search

cwfletcher / stt

BSD 3-Clause "New" or "Revised" License
34 stars 11 forks source link

how to only block memory hierachy covert channel #8

Open bwtang opened 3 years ago

bwtang commented 3 years ago

Hello! I want to modify the code to only block the attacks using memory hierachy as the covert channel. So I modify the function "BaseDynInst::readyToIssue_UT()" in base_dyn_impl.hh. Is that correct to achieve my prospect?

/*** [Jiyong,STT] ***/
template <class Impl>
bool
BaseDynInst<Impl>::readyToIssue_UT() const
{
    bool ret = status[CanIssue];
    if (cpu->moreTransmitInsts == 1) {
        // consider int div and fp div
        if (opClass() == IntDivOp   ||
            opClass() == FloatDivOp ||
            opClass() == FloatSqrtOp)
            ret = ret && (!instFlags[IsArgsTainted]);
    }
    else if (cpu->moreTransmitInsts == 2) {
        if (opClass() == IntDivOp ||
            isFloating())
            ret = ret && (!instFlags[IsArgsTainted]);
    }
    // block memory hierachy covert channel >>>
    else if (cpu->moreTransmitInsts == 3) {
        if (this->isMemRef())
            ret = ret && (!instFlags[IsArgsTainted]);
    }
    // <<<
    else {
        assert (0);
    }
    return ret;
}

In addition, I wonder why the original code for dealing with different "moreTransmitInsts" values (1 & 2) does not include the memory instructions.

bwtang commented 3 years ago

I have tested the modified code on SPEC 2006 benchmarks and found that it has a higher runtime overhead (2%). I read your original code and cannot find the logic to delay the tainted ld/st instructions.