search

pietroborrello / constantine

Constantine is a compiler-based system to automatically harden programs against microarchitectural side channels
Apache License 2.0
67 stars 13 forks source link

frequency of the tainted instructions #5

Open yswntht opened 1 year ago

yswntht commented 1 year ago

Hi @pietroborrello ,

Thank you for making the project open source. I'm able to setup Constantine and try the examples that are provided along. For my purpose, I'm trying to get the frequency of tainted instruction. I see that dft.log has list of all tainted instructions. To compute number of times each tainted instruction appear dynamically in a application run (chronos/aes.c), I tried to run aes.dft.out in gem5 (x86 SE mode) and dump execution trace. Later, I want to count the occurrence of each tainted institutions from the execution trace of gem5. However, aes.dft.out failed to complete in gem5 even after 5 hours. native execution works fine, ./aes.dft.out < aes_samples.txt. gem5 is also fine. aes.o completes normal in gem5, complied with gcc)

few web searches suggests that aes.dft.out might be dynamically linking glibc which is causing issue with gem5 runs. to fix this I tried to run ./constantine -O1 /root/constantine/src/apps/issta2018-benchmarks-wu/examples/chronos/aes.c -o main.o adding -static flag at linking stage as follows, so that it could fix dynamic linking libraries issue in gem5. cc_exec(f'{LDFLAGS} -fno-exceptions -static -fsanitize=dataflow -o {name}.dft.out -ldl {name}.final.o {dir_path}/lib/dft/dft.o').

But now I see a different issue while running constantine. 

/usr/bin/ld: /root/constantine/src/llvm-9/llvm-objects/lib/clang/9.0.1/lib/linux/libclang_rt.dfsan-x86_64.a(dfsan_custom.cc.o): in function `__dfsw_dlopen':
/root/constantine/src/llvm-9/compiler-rt/lib/dfsan/dfsan_custom.cc:345: warning: Using 'dlopen' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
/usr/bin/ld: /root/constantine/src/llvm-9/llvm-objects/lib/clang/9.0.1/lib/linux/libclang_rt.dfsan-x86_64.a(dfsan_custom.cc.o): in function `__dfsw_getpwuid_r':
/root/constantine/src/llvm-9/compiler-rt/lib/dfsan/dfsan_custom.cc:665: warning: Using 'getpwuid_r' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
/root/constantine/src/apps/issta2018-benchmarks-wu/examples/chronos/aes.dft.out  < aes_samples.txt 
Segmentation fault (core dumped)

any suggestions on how to fix this? or Any work around that you could think of to compute the occurrences of each tainted instruction in application is helpful.

Thanks.

pietroborrello commented 1 year ago

Hello, if I understand correctly what you want you can already find this information in the dft.raw file that gets produced (and then removed but you can comment it out). dft.log is obtained by sorting and removing the duplicates from dft.raw. See:

https://github.com/pietroborrello/constantine/blob/d68557562a23d166661d238d6d1f3bf908e0f8f8/src/constantine.py#L284

There you will find the list of all the tainted/non-tainted instructions dynamically executed