Add support for Docker. New targets: docker,dockerbuild,dockerrun,dockerpoc and dockerclean.

Add the poc target as well.
2022-04-12 11:21:57 +02:00
parent 141173d252
commit 781faf53e5
4 changed files with 80 additions and 84 deletions
--- a/84
+++ b/84
@@ -13,25 +13,26 @@
 # WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
 # ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 # OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-.PHONY: clean build upload findfalses
+.PHONY: clean dockerclean dockerprune build dockerbuild upload findfalses docker run dockerrun dockerupload help poc
+.DEFAULT_GOAL:= help
 .SILENT:

 MAKEFLAGS:= -j4
 ifeq ($(shell uname),OpenBSD)
 GCC:=		
-DEPS:=		clang ./uuid 
+DEPENDENCIES:=	clang ./uuid
 ifndef MKUUID
 MKUUID!=	$(shell stat uuid > /dev/null 2>&1 || (make -C uuid_obsd && ln -s uuid_obsd/uuid uuid))
 endif
 else
 GCC:=		gcc
-DEPS:=		$(GCC) clang uuid lld
+DEPENDENCIES:=	$(GCC) clang uuid lld
 LDFLAGS+=	-fuse-ld=lld
 endif

 ifdef MKUUID
-EXECUTABLES=	$(DEPS)
-XXXX:= 		$(foreach exec,$(EXECUTABLES), $(if $(shell which $(exec) 2> /dev/null),X,$(error "No '$(exec)' in PATH, please install it and restart octopus !")))
+EXECUTABLES=	$(DEPENDENCIES)
+XXXX:= 		$(foreach exec,$(EXECUTABLES), $(if $(shell which $(exec) 2> /dev/null),X,$(error "No '$(exec)' in PATH, please install it and restart octopus !\nThe full dependencies are : $(DEPENDENCIES)")))
 endif

 ### Generic flags
@@ -68,11 +69,20 @@ endif
 CPU:=		$(shell LC_ALL=en_US.UTF-8 lscpu | grep "Model name" | cut -d":" -f 2 | sort | uniq | awk '{$$1=$$1;print}')
 UCODE:=		$(shell (grep microcode /proc/cpuinfo 2> /dev/null || printf unknown) | sort | uniq | awk '{print $$NF}' || printf unknown)
 KERN:=		$(shell uname -svm)
-CLANGV:=	$(shell clang -v 2>&1 | head -n 1)
-GCCV:=		$(shell (gcc -v 2>&1 | grep 'gcc version') || printf unknown)
+CLANGV:=	$(shell (clang -v 2>&1 | head -n 1)) || apk info -a clang | head -n1 | awk '{print $$1}' || printf unknown)
+GCCV:=		$(shell (gcc -v 2>&1 | grep 'gcc version') || apk info -a gcc | head -n1 | awk '{print $$1}' || printf unknown)
 VULN1:=		$(shell (cat /sys/devices/system/cpu/vulnerabilities/spectre_v1 2> /dev/null || printf unknown))
 VULN2:=		$(shell (cat /sys/devices/system/cpu/vulnerabilities/spectre_v2 2> /dev/null || printf unknown))
-
+REVISION:=	$(shell git rev-parse --short HEAD)
+define BANNER
+	printf '\033[1m\033[94m________          __\n'
+	printf '\\_____  \\   _____/  |_  ____ ______  __ __  ______\n'
+	printf ' /   |   \\_/ ___\\   __\\/  \033[31m_\033[94m \\\\____ \\|  |  \\/  ___/\n'
+	printf '/    |    \\  \\___|  | (  \033[31m<_> \033[94m)  |_> >  |  /\\___ \\ \n'
+	printf '\\_______  /\\___  >__|  \\____/|   __/|____//____  >\n'
+	printf '        \\/     \\/            |__| \033[0mrev $(REVISION)\033[1m\033[94m \\/\033[0m\n'
+	printf '                       Samuel AUBERTIN - EURECOM\n'
+endef

 ifneq ($(shell uname),OpenBSD)
 ifndef PROGRESS
@@ -103,7 +113,7 @@ MASKING_STATIC_PROGRAMS=	$(addsuffix -mask, $(filter spectre_v1%, $(STATIC_PROGR

 ### Lfence mitigation
 LFENCE_PROGRAMS=		$(addsuffix -fence, $(filter spectre_v1%, $(OPTIMIZED_PROGRAMS)))
-LFENCE_STATIC_PROGRAMS=	$(addsuffix -fence, $(filter spectre_v1%, $(STATIC_PROGRAMS)))
+LFENCE_STATIC_PROGRAMS=		$(addsuffix -fence, $(filter spectre_v1%, $(STATIC_PROGRAMS)))

