More readme
This commit is contained in:
sk4nz
parent
bd07863edf
commit
f652a21e43
7
Makefile
7
Makefile
@ -16,14 +16,13 @@
|
||||
.PHONY: clean build upload
|
||||
.SILENT:
|
||||
|
||||
|
||||
ifeq ($(shell uname),OpenBSD)
|
||||
GCC:= egcc
|
||||
GCC:= egcc
|
||||
else
|
||||
GCC:= gcc
|
||||
GCC:= gcc
|
||||
endif
|
||||
|
||||
EXECUTABLES= clang $(GCC) uuid lld taskset
|
||||
EXECUTABLES= clang $(GCC) uuid lld
|
||||
XXXX:= $(foreach exec,$(EXECUTABLES), $(if $(shell which $(exec) 2> /dev/null),X,$(error "No '$(exec)' in PATH, please install it and restart octopus !")))
|
||||
|
||||
### Generic flags
|
||||
|
||||
25
README.md
25
README.md
@ -5,19 +5,19 @@ Samuel AUBERTIN - EURECOM - 2022
|
||||
|
||||
|
||||
|
||||
**OCTOPUS** is a [Spectre](https://spectreattack.com/spectre.pdf) V1 (_Bounds Check Bypass_) + V2 (_Branch Target Injection_) compiler flag tester.
|
||||
**OCTOPUS** is a [Spectre](https://spectreattack.com/spectre.pdf) V1 (_Bounds Check Bypass_) + V2 (_Branch Target Injection_) vulnerabilty tester.
|
||||
|
||||
It measures the success rate of the attacks using different compilers:
|
||||
It measures the success rate of the Spectre attacks using different compilers:
|
||||
|
||||
- GCC
|
||||
- CLANG
|
||||
- [GCC](https://gcc.gnu.org/)
|
||||
- [Clang](https://clang.llvm.org/)
|
||||
|
||||
And compilation/linking flags such as:
|
||||
|
||||
- Optimisation levels (```-O```)
|
||||
- Static/dynamic linking
|
||||
- Masking and lfence as mitigation against Spectre V1
|
||||
- RETPOLINE as mitigation against Spectre V2
|
||||
- [Masking](https://github.com/torvalds/linux/blob/cb6416592bc2a8b731dabcec0d63cda270764fc6/arch/x86/include/asm/barrier.h#L27) and [lfence](https://www.intel.com/content/www/us/en/developer/articles/troubleshooting/using-intel-compilers-to-mitigate-speculative-execution-side-channel-issues.html) mitigations against Spectre V1
|
||||
- [RETPOLINE](https://support.google.com/faqs/answer/7625886) mitigation against Spectre V2
|
||||
|
||||
## Results
|
||||
|
||||
@ -25,11 +25,10 @@ Results are stored as JSON objects in an unique file for each run, following thi
|
||||
|
||||
## Dependencies
|
||||
|
||||
- ```clang``` and ```lld```
|
||||
- ```gcc```
|
||||
- ```sftp```
|
||||
- ```uuid```
|
||||
- The libC static symbols: ```glibc-static```
|
||||
- Compiler: ```clang``` and ```gcc```
|
||||
- Linker: ```lld```
|
||||
- For upload: ```openssh``` and ```uuid```
|
||||
- The C library static symbols: ```glibc-static```
|
||||
|
||||
## Execution
|
||||
|
||||
@ -39,6 +38,10 @@ Will build, execute and upload the results.
|
||||
|
||||
### Build only
|
||||
|
||||
```make build```
|
||||
|
||||
To build using multiple processes:
|
||||
|
||||
```make [-j XXX] build``` where ```XXX``` is the number of parallel processes.
|
||||
|
||||
## Results aggregation
|
||||
|
||||
Loading…
Reference in New Issue
Block a user