Idan aka yi amfani da su, waɗannan kurakuran na iya ba wa maharan damar samun dama ga bayanai masu mahimmanci ba tare da izini ba ko kuma gabaɗaya haifar da matsala
Kwanan nan labari ya bazu cewa Eric Biggers daya daga cikin masu haɓaka Adiantum cipher kuma mai kula da tsarin kernel na Linux fscrypt, ya ba da shawarar saitin faci don toshe da matsalar tsaro samu daga peculiarity na Na'urorin sarrafa Intel waɗanda ba su da garantin lokacin aiwatarwa akai-akai don umarnin bayanan daban-daban da aka sarrafa.
Dangane da shawararsa, ya ambaci cewa a cikin na'urori na Intel, matsalar ta fara bayyana kanta tun daga dangin Ice Lake, ban da gaskiyar cewa. Hakanan ana ganin irin wannan matsala a cikin masu sarrafa ARM.
Dogaro da lokacin aiwatarwa na umarnin na bayanan da aka sarrafa a cikin waɗannan umarnin yana dauke by marubucin faciYana kama da rauni a cikin na'urori masu sarrafawa, tun da irin wannan hali ba zai iya ba da garantin tsaro na ayyukan sirri ba sanya a cikin tsarin.
Ina so in ja hankalin mutane game da gaskiyar cewa a cikin sabbin CPUs na Intel da Arm , ta tsohuwa a lokacin aiwatar da umarnin zai iya dogara da bayanan dabi'u masu aiki. Wannan ma ya haɗa da umarni kamar ƙari, XOR da iUmurnin AES, waɗanda a al'adance ana ɗauka su zama koyaushe lokaci dangane da ƙimar bayanan da aka sarrafa.
Yawancin aiwatarwa na algorithms cryptographic sun dogara da gaskiyar cewa bayanai baya shafar lokacin aiwatar da umarni, kuma cin zarafin wannan ɗabi'a na iya haifar da ƙirƙirar hare-haren tashoshi na gefe waɗanda ke dawo da bayanai dangane da nazarin lokaci.
Yiwuwar dogaron lokacin aiki akan bayanai kuma ana iya amfani da su wajen kai hare-hare don tantance bayanan kernel na mai amfani.
Umurnin lokutan da ba na dindindin ba suna karya lambar sirrin da ta dogara akan lambar lokaci akai-akai don hana harin lokaci akan maɓallan sirri, watau galibi
lambar sirri. Wannan matsala kuma na iya yin tasiri mai zurfi akan iyawar
tsarin aiki don kare bayanai daga matakai marasa gata.Ga Intel, masu sarrafawa tare da Ice Lake kuma daga baya wannan batu ya shafe su.
Maganin wannan matsala shine saita tutar CPU wanda ke dawo da tsohuwar, daidai
halin lokaci mai zaman kansa na bayanai: DIT akan Arm da DOITM akan Intel.
A cewar Eric Biggers. gami da umarnin da ke yin ƙari da ayyukan XOR, da kuma na musamman umarnin AES-NI, ba a samar da lokacin aiki akai-akai by default (bayanan ba a tabbatar da gwaji ba, bisa ga wasu bayanai, akwai jinkirin sake zagayowar guda ɗaya lokacin da ake ninka vectors da kirga rago).
Don kashe wannan hali, Intel da ARM sun ba da shawarar sabbin mafita, kamar PSTATE DIT (Data Independent Timeing) bit don ARM CPUs da DOITM (Data Operand Independent Timeing Mode) MSR bit don Intel CPUs, yana dawo da halin da ya gabata tare da lokacin aiwatarwa akai-akai.
Intel da ARM bayar da shawarar ba da damar kariya kamar yadda ake buƙata don lamba mai mahimmanci, amma a zahiri, ƙididdiga masu mahimmanci na iya faruwa a ko'ina cikin kernel da kuma cikin sararin mai amfani, don haka ana la'akari da yuwuwar ba da damar har abada DOITM da yanayin DIT.
Ga Masu sarrafawa na ARM, Linux 6.2 kernel reshen sun riga sun sami faci wanda ke canza halayen kwaya, amma waɗannan faci ana la'akari da rashin isa tunda kawai suna rufe lambar kernel kuma ba sa canza yanayin sararin mai amfani.
Ga masu sarrafa Intel, haɗawar kariyar a halin yanzu yana cikin matakin bita ne kawai. Har yanzu ba a auna tasirin aikin facin ba, amma bisa ga takaddun Intel, kunna yanayin DOITM yana rage aiki (alal misali, saboda kashe wasu ingantattu, kamar preloading takamaiman bayanai) kuma, a cikin ƙirar na'ura mai zuwa na gaba, lalatawar aiki na iya lalata. karuwa.
A ƙarshe, idan kuna sha'awar samun damar ƙarin sani game da shi, kuna iya tuntuɓar cikakkun bayanai a cikin bin hanyar haɗi.