From 960d7d942cd3cec83a81ec1cee5e203c70faea8d Mon Sep 17 00:00:00 2001 From: Guillume DIDIER Date: Thu, 21 Apr 2022 10:56:37 +0200 Subject: [PATCH] Refactor uneeded dependcy on covert_channel_evaluation (cherry picked from commit e92dac5c6a57c437a63f24f0efed28e81fd3ce7c) --- Cargo.lock | 4 +- basic_timing_cache_channel/Cargo.toml | 1 - basic_timing_cache_channel/src/lib.rs | 5 +-- basic_timing_cache_channel/src/naive.rs | 5 +-- cache_side_channel/Cargo.toml | 1 + cache_side_channel/src/lib.rs | 45 +++++++++++++++++++ cache_utils/src/bin/frequency_test.rs | 2 +- cache_utils/src/calibration.rs | 1 - cache_utils/src/lib.rs | 1 + covert_channels_evaluation/src/lib.rs | 58 +++---------------------- flush_flush/Cargo.toml | 1 - flush_flush/src/lib.rs | 1 - flush_reload/Cargo.toml | 1 - flush_reload/src/lib.rs | 1 - 14 files changed, 59 insertions(+), 68 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index c4be41b..1fb5c84 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -55,7 +55,6 @@ version = "0.1.0" dependencies = [ "cache_side_channel", "cache_utils", - "covert_channels_evaluation", "nix", ] @@ -102,6 +101,7 @@ dependencies = [ name = "cache_side_channel" version = "0.1.0" dependencies = [ + "bit_field 0.10.1", "nix", ] @@ -195,7 +195,6 @@ dependencies = [ "basic_timing_cache_channel", "cache_side_channel", "cache_utils", - "covert_channels_evaluation", "nix", ] @@ -206,7 +205,6 @@ dependencies = [ "basic_timing_cache_channel", "cache_side_channel", "cache_utils", - "covert_channels_evaluation", "nix", ] diff --git a/basic_timing_cache_channel/Cargo.toml b/basic_timing_cache_channel/Cargo.toml index bebb16a..9e4eac4 100644 --- a/basic_timing_cache_channel/Cargo.toml +++ b/basic_timing_cache_channel/Cargo.toml @@ -10,4 +10,3 @@ edition = "2018" cache_utils = { path = "../cache_utils" } cache_side_channel = { path = "../cache_side_channel" } nix = "0.20.0" -covert_channels_evaluation = {path = "../covert_channels_evaluation"} diff --git a/basic_timing_cache_channel/src/lib.rs b/basic_timing_cache_channel/src/lib.rs index 3b8486c..dbd5ced 100644 --- a/basic_timing_cache_channel/src/lib.rs +++ b/basic_timing_cache_channel/src/lib.rs @@ -15,8 +15,8 @@ use cache_side_channel::table_side_channel::{ }; use cache_side_channel::SideChannelError::AddressNotReady; use cache_side_channel::{ - CacheStatus, ChannelFatalError, ChannelHandle, CoreSpec, MultipleAddrCacheSideChannel, - SideChannelError, SingleAddrCacheSideChannel, + BitIterator, CacheStatus, ChannelFatalError, ChannelHandle, CoreSpec, CovertChannel, + MultipleAddrCacheSideChannel, SideChannelError, SingleAddrCacheSideChannel, }; use cache_utils::calibration::{ accumulate, calibrate_fixed_freq_2_thread, calibration_result_to_ASVP, @@ -29,7 +29,6 @@ use cache_utils::calibration::{ use cache_utils::complex_addressing::{CacheAttackSlicing, CacheSlicing}; use cache_utils::mmap::MMappedMemory; use cache_utils::{find_core_per_socket, flush, maccess, noop}; -use covert_channels_evaluation::{BitIterator, CovertChannel}; use nix::sched::sched_getaffinity; use nix::sched::CpuSet; use