Skip to content
/ obelix Public
forked from llvm/llvm-project

Proof-of-concept implementation of the Obelix software hardening framework, based on LLVM.

License

Notifications You must be signed in to change notification settings

UzL-ITS/obelix

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Obelix: Mitigating Side-Channels Through Dynamic Obfuscation

This repository contains the proof-of-concept implementation of the Obelix software hardening framework, to appear at IEEE S&P 2024.

Obelix works as follows: When linking a library, the LLVM compiler extension scans for clang::obelix attributes. All such annotated functions are copied and then traversed to propagate the attribute to their callees, which are copied as well, recursively (ObelixCallGraphTraversal pass). A machine pass builds instruction profiles for the annotated functions (X86ObelixCodeAnalysis pass). The compiler then needs a second invocation, which loads the latency profiles from the first invocation and builds code block patterns for each call tree (ObelixGeneratePattern pass). Finally, the machine code is split into uniform code blocks (X86ObelixCodeSplitPass pass) and linked against the Obelix runtime). Calls to Obelix-protected functions are automatically adjusted by the ObelixRewriteCalls pass.

For usage examples, check out the examples/small/ directory, which contains two minimal examples. In the following, we outline the steps needed for compiling Obelix and applying it to the minimal examples.

Building the compiler

The instructions for building LLVM apply. In the following, we give the commands which we used on our test machine (Ubuntu 22.04, CMake 3.22.1 with Ccache, Ninja 1.10.1, GCC 11.4.0).

Setup build system:

mkdir obelix-build
cmake llvm/ \
    -B obelix-build \
    -G Ninja \
    -DLLVM_ENABLE_PROJECTS="clang;lld;compiler-rt" \
    -DLLVM_TARGETS_TO_BUILD=X86 \
    -DCMAKE_BUILD_TYPE=Release \
    -DLLVM_ENABLE_ASSERTIONS=true \
    -DLLVM_CCACHE_BUILD=true \
    -DLLVM_USE_LINKER=lld \
    -DBUILD_SHARED_LIBS=true \
    -DCOMPILER_RT_BUILD_LIBFUZZER=false

Build:

cmake --build obelix-build -j

Compiling the small examples

After the compiler was successfully built, the examples can be compiled simply through

cd examples/small/
make all

This will build all Obelix variants. You can test them by calling (for example)

LD_LIBRARY_PATH=./bin bin/matmul-40

Expected output (annotated with explanations):

Time:         2 ms ->     0.026 us / round      <-- Original runtime
Result:                                         <-- Original result
10 10 10 10 
20 20 20 20 
30 30 30 30 
40 40 40 40 

-------------------------
Time:      1512 ms ->    15.130 us / round      <-- Protected runtime
  ---> Overhead: 592.9                          <-- Multiplicative overhead
100000 2552 1512979 592.9                       <-- Encoded measurement results
Result:                                         <-- Protected result
10 10 10 10 
20 20 20 20 
30 30 30 30 
40 40 40 40 

Paper

For an extended description of the framework, please refer to our paper:

Jan Wichelmann, Anja Rabich, Anna Pätschke and Thomas Eisenbarth. 2024. Obelix: Mitigating Side-Channels Through Dynamic Obfuscation. In 2024 IEEE Symposium on Security and Privacy (S&P '24). [Link] [DOI]

License

The project is based on LLVM and subject to the same license.

About

Proof-of-concept implementation of the Obelix software hardening framework, based on LLVM.

Resources

License

Security policy

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published