Munguva pfupi yapfuura ruzivo rwakaburitswa nezve kurwisa kutsva kweIntel processors, inonzi "AEPIC Leak" (yakatonyorwa pasi peCVE-2022-21233), kurwiswa kutsva uku inotungamira mukudonha kwe data inonzwisisika kubva ari oga enclaves of Intel sgx (Software Guard eExtensions).
Kusiyana neiyo Specter kirasi kurwiswa, kuvuza muAEPIC Leak zvinoitika pasina kushandisa yechitatu-bato nzira dzekudzoreredza, sezvo ruzivo rwe data rakadzama richifambiswa zvakananga nekuwana zvirimo mumarejista zvinoratidzwa muMMIO (memory mepu I/O) memory peji.
Muzhinji, kurwiswa kunobvumira kuona iyo data inotamiswa pakati pecache yechipiri uye yekupedzisira nhanho, zvinosanganisira zviri mumarejista uye mhedzisiro yekuverenga ndangariro mashandiro, ayo akambogadziriswa pane imwechete CPU musimboti.
I/O kero scanning paIntel CPUs yakavakirwa paSunny Cove microarchitecture zvakaratidza kuti marekodhi akapihwas in-memory Advanced Programmable Interrupt Local Controller (APIC) havasi
nemazvo kutanga. Nekuda kweizvozvo, kuverenga kwekuvaka kweaya marejista kunodzosa data rekare kubva kuiyo microarchitecture, saka hapana data rakatamiswa pakati peL2 uye yekupedzisira nhanho cache inogona kuverengerwa kuburikidza nemarejista aya.
Senzvimbo yekero ye I/O inongowanikwa kune vashandisi vane rombo, ÆPIC Leak Targets Intel's TEE, SGX. ÆPIC inogona kuvuza data kubva kuSGX enclaves inomhanya pane imwechete yemuviri musimboti. Nepo ÆPIC Leak yaizounza kutyisidzira kwakakura munzvimbo dzakabatikana, hypervisors zvinowanzoita kuti vasafumure matanda eAPIC emuno kumakina chaiwo, kubvisa kutyisidzira mumafu-based scenarios.
Zvakafanana neyakapfuura kuuraya kwenguva pfupi kurwiswa kwakanangana neSGX, ÆPIC Leak inonyanya kushanda kana ichinge yaurayiwa inofananidzwa neiyo enclave pane mukoma hyperprocess. Nekudaro, iyo ÆPIC leak haidi hyperthreading uye inogona zvakare kuburitsa enclave data kana hyperthreading isiripo kana kuremara.
Isu tinosuma nzira mbiri nyowani dzekusefa data riri kushandiswa, kureva, enclave rejista tsika, uye data pakuzorora, ndiko kuti, data rakachengetwa mundangariro ye enclave. NeCache Line Freezing, isu tinosuma nzira inoisa yakanangwa kudzvanywa pane cache hierarchy pasina kudzoreredza data rekare…
Iyi mitsetse ye cache ichiri kuita senge ichifamba nepakati pe cache hierarchy, asi hainyore data rekare. Nechinangwa ichi tinoisa kudonha kwecache mutsara kukosha munzvimbo yakachengeteka (SSA).Yechipiri tekiniki, Enclave Shaking, inoshandisa kugona kweiyo sisitimu yekushandisa kuchengetedza zvakachengeteka mapeji enclave. Nekuchinjanisa mapeji enclave kunze nemukati, mapeji akavharidzirwa anomanikidza data kuburikidza ne cache hierarchy, zvichibvumira ÆPIC kusefa maitiro pasina kana kuenderera mberi nekuita enclave. Isu tinoshandisa ÆPIC Leak pamwe chete
Cache Line Freezing uye Enclave Shaking kubvisa makiyi eAES-NI uye RSA makiyi kubva kuIntel IPP raibhurari uye Intel SGX. Kurwisa kwedu kunodonhedza ndangariro pa334,8 B/s uye 92,2% hit rate.
Kubvira kurwiswa kunoda kuwana mapeji enyama eAPIC MMIO, i.e. kodzero dzemutungamiri dzinodiwa, iyo nzira inogumira kurwisa SGX enclaves iyo maneja asina kuwana zvakananga.
Vatsvagiri vakagadzira seti yezvishandiso zvinobvumira, mumasekonzi mashoma, kuona makiyi eAES-NI neRSA akachengetwa muSGX, pamwe neIntel SGX makiyi ekupupurira uye pseudo-random nhamba jenareta paramita. Iyo kodhi yekurwiswa inoburitswa paGitHub.
Intel yakazivisa kuti iri kugadzirira kugadzirisa muchimiro chekuvandudza yemicrocode iyo inowedzera tsigiro yebuffer flushing uye inowedzera mamwe matanho ekudzivirira enclave data.
Iyo nyowani vhezheni yeSDK yeIntel SGX yakagadziridzwawo neshanduko kudzivirira kudonha kwedata. OS uye hypervisor vagadziri vanokurudzirwa kushandisa x2APIC modhi panzvimbo yenhaka xAPIC modhi, iyo inoshandisa MSR marejista panzvimbo yeMMIO kuwana APIC marejista.
Nyaya iyi inobata Intel 10th, 11th, uye 12th chizvarwa CPUs (kusanganisira itsva Ice Lake neAlder Lake series) uye inokonzerwa nekukanganisa kwekuvaka kunobvumira kupinda kune uninitialized data yakasara paCPUs. APIC (Advanced Programmable Interrupt Controller) zvinyorwa kubva mashandiro apfuura.
pakupedzisira kana uri kuda kuziva zvakawanda nezvazvo, unogona kutarisa ruzivo mu chinotevera chinongedzo.