Skip to content

comsec-group/stackengine

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
assets
assets
 
 
buildscripts
buildscripts
 
 
depends
depends
 
 
.gitlab-ci.yml
.gitlab-ci.yml
 
 
README.md
README.md
 
 
build.sh
build.sh
 
 
setup.sh
setup.sh
 
 

Repository files navigation

StackEngine (MICRO 2025) Artifact builder

This repository contains the code to build artifacts. The artifacts are also contained in this directory, but full (built) releases are published with the DOI 10.5281/zenodo.16733968.

Paper

This repository contains code to build the artifacts for our paper One Flew over the Stack Engine’s Nest: Practical Microarchitectural Attacks on the Stack Engine which appears in MICRO 2025. If you simply want to test the artifacts, you might be interested in the provided builds on zenodo instead.

Structure

The directory structure is as follows:

assets/                         # Scripts provided directly in this repository to compile, install, and run the examples
    - native       
    - docker
    - test
    - systemd-container
depends/                        # Contains submodules to take code from
    - 
builds/
    - native                    # Collection of native files
    - docker                    # Build files for docker
buildscripts/                   # Build scripts
    - native.sh                 # 
    - docker.sh                 #
    - systemd-container.sh      #
    - test.sh                   # "Virtual" build script, actually installs locally. Do not use outside of throw-away environments
build.sh             # Script to trigger build for different targets
setup.sh             # Script to run the setup code

Output structures

native

The native output simply contains all targets, a script to install the dependencies and run them

docker

Depends on native, builds a docker image

test

Depends on native, builds immediately. This is for use within a container during testing, e.g. when using gitlab-ci

systemd-container

Depends on docker, builds an image and script for using systemd-nspawn to run a fakeroot-style environment containing fixed-version libraries

Building

Run bash setup.sh to initialize the environment to be ready for building the targets. Then, run bash build.sh [--clean] [native] [docker] [test] [systemd-container] [--run]. Note that the targets are built in the order specified.

  • --clean: Remove outputs before building the target. Only removes the targets specified on the command line
  • --run: Run immediately after. Not all targets provide this option
  • --bundle-internal: Create an image containing a cpu2017.iso. This is only for internal use due to licensing.
  • --bundle-external: Create the image as shared on zenodo

For a complete build, please run: bash build.sh --clean native docker systemd-container --bundle-external Note that --clean will ensure that all prior versions are deleted first, and --bundle-external creates a single-file archive from the systemd-container.

Citing

Please cite as follows:

@inproceedings{niederer_stackengine_2025,
	title = {{One Flew over the Stack Engine’s Nest: Practical Microarchitectural Attacks on the Stack Engine}},
	url = {Paper=https://comsec-files.ethz.ch/papers/stackengine_micro25.pdf URL=https://comsec.ethz.ch/stackengine},
	booktitle = {{MICRO}},
	author = {Niederer, Silvan and Rüegge, Sandro and Hajiabadi, Ali and Razavi, Kaveh},
	month = oct,
	year = {2025},
	keywords = {dir\_microarch, proj\_promise, type\_tier1}
}

About

Artifacts for the stackengine paper

Resources

Readme
Activity
Custom properties

Stars

3 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages