To appear in EuroS&P 2020 workshops.
Please refer the paper for more details and explanation of all experiments.
All programs can be simply compiled with gcc : gcc file.c -o file
Before running the code, there are several things that must be done to create an ideal noise-free system.
-
Isolate one physical core from all processes. This can be done by adding the isolcpus kernel parameter in you grub file. Update your grub config and reboot.
-
You'll also need to install msr-tools for linux in order to read/write to the model-specific registers for controlling the prefetchers. Running the script
prerun.shwill disable all but the stream prefetcher for the first physical core (Edit it according to you isolated core number) -
For consistent rdtsc measurements:
- Fix cpu-frequency for isolated core to max. Link
- Don't reboot between readings
For specific programs (assuming first physical core is isolated):
- taskset 0x1 <huge_page_binary> <hit/miss threshold is cycles></trigger line number>
taskset 0x1 ./huge_page 150 60
- taskset 0x1 <rev_eng_experiments_bin> <hit/miss threshold is cycles> <attack/training stream on(1)/off(0)>
taskset 0x1 ./rev_eng_experiments 150 1
- taskset 0x1 <tream_table_size_bin> <hit/miss threshold is cycles>
taskset 0x1 ./stream_table_size 150
- For covert-channel:
- taskset 0x1 ./recv <hit/miss threshold is cycles> </test line for received bit>
taskset 0x1 ./recv 150 4
taskset 0x1 ./sender
- taskset 0x1 ./recv <hit/miss threshold is cycles> </test line for received bit>
You can find out the hit/miss threshold using this calibration tool. Please refer the paper for more details and explanation of all experiments.