Kana dzikashandiswa, zvikanganiso izvi zvinogona kubvumira vanorwisa kuti vawane mukana usina mvumo kune ruzivo rwakadzama kana kuti kazhinji kukonzera matambudziko.
Intel ichangobva kuziviswa, nhau dzekuti Ndinoona kusagadzikana microarchitecture (yakanyorwa pasi peCVE-2023-28746) paIntel Atom processors (E-core), inozivikanwa seRFDS (Register File Data Sampling) uye njodzi yekusagadzikana iyi iri mukuti inobvumira iyo data inoshandiswa nehurongwa hwaimboshanda pane imwechete CPU core kuti itemerwe.
RFDS injodzi iyo inogovana zvakafanana nedata sampling kurwisa, senge microarchitectural data sampling (MDS), inosiyana munzira yayo yekufumura uye data rakafumurwa, richizvimisa kune data kubva kumarekodhi echinyakare.
Nezve kusagadzikana
Kuzivikanwa kwe "RFDS" kwakaitwa neIntel mainjiniya panguva yekuongorora kwemukati, kunyangwe pasina ruzivo rwakadzama rwakapihwa Panzira yekushandiswa kwayo, Intel mainjiniya vakaratidza kuti anorwisa haakwanisi kudzora nemaune kusarudzwa kwemaitiro yekutora data, izvo zvinoreva kuti kuratidzwa kweruzivo rwuripo kuti rudzorerwe rwakangoitika. Nekudaro, kushandiswa kweRFDS nemutambi ane hutsinye anogona kuendesa kodhi munharaunda pane system kunogona kutungamira kune yakavanzika data data yaimboshandiswa mumatanda, zvinogona kukanganisa kuchengetedzeka uye kuvanzika kweruzivo.
RFDS yakawanikwa sechikamu cheIntel's yakakura yemukati yekusimbisa basa pane microarchitectural chengetedzo. Zvakafanana nedata sampling yenguva pfupi yekuuraya kurwiswa, senge microarchitectural data sampling (MDS), RFDS inogona kubvumira mutambi ane hutsinye anogona kuita kodhi munharaunda pane system kuti ape zvakavanzika data data yaizove iripo. RFDS inosiyana nekusagadzikana kweMDS mune zvese nzira yekufumurwa uye data rakafumurwa (RFDS inofumura chete stale log data). Kunyange MDS kana RFDS, yega, inopa vatambi vane hutsinye kugona kusarudza kuti nderipi data rinofungidzirwa uchishandisa nzira idzi.
Izvo zvinotaurwa kuti kuvuza uku kunokanganisa vector marejista inoshandiswa mu encryption, ndangariro kopi mabasa, uye tambo kugadzirisa, senge mune memcpy, strcmp, uye strlen mabasa. Zvakare Leakage inogoneka kuburikidza nemarejista kuchengetedza anoyangarara nzvimbo nhamba uye nhamba dzakakwana, kunyangwe dzichivandudzwa kakawanda panguva yekuita basa, zvichideredza mukana wekubvinza kuburikidza nazvo. Zvinonyanya kukosha, data yakasara hairambi yakananga mumarejista, asi inogona kutorwa kubva kurejista mafaira uchishandisa nzira dzekurwisa-side-channel, dzakadai sekutsvaga data muCPU cache.
RFDS inongobata Atom processors zvichibva pane microarchitectures Alder Lake, Raptor Lake, Tremont, Goldmont neGracemont. Aya ma processor haatsigire HyperThreading modhi, iyo inomisa kudonha kwedata kune imwe tambo yekuuraya mukati meiyo ikozvino CPU musimboti. Shanduko dzekugadzirisa kusagadzikana uku dzinosanganisirwa muiyo microcode update microcode-20240312-staging.
Nzira dzekudzivirira pamusoro pekusagadzikana uku akafanana neanoshandiswa kuvhara kurwiswa kwakambozivikanwa, senge MDS, SRBDS, TAA, DRPW (Chishandiso Chekunyoresa Chikamu Nyora), uye SBDS (Shared Buffer Data Sampling) kurwisa.
Kuchengetedza kubva ku kernel uye hypervisor kuvuza, kuwedzera pakuvandudza microcode, zvinodikanwa kushandisa nzira dzekudzivirira software dzinosanganisira kushandiswa kweVERW rairo kujekesa zviri mukati me microarchitectural buffers kana uchidzoka kubva ku kernel kuenda kunzvimbo yemushandisi kana pakuendesa kutonga kune yevaenzi system. Kudzivirirwa uku kwakatoitwa muXen hypervisor uye Linux kernel.
Kugonesa kudzivirira muLinux kernel, unogona kushandisa iyo "reg_file_data_sampling=on»pakurodha kernel. Ruzivo nezve kusagadzikana uye kuvapo kweiyo microcode inodiwa pakudzivirira inogona kuongororwa mufaira «/sys/devices/system/cpu/vulnerabilities/reg_file_data_sampling".
Chekupedzisira, kana iwe uchifarira kuziva zvakawanda nezvazvo, unogona kubvunza iyo ruzivo mune inotevera chinongedzo.