Ukuba zixhatshaziwe, ezi ziphene zinokuvumela abahlaseli ukuba bafumane ukufikelela okungagunyaziswanga kulwazi olubuthathaka okanye ngokubanzi babangele iingxaki.
Mva nje ulwazi malunga nokuba sesichengeni luye lwabhengezwa (esele ifakwe kwikhathalogu phantsi kwe-CVE-2021-33164) ifunyenwe kwi-firmware ye-UEFI, isiphene esifunyenweyo sivumela ukuphumeza ikhowudi kwinqanaba le-SMM (iNdlela yoLawulo lweSistim), enokubaluleka okuphezulu kunemowudi ye-hypervisor kunye neringi yokukhusela i-zero, kwaye inikeza ukufikelela okungenamkhawulo yonke imemori yenkqubo.
Ukuba sesichengeni, kabani Igama lekhowudi yiRingHopper, ngayo ezinxulumene nokuba nokwenzeka kohlaselo lwexesha kusetyenziswa i-DMA (UFikelelo oluNgqo kwiMemori) ukonakalisa imemori kwikhowudi esebenza kumaleko we-SMM.
Imeko yogqatso ebandakanya ukufikelela kwe-SMRAM kunye nokuqinisekiswa kunokufezekiswa ngohlaselo lwexesha le-DMA elixhomekeke kwiimeko zexesha lokusebenzisa (TOCTOU). Umhlaseli unokusebenzisa ukuvota kwangexesha ukuzama ukubhala ngaphezulu imixholo ye-SMRAM ngedatha engenasizathu, ekhokelela kwikhowudi yomhlaseli eqhuba ngamalungelo afanayo aphezulu afumanekayo kwi-CPU (okt, Ring -2 mode). Ubume be-asynchronous yokufikelela kwe-SMRAM ngokusebenzisa abalawuli be-DMA kuvumela umhlaseli ukuba enze ukufikelela okunjalo okungagunyaziswanga kwaye adlule iitshekhi ngokuqhelekileyo ezibonelelwa ngumlawuli we-SMI API.
Ubuchwephesha be-Intel-VT kunye ne-Intel VT-d bubonelela ngokhuseleko oluthile kuhlaselo lwe-DMA ngokusebenzisa iYunithi yoLawulo lweMemori yokuPhumayo (IOMMU) ukujongana nezoyikiso ze-DMA. Nangona i-IOMMU inokukhusela kuhlaselo lwe-hardware ye-DMA, abalawuli be-SMI abasengozini kwi-RingHopper basenokuxhatshazwa.
Ukuba sesichengeni ingasetyenziswa kwinkqubo yokusebenza usebenzisa abaqhubi be-SMI abasengozini (System Administration Interrupt), efuna amalungelo omlawuli ukufikelela. Uhlaselo kunokwenziwa kwakhona ukuba kukho ufikelelo ngokwasemzimbeni kwibakala lokuqala lesiqalo, kwinqanaba phambi kokuqalisa inkqubo yokusebenza. Ukuvala umcimbi, abasebenzisi be-Linux bayacetyiswa ukuba bahlaziye i-firmware nge-LVFS (iNkonzo yeFirmware yoMthengisi weLinux) usebenzisa i-fwupdmgr (fwupdmgr ukufumana-uhlaziyo) into eluncedo esuka kwi-fwupd package.
Imfuneko yokuba namalungelo omlawuli ukwenza uhlaselo kunciphisa ingozi yengxaki, kodwa ayikuthinteli ukusetyenziswa kwayo njengomngcipheko wekhonkco lesibini, ukugcina ubukho babo emva kokuxhaphaza obunye ubuthathaka kwinkqubo okanye ukusebenzisa iindlela zobunjineli bemidiya yoluntu.
Ukufikelela kwi-SMM (Ring -2) ivumela ikhowudi ukuba iqhutywe kwinqanaba elingalawulwa yinkqubo yokusebenza, enokusetyenziswa ukuguqula i-firmware kunye nokubeka ikhowudi enobungozi okanye i-rootkits efihliweyo kwi-SPI Flash engabonwa yinkqubo yokusebenza. . , kunye nokukhubaza ukuqinisekiswa kwinqanaba le-boot (i-UEFI Secure Boot, Intel BootGuard) kunye nokuhlaselwa kwee-hypervisors ukudlula iindlela zokuqinisekisa ukunyaniseka kweendawo ezibonakalayo.
Ingxaki ibangelwa yimeko yogqatso kumlawuli we-SMI (uphazamiseko lolawulo lwenkqubo) olwenzeka phakathi kofikelelo lokujonga kunye nofikelelo lweSMRAM. Uhlalutyo lwecala lesiteshi kunye ne-DMA lunokusetyenziswa ukumisela ixesha elifanelekileyo phakathi kokujonga ubume kunye nokusetyenziswa kwesiphumo sokukhangela.
Ngenxa yoko, ngenxa yendalo engavumelaniyo yokufikelela kwe-SMRAM nge-DMA, umhlaseli angakwazi ixesha kwaye abhale ngaphezulu imixholo ye-SMRAM nge-DMA, ngokudlula i-API yomqhubi we-SMI.
I-Intel-VT kunye ne-Intel VT-d iprosesa enikwe amandla iquka ukukhuselwa kuhlaselo lwe-DMA olusekwe kusetyenziso lwe-IOMMU (Iyunithi yoLawulo lweMemori yokuPhumayo yeInput), kodwa olu khuselo lusebenza kakuhle ekuthinteleni uhlaselo lwe-hardware ye-DMA eyenziwa ngezixhobo zokuhlasela ezilungiselelwe, kwaye alukhuseli ngokuchaseneyo. uhlaselo ngokusebenzisa abalawuli SMI.
Ukuba sesichengeni kuqinisekisiwe kwi iFirmware Intel, Dell kunye Insyde Software (Umcimbi kuthiwa uchaphazela abavelisi abasi-8, kodwa aba-5 abaseleyo ayikavezwa.) i-firmware ye I-AMD, iPhoenix kunye neToshiba ayichatshazelwa yile ngxaki.
Umthombo: https://kb.cert.org/