Kutholakale ubungozi obusha bokuqagela obusha obuthinta i-Intel

Isilondolozi

Isampula Yokukhishwa Kwe-L1D, I-L1DES noma iCacheOut eyaziwa futhi ingenye yezinsongo ezintsha lokho kufakwa ohlwini lwabaziyo ukuthi vumela amathuba okuhlasela ama-Intel CPUs ngokusebenzisa ikhodi yokuqagela. Lesi yisikhathi sesithathu esikhathini esingaphansi konyaka ukuthi i-Intel yethule isethi entsha yokukhubazeka okuhlobene nokusebenza kokuqagela kwabaprosesa bayo.

Kusukela ekuqaleni kwezinkinga ze-Intel kwaqala ngeSpecter neMeltdown, futhi lokho kamuva kwaholela ebucayini obuningi obukhonjwe kusukela ngaleso sikhathi, kufaka phakathi i-SPOILER, iForeshadow, iSwapGS, iZombieLoad, iRIDL neFallout. Yebo, ukuhlaselwa okusha kuthinta ama-Intel CPU akhiqizwe ngaphambi kwekota yesine ka-2018.

Ngokungafani nokuba sengozini kwe-MDS (Microarchitectural Data Sampling), ngokusho kwewebhusayithi yeCacheOut:

Umhlaseli angasebenzisa izindlela zokulondolozwa kwesikhashana kwama-CPU ukukhomba ngqo idatha ezohlungwa.

Abatholi bayo babona ukuba sengozini I-CacheOut njengokunye ukuhlaselwa kokubulawa kokuqagela kanye ne umphumela ongaqondile weSpecter neMeltdown.

Futhi ukuthi abacwaningi be-VUSec kubonakala sengathi bathole ubungozi ngokufana, ngoba ngokwe-CVE, iCacheOut ifana nokwehluka kwe-RIDL, okutholwe yibo okubizwa ngokuthi yi-L1DES (balandela igama elisemthethweni le-Intel njenge-L1D Eviction Sampling)

Ezingeni eliphakeme, iCacheOut iphoqa umbango kunqolobane ye-L1-D ukukhipha idatha ekhomba kuyo kusuka kunqolobane. Sichaza izinhlobo ezimbili.

Okokuqala, esimweni lapho i-cache iqukethe idatha eguqulwe isisulu, okuqukethwe kulayini we-cache kudlula kuma-LFBs njengoba kubhalwa ememori.

Okwesibili, lapho umhlaseli efuna ukuvuza idatha isisulu engayishintshi, umhlaseli uqala ngokukhipha idatha kusuka kunqolobane bese eyithola njengoba idlula phakathi kwama-buffers okugcwalisa umugqa ukwanelisa ukufundwa ngasikhathi sinye kusuka kongaziswanga.

Izindlela zokuwa kwe-Intel zokuzivikela ngeke zibe nomthelela ngokumelene neCacheOut, kepha zisiza ukuthi ukuba sengozini kungasetshenziswa ngesiphequluli.

I-VUSec inikeza nobufakazi bokuxhashazwa komqondo ngokukhubazeka kuGithub. Ukuba sengozini kuthwala i-CVE-2020-0549 njengeCacheOut.

Ngesikhathi I-Intel iphinde inikeze ikhodi yayo (INTEL-SA-00329) futhi ikubeka njengokwejwayelekile (6.5).  Ngokusho kwe-Intel uqobo, idatha kusilondolozi sedatha se-L1 (L1D) ingaqondiswa kabusha kusiphathi se-L1D esingasetshenzisiwe (i-padding buffer).

Idatha ingahlungwa ngokuqondile futhi ifundwe kusuka kulesi sigcini se-padding ngokuhlaselwa kwesiteshi eseceleni. Ngakho-ke, i-Intel ibiza le ndlela yokufunda ye-L1D Eviction Sampling futhi ibheka izisulu ezingaba khona njenge-subset ye-L1TF (i-Foreshadow ne-Foreshadow-NG). Ngokungafani neForeshadow, abahlaseli akufanele bakwazi ukubuza ngqo amakheli angokwenyama neCacheOut.

Okunye ukuba sengozini lokho kwembuliwe futhi Amathrekhi we-Intel njenge-Vector Register Sampling (RSV), Kubucayi kakhulu ngoba i-Intel ithi leli phutha alibi kakhulu ngoba ubunzima bokuhlasela buphezulu futhi amathuba okuthi umhlaseli athole imininingwane efanele aphansi. Ngaphandle kwalokho i-VRS nayo ibhekwa njengokuhluka okusha kokuhlaselwa kwe-RIDL.

I-VRS ihlobene nokuvuza ku-Store Buffer yemiphumela yokusebenza okufundiwe kwamarejista we-vector aguqulwe ngesikhathi kwenziwa imiyalo ye-vector (SSE, AVX, AVX-512) kumgogodla ofanayo we-CPU.

Ukuvuza kwenzeka ezimweni ezikhetheke kakhulu futhi kubangelwa iqiniso lokuthi umsebenzi wokuqagela owenziwe, oholela ekubonisweni kwesimo samarekhodi e-vector endaweni yokugcina izinto, uye wabambezeleka futhi wanqanyulwa ngemuva i-buffer, hhayi ngaphambili.

Ekugcineni, i-Intel imemezele ukuthi emasontweni ambalwa izobe isilungele ukuvuselelwa efanele ukulungisa la maphutha.

Ngenkathi kuma-CPU we-AMD, ama-ARM ne-IBM awathinteki kulokhu kuba sengozini.

Ukuxhashazwa kobungozi ingatholakala kulezi zixhumanisi ezilandelayo.


Yiba ngowokuqala ukuphawula

Shiya umbono wakho

Ikheli lakho le ngeke ishicilelwe. Ezidingekayo ibhalwe nge *

*

*

  1. Ubhekele imininingwane: Miguel Ángel Gatón
  2. Inhloso yedatha: Lawula Ugaxekile, ukuphathwa kwamazwana.
  3. Ukusemthethweni: Imvume yakho
  4. Ukuxhumana kwemininingwane: Imininingwane ngeke idluliselwe kubantu besithathu ngaphandle kwesibopho esisemthethweni.
  5. Isitoreji sedatha: Idatabase ebanjwe yi-Occentus Networks (EU)
  6. Amalungelo: Nganoma yisiphi isikhathi ungakhawulela, uthole futhi ususe imininingwane yakho.