Idan aka yi amfani da su, waɗannan kurakuran na iya ba wa maharan damar samun dama ga bayanai masu mahimmanci ba tare da izini ba ko kuma gabaɗaya haifar da matsala
Kwanan nan, an fitar da bayanai game da a An gano rauni a cikin Linux 6.2 kernel (an riga an jera a ƙarƙashin CVE-2023-1998) kuma wanda ya fito fili saboda shi ne musaki kariyar harin Specter v2 wanda ke ba da damar yin amfani da ƙwaƙwalwar ajiya ta hanyar wasu hanyoyin da ke gudana akan zaren SMT ko Hyper Threading daban-daban, amma akan ainihin processor na zahiri ɗaya.
Rashin lahani sananne ne a tsakanin sauran abubuwa saboda ana iya amfani dashi tsara kwararar bayanai tsakanin injunan kama-da-wane a cikin tsarin girgije.
Ga wadanda ba su san game da Specter ba, ya kamata su san cewa wannan yana ɗaya daga cikin lahani na CPU biyu na asali na wucin gadi (ɗayan shine Meltdown), wanda ya haɗa da hare-haren tashoshi na lokaci na microarchitectural. Waɗannan suna shafar microprocessors na zamani waɗanda ke yin tsinkayar tsalle da sauran nau'ikan hasashe.
A kan yawancin na'urori masu sarrafawa, kisa na kisa da ke haifar da kuskuren hasashen reshe na iya barin illolin da za a iya gani waɗanda za su iya bayyana bayanan sirri. Misali, idan tsarin shigar da ƙwaƙwalwar ajiyar da aka yi ta irin wannan kisa mai hasashe ya dogara da bayanan sirri, sakamakon yanayin cache ɗin ya zama tashar gefen da maharin zai iya fitar da bayanai game da bayanan sirri ta amfani da harin lokaci.
Tun bayan bayyana Specter da Meltdown a cikin Janairu 2018, bambance-bambancen da yawa da sabbin nau'ikan rauni da ke da alaƙa da su sun bayyana.
Kernel na Linux yana ba da damar hanyoyin ƙasa masu amfani don ba da damar ragewa ta hanyar kiran prctl tare da PR_SET_SPECULATION_CTRL, wanda ke hana takamaiman aikin, haka kuma ta amfani da seccomp. Mun gano cewa akan injunan kama-da-wane daga aƙalla manyan masu samar da girgije, kernel ɗin har yanzu yana barin tsarin wanda aka azabtar ya buɗe don kai hari a wasu lokuta, koda bayan ba da damar rage specter-BTI tare da prctl.
Game da rauni, an ambaci cewa a sarari mai amfani, don kare kai daga hare-hare da Specter, matakai na iya kashe aiwatar da zaɓin Hasashen umarni tare da prctl PR_SET_SPECULATION_CTRL ko amfani da tacewa na tushen tsarin seccomp.
A cewar masu binciken da suka gano matsalar, ingantawa ba daidai ba a cikin kernel 6.2 hagu na injina daga aƙalla babban mai ba da girgije ɗaya ba tare da ingantaccen kariya ba duk da haɗawa da yanayin toshe harin specter-BTI ta hanyar prctl. Rashin lahani kuma yana bayyana kansa akan sabobin al'ada tare da kernel 6.2, waɗanda aka fara tare da daidaitawa "spectre_v2=ibrs".
Ma'anar rauni shine ta hanyar zabar hanyoyin kariya IBRS ko eIBRS, abubuwan ingantawa sun hana amfani da tsarin STIBP (Single Thread Indirect Branch Predictors), wanda ya zama dole don toshe leaks yayin amfani da fasahar Multi-Threading (SMT ko Hyper-stringing). )
Hakanan, yanayin eIBRS kawai yana ba da kariya daga ɗigogi tsakanin zaren, ba yanayin IBRS ba, tunda tare da shi IBRS bit, wanda ke ba da kariya daga ɗigogi tsakanin ma'ana, ana share shi saboda dalilai na aiki lokacin da sarrafawa ya dawo ga mai amfani da sararin samaniya, wanda ke yin hakan. Zaren sararin mai amfani mara kariya daga hare-hare daga ajin Specter v2.
Gwajin ya ƙunshi matakai biyu. Maharin koyaushe yana guba kira kai tsaye zuwa ga zato a tura shi zuwa adireshin da aka nufa. Tsarin wanda aka azabtar yana auna ƙimar hasashe mara kyau kuma yayi ƙoƙarin rage harin ta hanyar kiran PRCTL ko rubuta zuwa MSR kai tsaye ta amfani da tsarin kernel wanda ke fallasa MSR karantawa da rubuta ayyukan MSR a cikin sarari mai amfani.
Matsalar tana shafar Linux 6.2 kernel kawai kuma saboda rashin aiwatar da ingantawa da aka ƙera don rage yawan sama da ƙasa lokacin da ake amfani da kariya daga Specter v2. rauni An gyara shi a cikin reshen kwaya na Linux 6.3 na gwaji.
A ƙarshe haka ne kuna sha'awar samun ƙarin sani game da shi, zaka iya bincika bayanan a cikin bin hanyar haɗi.
Wadanda ke da raguwar sigar kernel=kashe:
Lafiya kalau 👌😎🔥