I-SQUIP, ukuhlasela okusha okuthinta amaphrosesa e-AMD futhi kuholele ekuvuzeni kwedatha

iqembu iAbacwaningi abavela eGraz University of Technology (Austria), eyayaziwa ngokuthuthukisa ukuhlasela kwe-MDS, NetSpectre, Throwhammer kanye neZombieLoad, uveze ukuhlasela kwesiteshi eseceleni okusha (CVE-2021-46778) kumugqa womprosesa we-AMD osetshenziselwa ukuhlela ukukhishwa kwemiyalo kumayunithi ahlukene okwenziwa e-CPU.

Ukuhlasela, kubizwe I-SQUIP, ivumela ukunquma idatha esetshenziswe ezibalweni kwenye inqubo noma umshini we-virtual noma uhlele ishaneli yokuxhumana efihliwe phakathi kwezinqubo noma imishini ebonakalayo evumela ukuthi idatha ishintshwe ngaphandle kokudlula ezindleleni zokulawula ukufinyelela kwesistimu.

I-Las Ama-CPU e-AMD asekelwe kuma-microarchitecture we-Zen woku-1, wesi-2 nowesithathu isizukulwane (AMD Ryzen 2000-5000, AMD Ryzen Threadripper, AMD Athlon 3000, AMD EPYC) Ingabe bayathinteka lapho kusetshenziswa ubuchwepheshe be-Simultaneous Multithreading (SMT) .

Ama-CPU esimanje asebenzisa idizayini eyi-superscalar, lapho imiyalo eminingi isetshenziswa kanyekanye ukuze kukhuliswe ukusebenza. Lawa ma-CPU acubungula imiyalelo ngendlela ehamba phambili ngezigaba ezimbalwa: (1) ukulanda, (2) khipha ikhodi, (3) uhlelo/ukhiphe, kanye (4) nokulanda.

Ukuhlasela kusekelwe ekuhloleni izinga lokuvela kombango (izinga lombango) emigqeni ehlukene yabahleli futhi kwenziwa ngesilinganiso sokubambezeleka lapho kuqaliswa ukuhlola okwenziwa kolunye uchungechunge lwe-SMT ku-CPU efanayo ebonakalayo. Ukuze kuhlaziywe okuqukethwe, kusetshenziswe indlela ye-Prime+Probe, ehlanganisa ukugcwalisa umugqa ngesethi yamanani ereferensi nokunquma izinguquko ngokulinganisa isikhathi sokufinyelela kuzo ngesikhathi sokulayisha kabusha.

Uhlelo/isiteji sokwenza singacubungula imiyalelo ngaphandle kwe-oda ukuze kukhuliswe ukufana kwezinga lemfundo. Sichaza kafushane ngasinye salezi zigaba:

-Sesha. I-CPU ibheka umyalo olandelayo ozowusebenzisa kunqolobane ye-L1i. 
- Qopha. Ukuze kuvunyelwe ukusebenza kahle, imiyalelo etholiwe (imisebenzi emikhulu) ihlukaniswa ibe umshini omncane owodwa noma ngaphezulu (µops) futhi ibekwe kulayini we-µop. Lawa ma-µops afakwa ngemuva, lapho ahlelwa khona futhi asetshenziswa.
-Sheduli/Run. I(aba)shejuli balandelela ukuthi yimaphi ama-µops alungele ukusetshenziswa (anokungenayo okutholakalayo) futhi ahlele ngokushintshayo (ngaphandle kwe-oda) kumayunithi okusebenza atholakalayo. I-CPU core inamayunithi okubulala amaningi futhi ingaba namayunithi amaningi e-arithmetic and logic (ALUs), amayunithi e-branch execution (BRUs), amayunithi okukhiqiza ikheli (AGUs).

Ngesikhathi sokuhlolwa, abacwaningi bakwazile ukudala kabusha ngokuphelele ukhiye we-RSA oyimfihlo ongu-4096-bit isetshenziselwa ukudala amasiginesha edijithali kusetshenziswa ilabhulali ye-cryptography ye-mbedTLS 3.0, esebenzisa i-algorithm ye-Montgomery ukuphakamisa inombolo ibe yimoduli yamandla. Kudingeka imikhondo engu-50.500 ukuze kutholakale ukhiye.

Isikhathi esiphelele sokuhlasela sithathe imizuzu engama-38. Izinhlobonhlobo zokuhlasela ezinikeza ukuvuza phakathi kwezinqubo ezihlukene nemishini ebonakalayo elawulwa yi-KVM hypervisor iyaboniswa. Kuboniswa futhi ukuthi indlela ingasetshenziswa ukuhlela ukudluliswa kwedatha eyimfihlo phakathi kwemishini ebonakalayo ngenani elingu-0,89 Mbit/s naphakathi kwezinqubo ngesilinganiso esingu-2,70 Mbit/s ngenani lephutha elingaphansi kuka-0,8, XNUMX%.

I-CPU core ihlukaniswe yaba ama-logical cores amaningi, noma imicu, esebenzisa ukusakazwa kweziyalezo ezizimele kodwa ukwabelana ngezinsiza ezifana ne-L1i cache. Ama-µops alolu chungechunge aphinda abelane ngamayunithi okusebenzisa ukuze avumele ukusetshenziswa okuphezulu okuphezulu. Ukuhlukaniswa kwezingxenye ezihlukene ze-kernel.
Kwenziwa ngokushintshisana ngokuncintisana. Izakhiwo ze-AMD Zen zivumela imicu emibili
ngomongo ngamunye. Lezi zintambo zingasuka ohlelweni olulodwa noma ezinhlelweni ezihlukene, njengoba ziphethwe isistimu yokusebenza.

Ama-Intel processors awathinteki kalula ukuhlasela ngoba zisebenzisa ulayini wokuhlela owodwa, kuyilapho amaphrosesa e-AMD asengozini esebenzisa imigqa ehlukene yeyunithi ngayinye yokwenza.

Njengesixazululo sokuvimba ukuvuza kolwazi, I-AMD iyanconywa labo bathuthukisi sebenzisa ama-algorithms ahlala enza izibalo zezibalo ngesikhathi esifanayo, ngokunganaki imvelo yedatha ecutshungulwayo, futhi ivimbela ukufokhwa okusekelwe kudatha eyimfihlo.

Okokugcina, uma ungathanda ukwazi okwengeziwe ngakho, ungathintana nemininingwane ku isixhumanisi esilandelayo.


Yiba ngowokuqala ukuphawula

Shiya umbono wakho

Ikheli lakho le ngeke ishicilelwe. Ezidingekayo ibhalwe nge *

*

*

  1. Ubhekele imininingwane: Miguel Ángel Gatón
  2. Inhloso yedatha: Lawula Ugaxekile, ukuphathwa kwamazwana.
  3. Ukusemthethweni: Imvume yakho
  4. Ukuxhumana kwemininingwane: Imininingwane ngeke idluliselwe kubantu besithathu ngaphandle kwesibopho esisemthethweni.
  5. Isitoreji sedatha: Idatabase ebanjwe yi-Occentus Networks (EU)
  6. Amalungelo: Nganoma yisiphi isikhathi ungakhawulela, uthole futhi ususe imininingwane yakho.