Iqela le Abaphandi bokhuseleko kwiqela le-uCode bakhululiwe Ukukhutshwa kwekhowudi yomthombo weprojekthi microcode decryptor kwaye oko kuvumela ukwenza kanye oko igama licebisayo: sisixhobo, esinemibhalo emithathu yePython kwaye iyafumaneka kwiGitHub.
I-Microcode Decryptor ivumela ukucacisa i-microcode yezinye iiprosesa ze-Intel ezifana ne-Atom, iPentium, kunye neCeleron esekelwe kwi-Goldmont kunye ne-Goldmont Plus microarchitectures, evula umnyango kwiimeko ezahlukeneyo, ezifana nokuqonda indlela i-Intel iphumeze ngayo iimpawu ezithile zeprosesa okanye iphumeze iimpawu ezahlukeneyo kunye nokulungiswa kokhuseleko.
Ubuchule bokuVula ngokuBomvu buphuhlisiwe ngabaphandi abafanayo ngo-2020 ingasetyenziselwa ukukhupha imakhrokhowudi efihliweyo. Ithuba elicetywayo lokucacisa i-microcode ivumela ukuphonononga isakhiwo sangaphakathi se-microcode kunye neendlela zokuphumeza imiyalelo yomshini we-x86. Ukongeza, abaphandi bafumene ifomathi yohlaziyo lwe-firmware, i-algorithm ye-encryption, kunye nesitshixo esisetyenziselwa ukukhusela i-microcode (RC4).
Ukumisela ukuba leliphi iqhosha loguqulelo oluntsonkothileyo oza kulisebenzisa, Ukuba sesichengeni kwi-Intel TXE kwasetyenziswa ukwenza imowudi yokulungisa engabhalwanga, ebizwa ngokuba yi "Red Unlock" ngabaphandi. Kwimo ye-debug, sikwazile ukulayisha ukulahla nge-microcode esebenzayo ngokuthe ngqo kwi-CPU kwaye sikhuphe i-algorithm kunye nezitshixo kuyo.
I-Microcode Decryptor ivumela kuphela ukucacisa i-microcode, kodwa ayivumeli ukuyitshintsha, ekubeni ingqibelelo ye-microcode iqinisekiswa ngokongezwa ngumsayino wedijithali ngokusekelwe kwi-algorithm ye-RSA.
Ngokuphathelele indlela uphuhliso lwe-Microcode Decryptor olunokwenzeka ngayo, bakhankanya ukuba kwenzeka kwiminyaka emithathu eyadlulayo xa uGoryachy no-Ermolov bafumana ubuthathaka obubalulekileyo, obufakwe kwi-Intel SA-00086, eyabavumela ukuba baqhube ikhowudi yokhetho lwabo ngaphakathi kwe-chip-ezimeleyo. kernel, equka inkqubo engaphantsi ebizwa ngokuba yi-Intel Management Engine.
I-Intel iye yalungisa i-bug yaza yakhupha isiqwenga, kodwa ngenxa yokuba iitshiphusi zinokuhlala ziqengqeleka zibuyele kuhlobo lwangaphambili lwe-firmware kwaye zisetyenziswe kakubi, akukho ndlela yokususa ngempumelelo ukuba sesichengeni.
Emva koko (kwiinyanga ezintlanu ezidlulileyo), i-trio yezazinzulu ziye zakwazi ukusebenzisa ubuthathaka bokufikelela kwimowudi yenkonzo eyakhelwe kwi-Intel chips, kwi-nod kwi-movie i-Matrix, abaphandi babiza isixhobo sabo sokufikelela kule debugger ngaphambili engabhalwanga phantsi kweChip Red. Ipilisi, kuba ivumela abaphandi ukuba babe namava okusebenza kwangaphakathi kwe-chip ehlala ivaliwe.
Isithethi se-Intel sathi:
"Akumele kubekho ingozi yokhuseleko" ngenxa yokufumaneka kwesixhobo. Ngapha koko, inkampani ithe ukuvumela abantu abaninzi ukuba baphonononge i-microcode ye-Intel kunokunceda umenzi we-chip achonge ubuthathaka ngakumbi kwixesha elizayo. Nabani na ophumeleleyo ukwenza njalo, oko kuthetha ukuba banokufumana imali ngenkqubo ye-Intel's bug bounty.
“Ubuchule babaphandi bokuhlalutya i-microcode bunokwenza ukuba kufunyanwe ubuthathaka obutsha. Kuba le microcode ibonakalisiwe, i-Intel imema abaphandi ukuba bathathe inxaxheba kwinkqubo ye-microcode bug bounty ukuba kunokwenzeka ukuba kufunyanwe imiba, ”basixelele.
Kwicala labo, abaphuhlisi besi sixhobo baphawule ukuba
"Ithuba lokufunda i-microcode ye-CPU inokunceda ukuqonda indlela i-Intel ephumeze ngayo iteknoloji efana ne-Intel Trusted Execution Technology ( TXT ) okanye inciphise ubuthathaka obunzulu njenge-Meltdown kunye ne-Specter."
Yermolov, omnye wezazinzulu. wongezelela ukuba ukufumaneka kwesixhobo kuthetha ukuba abantu ngoku ungajonga iXuCode, imowudi ye-86-bit x64 ikhowudi eyahlukileyo esetyenziselwa ukuphumeza iinxalenye ze-Intel SGX ezikhutshelwa njengohlaziyo lwe-microcode. I-SGX iteknoloji ye-Intel yokudala i-memory enclaves ekhuselekileyo: Ezi ziindawo ezikhuselweyo ezinye iinkqubo kunye nabasebenzisi, kuquka inkqubo yokusebenza okanye i-hypervisor, ayikwazi ukuphazamisa.
I-XuCode inika umdla kakhulu: imiyalelo engqalileyo ye-x86 yokulawula ii-enclaves ze-SGX zintsonkothile kangangokuba zahlulahlulwe ngokolandelelwano lwemiyalelo ye-XuCode eyenza imisebenzi eyimfuneko.
Le miyalelo ye-XuCode isemgangathweni we-86-bit x64 ye-architecture kunye nezandiso ezithile, kwaye yahlulwe ibe yimisebenzi eqhelekileyo ye-x86 yiprosesa. Xa isicelo sisebenzisa inqanaba eliphezulu lomyalelo weSGX, iprosesa inokutsibela kwiXuCode yayo ukuze isebenze.
Olu landelelwano lwe-XuCode lugcinwe kwi-microcode kwaye ngoku lunokutsalwa ngezikripthi zePython ezingentla kwaye zihlalutywe ngeekhithi zobunjineli eziqhelekileyo ze-x86.
Gqibela ukuba unomdla wokwazi okungakumbi ngayo Malunga nesixhobo, ungajonga iinkcukacha kwi eli khonkco lilandelayo.