Collide + Probe uye Load + Reload: maitiro maviri anotendera kusefa data pane AMD processor

Mune chinyorwa chakapfuura takataura nezve bug iyo isingakwanise kugadziriswa muIntel processors pamberi pechizvarwa chegumi uye zvino pachiitiko ichi a bug inobata ma processor e AMD. Uye ndezvekuti timu ye vaongorori kubva kuGraz University yeTekinoroji (Austria), yaimbozivikanwa nekuvandudza nzira dzekurwisa MDS, NetSpectre, Throwhammer, uye ZombieLoad.

Iye zvino vakashanda kuitisa tsvagiridzo pane chaiwo AMD hardware optimizations uye yakagadzira nzira mbiri nyowani yekurwisa yechitatu-bato nzira iyo inoshandura kudonhedza dhata panguva yekufungidzira kwenzvimbo dzekuchengetedza dzechikamu chekutanga chevagadziri ve AMD.

Maitiro inogona kushandiswa kudzora ASLR kuchengetedza, dzorera makiyi mumatambudziko eAES deployments uye wedzera kushanda kweiyo Specter kurwisa.

Mukutsvaga kwavo vanotaura izvozvo vakaona matambudziko mukumisikidzwa kweiyo chiteshi kufanotaura mashandiro (chimiro chinofungidzira) mune yekutanga-chikamu CPU data cache (L1D), inoshandiswa kufanotaura kuti ndeipi cache chiteshi chekodhi yekuyeuka inoratidzwa.

Iyo optimization inoshandiswa mu AMD processors yakavakirwa pane μ-tag sosi. μTag inoverengwa nekuisa yakatarwa hash basa kune chaiyo kero. Panguva yekuvhiya, eChiteshi kufanotaura mashandisiro anoshandisa μTag kuona cache cache yetafura.

Naizvozvo, μTag inobvumira processor kuti izvigumidze pakuwana chete yakatarwa chiteshi, isina kunyora zvese zvingasarudzwa, izvo zvinoderedza zvakanyanya CPU simba rekushandisa.

Kunetseka kunozviratidza mu AMD mapurosesa anoenderana nema microarchitecture Bulldozer, Piledriver, Steamroller, Zen (Ryzen, Epic), Zen + uye Zen2.

AMD yakaziviswa nezvenyaya iyi Nyamavhuvhu 23, 2019, asi haisati yaburitsa chirevo chine ruzivo nezve iyo yekukuvara ichivharira.

Sekureva kwevaongorori. nyaya inogona kukanganisika pamicrocode yekumutsiridza nhanho nekupa MSR mabheti kuti udzivise zvakasarudzika nzira yekufanotaura chiteshi, zvakafanana neiyo Intel yaakaita kugadzirisa kudzima kwenzira dzekufanotaura nzira.

Munguva yekumisikidza mainjiniya eiyo chiteshi kufanotaura sisitimu yekumisikidza pazvizvarwa zvakasiyana zve AMD processor inogadzirwa pakati pa2011 na2019, Maitiro maviri matsva ekunongedza echitatu-bato chiteshi akaziviswa:

  • Collide + Ongororo: inobvumira anorwisa kuti atore ndangariro kuwana kwemaitiro anomhanya pane imwecheteyo musimboti seCPU.
    Musimboti weiyi nzira kushandisa chaiwo kero dzinokonzeresa hashi kurovera kwebasa rinoshandiswa kuverenga μTag kuteedzera memory memory. Kusiyana neiyo Flush + Reload uye Prime + Probe kurwisa kunoshandiswa paIntel processors, Collide + Probe haishandisi yakagovaniswa ndangariro uye inoshanda isingazive iwo chaiwo kero.
  • Mutoro + Rodha zvakare: inobvumidza kuona chaizvo chaizvo memory yekuwana yekuteedzera mune imwecheteyo yepanyama iyo CPU. Maitiro acho akavakirwa pachokwadi chekuti chemuviri ndangariro cell inogona kuiswa muL1D cache kamwe chete.
    Ndokunge, kuwana imwecheteyo yekurangarira nzvimbo pane imwe chaiyo kero kuchamanikidza sero kubuda muL1D cache, ichikubvumidza iwe kuti uteedzere ndangariro kupinda. Kunyangwe kurwisa kwacho kuchivimba nendangariro dzakagovaniswa, hakugadzirise mitsara yecache, zvichiita kuti ikwanise kuita kurwisa kwekunyepedzera kusingaise dhata kubva kumusoro-chikamu cache.

Kubva pane iyo Collide + Probe uye Load + Reload matekinoroji, ivo vaongorori vakaratidza akasiyana mamiriro ekurwisa kuburikidza neyechitatu bato chiteshi:

Iko mukana wekushandisa nzira unoratidzwa kuronga yakavanzika isina kunangana kutaurirana chiteshi pakati pezvakaitwa zviviri, iyo inobvumira kuti data ripfuudzwe nekumhanyisa inosvika 588 kB pasekondi.

Uchishandisa kurovera mu μTag, zvaigona kuita kudzikisira entropy yemhando dzakasiyana dzeKero Space Layout Randomization (ASLR) uye kupfuura kudzivirirwa kweASLR musimboti mu yakakwana ye-up-to-date Linux system.

Iko mukana wekurwiswa unoratidzwa kudzikisira iyo ASLR entropy yeese mushandisi mafomu uye yekushandiswa kweiyo JavaScript kodhi yakaitwa mune sandbox nharaunda uye kodhi inomhanya mune imwe nharaunda yevashanyi.


Izvo zviri muchinyorwa zvinoomerera pamisimboti yedu ye tsika dzekunyora. Kuti utaure chikanganiso tinya pano.

Iva wekutanga kutaura

Siya yako yekutaura

Your kero e havazobvumirwi ichibudiswa.

*

*

  1. Inotarisira data: AB Internet Networks 2008 SL
  2. Chinangwa cheiyo data: Kudzora SPAM, manejimendi manejimendi.
  3. Legitimation: Kubvuma kwako
  4. Kutaurirana kwedata
  5. Dhata yekuchengetedza: Dhatabhesi inobatwa neOccentus Networks (EU)
  6. Kodzero: Panguva ipi neipi iwe unogona kudzora, kupora uye kudzima ruzivo rwako

bool (chokwadi)