Kana dzikashandiswa, zvikanganiso izvi zvinogona kubvumira vanorwisa kuti vawane mukana usina mvumo kune ruzivo rwakadzama kana kuti kazhinji kukonzera matambudziko.
Boka re Vatsvagiri kubva kumayunivhesiti eChina neUnited States vaona kusagadzikana kutsva muma processors Intel inotungamira kune ruzivo ruza pamhedzisiro yekufungidzira mashandiro kuburikidza neyechitatu-bato nzira, iyo inogona kushandiswa, semuenzaniso, kuronga yakavanzika yekutaurirana chiteshi pakati pemaitiro kana kuona kuvuza panguva yekurwiswa kweMeltdown.
Izvo zvakakosha zvekusagadzikana ndeye shanduko muEFLAGS processor registry, iyo yakaitika semugumisiro wekufungidzira kuurayiwa kwemirayiridzo, inobata nguva inotevera yekuitwa kweJCC mirayiridzo (svetuka kana mamiriro akataurwa asangana).
Kufungidzira hakuna kupera uye mhedzisiro inoraswa, asi iyo yakaraswa EFLAGS shanduko inogona kugadziriswa nekuongorora nguva yekuuraya yeJCC mirairo. Zvichifungidzirwa zvakaitwa pre-jump kuenzanisa mashandiro, kana kuenzanisa kwacho kuchibudirira, kunokonzeresa kunonoka kudiki kunogona kuyerwa uye kushandiswa sechinhu chinoenderana nezvirimo.
Iyo yenguva pfupi yekuuraya kurwiswa imhando yekurwiswa inoshandisa kusadzivirirwa kweCPU optimization matekinoroji. Kurwiswa kutsva kunobuda nekukurumidza. Iyo yedivi chiteshi chikamu chakakosha chenguva pfupi yekuuraya kurwisa kuburitsa data.
Mubasa iri, takawana kusazvibata kwakashandura rejista yeEFLAGS mukuita kwenguva pfupi iyo inogona kuve nemhedzisiro paJcc (Jump Condition Code) rairo paIntel CPUs. Zvichienderana nezvatakawana, isu tinopa zano nyowani yedivi chiteshi kurwisa iyo inoshandisa kwenguva pfupi kuuraya nguva uye Jcc mirairo kuendesa data.
Kurwiswa uku kunovhara data rakavanzika nekushandura registry izvo zvinoita kuti nguva yekuuraya iite zvishoma uye inogona kuyerwa neanorwisa kuti atore data. Kurwiswa uku hakubvi pane cache system.
Kusiyana nekumwe kurwiswa zvakafanana kuburikidza nechitatu-bato nzira, iyo nzira itsva haina kuongorora shanduko munguva yekuwana kune data yakachengetwa uye kwete cached uye haidi danho rekugadzirisa zvakare EFLAGS rekodhi kune yekutanga mamiriro, izvo zvinoita kuti zvive zvakaoma kuona uye kudzivirira kurwisa.
zvedemo, vaongorori vakaita shanduko yeMeltdown kurwisa, kushandisa mairi nzira itsva yekuwana ruzivo pamusoro pemugumisiro wekushanda kwekufungidzira. Iko kushanda kweiyo nzira yekuronga kuburitswa kweruzivo panguva yekurwiswa kweMeltdown yakave yakabudirira kuratidzwa pane masisitimu ane Intel Core i7-6700 uye i7-7700 CPUs munzvimbo ine Ubuntu 22.04 kernel uye Linux 5.15. Pane system ine Intel i9-10980XE CPU, kurwiswa kwacho kwakangobudirira zvishoma.
Iyo Meltdown vulnerability yakavakirwa pachokwadi chekuti panguva yekufungidzira kuurayiwa kwemirairo, iyo processor inogona kuwana yakavanzika data nzvimbo uye yobva yarasa mhedzisiro, sezvo iyo seti ropafadzo inorambidza kupinda kwakadaro kubva kune mushandisi maitiro.
Muchirongwa, chivharo chinofungidzirwa chakaitwa chinoparadzaniswa kubva kukodhi huru nekusvetuka kwemamiriro, izvo mumamiriro ezvinhu chaiwo zvinogara zvichikonzerwa, asi nekuda kwekuti chirevo chechirevo chinoshandisa computed value isingazivikanwe kune processor panguva yepreemptive code. . kuurayiwa, sarudzo dzese dzebazi dzinoitwa zvekufungidzira.
Muchinyakare Meltdown, sezvo cache imwe chete ichishandiswa kuita zvekufungidzira mashandiro senge mirairo inowanzoitwa, zvinogoneka panguva yekufungidzira kuuraya kuisa mamaki mucache anoratidza zviri mukati mezvimedu zvega munzvimbo yakavharwa yendangariro, uyezve mune inowanzoitika. kodhi yekuona zvazvinoreva kuburikidza nekuongororwa kwekuwana nguva kune cached uye isina cache data.
Musiyano mutsva unoshandisa shanduko muEFLAGS registry sechiratidzo chekubvinza. MuCovert Channel demo, imwe nzira yakagadzirisa data inotumirwa kushandura zviri mukati meEFLAGS rekodhi, uye imwe nzira yakaparadzanisa shanduko muJCC runtime kuti igadzirise zvakare data yakatumirwa nekutanga maitiro.
Chekupedzisira, kana iwe uchifarira kuziva zvakawanda nezvazvo, unogona kubvunza iyo ruzivo mune inotevera chinongedzo.