How to verify if the Spectre Mitigation flag used in Visual Studio 2017 works for C++?

柔情痞子 提交于 2020-06-28 04:15:06

问题


I want to see how the spectre mitigation flag solved a problem to convince my team that we need to add this flag to our large code base for upcoming projects.

I am searching for sample projects that have a spectre vulnerability and is resolved by adding a spectre mitigation flag introduced last week in Visual Studio 2017.

Can some one please help me in putting across a POC to demo to my larger team as to how the recently added support from Microsoft in Visual Studio overcomes the problem?

Here is latest release notes from Microsoft for VS 2017.

Edite to question: August 23 2018

In the pursuit for an answer, I tried the following code form microsoft Spectre Mitigation page:

#include "stdafx.h"
int G, G1, G2;

__forceinline
int * bar(int **p, int i)
{
    return p[i];
}

__forceinline
void bar1(int ** p, int i)
{
    if (i < G1) {
        auto x = p[i]; // mitigation here
        G = *x;
    }
}

__forceinline
void foo(int * p)
{
    G = *p;
}

void baz(int ** p, int i)
{
    if (i < G1) {
        foo(bar(p, i + G2));
    }
    bar1(p, i);
}

int main()
{
    return 0;
}

When I compile the code with the spectre mitigation flag enabled:

Project Properties > Configuration Properties > C/C++ > Spectre Mitigation > Enabled

Three additional changes also need to be done to incorporate this change:

  1. Change from /Od to /O2 in Optimization

Project Properties > Configuration Properties > C/C++ > Optimization > /O2

  1. Basic Run time Checks to Default

Project Properties > Configuration Properties > C/C++ > Code Generation > Basic Run time Checks > Default

  1. Added VC library directory to Linker path

Project Properties > Configuration Properties > Linker > General > Additional Library Directories > C:\Program Files (x86)\Microsoft Visual Studio\2017\Enterprise\VC\Tools\MSVC\14.15.26726\lib\x86

Note: instead of hardcoding the path like this

C:\Program Files (x86)\Microsoft Visual Studio\2017\Enterprise\VC\Tools\MSVC\14.15.26726\lib\x86

, you can use a Visual studio variable like this:

$(VCToolsInstallDir)\lib\x86\

I get the following Output:

C:\Program Files (x86)\Microsoft Visual Studio\2017\Enterprise\Common7\IDE\VC\VCTargets\Microsoft.CppBuild.targets(402,5): warning MSB8038: Spectre mitigation is enabled but Spectre mitigated libraries are not found. Verify that the Visual Studio Workload includes the Spectre mitigated libraries. See https://aka.ms/Ofhn4c for more information.

I don't know what to do at this point. I get an output executable, but I want the Spectre mitigation feature to be testable. Please help me.


回答1:


I modified VS 2017 Installer and compared my installation against the default selected items from the Microsoft page for Spectre Mitigation.

I had failed to notice the Individual Components Tab. In the tab I had missed some important dependencies, (thanks to @Retired Ninja). After installing that, the message stopped appearing in the build for spectre mitigation example.

However, I am still looking for a more concrete use case.




回答2:


the following article has an interesting discussion around the Spectre family of vulnerabilities, and provides sample code to test Visual Studio's mitigation techniques. Perhaps you can use some of this code to put together a concrete example (exploitation might be rather hard though).

https://www.paulkocher.com/doc/MicrosoftCompilerSpectreMitigation.html



来源:https://stackoverflow.com/questions/51941573/how-to-verify-if-the-spectre-mitigation-flag-used-in-visual-studio-2017-works-fo

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!