{"id":20009894,"url":"https://github.com/plsyssec/swivel","last_synced_at":"2025-03-02T01:44:29.053Z","repository":{"id":67409933,"uuid":"238152030","full_name":"PLSysSec/swivel","owner":"PLSysSec","description":null,"archived":false,"fork":false,"pushed_at":"2023-10-09T19:19:27.000Z","size":20179,"stargazers_count":16,"open_issues_count":0,"forks_count":3,"subscribers_count":12,"default_branch":"master","last_synced_at":"2025-01-12T14:37:55.996Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"HTML","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/PLSysSec.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null}},"created_at":"2020-02-04T07:53:22.000Z","updated_at":"2024-03-29T00:25:50.000Z","dependencies_parsed_at":"2023-06-11T01:15:29.587Z","dependency_job_id":null,"html_url":"https://github.com/PLSysSec/swivel","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/PLSysSec%2Fswivel","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/PLSysSec%2Fswivel/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/PLSysSec%2Fswivel/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/PLSysSec%2Fswivel/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/PLSysSec","download_url":"https://codeload.github.com/PLSysSec/swivel/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":241447524,"owners_count":19964314,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-13T07:17:24.049Z","updated_at":"2025-03-02T01:44:29.032Z","avatar_url":"https://github.com/PLSysSec.png","language":"HTML","funding_links":[],"categories":[],"sub_categories":[],"readme":"# SpectreSandboxing\n\nThis is the top level repo for the paper [Swivel: Hardening WebAssembly against Spectre](https://www.usenix.org/conference/usenixsecurity21/presentation/narayan) published at USENIX 2021\nin which we demonstrate protecting Wasm code from Spectre attacks.\n\nThis repo will download and build all tools used in the paper, such as modified compilers, and benchmarks.\n\n**Note** - this repo contains code used in our research prototypes. This is **not production ready**. \n\n## Build Instructions\n\n**Requirements** - This repo has been tested on Ubuntu 20.04.2 LTS (recommended) and 64-bit Fedora 32 with the 5.7.0 Linux kernel.\n\n**Note** - Do not use an existing machine. Use a fresh VM or machine.\n\nTo download all the dependencies of the repo, run\n\n```bash\n# Need make to run the scripts\nsudo apt-get install make\n# This installs required packages on the system.\n# Only need to run once per system.\nmake bootstrap\n# load the changes\nsource ~/.profile\n```\n\nTo build the code, run\n\n```bash\nmake build\n```\n\nNote that this builds several compilers (rust, several versions of lucet etc.)\nso this will take a while.\n\n## Software being built by this repo\n\n**[rustc-cet](https://github.com/PLSysSec/rustc-cet.git)** - Our modified version of rust compiler that supports CET.\n\n**[rust_libloading_aslr](https://github.com/PLSysSec/rust_libloading_aslr.git)** - A modified version of a rust package that allows us to customize library loading.\n\n**[lucet-spectre](https://github.com/PLSysSec/lucet-spectre.git)** - Our modified and hardened version of lucet that provides compile flags that allow various Spectre hardenings.\n\n**[lucet-spectre-repro](https://github.com/PLSysSec/lucet-spectre/tree/more-wasi-primitives)** - A modified version of lucet that simplifies our proof-of-concept demos showing Spectre vulnerabilities in Wasm. These modifications expose primitives like cache flushing or timer instructions. These are simply for the purpose of proof-of-concepts. In practice, these primitives are not necessary and can be effectively simulated purely in software.\n\n**[sfi-spectre-testing](https://github.com/PLSysSec/sfi-spectre-testing.git)** - Our repo with several tests, benchmarks graphing scripts etc.\n\n**[btbflush-module](https://github.com/PLSysSec/btbflush-module.git)** - A kernel module that allows userspace use of BTB flushing.\n\n**[sfispectre_webserver](https://github.com/PLSysSec/sfispectre_webserver.git)** - Our macrobenchmark of Wasm web services that measures the overhead of using Swivel.\n\n**[safeside](https://github.com/PLSysSec/safeside.git)** - Our modifications of safeside to show that Spectre proof-of-concepts of PHT and RSB work in Wasm also.\n\n**[swivel-btb-exploit](https://github.com/PLSysSec/swivel-btb-exploit.git)** - Our hand written proof-of-concept that shows BTB Spectre attacks work in Wasm.\n\n## Running benchmarks/proof-of-concepts\n\nMake sure to first follow the steps to build all code by following the instructions above.\n\n**Note** - proof of concepts exploits have been tested on baremetal Skylake 6700K. Use of VMs or other CPUs may introduce some britleness in the POCs.\n\nThe transitions micro benchmark can be run with the command\n\n```bash\nmake run_transitions_benchmark\n```\n\nThe sightglass benchmarks can be run with the command\n\n```bash\nmake run_sightglass\n```\n\nMacro benchmark of Wasm web services are split into 2 parts: the machine learning benchmark, everything else.\n\nTo run the machine learning macro benchmark, run\n\n```bash\nmake run_macro_benchmark_except_tflite\n```\n\nTo run the remainder of macro benchmark\n\n```bash\nmake run_macro_benchmark_tflite\n```\n\nTo run each of the proof of concept exploits you can run the following commands\n\n```bash\nmake run_pht_breakout_repro # Will print \"Leaking the string: It's a s3kr3t!!!\\nDone!\"\nmake run_btb_poison_repro # Runs in gdb. Will print an infinite \"SSS...\".\nmake run_rsb_poison_repro # Will print \"Leaking the string: It's a s3kr3t!!!\\nDone!\"\nmake run_btb_breakout_repro # Runs in gdb. \n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fplsyssec%2Fswivel","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fplsyssec%2Fswivel","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fplsyssec%2Fswivel/lists"}