nix::unistd::Pid; diff --git a/basic_timing_cache_channel/src/naive.rs b/basic_timing_cache_channel/src/naive.rs index 922d7ad..2fb2d25 100644 --- a/basic_timing_cache_channel/src/naive.rs +++ b/basic_timing_cache_channel/src/naive.rs @@ -3,12 +3,11 @@ use cache_side_channel::table_side_channel::{ SingleTableCacheSideChannel, TableAttackResult, TableCacheSideChannel, }; use cache_side_channel::{ - CacheStatus, ChannelFatalError, ChannelHandle, CoreSpec, MultipleAddrCacheSideChannel, - SideChannelError, SingleAddrCacheSideChannel, + BitIterator, CacheStatus, ChannelFatalError, ChannelHandle, CoreSpec, CovertChannel, + MultipleAddrCacheSideChannel, SideChannelError, SingleAddrCacheSideChannel, }; use cache_utils::calibration::{get_vpn, only_flush, only_reload, HashMap, Threshold, VPN}; use cache_utils::flush; -use covert_channels_evaluation::{BitIterator, CovertChannel}; use nix::sched::sched_getaffinity; use nix::sched::CpuSet; use nix::unistd::Pid; diff --git a/cache_side_channel/Cargo.toml b/cache_side_channel/Cargo.toml index 59687d8..ccfb2ce 100644 --- a/cache_side_channel/Cargo.toml +++ b/cache_side_channel/Cargo.toml @@ -8,3 +8,4 @@ edition = "2018" [dependencies] nix = "0.20.0" +bit_field = "0.10.1" diff --git a/cache_side_channel/src/lib.rs b/cache_side_channel/src/lib.rs index 60689fd..2501abf 100644 --- a/cache_side_channel/src/lib.rs +++ b/cache_side_channel/src/lib.rs @@ -2,6 +2,7 @@ #![feature(unsafe_block_in_unsafe_fn)] #![deny(unsafe_op_in_unsafe_fn)] +use bit_field::BitField; use nix::sched::{sched_getaffinity, sched_setaffinity, CpuSet}; use nix::unistd::Pid; use std::fmt::Debug; @@ -136,6 +137,50 @@ impl SingleAddrCacheSideChannel for T { } } */ +// From covert_channel_evaluation +pub trait CovertChannel: Send + Sync + CoreSpec + Debug { + type CovertChannelHandle; + const BIT_PER_PAGE: usize; + unsafe fn transmit(&self, handle: &mut Self::CovertChannelHandle, bits: &mut BitIterator); + unsafe fn receive(&self, handle: &mut Self::CovertChannelHandle) -> Vec; + unsafe fn ready_page(&mut self, page: *const u8) -> Result; // TODO Error Type +} + +pub struct BitIterator<'a> { + bytes: &'a Vec, + byte_index: usize, + bit_index: u8, +} + +impl<'a> BitIterator<'a> { + pub fn new(bytes: &'a Vec) -> BitIterator<'a> { + BitIterator { + bytes, + byte_index: 0, + bit_index: 0, + } + } + + pub fn atEnd(&self) -> bool { + self.byte_index >= self.bytes.len() + } +} + +impl Iterator for BitIterator<'_> { + type Item = bool; + + fn next(&mut self) -> Option { + if let Some(b) = self.bytes.get(self.byte_index) { + let r = (b >> (u8::BIT_LENGTH - 1 - self.bit_index as usize)) & 1 != 0; + self.bit_index += 1; + self.byte_index += self.bit_index as usize / u8::BIT_LENGTH; + self.bit_index = self.bit_index % u8::BIT_LENGTH as u8; + Some(r) + } else { + None + } + } +} #[cfg(test)] mod tests { diff --git a/cache_utils/src/bin/frequency_test.rs b/cache_utils/src/bin/frequency_test.rs index 8cf347e..002351b 100644 --- a/cache_utils/src/bin/frequency_test.rs +++ b/cache_utils/src/bin/frequency_test.rs @@ -2,10 +2,10 @@ use