sk4nz/octopus
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Mitigation tester for Spectre V1-V2
4 Commits 1 Branch 0 Tags 132 KiB
C 60.6%
Makefile 37.7%
Dockerfile 1.7%
a522fd233a
Go to file
Samuel Aubertin a522fd233a Fix uuid expansion
2022-01-23 19:49:53 +01:00
.gitignore Refactor spectre.c and add multiple targets to the Makefile: 2022-01-23 19:37:24 +01:00
logo.png first 2022-01-22 15:04:17 +01:00
Makefile Fix uuid expansion 2022-01-23 19:49:53 +01:00
octoupload Refactor spectre.c and add multiple targets to the Makefile: 2022-01-23 19:37:24 +01:00
README.md Refactor spectre.c and add multiple targets to the Makefile: 2022-01-23 19:37:24 +01:00
spectre.c Refactor spectre.c and add multiple targets to the Makefile: 2022-01-23 19:37:24 +01:00

README.md

OCTOPUS

Samuel AUBERTIN - EURECOM - 2022

SPECTRE Octopus Logo

OCTOPUS is a Spectre v2 (Branch Target Injection) compiler flag tester for CVE 2017-5715.

It measures the success rate of the same attack using different compilers:

  • GCC
  • CLANG

And compilation/linking flags such as:

  • Optimisation levels (-O)
  • Static linking
  • RETPOLINE

Dependencies

  • clang
  • gcc
  • sftp
  • uuid
  • The libC static symbols glibc-static

Execution

make

Results aggregation

Results are automatically uploaded to a server with sftp using a dedicated account.

Here is an exhaustive list of the data sent:

  • CPU model name and microcode version.
  • Kernel version and compilation date.
  • The kernel compilation flag CONFIG_RETPOLINE.
  • GCC and clang versions.
  • The list of mitigations enabled at runtime.
  • The cache timings of the processor computed by the calibrate_threshold() function.
  • Each spectre execution success rate.

NONE of this data will be used for anyhting else except this experiment.

Sources