Ukuba zixhatshaziwe, ezi ziphene zinokuvumela abahlaseli ukuba bafumane ukufikelela okungagunyaziswanga kulwazi olubuthathaka okanye ngokubanzi babangele iingxaki.
I-Intel yazisa kutshanje, iindaba zokuba Ndibona ukuba sesichengeni i-microarchitecture (edweliswe phantsi kwe-CVE-2023-28746) kwi-Intel Atom processors (E-core), eyaziwa ngokuba yi-RFDS (Register File Data Sampling) kwaye ubungozi bobu buthathaka bukwinto yokuba ivumela idatha esetyenziswa yinkqubo ebisebenza ngaphambili kumbindi we-CPU efanayo.
RFDS bubuthathaka ukuba yabelana ngokufana nohlaselo lwesampulu yedatha, njengesampulu yedatha ye-microarchitectural (MDS), iyohluka kwindlela yayo yokuvezwa kunye nedatha eveziweyo, inciphisa ngokwayo kwidatha evela kwiirekhodi eziphelelwe lixesha.
Malunga nokuba sesichengeni
Ukuchongwa kwe "RFDS" kwaqhutywa ziinjineli ze-Intel ngexesha lophicotho lwangaphakathi, nangona kungekho zinkcukacha zithe zanikwa Kwindlela yokuxhatshazwa kwayo, iinjineli ze-Intel baye babonisa ukuba umhlaseli akanako ukulawula ngenjongo yokukhethwa kweenkqubo ukutsalwa kwedatha, nto leyo ethetha ukuba ukuvezwa kolwazi olufumanekayo ukuze kubuyiselwe kwakhona akunakwenzeka. Nangona kunjalo, ukuxhaphazwa kwe-RFDS ngumdlali okhohlakeleyo onokuthi asebenzise ikhowudi yasekhaya kwinkqubo kunokukhokelela ekucingeni amaxabiso edatha eyimfihlo eyayisetyenziswa ngaphambili kwiilogi, ezinokubeka esichengeni ukhuseleko kunye nemfihlo yolwazi.
I-RFDS yafunyanwa njengenxalenye ye-Intel yomsebenzi obanzi wokuqinisekisa wangaphakathi kukhuseleko lwe-microarchitectural. Ngokufana nesampulu yedatha yohlaselo lwexeshana lokubulawa, olufana nesampulu yedatha ye-Microarchitectural (MDS), i-RFDS inokuvumela umdlali okhohlakeleyo onokuthi asebenzise ikhowudi ekuhlaleni kwisistim ukuba akhuphe amaxabiso edatha ayimfihlo ebeya kufumaneka ngenye indlela. I-RFDS iyahluka kubuthathaka be-MDS kuzo zombini iindlela zokuvezwa kunye neenkcukacha eziveziweyo (i-RFDS iveza kuphela idatha yelog edala). I-MDS okanye i-RFDS, iyodwa, ayiniki abadlali abakhohlakeleyo amandla okukhetha ukuba yeyiphi idata ekungenwe kuyo kusetyenziswa ezi ndlela.
Kuyakhankanywa ukuba oku kuvuza kuchaphazela iirejista ze-vector isetyenziswe kwi-encryption, imisebenzi yekopi yememori, kunye nokucubungula umtya, njengakwi-memcpy, strcmp, kunye nemisebenzi ye-strlen. Kwakhona Ukuvuza okunokwenzeka ngeerejista zokugcina amanani amanqaku adadayo kunye nenani elipheleleyo, nangona zihlaziywa rhoqo ngexesha lokwenziwa komsebenzi, ukunciphisa ukubakho kokuvuza okunokwenzeka ngazo. Okubalulekileyo, idatha eseleyo ayihlali ngokuthe ngqo kwiirejista, kodwa inokukhutshwa kwiifayile zokubhalisa usebenzisa iindlela zokuhlaselwa kwe-channel-channel, njengokukrala idatha kwi-CPU cache.
I-RFDS ichaphazela kuphela abaqhubekekisi beAtom ngokusekelwe kwi-microarchitectures I-Alder Lake, iLaptor Lake, iTremont, iGoldmont kunye neGracemont. Ezi processors aziyixhasi imowudi yeHyperThreading, enqanda ukuvuza kwedatha kumsonto omnye wophumezo ngaphakathi kondoqo weCPU yangoku. Utshintsho lokujongana nobu buthathaka lubandakanyiwe kwi-microcode update microcode-20240312-staging.
Iindlela zokukhusela ngokuchasene nobu sesichengeni ziyafana nezo zisetyenziswayo ukuthintela uhlaselo ezichongiweyo ngaphambili, ezifana MDS, I-SRBDS, I-TAA, i-DRPW (iRejista yesiXhobo iBhala ngokuKhethekileyo), kunye ne-SBDS (iSampulu yedatha ekwabelwana ngayo ye-Buffer).
Ukukhusela kwi-kernel kunye nokuvuza kwe-hypervisor, ukongeza ekuhlaziyeni i-microcode, kuyimfuneko ukusebenzisa iindlela zokukhusela isoftware ezibandakanya ukusetyenziswa komyalelo weVERW ukucima imixholo ye-microarchitectural buffers xa ubuyela kwi-kernel kwindawo yomsebenzisi okanye xa uhambisa ulawulo kwisistim yeendwendwe. Olu khuseleko sele luphunyeziwe kwi-Xen hypervisor kunye ne-Linux kernel.
Ukwenza ukhuseleko kwi-Linux kernel, ungasebenzisa "reg_file_data_sampling=on» xa ulayisha i-kernel. Ulwazi malunga nokuba sesichengeni kunye nobukho be-microcode eyimfuneko yokukhusela inokuvavanywa kwifayile «/sys/devices/system/cpu/vulnerabilities/reg_file_data_sampling«.
Okokugqibela, ukuba unomdla wokwazi okungakumbi ngayo, unokujonga kwi iinkcukacha kwikhonkco elilandelayo.