From 8683dfa73228cf6be0059e3a86bfecf2143cbdf2 Mon Sep 17 00:00:00 2001
From: GuillaumeDIDIER <guillaume.didier95@hotmail.fr>
Date: Wed, 19 Aug 2020 14:34:52 +0200
Subject: [PATCH] Get the foundation for optimized version using Flush and
 Flush

---
 aes-t-tables/src/lib.rs  | 116 ++++++++++++++++++++++++++++-----------
 aes-t-tables/src/main.rs |  25 ++++++---
 2 files changed, 101 insertions(+), 40 deletions(-)

diff --git a/aes-t-tables/src/lib.rs b/aes-t-tables/src/lib.rs
index a89eadc..f1278cc 100644
--- a/aes-t-tables/src/lib.rs
+++ b/aes-t-tables/src/lib.rs
@@ -1,3 +1,5 @@
+#![feature(specialization)]
+
 use openssl::aes;
 
 use crate::CacheStatus::Hit;
@@ -31,16 +33,19 @@ use std::sync::Arc;
 
 // an attacker measurement
 // a calibration victim
-
 #[derive(Debug, PartialEq, Eq)]
 pub enum CacheStatus {
     Hit,
     Miss,
 }
 
-pub enum SideChannelError<T> {
+pub enum ChannelFatalError {
+    Oops,
+}
+
+pub enum SideChannelError {
     NeedRecalibration,
-    FatalError(T),
+    FatalError(ChannelFatalError),
 }
 
 /*
@@ -57,54 +62,53 @@ pub trait SimpleCacheSideChannel {
 }
 
 pub trait TableCacheSideChannel {
-    type ChannelFatalError: Debug;
+    //type ChannelFatalError: Debug;
+    fn calibrate(&mut self, addresses: impl IntoIterator<Item = *const u8> + Clone);
     fn attack<'a, 'b, 'c>(
         &'a mut self,
-        addresses: impl IntoIterator<Item = *const u8>,
+        addresses: impl IntoIterator<Item = *const u8> + Clone,
         victim: &'c dyn Fn(),
-    ) -> Result<Vec<(*const u8, CacheStatus)>, Self::ChannelFatalError>;
+    ) -> Result<Vec<(*const u8, CacheStatus)>, ChannelFatalError>;
 }
 
 pub trait SingleAddrCacheSideChannel: Debug {
-    type ChannelFatalError: Debug;
+    //type SingleChannelFatalError: Debug;
 
-    fn test(
-        &mut self,
-        addr: *const u8,
-    ) -> Result<CacheStatus, SideChannelError<Self::ChannelFatalError>>;
+    fn test(&mut self, addr: *const u8) -> Result<CacheStatus, SideChannelError>;
     fn prepare(&mut self, addr: *const u8);
     fn victim(&mut self, operation: &dyn Fn());
     fn calibrate(
         &mut self,
-        addresses: impl IntoIterator<Item = *const u8>,
-    ) -> Result<(), Self::ChannelFatalError>;
+        addresses: impl IntoIterator<Item = *const u8> + Clone,
+    ) -> Result<(), ChannelFatalError>;
 }
 
-/*
 pub trait MultipleAddrCacheSideChannel: Debug {
-    type ChannelFatalError: Debug;
-    fn test<'a>(
-        &self,
-        addresses: impl IntoIterator<Item = &'a *const u8>,
-    ) -> Result<Vec<CacheStatus>, SideChannelError<Self::ChannelFatalError>>;
-    fn prepare<'a>(addresses: impl IntoIterator<Item = &'a *const u8>);
-    fn victim<T>(&self, operation: Box<dyn FnOnce() -> T>) -> T;
-    fn recalibrate(self) -> Result<Self, Self::ChannelFatalError>;
-    fn calibrate<'a>(
-        params: Self::Params,
-        addresses: impl IntoIterator<Item = &'a *const u8>,
-    ) -> Result<Self, Self::ChannelFatalError>;
+    //type MultipleChannelFatalError: Debug;
+
+    fn test(
+        &mut self,
+        addresses: impl IntoIterator<Item = *const u8> + Clone,
+    ) -> Result<Vec<(*const u8, CacheStatus)>, SideChannelError>;
+    fn prepare(&mut self, addresses: impl IntoIterator<Item = *const u8> + Clone);
+    fn victim(&mut self, operation: &dyn Fn());
+    fn calibrate(
+        &mut self,
+        addresses: impl IntoIterator<Item = *const u8> + Clone,
+    ) -> Result<(), ChannelFatalError>;
 }
-*/
 
 impl<T: SingleAddrCacheSideChannel> TableCacheSideChannel for T {
-    type ChannelFatalError = T::ChannelFatalError;
+    default fn calibrate(&mut self, addresses: impl IntoIterator<Item = *const u8> + Clone) {
+        self.calibrate(addresses);
+    }
+    //type ChannelFatalError = T::SingleChannelFatalError;
 
-    fn attack<'a, 'b, 'c>(
+    default fn attack<'a, 'b, 'c>(
         &'a mut self,
-        addresses: impl IntoIterator<Item = *const u8>,
+        addresses: impl IntoIterator<Item = *const u8> + Clone,
         victim: &'c dyn Fn(),
-    ) -> Result<Vec<(*const u8, CacheStatus)>, Self::ChannelFatalError> {
+    ) -> Result<Vec<(*const u8, CacheStatus)>, ChannelFatalError> {
         let mut result = Vec::new();
 
         for addr in addresses {
@@ -127,6 +131,54 @@ impl<T: SingleAddrCacheSideChannel> TableCacheSideChannel for T {
     }
 }
 