cache_utils::frequency::get_freq_cpufreq_kernel; use cache_utils::rdtsc_fence; +use core::time::Duration; use libc::sched_getcpu; use nix::sched::{sched_setaffinity, CpuSet}; use nix::unistd::Pid; -use static_assertions::_core::time::Duration; use std::thread::sleep; use std::time::Instant; diff --git a/cache_utils/src/calibration.rs b/cache_utils/src/calibration.rs index 7dc3e45..2fc39bb 100644 --- a/cache_utils/src/calibration.rs +++ b/cache_utils/src/calibration.rs @@ -18,7 +18,6 @@ use alloc::vec; use alloc::vec::Vec; use core::cmp::min; use itertools::Itertools; - use core::hash::Hash; use core::ops::{Add, AddAssign}; #[cfg(feature = "no_std")] diff --git a/cache_utils/src/lib.rs b/cache_utils/src/lib.rs index d892938..ea67d4a 100644 --- a/cache_utils/src/lib.rs +++ b/cache_utils/src/lib.rs @@ -19,6 +19,7 @@ assert_cfg!( ); pub mod cache_info; +mod calibrate_2t; pub mod calibration; pub mod complex_addressing; #[cfg(feature = "use_std")] diff --git a/covert_channels_evaluation/src/lib.rs b/covert_channels_evaluation/src/lib.rs index c1881d7..851d746 100644 --- a/covert_channels_evaluation/src/lib.rs +++ b/covert_channels_evaluation/src/lib.rs @@ -1,4 +1,3 @@ -#![feature(unsafe_block_in_unsafe_fn)] #![deny(unsafe_op_in_unsafe_fn)] use turn_lock::TurnHandle; @@ -13,20 +12,18 @@ const PAGE_SIZE: usize = 1 << 12; // FIXME Magic // Each page has 1<<12 bytes / 1<<6 bytes per line, hence 64 lines (or 6 bits of info). // General structure : two threads, a transmitter and a reciever. Transmitter generates bytes, Reciever reads bytes, then on join compare results for accuracy. -// Alos time in order to determine duration, in rdtsc and seconds. +// Also time in order to determine duration, in rdtsc and seconds. use bit_field::BitField; -use cache_side_channel::{restore_affinity, set_affinity, CoreSpec}; +use cache_side_channel::{restore_affinity, set_affinity, BitIterator}; use cache_utils::mmap::MMappedMemory; use cache_utils::rdtsc_fence; -use nix::sched::sched_getaffinity; -use nix::unistd::Pid; -use std::any::Any; use std::collections::VecDeque; use std::fmt::Debug; use std::sync::Arc; use std::thread; +pub use cache_side_channel::CovertChannel; /* TODO : replace page with a handle type, require exclusive handle access, Handle protected by the turn lock @@ -34,13 +31,6 @@ use std::thread; /** * Safety considerations : Not ensure thread safety, need proper locking as needed. */ -pub trait CovertChannel: Send + Sync + CoreSpec + Debug { - type CovertChannelHandle; - const BIT_PER_PAGE: usize; - unsafe fn transmit(&self, handle: &mut Self::CovertChannelHandle, bits: &mut BitIterator); - unsafe fn receive(&self, handle: &mut Self::CovertChannelHandle) -> Vec; - unsafe fn ready_page(&mut self, page: *const u8) -> Result; // TODO Error Type -} #[derive(Debug)] pub struct CovertChannelBenchmarkResult { @@ -81,42 +71,6 @@ impl CovertChannelBenchmarkResult { } } -pub struct BitIterator<'a> { - bytes: &'a Vec, - byte_index: usize, - bit_index: u8, -} - -impl<'a> BitIterator<'a> { - pub fn new(bytes: &'a Vec) -> BitIterator<'a> { - BitIterator { - bytes, - byte_index: 