Jiya mun buga a nan a kan blog labarai game da Aya, ɗakin karatu don ƙirƙirar direbobin eBPF a Tsatsa kuma shine dalilin wannan shine don ƙirƙirar amintattun direbobi ko Prossimo aikin don tabbatar da ƙwaƙwalwa na kernel na Linux tare da Tsatsa (manyan ayyuka biyu waɗanda zasu ba da yawa magana game da su a cikin watanni masu zuwa).
Kuma wannan shine a cikin dan kankanin lokaci an ba da rahotanni masu rauni iri-iri a ciki yi amfani da kwari a cikin eBPF kuma cewa batun ne wanda masu haɓaka kernel basu daina aiki ba kuma wataƙila Tsatsa ita ce mafita.
Dalilin tabawa a kan wannan maudu'in shine kwanan nan aka fitar da labarin da suka gano "Sauran" yanayin rauni a cikin kwayar Linux (CVE-2021-33624) don keɓe kariya daga yanayin raunin aji, tunda wannan yana ba da damar amfani da tsarin eBPF don iya tantance abubuwan da ƙwaƙwalwar ta ƙunsa sakamakon ƙirƙirar yanayi don zato na aiwatar da wasu ayyuka.
An ambata cewa yanayin shigewa yana faruwa ne ta hanyar gazawa a cikin mai tantancewa, wanda ake amfani dashi don gano kurakurai da aiki mara kyau a cikin shirye-shiryen BPF. Mai tantancewar ya lissafa hanyoyin aiwatar da lambar, amma ya yi biris da duk wasu zabin reshe wadanda ba su da inganci daga mahangar tsarin koyar da ilimin tsarin gini.
Lokacin gudanar da shirin BPF, zaɓuɓɓukan reshe waɗanda ba'a tantance su ta hanyar mai binciken ba na iya yin kuskuren hangen nesa ta hanyar mai sarrafawa kuma a aiwatar da su a cikin yanayin hasashe.
A kan tsarin da abin ya shafa, shirin BPF mara gata zai iya amfani da wannan yanayin don bincika abubuwan da ke cikin ƙwaƙwalwar ajiyar ƙwaƙwalwar ajiya (sabili da haka duk ƙwaƙwalwar ajiyar jiki) ta hanyar tashar gefe.
Alal misali, lokacin nazarin aikin "lodin", mai tabbatarwar ya ɗauka cewa umarnin yana amfani da rajista tare da adireshin da darajarta koyaushe tana cikin iyakantattun iyakoki, amma mai kai hari na iya ƙirƙirar yanayi a karkashin wacce mai sarrafawa zai yi ƙoƙarin yin ciniki tare da adireshin da bai cika sharuɗɗan tabbatarwa ba.
Harin Specter yana buƙatar kasancewar takamaiman rubutun a cikin lambar gata, wanda ke haifar da aiwatar da umarni. Ta hanyar yin amfani da shirye-shiryen BPF waɗanda aka gabatar don aiwatarwa, yana yiwuwa a samar da irin waɗannan umarnin a cikin eBPF kuma a tace abubuwan da ke cikin ƙwaƙwalwar ajiyar ƙwaƙwalwa da wuraren da ba a yarda da su ba na ƙwaƙwalwar ajiyar jiki ta hanyar tashoshin gefen.
Har ila yau, zaka iya yiwa alama alama game da tasirin aikin na dukiya don kare kariya daga raunin Specter.
Wannan bayanin ya taƙaita sakamakon debugger ingantawa rr (Rikodi da Sake kunnawa), da zarar Mozilla ta ƙirƙira shi don cire kuskuren maimaita maimaitawa a cikin Firefox. Caching tsarin kira da akayi amfani dashi don tabbatar da kasancewar kundin adireshi ya rage aikin "rr kafofin" don aikin gwajin daga minti 3 19 sakan zuwa sakan 36.
Mawallafin ingantawa ya yanke shawarar dubawa nawa zai canza aiwatarwa bayan kashe kariyar Specter. Bayan ƙaddamar da tsarin tare da ma'aunin «mitigations = off», lokacin aiwatarwar «rr kafofin» ba tare da ingantawa ba ya kasance minti 2 5 daƙiƙa (sau 1.6 cikin sauri) kuma tare da ingantawa 33 seconds (9% sauri).
Abin mamaki, kashe kariyar Specter ba wai kawai rage lokacin gudu bane - na lambar matakin kernel a cikin sau 1.4 (daga 2 min 9s zuwa 1 min 32s), Hakanan ya rage rabin lokacin aiwatarwa a sararin mai amfani (daga 1 min 9s zuwa 33s), mai yiwuwa saboda raguwar ingancin cache na CPU da TLB an sake saita su lokacin da aka kunna kariyar Specter.
Matsalar ta bayyana tun lokacin da aka saki kernel 4.15 kuma an gyara shi a cikin hanyar faci, wanda a wannan lokacin har yanzu bai kai ga duk rarrabawa ba, don haka ana ba da shawara ga masu amfani cewa a wannan kwanakin suna yin abubuwan da suka dace a duk lokacin da suka karɓi sanarwar.
Si kuna so ku sani game da shi, zaka iya duba bayanan A cikin mahaɗin mai zuwa.