212 lines
8.2 KiB
Makefile
212 lines
8.2 KiB
Makefile
# Makefile - CVE-2017-5753 user-to-user sucess rate measurement
|
|
#
|
|
# Copyright (c) 2022 Samuel AUBERTIN
|
|
#
|
|
# Permission to use, copy, modify, and distribute this software for any
|
|
# purpose with or without fee is hereby granted, provided that the above
|
|
# copyright notice and this permission notice appear in all copies.
|
|
#
|
|
# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
|
|
# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
|
|
# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
|
|
# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
|
|
# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
|
|
# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
|
|
# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
|
|
.PHONY: clean build upload
|
|
.SILENT:
|
|
.NOTPARALLEL:
|
|
|
|
EXECUTABLES = clang gcc uuid rsync lld taskset
|
|
DEPENDENCIES := $(foreach exec,$(EXECUTABLES), $(if $(shell which $(exec) 2> /dev/null),X,$(error "No '$(exec)' in PATH, please install it and restart octopus !")))
|
|
|
|
### Generic flags
|
|
SRCS= spectre_v1 spectre_v2
|
|
CFLAGS= -march=native #-g
|
|
CFLAGS+= -W
|
|
CFLAGS+= -Wall
|
|
CFLAGS+= -Werror -Wextra
|
|
CFLAGS+= -Wno-unused-parameter
|
|
CFLAGS+= -Wno-missing-field-initializers
|
|
LDFLAGS= -fuse-ld=lld
|
|
|
|
### Octopus flags
|
|
CCS= clang gcc
|
|
OPTIMIZATIONS= 0 1 2 3
|
|
RETPOLINE= mretpoline
|
|
UUID:= $(shell uuid)
|
|
RESULTS_FILE:= results-$(UUID).json
|
|
SSH_KEY= octoupload
|
|
TIMES= 3
|
|
FLAGS= -j
|
|
|
|
### Octopus internals
|
|
CPU:= $(shell LC_ALL=en_US.UTF-8 lscpu | grep "Model name" | cut -d":" -f 2 | sort | uniq | awk '{$$1=$$1;print}')
|
|
UCODE:= $(shell grep microcode /proc/cpuinfo | sort | uniq | awk '{print $$NF}')
|
|
KERN:= $(shell uname -svm)
|
|
CLANGV:= $(shell clang -v 2>&1 | head -n 1)
|
|
GCCV:= $(shell gcc -v 2>&1 | grep 'gcc version')
|
|
VULN1:= $(strip $(shell LC_ALL=en_US.UTF-8 lscpu | grep 'Spectre v1' | cut -d":" -f 2-))
|
|
VULN2:= $(strip $(shell LC_ALL=en_US.UTF-8 lscpu | grep 'Spectre v2' | cut -d":" -f 2-))
|
|
|
|
ifndef PROGRESS
|
|
HIT_TOTAL != ${MAKE} ${MAKECMDGOALS} --dry-run PROGRESS="HIT_MARK" | grep -c "HIT_MARK"
|
|
HIT_COUNT = $(eval HIT_N != expr ${HIT_N} + 1)${HIT_N}
|
|
PROGRESS = echo "[`expr ${HIT_COUNT} '*' 100 / ${HIT_TOTAL}`%]"
|
|
endif
|
|
|
|
SUB_ONE= $(word 1, $(subst -, ,$@))
|
|
SUB_TWO= $(word 2, $(subst -, ,$@))
|
|
SUB_THREE= $(word 3, $(subst -, ,$@))
|
|
SUB_FOUR= $(word 4, $(subst -, ,$@))
|
|
|
|
### Compilers
|
|
CPROGS= $(foreach C, $(CCS), $(addsuffix -$(C), $(SRCS)))
|
|
|
|
### Optimizations
|
|
OPROGS= $(foreach O, $(OPTIMIZATIONS), $(addsuffix -O$(O), $(CPROGS)))
|
|
|
|
### Static
|
|
SPROGS= $(addsuffix -static, $(foreach O, $(OPTIMIZATIONS), $(addsuffix -O$(O), $(CPROGS))))
|
|
|
|
##### V1
|
|
### Masking mitigation
|
|
MPROGS= $(addsuffix -mask, $(filter spectre_v1%, $(OPROGS)))
|
|