0, - bit_index: 0, - } - } - - pub fn atEnd(&self) -> bool { - self.byte_index >= self.bytes.len() - } -} - -impl Iterator for BitIterator<'_> { - type Item = bool; - - fn next(&mut self) -> Option { - if let Some(b) = self.bytes.get(self.byte_index) { - let r = (b >> (u8::BIT_LENGTH - 1 - self.bit_index as usize)) & 1 != 0; - self.bit_index += 1; - self.byte_index += self.bit_index as usize / u8::BIT_LENGTH; - self.bit_index = self.bit_index % u8::BIT_LENGTH as u8; - Some(r) - } else { - None - } - } -} - struct CovertChannelParams { handles: Vec>, covert_channel: Arc, @@ -165,7 +119,7 @@ pub fn benchmark_channel( let old_affinity = set_affinity(&channel.main_core()).unwrap(); let size = num_pages * PAGE_SIZE; - let mut m = MMappedMemory::new(size, false, false, |i| (i / PAGE_SIZE) as u8); + let m = MMappedMemory::new(size, false, false, |i| (i / PAGE_SIZE) as u8); let mut receiver_turn_handles = Vec::new(); let mut transmit_turn_handles = Vec::new(); @@ -197,7 +151,7 @@ pub fn benchmark_channel( while received_bytes.len() < num_bytes { for handle in receiver_turn_handles.iter_mut() { let mut page = handle.wait(); - let mut bits = unsafe { covert_channel_arc.receive(&mut *page) }; + let bits = unsafe { covert_channel_arc.receive(&mut *page) }; handle.next(); received_bits.extend(&mut bits.iter()); while received_bits.len() >= u8::BIT_LENGTH { @@ -222,7 +176,7 @@ pub fn benchmark_channel( let r = helper.join(); let (start, start_time, sent_bytes) = match r { Ok(r) => r, - Err(e) => panic!("Join Error: {:?#}"), + Err(e) => panic!("Join Error: {:#?}", e), }; assert_eq!(sent_bytes.len(), received_bytes.len()); assert_eq!(num_bytes, received_bytes.len()); diff --git a/flush_flush/Cargo.toml b/flush_flush/Cargo.toml index 21cb14b..664eab6 100644 --- a/flush_flush/Cargo.toml +++ b/flush_flush/Cargo.toml @@ -10,5 +10,4 @@ edition = "2018" cache_utils = { path = "../cache_utils" } cache_side_channel = { path = "../cache_side_channel" } nix = "0.20.0" -covert_channels_evaluation = {path = "../covert_channels_evaluation"} basic_timing_cache_channel = { path = "../basic_timing_cache_channel" } diff --git a/flush_flush/src/lib.rs b/flush_flush/src/lib.rs index e563f00..8ff2430 100644 --- a/flush_flush/src/lib.rs +++ b/flush_flush/src/lib.rs @@ -1,4 +1,3 @@ -#![feature(unsafe_block_in_unsafe_fn)] #![deny(unsafe_op_in_unsafe_fn)] pub mod naive; diff --git a/flush_reload/Cargo.toml b/flush_reload/Cargo.toml index b3e072d..92c54ca 100644 --- a/flush_reload/Cargo.toml +++ b/flush_reload/Cargo.toml @@ -9,6 +9,5 @@ edition = "2018" [dependencies] cache_utils = { path = "../cache_utils" } cache_side_channel = { path = "../cache_side_channel" } -covert_channels_evaluation = {path = "../covert_channels_evaluation"} nix = "0.20.0" basic_timing_cache_channel = { path = "../basic_timing_cache_channel" } diff --git a/flush_reload/src/lib.rs b/flush_reload/src/lib.rs index 987b880..5ad748b 100644 --- a/flush_reload/src/lib.rs +++ b/flush_reload/src/lib.rs @@ -1,4 +1,3 @@ -#![feature(unsafe_block_in_unsafe_fn)] #![deny(unsafe_op_in_unsafe_fn)] pub mod naive;