2022-01-22 15:04:17 +01:00
OCTOPUS
---
2022-01-22 15:09:33 +01:00
Samuel AUBERTIN - EURECOM - 2022
2022-01-22 15:04:17 +01:00
2022-02-02 15:20:17 +01:00
**OCTOPUS** is a [Spectre ](https://spectreattack.com/spectre.pdf ) V1 (_Bounds Check Bypass_) + V2 (_Branch Target Injection_) vulnerabilty tester.
2022-01-22 15:04:17 +01:00
2022-02-02 15:20:17 +01:00
It measures the success rate of the Spectre attacks using different compilers:
2022-01-23 19:37:24 +01:00
2022-02-02 15:20:17 +01:00
- [GCC ](https://gcc.gnu.org/ )
- [Clang ](https://clang.llvm.org/ )
2022-01-23 19:37:24 +01:00
And compilation/linking flags such as:
2022-01-22 15:09:33 +01:00
- Optimisation levels (```-O```)
2022-01-28 16:42:43 +01:00
- Static/dynamic linking
2022-02-02 15:20:17 +01:00
- [Masking ](https://github.com/torvalds/linux/blob/cb6416592bc2a8b731dabcec0d63cda270764fc6/arch/x86/include/asm/barrier.h#L27 ) and [lfence ](https://www.intel.com/content/www/us/en/developer/articles/troubleshooting/using-intel-compilers-to-mitigate-speculative-execution-side-channel-issues.html ) mitigations against Spectre V1
- [RETPOLINE ](https://support.google.com/faqs/answer/7625886 ) mitigation against Spectre V2
2022-01-28 16:42:43 +01:00
## Results
Results are stored as JSON objects in an unique file for each run, following this pattern: ```result-$(UUID).json```
2022-01-22 15:09:33 +01:00
## Dependencies
2022-01-22 15:04:17 +01:00
2022-02-02 15:20:17 +01:00
- Compiler: ```clang``` and ```gcc```
- Linker: ```lld```
- For upload: ```openssh``` and ```uuid```
- The C library static symbols: ```glibc-static```
2022-01-22 15:04:17 +01:00
2022-01-22 15:09:33 +01:00
## Execution
2022-01-22 15:04:17 +01:00
2022-01-28 16:42:43 +01:00
Will build, execute and upload the results.
2022-01-22 15:04:17 +01:00
2022-01-28 16:42:43 +01:00
```make```
2022-01-27 15:36:02 +01:00
### Build only
2022-02-02 15:20:17 +01:00
```make build```
To build using multiple processes:
2022-01-28 16:42:43 +01:00
```make [-j XXX] build``` where ```XXX``` is the number of parallel processes.
2022-01-27 15:36:02 +01:00
2022-01-22 15:09:33 +01:00
## Results aggregation
2022-01-22 15:04:17 +01:00
2022-01-28 16:42:43 +01:00
Results are automatically uploaded to a server with a dedicated account using ```sftp```.
2022-01-23 19:37:24 +01:00
Here is an exhaustive list of the data sent:
- CPU model name and microcode version.
- Kernel version and compilation date.
- GCC and clang versions.
- The list of mitigations enabled at runtime.
- The cache timings of the processor computed by the ```calibrate_threshold()``` function.
- Each spectre execution success rate.
**NONE** of this data will be used for anyhting else except this experiment.
2022-01-22 15:09:33 +01:00
2022-01-28 16:42:43 +01:00
## References
Both implementations are heavily inspired by:
2022-01-22 15:09:33 +01:00
- [ErikAugust gist ](https://gist.github.com/ErikAugust/724d4a969fb2c6ae1bbd7b2a9e3d4bb6 )
- [genua GmbH PoC ](https://github.com/genua/meltdown )
