# Makefile - CVE-2017-5753 user-to-user sucess rate measurement # # Copyright (c) 2022 Samuel AUBERTIN # # Permission to use, copy, modify, and distribute this software for any # purpose with or without fee is hereby granted, provided that the above # copyright notice and this permission notice appear in all copies. # # THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES # WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF # MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR # ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES # WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN # ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF # OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .PHONY: clean build upload .SILENT: .NOTPARALLEL: EXECUTABLES = clang gcc uuid rsync lld taskset DEPENDENCIES := $(foreach exec,$(EXECUTABLES), $(if $(shell which $(exec) 2> /dev/null),X,$(error "No '$(exec)' in PATH, please install it and restart octopus !"))) ### Generic flags SRCS= spectre_v1 spectre_v2 CFLAGS= -march=native -g CFLAGS+= -W CFLAGS+= -Wall CFLAGS+= -Werror -Wextra CFLAGS+= -Wno-unused-parameter CFLAGS+= -Wno-missing-field-initializers LDFLAGS= -fuse-ld=lld ### Octopus flags CCS= clang gcc OPTIMIZATIONS= 0 1 2 3 RETPOLINE= mretpoline UUID:= $(shell uuid) RESULTS_FILE:= results-$(UUID).json SSH_KEY= octoupload TIMES= 3 FLAGS= -j ### Octopus internals CPU:= $(shell LC_ALL=en_US.UTF-8 lscpu | grep "Model name" | cut -d":" -f 2 | sort | uniq | awk '{$$1=$$1;print}') UCODE:= $(shell grep microcode /proc/cpuinfo | sort | uniq | awk '{print $$NF}') KERN:= $(shell uname -svm) CLANGV:= $(shell clang -v 2>&1 | head -n 1) GCCV:= $(shell gcc -v 2>&1 | grep 'gcc version') VULN1:= $(shell cat /sys/devices/system/cpu/vulnerabilities/spectre_v1) VULN2:= $(shell cat /sys/devices/system/cpu/vulnerabilities/spectre_v2) ifndef PROGRESS HIT_TOTAL != ${MAKE} ${MAKECMDGOALS} --dry-run PROGRESS="HIT_MARK" | grep -c "HIT_MARK" HIT_COUNT = $(eval HIT_N != expr ${HIT_N} + 1)${HIT_N} PROGRESS = echo "[`expr ${HIT_COUNT} '*' 100 / ${HIT_TOTAL}`%]" endif SUB_ONE= $(word 1, $(subst -, ,$@)) SUB_TWO= $(word 2, $(subst -, ,$@)) SUB_THREE= $(word 3, $(subst -, ,$@)) SUB_FOUR= $(word 4, $(subst -, ,$@)) ### Compilers CPROGS= $(foreach C, $(CCS), $(addsuffix -$(C), $(SRCS))) ### Optimizations OPROGS= $(foreach O, $(OPTIMIZATIONS), $(addsuffix -O$(O), $(CPROGS))) ### Static SPROGS= $(addsuffix -static, $(foreach O, $(OPTIMIZATIONS), $(addsuffix -O$(O), $(CPROGS)))) ##### V1 ### Masking mitigation MPROGS= $(addsuffix -mask, $(filter spectre_v1%, $(OPROGS))) MSPROGS= $(addsuffix -mask, $(filter spectre_v1%, $(SPROGS))) ### Lfence mitigation