 ###### V2 
 ### Retpoline
@@ -111,15 +121,15 @@ LFENCE_STATIC_PROGRAMS=	$(addsuffix -fence, $(filter spectre_v1%, $(STATIC_PROGR
 # dynamic
 RETPOLINE_CLANG_PROGRAMS=	$(addsuffix -retpoline, $(filter spectre_v2-clang%, $(OPTIMIZED_PROGRAMS)))
 # static 
-RETPOLINE_STATIC_CLANG_PROGRAMS=	$(addsuffix -retpoline, $(filter spectre_v2-clang%, $(STATIC_PROGRAMS)))
+RETPOLINE_STATIC_CLANG_PROGRAMS=$(addsuffix -retpoline, $(filter spectre_v2-clang%, $(STATIC_PROGRAMS)))
 ## gcc 
 # dynamic 
-RETPOLINE_GCC_PROGRAMS=	$(addsuffix -retpoline, $(filter spectre_v2-gcc%, $(OPTIMIZED_PROGRAMS)))
+RETPOLINE_GCC_PROGRAMS=		$(addsuffix -retpoline, $(filter spectre_v2-gcc%, $(OPTIMIZED_PROGRAMS)))
 # static
 RETPOLINE_STATIC_GCC_PROGRAMS=	$(addsuffix -retpoline, $(filter spectre_v2-gcc%, $(STATIC_PROGRAMS)))

 # Add GCC's specific flag
-V2_GCC_PROGRAMS=	$(filter spectre_v2-gcc%, $(STATIC_PROGRAMS)) $(filter spectre_v2-gcc%, $(OPTIMIZED_PROGRAMS)) $(RETPOLINE_GCC_PROGRAMS) $(RETPOLINE_STATIC_GCC_PROGRAMS)
+V2_GCC_PROGRAMS=		$(filter spectre_v2-gcc%, $(STATIC_PROGRAMS)) $(filter spectre_v2-gcc%, $(OPTIMIZED_PROGRAMS)) $(RETPOLINE_GCC_PROGRAMS) $(RETPOLINE_STATIC_GCC_PROGRAMS)
 $(V2_GCC_PROGRAMS): CFLAGS+=-fno-inline-small-functions 

 PROGS=		$(OPTIMIZED_PROGRAMS)
@@ -147,14 +157,50 @@ findfalses: $(RESULTS_FILE)

 build: $(PROGS)

+run: $(RESULTS_FILE)
+	printf "\033[1mResults file: $(RESULTS_FILE)\033[0m\n"
+
+help:
+	$(BANNER)
+	printf '\nmake [all|poc|dockerpoc|build|dockerbuild|run|dockerrun]\n\n'
+	printf '\tall\t\tbuilds, runs and uploads the experiment results\n'
+	printf '\tpoc\t\tbuilds and runs a v1/v2 PoC\n'
+	printf '\tdockerpoc\t\tbuilds and runs a v1/v2 PoC\n'
+	printf '\tbuild\t\tbuilds the experiment programs\n'
+	printf '\tdockerbuild\tbuilds the experiment programs within a container\n'
+	printf '\trun\t\texecute the experiment\n'
+	printf '\tdockerrun\texecute the experiment within a container\n'
+	printf '\n\tFurther CFLAGS can be declared using `CFLAGS=XYZ make`\n'
+
+dockerbuild:
+	docker build -t "octopus:$(REVISION)" .
+
+dockerrun: dockerbuild
+	docker run --rm "octopus:$(REVISION)" make run
+
+dockerupload: dockerbuild
+	docker run --rm "octopus:$(REVISION)" make upload
+
+dockerpoc: dockerbuild
+	docker run --rm "octopus:$(REVISION)" make poc
+
+docker: dockerupload
+
+dockerclean:
+	-docker image rm -f octopus
+
+dockerprune:
+	-docker image prune -af
+
+poc: spectre_v1-clang-O0 spectre_v2-clang-O0
+	$(BANNER)
+	printf 'SPECTRE V1\n'
+	./spectre_v1-clang-O0
+	printf 'SPECTRE V2\n'
+	./spectre_v2-clang-O0
+
 $(RESULTS_FILE): build
-	printf '\033[1m\033[94m________          __\n'
-	printf '\\_____  \\   _____/  |_  ____ ______  __ __  ______\n'
-	printf ' /   |   \\_/ ___\\   __\\/  _ \\\\____ \\|  |  \\/  ___/\n'
-	printf '/    |    \\  \\___|  | (  <_> )  |_> >  |  /\\___ \\ \n'
-	printf '\\_______  /\\___  >__|  \\____/|   __/|____//____  >\n'
-	printf '        \\/     \\/            |__|              \\/\033[0m\n'
-	printf '                       Samuel AUBERTIN - EURECOM\n'
+	$(BANNER)
 	printf "\033[4mUUID\033[0m\t\t$(UUID)\n"
 	printf "\033[4mCPU\033[0m\t\t$(CPU)\n"
 	printf "\033[4mMicrocode\033[0m\t$(UCODE)\n"