init

Author: fabian-thomas

.envrc

@@ -0,0 +1 @@
+use flake

.gitattributes

@@ -0,0 +1,13 @@
+*.png filter=lfs diff=lfs merge=lfs -text
+*.svg filter=lfs diff=lfs merge=lfs -text
+*.json filter=lfs diff=lfs merge=lfs -text
+*.ico filter=lfs diff=lfs merge=lfs -text
+*.pdf filter=lfs diff=lfs merge=lfs -text
+*.jpeg filter=lfs diff=lfs merge=lfs -text
+*.mp3 filter=lfs diff=lfs merge=lfs -text
+*.flac filter=lfs diff=lfs merge=lfs -text
+*.opus filter=lfs diff=lfs merge=lfs -text
+*.mkv filter=lfs diff=lfs merge=lfs -text
+*.gif filter=lfs diff=lfs merge=lfs -text
+*.mp4 filter=lfs diff=lfs merge=lfs -text
+*.jpg filter=lfs diff=lfs merge=lfs -text

.github/workflows/hugo.yml

@@ -0,0 +1,74 @@
+# Sample workflow for building and deploying a Hugo site to GitHub Pages
+name: Deploy Hugo site to Pages
+
+on:
+  # Runs on pushes targeting the default branch
+  push:
+    branches: ["main"]
+
+  # Allows you to run this workflow manually from the Actions tab
+  workflow_dispatch:
+
+# Sets permissions of the GITHUB_TOKEN to allow deployment to GitHub Pages
+permissions:
+  contents: read
+  pages: write
+  id-token: write
+
+# Allow only one concurrent deployment, skipping runs queued between the run in-progress and latest queued.
+# However, do NOT cancel in-progress runs as we want to allow these production deployments to complete.
+concurrency:
+  group: "pages"
+  cancel-in-progress: false
+
+# Default to bash
+defaults:
+  run:
+    shell: bash
+
+jobs:
+  # Build job
+  build:
+    runs-on: ubuntu-latest
+    env:
+      HUGO_VERSION: 0.128.0
+    steps:
+      - name: Install Hugo CLI
+        run: |
+          wget -O ${{ runner.temp }}/hugo.deb https://github.com/gohugoio/hugo/releases/download/v${HUGO_VERSION}/hugo_extended_${HUGO_VERSION}_linux-amd64.deb \
+          && sudo dpkg -i ${{ runner.temp }}/hugo.deb
+      - name: Install Dart Sass
+        run: sudo snap install dart-sass
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          submodules: recursive
+      - name: Setup Pages
+        id: pages
+        uses: actions/configure-pages@v5
+      - name: Install Node.js dependencies
+        run: "[[ -f package-lock.json || -f npm-shrinkwrap.json ]] && npm ci || true"
+      - name: Build with Hugo
+        env:
+          HUGO_CACHEDIR: ${{ runner.temp }}/hugo_cache
+          HUGO_ENVIRONMENT: production
+        run: |
+          hugo \
+            --minify \
+            --baseURL "${{ steps.pages.outputs.base_url }}/"
+      - name: Upload artifact
+        uses: actions/upload-pages-artifact@v3
+        with:
+          path: ./public
+
+  # Deployment job
+  deploy:
+    environment:
+      name: github-pages
+      url: ${{ steps.deployment.outputs.page_url }}
+    runs-on: ubuntu-latest
+    needs: build
+    steps:
+      - name: Deploy to GitHub Pages
+        id: deployment
+        uses: actions/deploy-pages@v4

.gitignore

@@ -0,0 +1,4 @@
+public
+.hugo_build.lock
+.direnv
+.DS_Store

.gitmodules

@@ -0,0 +1,3 @@
+[submodule "themes/papersite-template"]
+	path = themes/papersite-template
+	url = [email protected]:papers/riscv_difffuzz/ghostwrite-papersite-template.git

README.md

@@ -0,0 +1,14 @@
+## Serving the website
+
+``` sh
+# Serve directly if you have hugo installed
+hugo serve
+# Serve with the nix-pinned hugo version
+nix run
+```
+
+## Generating the favicon
+
+``` sh
+nix-shell -p imagemagick --run 'magick -density 300 -define icon:auto-resize=256,128,96,64,48,32,16 -background none static/ghostwrite-no-text.svg static/favicon.ico'
+```

archetypes/default.md

@@ -0,0 +1,5 @@
++++
+title = '{{ replace .File.ContentBaseName "-" " " | title }}'
+date = {{ .Date }}
+draft = true
++++

