Ngokulula I-Intel iqhubekile nokujolisa ekubeni sesichengeni okwahlukeneyo oko kukhokelela ekuvuzweni kwedatha kwaye sithethe kakhulu malunga nabo apha kwibhlog Kwaye kule intsha, i-Intel isekhona ngaphandle.
Kwaye oko Iqela labaphandi kwiYunivesithi yasimahla yaseAmsterdam ha ichonge umngcipheko omtsha (I-CVE-2020-0543) kulwakhiwo lobuchwephesha Iiprosesa ze-Intel, ezibonakalayo kwinto yokuba ikuvumela ukuba ubuyisele iziphumo zeminye imiyalelo run kwenye core CPU.
Obu bungozi bokuqala kwendlela yokwenza ukuqikelela komyalelo, ukuvumela ukuvuza kwedatha phakathi kwee-CPU ezahlukeneyo (Ngaphambili ukuvuza bekuncitshisiwe kwimisonto eyahlukeneyo yekernel.)
Abaphandi ingxaki bayibiza ngokuba yi-CROSSTalk, Kodwa amaxwebhu e-Intel abhekisa ekubeni sesichengeni njenge-SRBDS (iSampula iDatha yoBhaliso oluKhethekileyo).
Malunga ne-CROSSTalk
Ukuba sesichengeni kukwiklasi yeengxaki ze-MDS, ezaziswa kunyaka odlulileyo, kunye isekwe ekusetyenzisweni kweendlela zohlalutyo lomntu wesithathu kwidatha kulwakhiwo lobuchwephesha.
Umgaqo we-CROSSTalk isondele kubungozi beRIDL, kodwa yahlukile kumthombo wokuvuza. Ubungozi obutsha Usebenzisa ukuvuza okuphakathi ngaphambili zazingenamaphepha ekwabelwana ngayo phakathi kwazo zonke ii-CPU cores.
Umongo wengxaki kukuba eminye imiyalelo ye-microprocessor, kubandakanya i-RDRAND, i-RDSEED, kunye ne-SGX EGETKEY, iyaphunyezwa kusetyenziswa i-SRR (iRejista eKhethekileyo eFundwayo) yokusebenza ngaphakathi.
Kwiiprosesa ezisemngciphekweni, idatha ebuyiselwe i-SRR ibekwa kwisidibanisi esiphakathi esiqhelekileyo kuzo zonke ii-cores ze-CPU, emva koko idluliselwe kwindawo ye-buffer enxulumene nomxholo othile we-CPU apho uqala khona ukufunda. Emva koko, kwi-padding buffer, ixabiso likhutshelwa kwiirejista ezibonakalayo kwizicelo.
Ubungakanani besixhobo esiphakathi ekwabelwana ngaso ingqamana nelayini yokugcina i-cache, que ngokubanzi ubukhulu bukhulu kunedatha efundwayo kunye nemisebenzi eyahlukeneyo yokufunda ichaphazela ii-offsets ezahlukeneyo kwi-buffer.
Kuba i-buffer ekwabelwana ngayo ikhutshelwa kwindawo yonke yokugcwalisa, ayisiyiyo kuphela icandelo elifunekayo lokusebenza okwangoku elihanjisiweyo, kodwa nedatha eseleyo evela kweminye imisebenzi, kubandakanya nezo zenziwe kwezinye ii-CPU cores.
Ukuba uhlaselo luhlelwe ngempumeleloUmsebenzisi wengingqi ungqinisisiwe kwinkqubo inokumisela iziphumo ukwenza imiyalelo yeRDRAND, RDSEED kunye ne-EGETKEY kwinkqubo engaqhelekanga okanye ngaphakathi kwe-Intel SGX enclave, ngaphandle komgaqo we-CPU ikhowudi eqhubayo.
Abaphandi ngubani ofumene ingxaki ipapashe iprototype yokuxhaphaza ebonakalisa ukubanakho kokuvuza kolwazi kumaxabiso angakhethiyo afunyenwe kwi-RDRAND kunye nemiyalelo ye-RDSEED yokubuyisela isitshixo sangasese se-ECDSA esigqithisiweyo kwi-Intel SGX enclave emva kokwenza umsebenzi omnye osayiniweyo ngokwamanani kwinkqubo.
Oku kubonise ukuba uluhlu olubanzi lwe-Intel desktop, iprosesa yeselfowuni kunye neeseva, kubandakanya i-Core i3, i5, i7, i9, m3, Celeron, Atom, Xeon, Scalable Xeon, njl.
Kuyaphawuleka ukuba I-Intel yaziswa ngobungozi ngoSeptemba 2018 kwaye ngoJulayi 2019 iprototype exhaphaza yanikezelwa eyabonisa ukuvuza kwedatha phakathi kwe-CPU cores, kodwa ukuphuculwa kwesisombululo kwabambezeleka ngenxa yobunzima bokumiliselwa kwayo.
Kuhlaziyo lwangoku lwe-microcode, ingxaki ibhlokiwe ngokutshintsha indlela yokuziphatha kwimiyalelo I-RDRAND, i-RDSEED, kunye ne-EGETKEY ukubhala ngaphezulu idatha kwi-buffer ekwabelwana ngayo ukuthintela ulwazi olushiyekileyo ekuhlaleni kulo.
Ukongeza, ukunqunyanyiswa kokufikelela kumda kuyasebenza de kugqitywe ukusebenza nokubhala.
Iziphumo ebezingalindelekanga kolu khuselo kukwanda kolibaziseko xa i-RDRAND, i-RDSEED, kunye ne-EGETKEY zisenziwa, kunye nokuncitshiswa kokusebenza xa uzama ukwenza le miyalelo ngaxeshanye kwiinkqubo ezahlukeneyo zokuqonda. Ezi mpawu zinokuchaphazela kakubi ukusebenza kwezinye izicelo.
Umthombo: https://www.vusec.net
Umxholo awuqondwa, apho kukho amanqaku amathathu, ikoma kufuneka ihambe, kwaye, ewe, ukuba "ewe" unophawu lwentetho.