LVI: sabon aji ne na hare-haren kisan kai akan Intel CPUs

Darkcrizt

4 minti

Bayani game da wani sabon aji na harin LVI a cikin inji zartarwa game da Intel, wanda za'a iya amfani dashi don ƙaddamar da maɓallan da bayanai masu mahimmanci daga Intel SGX enclaves da sauran matakai.

Sabon rukunin hare-hare ya dogara ne da magudi tare da irin tsarin microarchitectural kamar yadda yake a cikin MDS, harin Specter da Meltdown. A lokaci guda, sababbin hare-hare ba a toshe su ta hanyoyin da ake da su ba kariya daga Meltdown, Specter, MDS da sauran hare-hare makamantan su.

Game da LVI

Matsalar an gano shi a watan Afrilun shekarar da ta gabata daga mai binciken Jo Van Bulck daga Jami'ar Leuven, bayan haka, tare da halartar masu bincike 9 daga wasu jami'o'in, an kirkiro hanyoyi biyar na kai hari, kowannensu yana ba da damar ƙarin takamaiman zaɓuɓɓuka.

Ko ta yaya, a cikin Fabrairu na wannan shekara, da Masu binciken Bitdefender suma sun gano ɗayan zaɓukan kai harin LVI kuma ya ba da rahoto ga Intel.

Zaɓuɓɓukan kai hare-hare ana rarrabe su ta hanyar amfani da ƙananan tsarin microarchitectural, kamar Store Buffer (SB, Store Buffer), Fill Buffer (LFB, Line Fill Buffer), FPU Context Switch Buffer, da First Cache (L1D), a baya ana amfani dasu wajen kai hari kamar ZombieLoad, RIDL, Fallout, LazyFP, Foreshadow, da Narkewa.

Babban bambanci tsakanin Ina kai musu haris LVI da MDS shine cewa MDS yana sarrafa ƙaddarar abun ciki na tsarin microarchitectural waɗanda suka rage a cikin ɓoye bayan kuskuren kuskuren sarrafawa ko ɗorawa da ayyukan adanawa, yayin Hare-haren LVI tana ba da izinin maye gurbin maharin a cikin tsarin microarchitectural don tasiri tasirin aiwatar da lambar wanda aka azabtar.

Ta amfani da waɗannan magudi, mai kai hari zai iya cire abubuwan da ke cikin bayanan bayanan da aka rufe a cikin wasu matakai yayin aiwatar da wasu lambobi a cikin asalin CPU.

Don amfani, dole ne a sami matsaloli a cikin lambar aiwatarwa kuma aika jerin lambobi na musamman (na'urori) waɗanda aka ɗora darajar mai sarrafa su kuma shigar da wannan ƙimar yana haifar da keɓaɓɓu waɗanda ke yin watsi da sakamakon kuma sake aiwatar da umarnin.

Lokacin aiwatar da banda, taga mai hasashe yana bayyana yayinda aka sarrafa bayanan da aka sarrafa a cikin na'urar.

Musamman processor yana farawa da aiwatar da wani yanki na lamba (wani kayan aiki), sannan ya yanke shawarar cewa hasashen bai tabbata ba kuma ya juyar da ayyukan, amma bayanan da aka sarrafa Yayin zartar da hukunci ana sanya su a cikin ma'ajiyar L1D da buffers microarchitecture kuma ana iya samo su daga gare su ta amfani da sanannun hanyoyin don ƙayyade ragowar bayanai daga tashoshin ɓangare na uku.

Babban wahala kai farmaki ga wasu matakai kumas yadda za a fara taimako ta hanyar aiwatar da tsarin wanda aka cutar.

A halin yanzu, babu tabbatattun hanyoyin yin wannan, amma a nan gaba ba a cire bincikensa. Ya zuwa yanzu an iya tabbatar da yiwuwar kai hari kawai ga Intel SGX enclaves, sauran al'amuran sune ka'idoji ko maimaitawa a ƙarƙashin yanayin roba.

Mai yuwuwar kai hari kan veto

  • Rashin kwararar bayanai daga tsarin kwaya zuwa tsarin matakin mai amfani. Kariyar kwaya ta Linux a kan hare-haren Specter 1 da kuma tsarin kariya na SMAP (Supervisor Mode Access Rigakafin) yana rage yiwuwar yiwuwar harin LVI. Gabatar da ƙarin kariyar kwaya na iya zama dole yayin gano hanyoyin mafi sauƙi don aiwatar da harin LVI a gaba.
  • Rashin bayanai tsakanin matakai daban-daban. Hari yana buƙatar kasancewar wasu takaddun yanki a cikin aikace-aikacen da ƙudurin hanyar don ɗaga wani togiya a cikin tsarin manufa.
  • Bayanai daga bayanan mahallin zuwa tsarin baƙi. An sanya harin a matsayin mai rikitarwa, yana buƙatar aiwatar da matakai masu wahalar aiwatarwa da tsinkaye na aiki akan tsarin.
  • Rashin bayanai tsakanin tsari a cikin tsarin baƙo daban. Vector din harin ya kusa shirya zubewar bayanai tsakanin matakai daban-daban, amma kuma yana bukatar rikitarwa masu rikitarwa don kaucewa keɓewa tsakanin tsarin baƙi.

Don samar da ingantaccen kariya daga LVI, ana buƙatar canje-canje kayan aiki zuwa CPU. Ta hanyar tsara kariya ta tsare-tsare, kara bayanin LFENCE mai tattarawa bayan kowane aiki da aka yi daga ƙwaƙwalwar ajiya, da maye gurbin bayanin RET da POP, LFENCE, da JMP, ana gyara sama da ƙasa; A cewar masu binciken, cikakken kariyar software zai haifar da lalacewar aiki sau 2 zuwa 19.

Source: https://www.intel.com


Bar tsokaci

Your email address ba za a buga. Bukata filayen suna alama da *

*

*

  1. Wanda ke da alhakin bayanan: Miguel Ángel Gatón
  2. Manufar bayanan: Sarrafa SPAM, sarrafa sharhi.
  3. Halacci: Yarda da yarda
  4. Sadarwar bayanan: Ba za a sanar da wasu bayanan ga wasu kamfanoni ba sai ta hanyar wajibcin doka.
  5. Ajiye bayanai: Bayanin yanar gizo wanda Occentus Networks (EU) suka dauki nauyi
  6. Hakkoki: A kowane lokaci zaka iyakance, dawo da share bayanan ka.