LPROGS= $(addsuffix -fence, $(filter spectre_v1%, $(OPROGS))) LSPROGS= $(addsuffix -fence, $(filter spectre_v1%, $(SPROGS))) ### Masking + Lfence mitigations MLPROGS= $(addsuffix -maskfence, $(filter spectre_v1%, $(OPROGS))) MLSPROGS= $(addsuffix -maskfence, $(filter spectre_v1%, $(SPROGS))) ###### V2 ### Retpoline ## clang # dynamic RCPROGS= $(addsuffix -retpoline, $(filter spectre_v2-clang%, $(OPROGS))) # static RSCPROGS= $(addsuffix -retpoline, $(filter spectre_v2-clang%, $(SPROGS))) ## gcc # dynamic RGPROGS= $(addsuffix -retpoline, $(filter spectre_v2-gcc%, $(OPROGS))) # static RSGPROGS= $(addsuffix -retpoline, $(filter spectre_v2-gcc%, $(SPROGS))) PROGS= $(OPROGS) PROGS+= $(SPROGS) PROGS+= $(MPROGS) PROGS+= $(MSPROGS) PROGS+= $(LPROGS) PROGS+= $(LSPROGS) PROGS+= $(MLPROGS) PROGS+= $(MLSPROGS) PROGS+= $(RCPROGS) PROGS+= $(RSCPROGS) PROGS+= $(RGROGS) PROGS+= $(RSGPROGS) all: upload echo -e "\033[1mThank you for helping science today !\033[0m" upload: $(RESULTS_FILE) echo -e "\033[4mUploading $^ to www.sk4.nz\033[0m" chmod 600 $(SSH_KEY) sftp -b - -i $(SSH_KEY) -o BatchMode=yes -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null \ octoupload@www.sk4.nz: <<< $$'put $^' build: $(PROGS) $(RESULTS_FILE): build echo -e "\033[1m\033[94m________ __"; echo "\_____ \ _____/ |_ ____ ______ __ __ ______"; echo " / | \_/ ___\ __\/ _ \\____ \| | \/ ___/"; echo "/ | \ \___| | ( <_> ) |_> > | /\___ \ "; echo "\_______ /\___ >__| \____/| __/|____//____ >"; echo -e " \/ \/ |__| \/\033[0m"; echo -e " Samuel AUBERTIN - EURECOM\n" echo -e "\033[4mUUID\033[0m\t\t$(UUID)" echo -e "\033[4mCPU\033[0m\t\t$(CPU)" echo -e "\033[4mMicrocode\033[0m\t$(UCODE)" echo -e "\033[4mKernel\033[0m\t\t$(KERN)" echo -e "\033[4mClang\033[0m\t\t$(CLANGV)" echo -e "\033[4mGCC\033[0m\t\t$(GCCV)" echo -e "\033[4mSpectre v1\033[0m\t$(VULN1)" echo -e "\033[4mSpectre v2\033[0m\t$(VULN2)" echo -e "{ \"$(UUID)\": {" >> $@ echo -e "\"cpu\": \"$(CPU)\"," >> $@ echo -e "\"microcode\": \"$(UCODE)\"," >> $@ echo -e "\"kernel\": \"$(KERN)\"," >> $@ echo -e "\"clang\": \"$(CLANGV)\"," >> $@ echo -e "\"gcc\": \"$(GCCV)\"," >> $@ echo -e "\"spectre_v1\": \"$(VULN1)\"," >> $@ echo -e "\"spectre_v2\": \"$(VULN2)\"," >> $@ echo -e "\"results\": [" >> $@ for p in $(PROGS); do \ for t in $$(seq $(TIMES)); do \ sleep 0.1; \ taskset 01 ./$$p $(FLAGS) >> $@; \ if ! [ "$$p" = "$(lastword $(PROGS))" ]; \ then echo ',' >> $@; \ else if ! [ $$t -eq $(TIMES) ]; \ then echo ',' >> $@; fi; \ fi; \ done \ done echo -e "\n]}}" >> $@ $(OPROGS): @$(PROGRESS) $(SUB_TWO) $(CFLAGS) $(LDFLAGS) -$(SUB_THREE) -o $@ $(SUB_ONE).c $(SUB_TWO) $(CFLAGS) $(LDFLAGS) -$(SUB_THREE) -o $@ $(SUB_ONE).c $(SPROGS): @$(PROGRESS) $(SUB_TWO) $(addprefix -, $(SUB_FOUR)) $(CFLAGS) -$(SUB_THREE) -o $@ $(SUB_ONE).c $(SUB_TWO) $(addprefix -, $(SUB_FOUR)) $(CFLAGS) -$(SUB_THREE) -o $@ $(SUB_ONE).c $(MPROGS): @$(PROGRESS) $(SUB_TWO) $(CFLAGS) -DMASKING_MITIGATION $(LDFLAGS) -$(SUB_THREE) -o $@ $(SUB_ONE).c $(SUB_TWO) $(CFLAGS) -DMASKING_MITIGATION $(LDFLAGS) -$(SUB_THREE) -o $@ $(SUB_ONE).c $(MSPROGS): @$(PROGRESS) $(SUB_TWO) $(addprefix -, $(SUB_FOUR)) $(CFLAGS) -DMASKING_MITIGATION -$(SUB_THREE) -o $@ $(SUB_ONE).c $(SUB_TWO) $(addprefix -, $(SUB_FOUR)) $(CFLAGS) -DMASKING_MITIGATION -$(SUB_THREE) -o $@ $(SUB_ONE).c $(LPROGS): @$(PROGRESS) $(SUB_TWO) $(CFLAGS) -DLFENCE_MITIGATION $(LDFLAGS) -$(SUB_THREE) -o $@ $(SUB_ONE).c $(SUB_TWO) $(CFLAGS) -DLFENCE_MITIGATION $(LDFLAGS) -$(SUB_THREE) -o $@ $(SUB_ONE).c $(LSPROGS): @$(PROGRESS) $(SUB_TWO) $(addprefix -, $(SUB_FOUR)) $(CFLAGS) -DLFENCE_MITIGATION -$(SUB_THREE) -o $@ $(SUB_ONE).c $(SUB_TWO) $(addprefix -, $(SUB_FOUR)) $(CFLAGS) -DLFENCE_MITIGATION -$(SUB_THREE) -o $@ $(SUB_ONE).c $(MLPROGS): @$(PROGRESS) $(SUB_TWO) $(CFLAGS) -DLFENCE_MITIGATION -DMASKING_MITIGATION $(LDFLAGS) -$(SUB_THREE) -o $@ $(SUB_ONE).c $(SUB_TWO) $(CFLAGS) -DLFENCE_MITIGATION -DMASKING_MITIGATION $(LDFLAGS) -$(SUB_THREE) -o $@ $(SUB_ONE).c $(MLSPROGS): @$(PROGRESS) $(SUB_TWO) $(addprefix -, $(SUB_FOUR)) $(CFLAGS) -DLFENCE_MITIGATION -DMASKING_MITIGATION -$(SUB_THREE) -o $@ $(SUB_ONE).c $(SUB_TWO) $(addprefix -, $(SUB_FOUR)) $(CFLAGS) -DLFENCE_MITIGATION -DMASKING_MITIGATION -$(SUB_THREE) -o $@ $(SUB_ONE).c $(RCPROGS): @$(PROGRESS) $(SUB_TWO) $(CFLAGS) -mretpoline $(LDFLAGS) -z retpolineplt -$(SUB_THREE) -o $@ $(SUB_ONE).c $(SUB_TWO) $(CFLAGS) -mretpoline $(LDFLAGS) -z retpolineplt -$(SUB_THREE) -o $@ $(SUB_ONE).c $(RSCPROGS): @$(PROGRESS) $(SUB_TWO) $(addprefix -, $(SUB_FOUR)) $(CFLAGS) -mretpoline -$(SUB_THREE) -o $@ $(SUB_ONE).c $(SUB_TWO) $(addprefix -, $(SUB_FOUR)) $(CFLAGS) -mretpoline -$(SUB_THREE) -o $@ $(SUB_ONE).c $(RGPROGS): @$(PROGRESS) $(SUB_TWO) $(CFLAGS) -mfunction-return=thunk -mindirect-branch=thunk -mindirect-branch-register $(LDFLAGS) -z retpolineplt -$(SUB_THREE) -o $@ $(SUB_ONE).c $(SUB_TWO) $(CFLAGS) -mfunction-return=thunk -mindirect-branch=thunk -mindirect-branch-register $(LDFLAGS) -z retpolineplt -$(SUB_THREE) -o $@ $(SUB_ONE).c $(RSGPROGS): @$(PROGRESS) $(SUB_TWO) $(addprefix -, $(SUB_FOUR)) $(CFLAGS) -mfunction-return=thunk -mindirect-branch=thunk -mindirect-branch-register -$(SUB_THREE) -o $@ $(SUB_ONE).c $(SUB_TWO) $(addprefix -, $(SUB_FOUR)) $(CFLAGS) -mfunction-return=thunk -mindirect-branch=thunk -mindirect-branch-register -$(SUB_THREE) -o $@ $(SUB_ONE).c clean: rm -rf $(PROGS) *.json