L1D Kudzingwa Sampling, L1DES kana inozivikanwawo CacheOut ndiyo imwe yekutyisidzira kutsva izvo zvinowedzerwa pane runyorwa rwevanoziva izvo bvumira mukana wekurwisa Intel CPUs kuburikidza nekuitwa kwekodhi yekufungidzira. Ino inguva yechitatu pasingasviki gore kuti Intel iratidze seti nyowani yekushushikana inoenderana nekufungidzira mashandiro evanogadzira.
Kubva kutanga kwematambudziko eIntel kwakatanga neSpecter neMeltdown, uye izvo zvakazopa nzira kune mamwe matambudziko akaonekwa kubvira ipapo, kusanganisira SPOILER, Foreshadow, SwapGS, ZombieLoad, RIDL uye Kudonha. Huye, iko kurwiswa kutsva kunokanganisa Intel CPU dzakagadzirwa pamberi pechina chechina cha2018.
Kusiyana neMDS (Microarchitectural Data Sampling) kusagadzikana, maererano neCacheOut webhusaiti:
Anorwisa anogona kushandisa nzira dzekuchengetera maCUU kunyatso tarisa iyo data kuti isvinwe.
Vanozviwana vanoona kusagadzikana CacheOut seimwe kurwisa kwekufungidzira kuuraya uye a zvisina kunangana mhedzisiro yeSpecter neMeltdown.
Uye ndezvekuti vaongorori veVUSec vanoita kunge vakawana kusagadzikana mukufanana, nekuti zvinoenderana neCVE, CacheOut yakafanana neiyo RIDL musiyano, iyo vavanoitsvaga vanoreva seL1DES (ivo vanotevera zita repamutemo reIntel seL1D Yekubvisa Sampling)
Padanho repamusoro, CacheOut inomanikidza kukakavara pane cache yeL1-D kudzinga iyo data iyo yainongedzera kubva kucache. Isu tinotsanangura maviri akasiyana.
Kutanga, muchiitiko chekuti cache iine data yeyakaurayiwa-yakashandurwa, zvirimo mumutsetse wecache unofamba kuburikidza neLFBs sekunyorwa kwazvinoitwa mundangariro.
Chechipiri, kana anorwisa achida kuburitsa dhata risingashandurwe nemunhu anenge arwadziswa, anorwisa anotanga kudzinga iyo data kubva kucache uye oiwana painenge ichipfuura nemumatsetse-ekuzadza mabhaidhi kuti agutsikane kuverenga kwakafanana kubva kune akabatwa.
Kupunzika kweIntel nzira dzekudzivirira kwaisazove nechinetso kuCacheOut, asi ivo vanobatsira kuti kusagadzikana hakugone kushandiswa kuburikidza nebrowser.
VUSec inopawo humbowo hwepfungwa kushandisa yekunetseka paGithub. Iyo kushushikana kunotakura iyo CVE-2020-0549 seCacheOut.
Nguva Intel inopawo yayo kodhi (INTEL-SA-00329) uye inozvimisikidza seyakaenzana (6.5). Zvinoenderana neIntel pachayo, data muL1 data cache (L1D) inogona kuendeswa kune isina kushandiswa L1D buffer (padding buffer).
Dhata inogona kunyatsosvinwa uye kuverengerwa kubva kune ino padding buffer kuburikidza nedivi chiteshi kurwisa. Naizvozvo, Intel inodaidza iyi nzira yekuverenga L1D Yekudzinga Sampling uye inofunga vanogona kubatwa senge subset yeL1TF (Foreshadow uye Foreshadow-NG). Kusiyana neForeshadow, varwisi havafanirwe kukwanisa kunyatso bvunza kero dzepanyama neCacheOut.
Zvimwe zvekuomerwa izvo zvakaratidzwa uye Intel inoteedzera seVector Rejista Sampling (RSV), Icho chakanyanya kushoropodza sezvo Intel ichiti chikanganiso ichi hachina kunyanya kukura nekuti kuoma kwekurwisa kwacho kwakakwirira uye mikana yeanorwisa kuwana data rakakodzera ishoma. Kunze kweizvozvo VRS inoonekwawo semusiyano mutsva weRIDL kurwisa.
VRS inoenderana nekudonha muChitoro Chekuchengetera yemhedzisiro yekuverenga mashandiro eiyo maRejista marejista akagadziridzwa panguva yekuitwa kweiyo vector mirairo (SSE, AVX, AVX-512) mune imwechete CPU musimboti.
Iyo leak inoitika mune yakasarudzika seti yemamiriro uye inokonzereswa nenyaya yekuti yekufungidzira mashandiro akaitwa, zvichitungamira mukuratidzwa kwenzvimbo yeiyo vector zvinyorwa mune yekuchengetedza buffer, inononoka uye kumiswa mushure meye buffer, uye kwete zvisati zvaitika.
Chekupedzisira, Intel yakazivisa kuti mune nyaya yemavhiki ichave iine zvigadziriso zvakagadzirira zvine chekuita nekugadzirisa izvi zvikanganiso.
Panguva yeADD, ARM uye IBM CPUs ivo havana kukanganiswa neidzi njodzi.
Izvo zviito zvekusasimba inogona kuwanikwa mune zvinotevera zvinongedzo.