+impl<T: MultipleAddrCacheSideChannel> SingleAddrCacheSideChannel for T {
+    //type SingleChannelFatalError = T::MultipleChannelFatalError;
+    fn test(&mut self, addr: *const u8) -> Result<CacheStatus, SideChannelError> {
+        unimplemented!()
+    }
+
+    fn prepare(&mut self, addr: *const u8) {
+        unimplemented!()
+    }
+
+    fn victim(&mut self, operation: &dyn Fn()) {
+        unimplemented!()
+    }
+
+    fn calibrate(
+        &mut self,
+        addresses: impl IntoIterator<Item = *const u8> + Clone,
+    ) -> Result<(), ChannelFatalError> {
+        self.calibrate(addresses)
+    }
+}
+
+impl<T: MultipleAddrCacheSideChannel> TableCacheSideChannel for T {
+    fn calibrate(&mut self, addresses: impl IntoIterator<Item = *const u8> + Clone) {
+        self.calibrate(addresses);
+    }
+    //type ChannelFatalError = T::MultipleChannelFatalError;
+
+    fn attack<'a, 'b, 'c>(
+        &'a mut self,
+        addresses: impl IntoIterator<Item = *const u8> + Clone,
+        victim: &'c dyn Fn(),
+    ) -> Result<Vec<(*const u8, CacheStatus)>, ChannelFatalError> {
+        MultipleAddrCacheSideChannel::prepare(self, addresses.clone());
+        MultipleAddrCacheSideChannel::victim(self, victim);
+        let r = MultipleAddrCacheSideChannel::test(self, addresses); // Fixme error handling
+        match r {
+            Err(e) => match e {
+                SideChannelError::NeedRecalibration => {
+                    panic!();
+                }
+                SideChannelError::FatalError(e) => Err(e),
+            },
+            Ok(v) => Ok(v),
+        }
+    }
+}
+
 pub struct AESTTableParams<'a> {
     pub num_encryptions: u32,
     pub key: [u8; 32],
@@ -167,6 +219,8 @@ pub fn attack_t_tables_poc(
         .flatten()
         .map(|offset| unsafe { base.offset(offset) });
 
+    side_channel.calibrate(addresses.clone());
+
     for addr in addresses.clone() {
         timings.insert(addr, HashMap::new());
     }
diff --git a/aes-t-tables/src/main.rs b/aes-t-tables/src/main.rs
index b9f4a8d..a65a7e8 100644
--- a/aes-t-tables/src/main.rs
+++ b/aes-t-tables/src/main.rs
@@ -1,8 +1,10 @@
 use aes_t_tables::{
-    attack_t_tables_poc, AESTTableParams, CacheStatus, SideChannelError, SingleAddrCacheSideChannel,
+    attack_t_tables_poc, AESTTableParams, CacheStatus, ChannelFatalError, SideChannelError,
+    SingleAddrCacheSideChannel,
 };
 use cache_utils::calibration::only_reload;
 use cache_utils::{flush, rdtsc_fence};
+use std::collections::{HashMap, HashSet};
 use std::path::Path;
 
 #[derive(Debug)]
@@ -21,12 +23,7 @@ impl NaiveFlushAndReload {
 }
 
 impl SingleAddrCacheSideChannel for NaiveFlushAndReload {
-    type ChannelFatalError = ();
-
-    fn test(
-        &mut self,
-        addr: *const u8,
-    ) -> Result<CacheStatus, SideChannelError<Self::ChannelFatalError>> {
+    fn test(&mut self, addr: *const u8) -> Result<CacheStatus, SideChannelError> {
         if self.current != Some(addr) {
             panic!(); // FIXME
         }
@@ -45,7 +42,7 @@ impl SingleAddrCacheSideChannel for NaiveFlushAndReload {
     fn calibrate(
         &mut self,
         _addresses: impl IntoIterator<Item = *const u8>,
-    ) -> Result<(), Self::ChannelFatalError> {
+    ) -> Result<(), ChannelFatalError> {
         Ok(())
     }
 
@@ -55,13 +52,23 @@ impl SingleAddrCacheSideChannel for NaiveFlushAndReload {
     }
 }
 
+type VPN = usize;
+type Slice = u8;
+
+struct FlushAndFlush {
+    thresholds: HashMap<VPN, HashMap<Slice, u64>>,
+    addresses_ready: HashSet<*const u8>,
+}
+
+impl FlushAndFlush {}
+
 fn main() {
     let open_sslpath = Path::new(env!("OPENSSL_DIR")).join("lib/libcrypto.so");
     let mut side_channel = NaiveFlushAndReload::from_threshold(200);
     attack_t_tables_poc(
         &mut side_channel,
         AESTTableParams {
-            num_encryptions: 10000,
+            num_encryptions: 1 << 14,
             key: [0; 32],
             te: [0x1b5d40, 0x1b5940, 0x1b5540, 0x1b5140], // adjust me (should be in decreasing order)
             openssl_path: &open_sslpath,