kernel iyasetshenziswa, futhi ukuze kuhlolwe i-fuzzing, kusetshenziswe inguqulo eguquliwe yephakheji ye-syzkaller.
Ukuskena kwe-Linux kernel kusetshenziswa i-Kasper kukhombe amagajethi ayengaziwa ngaphambili angu-1379 okungenzeka aholele ekuvuzeni kwedatha ngesikhathi sokukhishwa kweziyalezo okuqagelayo. Kuyaphawulwa ukuthi mhlawumbe ezinye zazo kuphela ezingase zibe nezinkinga zangempela, kodwa ukukhombisa ukuthi kunengozi yangempela, futhi hhayi nje ithiyori, i-prototype esebenzayo yokuxhashazwa yenzelwe enye yezingcezu zekhodi eziyinkinga, okuholela olwazini. ukuvuza kusuka kumemori ye-kernel.
Source: opennet.ru