I-ProHoster > Π‘Π»ΠΎΠ³ > izindaba ze-inthanethi > Ubungozi ku-firmware ye-UEFI ngokusekelwe kuhlaka lwe-InsydeH2O, okuvumela ukwenziwa kwekhodi ezingeni le-SMM

Ubungozi ku-firmware ye-UEFI ngokusekelwe kuhlaka lwe-InsydeH2O, okuvumela ukwenziwa kwekhodi ezingeni le-SMM

Ohlakeni lwe-InsydeH2O, olusetshenziswa abakhiqizi abaningi ukwenza i-firmware ye-UEFI yemishini yabo (ukuqaliswa okuvame kakhulu kwe-UEFI BIOS), ubungozi obungama-23 buhlonziwe obuvumela ukuthi ikhodi yenziwe ezingeni le-SMM (Imodi Yokulawulwa Kwesistimu), ene- okubaluleke kakhulu (Ring -2) kunemodi ye-hypervisor kanye neringi enguziro yokuvikela, nokuba nokufinyelela okungenamkhawulo kuyo yonke inkumbulo. Inkinga ithinta i-firmware ye-UEFI esetshenziswa abakhiqizi abafana ne-Fujitsu, Siemens, Dell, HP, HPE, Lenovo, Microsoft, Intel kanye ne-Bull Atos.

Ukuxhashazwa kobungozi kudinga ukufinyelela kwasendaweni ngamalungelo omlawuli, okwenza izindaba zidume njengobungozi besigaba sesibili, esisetshenziswa ngemva kokuxhashazwa kobunye ubungozi ohlelweni noma ukusetshenziswa kwezindlela zobunjiniyela bomphakathi. Ukufinyelela ezingeni le-SMM kukuvumela ukuthi wenze ikhodi ezingeni elingalawulwa isistimu yokusebenza, engasetshenziswa ukulungisa i-firmware futhi ushiye amakhodi anonya afihliwe noma ama-rootkits ku-SPI Flash angatholwa uhlelo lokusebenza, kanye ukukhubaza ukuqinisekiswa esigabeni sokuqalisa (UEFI Secure Boot , Intel BootGuard) kanye nokuhlaselwa kwama-hypervisors ukuze kudlule izindlela zokuhlola ubuqotho bezindawo ezibonakalayo.

Ubungozi ku-firmware ye-UEFI ngokusekelwe kuhlaka lwe-InsydeH2O, okuvumela ukwenziwa kwekhodi ezingeni le-SMM

Ukuxhashazwa kobungozi kungenziwa kusukela kusistimu yokusebenza kusetshenziswa izibambi ze-SMI (System Management Interrupt) ezingaqinisekisiwe, kanye nasesigabeni sangaphambi kokusayinda sesistimu yokusebenza phakathi nezigaba zokuqala zokuqalisa noma ukubuya kumodi yokulala. Bonke ubungozi bubangelwa izinkinga zenkumbulo futhi kuhlukaniswe izigaba ezintathu:

  • I-SMM Callout - ukusetshenziswa kwekhodi yakho ngamalungelo e-SMM ngokuqondisa kabusha ukusetshenziswa kwezibambi zokuphazamiseka kwe-SWSMI kukhode ngaphandle kwe-SMRAM;
  • Inkohlakalo yenkumbulo evumela umhlaseli ukuthi abhale idatha yakhe ku-SMRAM, indawo yenkumbulo ekhethekile ehlukanisiwe lapho ikhodi isetshenziswa khona ngamalungelo e-SMM.
  • Ukonakala kwenkumbulo kukhodi esebenza ezingeni le-DXE (Driver eXecution Environment).

Ukuze ubonise izimiso zokuhlela ukuhlasela, isibonelo sokuxhaphaza sishicilelwe, esivumela, ngokuhlaselwa okuvela endaweni yesithathu noma eyiziro yokuvikela, ukuze uthole ukufinyelela ku-DXE Runtime UEFI futhi usebenzise ikhodi yakho. Ukuxhaphaza kuxhaphaza ukuchichima kwesitaki (CVE-2021-42059) kumshayeli we-UEFI DXE. Ngesikhathi sokuhlasela, umhlaseli angabeka ikhodi yakhe kumshayeli we-DXE, ehlala isebenza ngemuva kokuthi uhlelo lokusebenza luqaliswe kabusha, noma enze izinguquko endaweni ye-NVRAM ye-SPI Flash. Ngesikhathi sokubulawa, ikhodi yomhlaseli ingenza izinguquko ezindaweni zememori ezinelungelo, iguqule izinsiza ze-EFI Runtime, futhi ithinte inqubo yokuqalisa.

Source: opennet.ru

Engeza amazwana