4a0dacbfa3
- GCC support - RETPOLINE for both GCC and clang - LLD dynamic linker to support RETPOLINE mitigations on dynamic executables - Results aggregation using SFTP
OCTOPUS
Samuel AUBERTIN - EURECOM - 2022
OCTOPUS is a Spectre v2 (Branch Target Injection) compiler flag tester for CVE 2017-5715.
It measures the success rate of the same attack using different compilers:
- GCC
- CLANG
And compilation/linking flags such as:
- Optimisation levels (
-O) - Static linking
- RETPOLINE
Dependencies
clanggccsftpuuid- The libC static symbols
glibc-static
Execution
make
Results aggregation
Results are automatically uploaded to a server with sftp using a dedicated account.
Here is an exhaustive list of the data sent:
- CPU model name and microcode version.
- Kernel version and compilation date.
- The kernel compilation flag
CONFIG_RETPOLINE. - GCC and clang versions.
- The list of mitigations enabled at runtime.
- The cache timings of the processor computed by the
calibrate_threshold()function. - Each spectre execution success rate.
NONE of this data will be used for anyhting else except this experiment.