MSPROGS= $(addsuffix -mask, $(filter spectre_v1%, $(SPROGS)))
|
|
|
|
### Lfence mitigation
|
|
LPROGS= $(addsuffix -fence, $(filter spectre_v1%, $(OPROGS)))
|
|
LSPROGS= $(addsuffix -fence, $(filter spectre_v1%, $(SPROGS)))
|
|
|
|
### Masking + Lfence mitigations
|
|
MLPROGS= $(addsuffix -maskfence, $(filter spectre_v1%, $(OPROGS)))
|
|
MLSPROGS= $(addsuffix -maskfence, $(filter spectre_v1%, $(SPROGS)))
|
|
|
|
###### V2
|
|
### Retpoline
|
|
## clang
|
|
# dynamic
|
|
RCPROGS= $(addsuffix -retpoline, $(filter spectre_v2-clang%, $(OPROGS)))
|
|
# static
|
|
RSCPROGS= $(addsuffix -retpoline, $(filter spectre_v2-clang%, $(SPROGS)))
|
|
## gcc
|
|
# dynamic
|
|
RGPROGS= $(addsuffix -retpoline, $(filter spectre_v2-gcc%, $(OPROGS)))
|
|
# static
|
|
RSGPROGS= $(addsuffix -retpoline, $(filter spectre_v2-gcc%, $(SPROGS)))
|
|
|
|
PROGS= $(OPROGS)
|
|
PROGS+= $(SPROGS)
|
|
PROGS+= $(MPROGS)
|
|
PROGS+= $(MSPROGS)
|
|
PROGS+= $(LPROGS)
|
|
PROGS+= $(LSPROGS)
|
|
PROGS+= $(MLPROGS)
|
|
PROGS+= $(MLSPROGS)
|
|
PROGS+= $(RCPROGS)
|
|
PROGS+= $(RSCPROGS)
|
|
PROGS+= $(RGROGS)
|
|
PROGS+= $(RSGPROGS)
|
|
|
|
|
|
all: upload
|
|
echo -e "\033[1mThank you for helping science today !\033[0m"
|
|
|
|
upload: $(RESULTS_FILE)
|
|
echo -e "\033[4mUploading $^ to www.sk4.nz\033[0m"
|
|
chmod 600 $(SSH_KEY)
|
|
sftp -b - -i $(SSH_KEY) -o BatchMode=yes -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null \
|
|
octoupload@www.sk4.nz: <<< $$'put $^'
|
|
|
|
build: $(PROGS)
|
|
|
|
$(RESULTS_FILE): build
|
|
echo -e "\033[1m\033[94m________ __";
|
|
echo "\_____ \ _____/ |_ ____ ______ __ __ ______";
|
|
echo " / | \_/ ___\ __\/ _ \\____ \| | \/ ___/";
|
|
echo "/ | \ \___| | ( <_> ) |_> > | /\___ \ ";
|
|
echo "\_______ /\___ >__| \____/| __/|____//____ >";
|
|
echo -e " \/ \/ |__| \/\033[0m";
|
|
echo -e " Samuel AUBERTIN - EURECOM\n"
|
|
echo -e "\033[4mUUID\033[0m\t\t$(UUID)"
|
|
echo -e "\033[4mCPU\033[0m\t\t$(CPU)"
|
|
echo -e "\033[4mMicrocode\033[0m\t$(UCODE)"
|
|
echo -e "\033[4mKernel\033[0m\t\t$(KERN)"
|
|
echo -e "\033[4mClang\033[0m\t\t$(CLANGV)"
|
|
echo -e "\033[4mGCC\033[0m\t\t$(GCCV)"
|
|
echo -e "\033[4mSpectre v1\033[0m\t$(VULN1)"
|
|
echo -e "\033[4mSpectre v2\033[0m\t$(VULN2)"
|
|
echo -e "{ \"$(UUID)\": {" >> $@
|
|
echo -e "\"cpu\": \"$(CPU)\"," >> $@
|
|
echo -e "\"microcode\": \"$(UCODE)\"," >> $@
|
|
echo -e "\"kernel\": \"$(KERN)\"," >> $@
|
|
echo -e "\"clang\": \"$(CLANGV)\"," >> $@
|
|
echo -e "\"gcc\": \"$(GCCV)\"," >> $@
|
|
echo -e "\"spectre_v1\": \"$(VULN1)\"," >> $@
|
|
echo -e "\"spectre_v2\": \"$(VULN2)\"," >> $@
|
|
echo -e "\"results\": [" >> $@
|
|
for p in $(PROGS); do \
|
|
for t in $$(seq $(TIMES)); do \
|
|
sleep 0.1; \
|
|
taskset 01 ./$$p $(FLAGS) >> $@; \
|
|
if ! [ "$$p" = "$(lastword $(PROGS))" ]; \
|
|
then echo ',' >> $@; \
|
|
else if ! [ $$t -eq $(TIMES) ]; \
|
|
then echo ',' >> $@; fi; \
|
|
fi; \
|
|
done \
|
|
done
|
|
echo -e "\n]}}" >> $@
|
|
|
|
$(OPROGS):
|
|
@$(PROGRESS) $(SUB_TWO) $(CFLAGS) $(LDFLAGS) -$(SUB_THREE) -o $@ $(SUB_ONE).c
