Muva nje imininingwane ikhishwe mayelana ukuhlasela okusha kuma-Intel processors, okubizwa "Ukuvuza kwe-AEPIC" (sekufakwe ohlwini ngaphansi kwe-CVE-2022-21233), lokhu kuhlasela okusha kuholela ekuvuzeni kwedatha ebucayi kusuka enclave ezingazodwa of I-Intel SGX (Izandiso ze-Software Guard).
Ngokungafani nokuhlaselwa kwe-Specter class, ukuvuza kwe-AEPIC Leak kwenzeka ngaphandle kokusetshenziswa kwezindlela zokubuyisela eceleni, njengoba ulwazi olumayelana nedatha ebucayi ludluliselwa ngokuqondile ngokuthola okuqukethwe kwamarejista kuboniswe ekhasini lenkumbulo le-MMIO (i-memory map I/O).
Ngokuvamile, ukuhlasela kuvumela ukunquma idatha edluliselwe phakathi kwama-caches wezinga lesibili nelokugcina, okuhlanganisa okuqukethwe amarejista kanye nemiphumela yemisebenzi yokufunda inkumbulo, okuye kwacutshungulwa ngaphambilini kumongo ofanayo we-CPU.
Ukuskena ikheli le-I/O kuma-Intel CPUs asuselwa ku-Sunny Cove microarchitecture wembula ukuthi amarekhodi abelwes in-memory Advanced Programmable Interrupt Local Controller (APIC) azinjalo
kuqaliswe kahle. Ngenxa yalokho, ukufunda kwezakhiwo kwalawa marejista kubuyisela idatha endala evela ku-microarchitecture, ngakho-ke ayikho idatha edluliselwe phakathi kwe-L2 nenqolobane yeleveli yokugcina engafundwa ngala marejista.
Njengesikhala samakheli se I-I/O ifinyeleleka kuphela kubasebenzisi abakhethekile, I-ÆPIC Leak Targets Intel's TEE, SGX. I-ÆPIC ingavuza idatha kusuka ezigodini ze-SGX ezisebenza kumongo womzimba ofanayo. Nakuba i-ÆPIC Leak izobeka usongo olukhulu ezindaweni ezingokoqobo, ama-hypervisors ngokuvamile awenza angavezi amalogi endawo e-APIC emishinini ebonakalayo, asuse usongo ezimeni ezisekelwe emafini.
Ngokufanayo nokuhlasela kwesikhashana kwangaphambili okuqondiswe ku-SGX, i-ÆPIC Leak isebenza kahle kakhulu uma ibulawa ngokuhambisana ne-enclave ku-hyperprocess yezelamani. Nokho, ukuvuza kwe-ÆPIC akudingi i-hyperthreading futhi kungavuza idatha ye-enclave uma i-hyperthreading ingatholakali noma ivaliwe.
Sethula izindlela ezimbili ezintsha zokuhlunga idatha esetshenziswayo, okungukuthi, amanani erejista ye-enclave, kanye nedatha lapho iphumule, okungukuthi, idatha egcinwe kumemori enclave. Ngokufriza Komugqa Wenqolobane, sethula indlela ebeka ingcindezi eqondiwe kuhlelo lwenqolobane ngaphandle kokubhala ngaphezulu idatha endala...
Le migqa yenqolobane isabonakala ihamba kuhlelo lwenqolobane, kodwa ayibhali idatha endala. Ngale njongo singena ukuvuza kwamanani e-cache line endaweni ephephile yesifunda (SSA).Indlela yesibili, i-Enclave Shaking, isebenzisa ikhono lesistimu yokusebenza ukushintsha ngokuphephile amakhasi ahlanganisiwe. Ngokushintshanisa amakhasi e-enclave ngaphandle nangaphakathi, amakhasi afakwe kunqolobane aphoqelela idatha ngohlelo lwenqolobane, okuvumela i-ÆPIC ukuthi ihlunge amanani ngaphandle kokuqhubeka nokwenza i-enclave. Sisebenzisa ukuvuza kwe-ÆPIC ngokuhlanganisa
I-Cache Line Freezing kanye ne-Enclave Shaking ukuze kukhishwe okhiye be-AES-NI nokhiye be-RSA kumtapo wezincwadi we-Intel IPP kanye ne-Intel SGX. Ukuhlasela kwethu kuvuza inkumbulo enclave ku-334,8 B/s kanye nezinga lokushaywa elingu-92,2%.
Kusukela ukuhlasela kudinga ukufinyelela emakhasini aphathekayo we-APIC MMIO, okungukuthi amalungelo omlawuli ayadingeka, indlela inqunyelwe ekuhlaseleni i-SGX enclaves lapho umlawuli engenakho ukufinyelela okuqondile.
Abacwaningi benze isethi yamathuluzi evumela, emizuzwaneni embalwa, ukucacisa okhiye be-AES-NI kanye ne-RSA abagcinwe ku-SGX, kanye nokhiye bokufakazela be-Intel SGX kanye nemingcele ye-generator yenombolo engahleliwe. Ikhodi yokuhlasela ishicilelwe ku-GitHub.
I-Intel imemezele ukuthi ilungiselela ukulungisa ngendlela yesibuyekezo ye-microcode enezela ukusekela kokushaywa kwebhafa futhi yengeze izinyathelo ezengeziwe zokuvikela idatha ye-enclave.
Inguqulo entsha ye-SDK ye-Intel SGX nayo isilungisiwe ngezinguquko ukuvimbela ukuvuza kwedatha. Onjiniyela be-OS kanye ne-hypervisor bayakhuthazwa ukuthi basebenzise imodi ye-x2APIC esikhundleni semodi ye-xAPIC yefa, esebenzisa amarejista e-MSR esikhundleni se-MMIO ukuze bafinyelele amarejista e-APIC.
Udaba luthinta i-Intel 10th, 11th, kanye nesizukulwane se-12 CPUs (okuhlanganisa nochungechunge olusha lwe-Ice Lake kanye ne-Alder Lake) futhi lubangelwa iphutha lezakhiwo elivumela ukufinyelela kudatha engaqalisiwe esele kuma-CPU. Amarekhodi e-APIC (Advanced Programmable Interrupt Controller) evela imisebenzi edlule.
ekugcineni uma ukhona unentshisekelo yokwazi okwengeziwe ngayo, ungabheka imininingwane ku- isixhumanisi esilandelayo.