Iqembu Abacwaningi bezokuphepha abavela eqenjini le-uCode bakhululiwe ukukhishwa kwekhodi yomthombo wephrojekthi i-microcode decryptor futhi lokho kuvumela ukwenza lokho kanye igama eliphakamisayo: iyithuluzi, eliqukethe imibhalo emithathu yePython futhi itholakala ku-GitHub.
I-Microcode Decryptor ivumela ukuqopha i-microcode yamanye ama-Intel processors njenge-Atom, i-Pentium, ne-Celeron esekelwe ku-Goldmont ne-Goldmont Plus microarchitectures, evula umnyango wezimo ezihlukahlukene, njengokuqonda ukuthi i-Intel isebenzise kanjani izici ezithile zokucubungula noma isebenzise izici ezihlukahlukene nokulungiswa kwezokuphepha.
I-Red Unlock yathuthukiswa ngabacwaningi abafanayo ngo-2020 ingasetshenziswa ukukhipha i-microcode ebethelwe. Amathuba ahlongozwayo okucacisa i-microcode avumela ukuhlola isakhiwo sangaphakathi se-microcode nezindlela zokusebenzisa imiyalelo yomshini we-x86. Ngaphezu kwalokho, abacwaningi bathole ifomethi yesibuyekezo se-firmware, i-algorithm yokubethela, nokhiye osetshenziselwa ukuvikela i-microcode (RC4).
Ukuze unqume ukuthi yimuphi ukhiye wokubethela ongawusebenzisa, ukuba sengozini ku-Intel TXE kwasetshenziswa ukunika amandla imodi yokususa iphutha engabhaliwe, ebizwa ngokuthi “Red Unlock” ngabacwaningi. Kumodi yokususa iphutha, sikwazile ukulayisha indawo yokulahla nge-microcode esebenzayo ngokuqondile ku-CPU futhi sikhiphe i-algorithm nokhiye kuyo.
I-Microcode Decryptor ivumela kuphela ukucacisa i-microcode, kodwa ayikuvumeli ukuyishintsha, njengoba ubuqotho be-microcode buye buqinisekiswe isiginesha yedijithali esekelwe ku-algorithm ye-RSA.
Mayelana nokuthi kungenzeka kanjani ukuthuthukiswa kwe-Microcode Decryptor, bathi kwenzeka eminyakeni emithathu edlule lapho u-Goryachy no-Ermolov bethola ubungozi obukhulu, obufakwe ku-Intel SA-00086, obavumela ukuthi basebenzise ikhodi abayithandayo ngaphakathi kwe-chip-independent. kernel. ehlanganisa uhlelo olungaphansi olwaziwa nge-Intel Management Engine.
I-Intel isilungisile isiphazamisi futhi yakhipha isichibi, kodwa ngenxa yokuthi ama-chips angahlala ephindiselwa emuva enguqulweni yangaphambilini ye-firmware bese exhashazwa, ayikho indlela yokususa ngempumelelo ubungozi.
Ngemuva kwalokho (ezinyangeni ezinhlanu ezedlule), ososayensi abathathu bakwazi ukusebenzisa ubungozi bokufinyelela imodi yesevisi eyakhelwe kuma-Intel chips, ngokuvuma ngefilimu i-The Matrix, abacwaningi baqambe igama elithi ithuluzi labo lokufinyelela lesi sici esilungisiwe ngaphambilini ebesingabhalwanga phansi seChip Red. Iphilisi, ngoba livumela abacwaningi ukuthi bazizwele ukusebenza kwangaphakathi kwe-chip evamise ukunqanyulwa.
Umkhulumeli we-Intel uthe:
"Akufanele kube khona ubungozi bokuphepha" ngenxa yokutholakala kwethuluzi. Eqinisweni, inkampani ithe ukuvumela abantu abaningi ukuthi babuyekeze i-microcode ye-Intel kungasiza umenzi we-chip abone ubungozi obuningi ngokuzayo. Kunoma ngubani ophumelele ukwenza kanjalo, lokho kusho ukuthi kungenzeka athole imali ngohlelo lwe-Intel's bug bounty.
“Ikhono labacwaningi lokuhlaziya i-microcode linganika amandla ukutholwa kobungozi obusha. Njengoba le microcode idaluliwe, i-Intel imema abacwaningi ukuthi babambe iqhaza ohlelweni lwe-microcode bug bounty uma kwenzeka kutholakala izinkinga,” basitshele.
Ngakolunye uhlangothi, abathuthukisi baleli thuluzi baphawule lokho
"Ithuba lokufunda i-microcode ye-CPU lingasiza ukuqonda ukuthi i-Intel ibusebenzise kanjani ubuchwepheshe obufana ne-Intel Trusted Execution Technology ( TXT ) noma inciphise ubungozi obukhulu njenge-Meltdown ne-Specter."
Yermolov, omunye wabanye ososayensi, wanezela ukuthi ukutholakala kwethuluzi kusho ukuthi abantu manje ungakwazi ukuhlola i-XuCode, okuhlukile kwekhodi ye-86-bit x64 esetshenziselwa ukusebenzisa izingxenye ze-Intel SGX ezilandwa njengesibuyekezo se-microcode. I-SGX ubuchwepheshe be-Intel bokwenza izinkumbulo ezivikelekile: Lezi izindawo ezivikelwe ezinye izinhlelo nabasebenzisi, okuhlanganisa isistimu yokusebenza noma i-hypervisor, engeke iphazamise.
I-XuCode iyathakazelisa impela: imiyalo eqondene ne-x86 yokuphatha izigodlo ze-SGX iyinkimbinkimbi kangangokuthi ihlukaniswe yaba ukulandelana kwemiyalelo ye-XuCode eyenza imisebenzi edingekayo.
Le miyalo ye-XuCode iyindinganiso yokwakhiwa kwe-86-bit x64 enezandiso ezithile, futhi ihlukaniswe yaba imisebenzi emincane engu-x86 evamile yiprosesa. Uma uhlelo lokusebenza lusebenzisa imiyalelo yezinga eliphezulu le-SGX, iphrosesa ingagxumela ku-XuCode yayo ukuze isebenze.
Lokhu kuhlelwa kwe-XuCode kugcinwa ku-microcode futhi manje kungakhishwa ngemibhalo engenhla ye-Python futhi ihlaziywe ngamakhithi onjiniyela ahlanekezela ama-x86 ajwayelekile.
Okokugcina uma unentshisekelo yokwazi kabanzi ngakho Mayelana nethuluzi, ungabheka imininingwane ku isixhumanisi esilandelayo.