Ukuba sengozini kwe-GhostRace
Ulwazi mayelana a ukuhlasela okusha okucatshangelwayo, okubizwa nge-GhostRace (esohlwini ngaphansi kwe-CVE-2024-2193), lena indlela entsha ethuthukiswe abacwaningi e-Vrije Universiteit Amsterdam kanye ne-IBM ukuze basebenzise indlela yokuqagela ekhona kumaphrosesa esimanje avela ku-Intel, AMD, ARM kanye ne-IBM.
Abacwaningi bathi, I-GhostRace igxile ekulawuleni izimo zomjaho eziqagelayo ukufinyelela izindawo zememori ezikhululwe ngaphambilini, ezingase kuholela ekukhishweni kwedatha ebucayi ku-Linux kernel, ikakhulukazi ezindaweni zokwenza izinto ezibonakalayo lapho umhlaseli kusistimu yesivakashi angakwazi ukufaka engcupheni ukuphepha kwesistimu yokusingatha noma amanye amasistimu wezihambeli.
Ukuhlasela kusebenza kanjani isekelwe ekwenziweni kokuqagela kwemiyalelo enemibandela ngama-primitives okuvumelanisa ukuthunga, njenge-mutex ne-spinlock.
Uma iphrosesa ibikezela ngokungalungile amagatsha kukhodi ephatha le misebenzi, ukufinyelela okucatshangelwayo kungenziwa kumemori esivele sikhululiwe. Nakuba iphrosesa ilahla lokhu kufinyelela ngemva kokuthola ukubikezela okuyiphutha, ukulandelelwa kokwenziwa kuhlala kunqolobane futhi kungatholwa kusetshenziswa amasu okuhlaziya esiteshi eseceleni.
I-GhostRace idinga ukuba khona kokulandelana kwemiyalelo ethile ku-kernel, waziwa ngo amagajethi, ezisetshenziselwa ukubulawa okucatshangelwayo kuye ngezimo zangaphandle ezilawulwa umhlaseli. Lawa magajethi Zakhiwe kusukela ezigabeni zekhodi lapho isimo sibhekwa khona ku-loop engapheli bese uphuma ku-loop ngemva kokukhipha isikhiye sokufinyelela esisetshenziswa. Lokhu kukuvumela ukuthi uqalise inguquko ngamanga futhi wenze iziyalezo ezivikelwe ukhiye, noma ngabe insiza ihlala ivaliwe.
Phakathi nokuhlaziywa kokuba sengozini, eyenziwe ngekhodi ye-Linux kernel 5.15.83, ukuba khona kwemishini engu-1283 kwembulwa okungaholela ekufinyeleleni okucatshangelwayo enkumbulweni esivele ikhululiwe. Lolu hlobo lokuhlasela lumelela ubungozi obungaba khona ezinhlelweni ze-virtualization, noma iyiphi i-kernel yesistimu yokusebenza, nezinhlelo ezisebenzisa izinto zokuqala zokuvumelanisa intambo eziqinisekiswe izitatimende ezinemibandela futhi ezisebenza ezisekelweni ezivumela ukwenziwa kokuqagela kokusebenza kwegatsha, njenge-x86, ARM , RISC-V, phakathi kwabanye.
Ukuhlola ukuba sengozini, abacwaningi yenze i-exploit prototype ekhombisa ukusebenza kahle i-del ukuhlasela ngokuvumela ukukhipha yedatha evela kumemori ye-Linux kernel ene-throughput engu-12 KB ngomzuzwana kanye nezinga lokwethembeka elifana nokuhlasela kwe-Specter class.
I-Los Abathuthukisi be-Linux kernel nezinkampani ezikhiqiza i-CPU bazisiwe ngale nkinga ekupheleni kuka-2023. I-AMD isivele ishicilele umbiko mayelana nokuba sengozini futhi incoma ukusebenzisa amasu ajwayelekile ukuvikela ekuhlaselweni okufana ne-Specter v1. Ngakolunye uhlangothi, i-Intel ne-ARM abakakaphenduli kulesi saziso.
Noma Abathuthukisi be-Linux kernel abanazo izinhlelo ezisheshayo zokusebenzisa ukwenziwa kwe-serialization kwama-primitives ukuvumelanisa Ngenxa yokulahlekelwa ukusebenza, kakade sebeyifakile imikhawulo ukuvikela ku-IPI Storming exploit technique (CVE-2024-26602). Le nqubo yokuhlasela ihlanganisa ukuphazamisa inqubo ngesikhathi esifanele ukuze kunikezwe iwindi lesikhathi lokufinyelela okuqagelayo kumemori ekhululiwe.
Ukunciphisa lolu hlobo lokuhlasela, se iphakamisa ukusetshenziswa kochungechunge lwezinto zokuqala ukuvumelanisa ngokufaka isitatimende se-LFENCE ngemva kwesitatimende se-cmpxchq esihlola isimo sokukhiya. Nokho, Lesi silinganiso sokuvikela sinenhlawulo yokusebenza ecishe ibe ngu-5% kubhentshimakhi ye-LMBench, ngenxa yokuthi isitatimende se-LFENCE sikhubaza ukwenziwa kusengaphambili kwezitatimende ezilandelayo ngaphambi kokwenza yonke imisebenzi yangaphambilini.
Endabeni ye-hypervisor Xen, abathuthukisi balungiselele izinguquko ukuze usebenzise indlela yokukhiya evikelwe ye-LOCK_HARDEN, efana nendlela BRANCH_HARDEN esetshenziswe ngenhla. Nokho, ngenxa yemithelela engemihle engase ibe khona kanye nokuntuleka kobufakazi bokuhlasela ku-Xen, imodi ye-LOCK_HARDEN ikhutshazwa ngokuzenzakalela.
ekugcineni uma ukhona unentshisekelo yokwazi okwengeziwe ngayo, ungabheka imininingwane ku- isixhumanisi esilandelayo.