GhostRace Vulnerability
Ruzivo nezve a kurwisa kutsva kwekufungidzira, kwakanzi GhostRace (yakanyorwa pasi peCVE-2024-2193), iyi inzira nyowani yakagadziridzwa nevatsvaguri veVrije Universiteit Amsterdam neIBM kushandisa nzira yekufungidzira yekuuraya iripo muma processors emazuva ano kubva kuIntel, AMD, ARM neIBM.
Vatsvakurudzi vanotaura kuti, GhostRace inotarisa pakugadzirisa mamiriro ekufungidzira emujaho kuwana nzvimbo dzakambosunungurwa dzendangariro, dzinogona tungamira kune kubviswa kwe data rakadzikama kubva kuLinux kernel, kunyanya munzvimbo dzekuonana uko munhu anorwisa hurongwa hwevaenzi anogona kukanganisa kuchengetedzeka kwehurongwa hwevaenzi kana mamwe masisitimu evaenzi.
Kurwisa kunoshanda sei yakavakirwa pakuita kwekufungidzira kwemirairo ine zvimiso pamwe synchronization primitives kuruka, senge mutex uye spinlock.
Kana iyo processor ichifanotaura zvisizvo mapazi ari mukodhi inobata mashandiro aya, mapindiro ekufungidzira anogona kuitwa mundangariro atosunungurwa. Kunyangwe iyo processor ichirasa masvikiro aya mushure mekuona kusafungira, zvibodzwa zvekuuraya zvinoramba zviri mu cache uye zvinogona kudzoserwa pachishandiswa nzira yekuongorora nzira.
GhostRace inoda kuvepo kwemamwe mirairo yekutevedzana mu kernel, inozivikanwa se zvishandiso, iyo inoshandiswa pakufungidzira kuurayiwa zvichienderana nemamiriro ekunze anodzorwa neanorwisa. Magajeti aya Iwo akaumbwa kubva kuzvikamu zvekodhi apo nyika inotariswa mukusingaperi loop uye kubuda loop mushure mekubvisa kiyi yekupinda kune sosi. Izvi zvinokutendera kuti unyepe kukonzeresa shanduko uye kuita mirairo yakachengetedzwa nekiyi, kunyangwe iyo sosi inoramba yakakiyiwa.
Panguva yekuongorora kwekunetseka, iyo yakaitwa muLinux kernel kodhi 5.15.83, kuvepo kwemidziyo 1283 kwakaratidzwa izvo zvinogona kutungamirira kune yekufungidzira kuwana kundangariro yakatoburitswa. Iyi mhando yekurwiswa inomiririra njodzi inogona kuitika kune virtualization masisitimu, chero inoshanda sisitimu kernel, uye zvirongwa zvinoshandisa tambo synchronization primitives inosimbiswa neane conditional statement uye inomhanya pamapuratifomu anobvumira kufungidzira kwekuita kwebazi rekushanda, senge x86, ARM , RISC-V, pakati pevamwe.
Kuedza kusasimba, vatsvakurudzi yakagadzira prototype inoratidza kushanda Del kurwisa nekubvumira kudhonza yedata kubva kuLinux kernel memory ine throughput ye12 KB pasekondi uye nhanho yekuvimbika yakafanana neiyo Specter class kurwisa.
ari Vagadziri veLinux kernel uye makambani ekugadzira CPU akaziviswa nezvedambudziko iri pakupera kwa2023. AMD yakatoburitsa chirevo pamusoro pekusagadzikana uye inokurudzira kushandisa akajairwa matekiniki ekudzivirira kubva pakurwiswa kwakafanana neSpecter v1. Kune rimwe divi, Intel neARM havasati vapindura kune ichi chiziviso.
Kunyange Vagadziri veLinux kernel havana hurongwa hwekukurumidza kuita serialization yezvinyorwa synchronization Nekuda kwekurasikirwa kwekuita, vakatoisa zvirambidzo kudzivirira kubva kuIPI Storming kushandisa nzira (CVE-2024-26602). Iyi nzira yekurwisa inosanganisira kukanganisa maitiro panguva yakakodzera kupa nguva hwindo rekufungidzira kuwana kune yakasunungurwa ndangariro.
Kurerutsa rudzi urwu rwekurwisa, se inokurudzira kushandisa serialization yezvinyorwa zvekare kuwiriranisa nekubatanidza chirevo cheLFENCE mushure meiyo cmpxchq chirevo chinotarisa chimiro chekiyi. Zvisinei, Iyi chiyero chekudzivirira inotakura chirango chekushanda chingangoita 5% mune LMBench benchmark, nekuti chirevo cheLFENCE chinodzima kukurumidza kuita kwezvinotevera zvirevo usati waita zvese zvakapfuura.
Munyaya ye hypervisor Xen, vagadziri vakagadzirira shanduko kushandisa LOCK_HARDEN nzira yekuvhara yakachengetedzwa, yakafanana neiyo BRANCH_HARDEN nzira yakashandiswa pamusoro. Nekudaro, nekuda kwekukanganisa kuita kwakashata uye kushomeka kwehumbowo hwekurwiswa muXen, LOCK_HARDEN modhi inovharwa nekusarudzika.
pakupedzisira kana uri kuda kuziva zvakawanda nezvazvo, unogona kutarisa ruzivo mu chinotevera chinongedzo.