I-bug kwi-Linux 6.2 ivumeleke ukugqitha ukhuseleko lohlaselo lweSpecter v2

Kutshanje, kukhutshwe ulwazi malunga ne-a Ukuba sesichengeni kuchongwe kwi-Linux 6.2 kernel (sele idweliswe ngaphantsi I-CVE-2023-1998) kwaye yintoni ebalaseleyo ngenxa yokuba injalo khubaza ukhuseleko lohlaselo lweSpecter v2 evumela ufikelelo kwinkumbulo ngezinye iinkqubo ezisebenza kwimisonto eyahlukeneyo ye-SMT okanye ye-Hyper Threading, kodwa kumbindi womqhubekekisi ofanayo womzimba.

Ukuba sesichengeni kuyaphawuleka phakathi kwezinye izinto kuba inokusetyenziselwa cwangcisa ukuvuza kwedatha phakathi oomatshini benyani kwiinkqubo zamafu. 

Kwabo bangaziyo ngeSpecter, kufuneka bayazi ukuba oku sesinye seziphene ezimbini zantlandlolo ezidlulayo ze-CPU (enye yi-Meltdown), ebandakanya uhlaselo lwesitishi esisecaleni se-microarchitectural. Ezi zichaphazela ii-microprocessors zanamhlanje ezenza uqikelelo lokutsiba kunye nezinye iindlela zokuqikelela.

Kwiiprosesa ezininzi, uphumezo oluqikelelwayo oluphuma kuqikelelo lwesebe olungalunganga lunokushiya iziphumo ebezingalindelekanga ezinokubonisa idatha yabucala. Umzekelo, ukuba ipateni yofikelelo lwenkumbulo eyenziwe kukwenziwa okuqikelelwayo okunjalo kuxhomekeke kwidatha yabucala, imo yesiphumo se-cache yedatha yenza ijelo elisecaleni apho umhlaseli anokukhipha khona ulwazi malunga nedatha yabucala esebenzisa uhlaselo lwexesha.

Ukusukela ukubhengezwa kweSpecter kunye ne-Meltdown ngoJanuwari 2018, iintlobo ezininzi kunye neentlobo ezintsha zokuba sesichengeni ezinxulumene nazo ziye zavela.

I-Linux kernel ivumela iinkqubo zelizwe lomsebenzisi ukwenza unciphiso ngokufowunela i-prctl nge-PR_SET_SPECULATION_CTRL, eyenza ingasebenzi i-specction, kunye nokusebenzisa i-seccomp. Sifumanise ukuba koomatshini benyani abasuka kumnikezeli welifu omnye ophambili, i-kernel isashiye inkqubo yexhoba ivulekile ukuhlasela kwezinye iimeko, nasemva kokuvumela unciphiso lwe-Specter-BTI nge-prctl. 

Ngokumalunga nokuba sesichengeni, kukhankanyiwe ukuba kwindawo yomsebenzisi, ukukhusela ekuhlaselweni yeSpecter, iinkqubo zinokuvala ngokukhetha uphumezo imiyalelo eqikelelwayo nge prctl PR_SET_SPECULATION_CTRL okanye sebenzisa inkqubo eseccomp-based ukuhluza iminxeba.

Ngokutsho kwabaphandi abachonge ingxaki, ukulungelelaniswa okungalunganga kwi-kernel 6.2 eshiye oomatshini benyani ukusuka ubuncinane omnye umboneleli welifu omkhulu ngaphandle kokhuseleko olufanelekileyo ngaphandle kokufakwa kwendlela yokuthintela uhlaselo lwe-Specter-BTI nge-prctl. Ubuthathaka bukwazibonakalisa kwiiseva eziqhelekileyo ezine-kernel 6.2, eziqalwe ngoqwalaselo "spectre_v2=ibrs".

Undoqo wokuba sesichengeni kukuba ngokukhetha iindlela zokhuseleko I-IBRS okanye i-eIBRS, ukulungiswa okwenziwe kukhubaziwe ukusetyenziswa kwe-STIBP (I-Single Thread Indirect Branch Predictors) indlela, eyimfuneko ukuvala ukuvuza xa usebenzisa iteknoloji ye-Multi-Threading (SMT okanye i-Hyper-Threading). )

Ngapha koko, imowudi ye-eIBRS kuphela ibonelela ngokhuseleko ekuvuzeni phakathi kwemisonto, hayi imowudi ye-IBRS, kuba nayo i-IBRS bit, ebonelela ngokhuseleko ekuvuzeni phakathi kwee-cores ezinengqiqo, iyacinywa ngenxa yezizathu zokusebenza xa ulawulo lubuyela kumsebenzisi wendawo, okwenza Imisonto yendawo yomsebenzisi engakhuselekanga kuhlaselo olusuka kwiSpecter v2 class.

Uvavanyo luneenkqubo ezimbini. Umhlaseli uhlala etyhefa umnxeba ongathanga ngqo ukuze ucinge ukuba uyibuyisele kwidilesi yendawo ekuyiwa kuyo. Inkqubo yexhoba ilinganisa izinga lokubikezela elingalunganga kwaye izama ukunciphisa ukuhlaselwa ngokubiza i-PRCTL okanye ukubhala kwi-MSR ngokuthe ngqo usebenzisa imodyuli ye-kernel eveza i-MSR yokufunda nokubhala imisebenzi kwindawo yomsebenzisi.

Ingxaki ichaphazela kuphela iLinux 6.2 kernel kwaye kungenxa yophumezo olungachanekanga lolungelelwaniso oluyilelwe ukunciphisa i-overhead ebalulekileyo xa kufakwa ukhuseleko kwiSpecter v2. ukuba sesichengeni Yalungiswa kwisebe lovavanyo lweLinux 6.3 kernel.

Ekugqibeleni ewe unomdla wokwazi ngakumbi ngayo, ungajonga iinkcukacha kwi ukulandela ikhonkco.