Mva nje I-AMD ibhengeze umsebenzi ebewenza amandla lungisa inani lobuthathaka ezichaphazela iimveliso zakho. Ubuthathaka babukhona ifunyenwe ngumphandi wezokhuseleko uDanny Odler, ethi kwingxelo yayo ityhile ukuba iziphene zihlala kwi-Mini Mini ye-AMD enokuvumela abahlaseli ukuba basebenzise i-firmware ekhuselekileyo kwaye benze ikhowudi engalawulekiyo.
Olu luchungechunge lokuba sesichengeni lwalukhona ebizwa ngokuba yi "SMM Callout" (CVE-2020-12890) kunye nophando lweebugs lubonisa ukuxhaphaza okupheleleyo kwe-1 kwezi-3 zokuba sesichengeni zifunyenwe kumfanekiso we-UEFI.
Ukubizwa kweSMM ikuvumela ukuba ufumane ulawulo kwi-UEFI firmware kwaye usebenzise ikhowudi kwinqanaba le-SMM (Indlela yolawulo yenkqubo). Uhlaselo lufuna ukufikelela emzimbeni kwikhompyuter okanye ukufikelela kwinkqubo enamalungelo olawulo.
Kwimeko yokuhlaselwa ngempumelelo, umhlaseli angasebenzisa ujongano lwe-AGESA (Uyilo lweSoftware efakwe kwi-AMD) ukwenza ikhowudi engalawulekiyo Ayinakufunyanwa kwinkqubo yokusebenza.
Ubungozi bukhona kwikhowudi ebandakanyiweyo kwi-UEFI firmware, eqhutywa kwimowudi ye-SMM (i-Ring -2), eneyona nto iphambili kunendlela ye-hypervisor kunye ne-zero yokhuseleko, kwaye inokufikelela okungenamkhawulo kuyo yonke imemori yenkqubo.
Xa ikhowudi isebenza kwi-SMM, yonke imemori ebonakalayo inokufikelelwa kwaye akukho nto inokukuthintela ekubhaleni idatha ebalulekileyo kumaphepha omzimba we-kernel okanye i-hypervisor. Ikhowudi ye-SMM isebenza njengoluhlobo lwe-mini OS: ineenkonzo ze-I / O, iinkonzo zemephu zememori, ukukwazi ukwenza imephu yokujongana ngasese, ulawulo lwe-SMM lokuphazamisa, izaziso zomnyhadala kunye nokunye.
Ukushwankathela: Ikhowudi ye-SMM yeyona khowudi inelungelo kwi-CPU, ikhowudi ifihliwe ngokupheleleyo kwinkqubo yokusebenza, ayinakuguqulwa yi-kernel kunye nezixhobo ze-DMA kunye nekhowudi ebaluleke kakhulu ye-SMM inokufikelela kuyo nayiphi na imemori ebonakalayo.
Ngokomzekelo, emva kokufumana ukufikelela kwinkqubo yokusebenza njengesiphumo sokuxhaphaza obunye ubungozi okanye iindlela zobunjineli kwezentlalo, umhlaseli Unokusebenzisa ubungozi ngeSmM Callout ukugqitha imowudi yokuqalisa ekhuselekileyo (UEFI Boot ekhuselekileyo), yazisa ikhowudi enobungozi okanye i-rootkits ayibonakali kwinkqubo kwi-SPI Flash, kunye nangenxa yokuhlaselwa kwabavavanyi be Ukugqitha kwindlela yokujonga ukuthembeka kweemeko ezibonakalayo.
“I-AMD iyalwazi uphando olutsha olunxulumene nokuba sesichengeni kwitekhnoloji yesoftware ye-AMD enikezelwe kubenzi bebhodi yomama ukuze bayisebenzise kwiziseko zophuhliso ze-Unified Extensible Firmware Interface (UEFI) kunye nezicwangciso zokugqibezela ukuhanjiswa kweenguqulelo ezihlaziyiweyo eziyilelwe ukunciphisa ingxaki ekugqibeleni NgoJuni 2020. »Sifunda isibhengezo se-AMD.
Uhlaselo ekujoliswe kulo oluchazwe kuphando ludinga ilungelo elilodwa lokungena emzimbeni okanye kulawulo kwinkqubo esekwe kwilaptop ye-AMD okanye kwiiprosesa ezigxunyekwe ngaphakathi. Ukuba eli nqanaba lokufikelela lifunyenwe, umhlaseli unakho ukusebenzisa i-AMD's General Encapsulated Software Architecture (i-AGESA) ukwenza ikhowudi engalawulekiyo ngaphandle kokufunyanwa yinkqubo yokusebenza.
Abasemngciphekweni kufuneka Impazamo kwikhowudi yeSMM ngenxa kukusilela kokuqinisekiswa kwedilesi ye-buffer ekujoliswe kuyo xa iSmGGVVableable () umsebenzi ubizwa kwi-SMI 0xEF handler.
Ngenxa yale bug, umhlaseli angabhala idatha engenakuphikiswa kwimemori yangaphakathi ye-SMM (SMRAM) kwaye ayenze njengekhowudi enamalungelo eSMM. I-AMD iqaphele ukuba ziiprosesa ezithile kuphela isungulwe phakathi kowama-2016 nowama-2019 Bachaphazeleka ekubeni sesichengeni.
"I-SMM yeyona khowudi inelungelo lokuqhuba kwi-x86 CPU, iyivumela ukuba ihlasele naliphi na icandelo elikwinqanaba elisezantsi, kubandakanya iKernel neHypervisor. funda uhlalutyo olupapashwe ngu-Odler.
Umthengisi we-chip sele ehambise uninzi lweenguqulelo ezihlaziyiweyo ze-AGESA kumaqabane akhe. I-AMD ikhuthaza abasebenzisi ukuba bagcine iinkqubo zabo zihlaziyiwe ngokufaka ii-patches zamva nje.
Ukuba ufuna ukwazi ngakumbi ngayo, ungajonga ingxelo ngokuya kule khonkco ilandelayo.
Umthombo: https://medium.com