|
|
$(SUB_TWO) $(CFLAGS) $(LDFLAGS) -$(SUB_THREE) -o $@ $(SUB_ONE).c
|
|
|
|
$(SPROGS):
|
|
@$(PROGRESS) $(SUB_TWO) $(addprefix -, $(SUB_FOUR)) $(CFLAGS) -$(SUB_THREE) -o $@ $(SUB_ONE).c
|
|
$(SUB_TWO) $(addprefix -, $(SUB_FOUR)) $(CFLAGS) -$(SUB_THREE) -o $@ $(SUB_ONE).c
|
|
|
|
|
|
$(MPROGS):
|
|
@$(PROGRESS) $(SUB_TWO) $(CFLAGS) -DMASKING_MITIGATION $(LDFLAGS) -$(SUB_THREE) -o $@ $(SUB_ONE).c
|
|
$(SUB_TWO) $(CFLAGS) -DMASKING_MITIGATION $(LDFLAGS) -$(SUB_THREE) -o $@ $(SUB_ONE).c
|
|
|
|
$(MSPROGS):
|
|
@$(PROGRESS) $(SUB_TWO) $(addprefix -, $(SUB_FOUR)) $(CFLAGS) -DMASKING_MITIGATION -$(SUB_THREE) -o $@ $(SUB_ONE).c
|
|
$(SUB_TWO) $(addprefix -, $(SUB_FOUR)) $(CFLAGS) -DMASKING_MITIGATION -$(SUB_THREE) -o $@ $(SUB_ONE).c
|
|
|
|
$(LPROGS):
|
|
@$(PROGRESS) $(SUB_TWO) $(CFLAGS) -DLFENCE_MITIGATION $(LDFLAGS) -$(SUB_THREE) -o $@ $(SUB_ONE).c
|
|
$(SUB_TWO) $(CFLAGS) -DLFENCE_MITIGATION $(LDFLAGS) -$(SUB_THREE) -o $@ $(SUB_ONE).c
|
|
|
|
$(LSPROGS):
|
|
@$(PROGRESS) $(SUB_TWO) $(addprefix -, $(SUB_FOUR)) $(CFLAGS) -DLFENCE_MITIGATION -$(SUB_THREE) -o $@ $(SUB_ONE).c
|
|
$(SUB_TWO) $(addprefix -, $(SUB_FOUR)) $(CFLAGS) -DLFENCE_MITIGATION -$(SUB_THREE) -o $@ $(SUB_ONE).c
|
|
|
|
$(MLPROGS):
|
|
@$(PROGRESS) $(SUB_TWO) $(CFLAGS) -DLFENCE_MITIGATION -DMASKING_MITIGATION $(LDFLAGS) -$(SUB_THREE) -o $@ $(SUB_ONE).c
|
|
$(SUB_TWO) $(CFLAGS) -DLFENCE_MITIGATION -DMASKING_MITIGATION $(LDFLAGS) -$(SUB_THREE) -o $@ $(SUB_ONE).c
|
|
|
|
$(MLSPROGS):
|
|
@$(PROGRESS) $(SUB_TWO) $(addprefix -, $(SUB_FOUR)) $(CFLAGS) -DLFENCE_MITIGATION -DMASKING_MITIGATION -$(SUB_THREE) -o $@ $(SUB_ONE).c
|
|
$(SUB_TWO) $(addprefix -, $(SUB_FOUR)) $(CFLAGS) -DLFENCE_MITIGATION -DMASKING_MITIGATION -$(SUB_THREE) -o $@ $(SUB_ONE).c
|
|
|
|
$(RCPROGS):
|
|
@$(PROGRESS) $(SUB_TWO) $(CFLAGS) -mretpoline $(LDFLAGS) -z retpolineplt -$(SUB_THREE) -o $@ $(SUB_ONE).c
|
|
$(SUB_TWO) $(CFLAGS) -mretpoline $(LDFLAGS) -z retpolineplt -$(SUB_THREE) -o $@ $(SUB_ONE).c
|
|
|
|
$(RSCPROGS):
|
|
@$(PROGRESS) $(SUB_TWO) $(addprefix -, $(SUB_FOUR)) $(CFLAGS) -mretpoline -$(SUB_THREE) -o $@ $(SUB_ONE).c
|
|
$(SUB_TWO) $(addprefix -, $(SUB_FOUR)) $(CFLAGS) -mretpoline -$(SUB_THREE) -o $@ $(SUB_ONE).c
|
|
|
|
$(RGPROGS):
|
|
@$(PROGRESS) $(SUB_TWO) $(CFLAGS) -mfunction-return=thunk -mindirect-branch=thunk -mindirect-branch-register $(LDFLAGS) -z retpolineplt -$(SUB_THREE) -o $@ $(SUB_ONE).c
|
|
$(SUB_TWO) $(CFLAGS) -mfunction-return=thunk -mindirect-branch=thunk -mindirect-branch-register $(LDFLAGS) -z retpolineplt -$(SUB_THREE) -o $@ $(SUB_ONE).c
|
|
|
|
$(RSGPROGS):
|
|
@$(PROGRESS) $(SUB_TWO) $(addprefix -, $(SUB_FOUR)) $(CFLAGS) -mfunction-return=thunk -mindirect-branch=thunk -mindirect-branch-register -$(SUB_THREE) -o $@ $(SUB_ONE).c
|
|
$(SUB_TWO) $(addprefix -, $(SUB_FOUR)) $(CFLAGS) -mfunction-return=thunk -mindirect-branch=thunk -mindirect-branch-register -$(SUB_THREE) -o $@ $(SUB_ONE).c
|
|
|
|
clean:
|
|
rm -rf $(PROGS) *.json
|