Muva nje ithimba labacwaningi abavela e-Graz University of Technology (Austria) kanye neHelmholtz Center for Information Security (I-CISPA) ikhiphe ulwazi mayelana nokuba sengozini (I-CVE-2021-26318) kuwo wonke ama-AMD processors okungase kuvumele ukuhlaselwa kwesiteshi eseceleni kwe-Meltdown-class.
Ubhekene nolwazi lomuntu siqu oludaluliwe lwe I-AMD ikwenze kwaziwa ukuthi ikubona njengokungafanele ukuthatha izinyathelo ezikhethekile ukuvimba inkinga, njengoba ukuba sengozini, njengokuhlasela okufanayo okutholwe ngo-Agasti, akusebenzi kangako ezimeni zangempela, ngoba isho ukuthi inqunyelwe imikhawulo yamanje yesikhala sekheli lenqubo futhi idinga ukulandelana kweziqondiso (amagajethi) ku-kernel. Ukukhombisa ukuhlasela, abacwaningi balayishe eyabo imojula ye-kernel ngedivayisi engezwe ngokwenziwa. Empilweni yangempela, abahlaseli, ngokwesibonelo, bangasebenzisa ubungozi njalo kusistimu engaphansi ye-EBPF ukuze bamiselele ukulandelana okudingekayo.
Ngokombono osebenzayo, ukuhlasela kungasetshenziswa ukuhlela iziteshi zokudlulisa idatha eziyimfihlo, qapha umsebenzi ku-kernel noma thola ulwazi mayelana namakheli kumemori ye-kernel ukuze ugweme ukuvikelwa okusekelwe ku-randomization of addresses (KASLR) ohlelweni lokuxhaphaza ubungozi ku-kernel.
Sithole ukuhluka kwesikhathi namandla omyalelo wokulanda ongabonwa endaweni yabasebenzisi abangenalo ilungelo. Ngokungafani nomsebenzi wangaphambilini wokuhlaselwa kwangaphambili kwe-Intel, sibonise ukuthi imiyalo yokulanda kuqala ku-AMD ihlunga ulwazi olwengeziwe. Sibonisa ukubaluleka kwalesi siteshi esiseceleni ngezifundo eziyizici eziningi kuzilungiselelo zomhlaba wangempela. Sikhombisa ukwehlukana kokuqala kwe-KASLR microarchitecture.
Ukuvikela kulokhu kuhlasela okusha, i-AMD income ukusetshenziswa kwezindlela zokubethela ezivikelekile esiza ukuvimbela ukuhlaselwa kwe-Meltdown, njengokusebenzisa izitatimende ze-LFENCE. Abacwaningi abahlonze le nkinga batusa ukunika amandla ukuhlukaniswa kwetafula lememori okuqinile (i-KPTI), ngaphambilini ebisetshenziselwa ama-Intel processors kuphela.
Ngesikhathi sokuhlolwa, abacwaningi bakwazile ukuvuza ulwazi kusuka ku-kernel kuya kwinqubo esikhaleni somsebenzisi.noma ngesivinini samabhayithi angu-52 ngomzuzwana, uma kukhona idivayisi ku-kernel eyenza umsebenzi, izindlela ezimbalwa ziye zahlongozwa ukuze kukhishwe ulwazi olugcinwe kunqolobane ngesikhathi sokubulawa okucatshangelwayo ngokusebenzisa iziteshi zezinkampani zangaphandle.
Indlela yokuqala isekelwe ekuhlaziyweni kokuchezuka kwesikhathi sokwenzan yomyalelo wokucubungula kanye neyesibili yoshintsho ekusetshenzisweni kwamandla lapho "PREFETCH" (Prefetch + Power) kusetshenziswa.
Siqapha umsebenzi we-kernel, isibonelo uma umsindo udlalwa nge-Bluetooth, futhi sisungula isiteshi esiyimfihlo. Ekugcineni, saze sahlunga inkumbulo ye-kernel ku-52.85 B / s ngamadivayisi alula weSpecter ku-Linux kernel. Sibonisa ukuthi ukuhlukaniswa kwetafula okuqinile kwekhasi kufanele kunikwe amandla kuma-AMD CPU ngokuzenzakalela ukuze kuncishiswe ukuhlaselwa kwethu okuthunyelwe ngempumelelo
Khumbula ukuthi ukuba sengozini kwe-Meltdown kwakudala kusekelwe iqiniso lokuthi ngesikhathi ukuqaliswa kokuqagela kwemiyalelo umcubunguli angafinyelela indawo yedatha eyimfihlo bese elahla umphumela, njengoba amalungelo amisiwe avimbela ukufinyelela okunjalo enqubweni yomsebenzisi. Kulolu hlelo, ibhulokhi eyenziwe ngokuqagela ihlukaniswa nekhodi eyinhloko yigatsha elinemibandela, elihlala lixoshwa ngaphansi kwezimo zangempela, kodwa ngenxa yokuthi isimemezelo esinemibandela sisebenzisa inani elibaliwe umprosesa alazi ngesikhathi sokukhishwa kwekhodi yokuqala. , ukukhishwa okucatshangelwayo kwazo zonke izinketho zamagatsha kuyenziwa.
Njengoba imisebenzi yokuqagela isebenzisa inqolobane efanayo kunemiyalo ejwayelekile eyenziwe, kungenzeka ngesikhathi sokuqagela kumaka wenqolobane abonisa okuqukethwe okuncane amafayela ngamanye endaweni yenkumbulo evaliwe, bese kukhodi evame ukubulawa ukuze kutholwe inani lawo ngokuhlaziywa kwesikhathi kufinyelela idatha egcinwe kunqolobane nengagciniwe.
Okokugcina uma unentshisekelo yokwazi kabanzi ngakho, ungabheka imininingwane Kulesi sixhumanisi esilandelayo.