assets/css/.gitkeep

@@ -0,0 +1,139 @@
+@font-face {
+  font-family: "Montserrat";
+  font-weight: 300;
+  font-display: swap;
+  font-style: normal;
+  font-named-instance: "Light";
+  src: url(/fonts/Montserrat-Light.ttf) format("truetype");
+}
+
+@font-face {
+  font-family: "Montserrat";
+  font-weight: 300;
+  font-display: swap;
+  font-style: normal;
+  font-named-instance: "Light";
+  src: url(/fonts/Montserrat-Light.ttf) format("truetype");
+}
+
+@font-face {
+  font-family: "Montserrat";
+  font-weight: 400;
+  font-display: swap;
+  font-style: normal;
+  font-named-instance: "Regular";
+  src: url(/fonts/Montserrat-Regular.ttf) format("truetype");
+}
+
+@font-face {
+  font-family: "Montserrat";
+  font-weight: 500;
+  font-display: swap;
+  font-style: normal;
+  font-named-instance: "Medium";
+  src: url(/fonts/Montserrat-Medium.ttf) format("truetype");
+}
+
+@font-face {
+  font-family: "Montserrat";
+  font-weight: 600;
+  font-display: swap;
+  font-style: normal;
+  font-named-instance: "SemiBold";
+  src: url(/fonts/Montserrat-SemiBold.ttf) format("truetype");
+}
+
+@font-face {
+  font-family: "Montserrat";
+  font-weight: 700;
+  font-display: swap;
+  font-style: normal;
+  font-named-instance: "Bold";
+  src: url(/fonts/Montserrat-Bold.ttf) format("truetype");
+}
+
+@font-face {
+  font-family: "Montserrat";
+  font-weight: 800;
+  font-display: swap;
+  font-style: normal;
+  font-named-instance: "ExtraBold";
+  src: url(/fonts/Montserrat-ExtraBold.ttf) format("truetype");
+}
+
+:root {
+  --text: #1c1c1c;
+  --background: #f5f5f5;
+  --primary: #283272;
+  --secondary: #f5b21b;
+  --accent: #756783;
+  --success: #00c458;
+  --error: #eb1c50;
+  --danger: #ff653f;
+
+  --link: #f5b21b;
+  --link-visited: #f5b21b;
+
+  --nav-text: #f5f5f5;
+  --nav-active: #f5b21b;
+  --nav-background: #292929;
+
+  --accordion: #f5b21b;
+  --accordion-dark: #f5b21b;
+  --accordion-content-dark: #2b2b2b;
+  --accordion-content: #ffffff;
+  --accordion-active: #fac341;
+  --accordion-divider: #1c1c1c;
+  --accordion-divider-dark: #ca9313;
+  --subtitle: #2b2b2b;
+  --subtitle-dark: #a0a0a0;
+  --button-border: #f5b21b;
+  --button-background: #f5b21b;
+  --button-background-hover: #f5b41b90;
+  --button-active: #00509b;
+  --button-outline-background-hover: #f5b41b52;
+  --dialog-border: #f5b21b;
+  --dialog-text-border: #f5b21b;
+}
+
+#headline {
+  font-family: "Impact", sans-serif;
+  color: var(--primary);
+  word-break: break-word;
+}
+
+#headline > span {
+  word-break: keep-all;
+}
+
+.accordion-active, .accordion.accordion-last {
+  --accordion-divider-dark: var(--accordion);
+}
+
+body,
+button {
+  font-family: "Montserrat", sans-serif;
+}
+
+/* https://codepen.io/sosuke/pen/Pjoqqp?__cf_chl_jschl_tk__=ecc0b72797ae71bc009d6322e3e470773936b386-1604211766-0-ASpz720gXnc6Ej0vzlgY9-KLmlPkldgcOx1wAmGTUCjLZLOxkArNxpRzZ9m8woL-NGmP9LBGVPws8UxMJZrR7O1qFH6QkKtrGVPw6StRnXiK1XTQR_nY905r0XobAG2nOmyC6Zq8mdyPDp1MyHD7JLodJUXCRViXhtmLmRVE_-JGarVJRlxs6k3DzAOQQEJewfp00DjhlD0mxr8ZKpk2yq6IPTZZQ52XYxh26FC5MxLHhs7LuAwhtolmDZyp4_IuwRg8I5m-2--MmvGE8CCqjRWrkE85zgkMXPlOqcZtppRpZhn6Uz9DZAuKheHwVBb0ySIhFYG92bvQOgiKX0TTswB1SHgOLIeqktuyUaAgxI_h */
+.iconadjusted {
+  filter: invert(57%) sepia(61%) saturate(2399%) hue-rotate(156deg) brightness(105%) contrast(102%);
+}
+
+#people {
+  width: 60%;
+}
+
+@media screen and (max-width: 768px) {
+  #people {
+    width: 80%;
+  }
+  
+  .smallcolumn-img {
+    width: 100%;
+  }
+  
+  .smallcolumn-img img {
+    width: 100%;
+  }
+}

assets/css/custom.css

@@ -0,0 +1,28 @@
+theme = "papersite-template"
+languageCode = "en-us"
+baseurl = "http://ghostwriteattack.com/"
+title = "GhostWrite"
+
+author = "Fabian Thomas"
+copyright = "Copyright © 2024, CISPA Helmholtz Center for Information Security, all rights reserved."
+
+disableKinds = ["section", "taxonomy", "term", "RSS", "robotsTXT"]
+
+[params]
+    name = "GhostWrite"
+    description = "This is the site for an example attack."
+
+    institute_street = "Musterstraße 42"
+    institute_city = "12345 Berlin"
+    institute_country = "Germany"
+
+    favicon = "favicon.ico"
+
+[markup]
+  # syntax highlight settings
+  # available themes: https://xyproto.github.io/splash/docs/
+  [markup.highlight]
+    style = "onedark"
+  # unsafe to ensure all shortcodes function correctly
+  [markup.goldmark.renderer]
+    unsafe= true

assets/js/.gitkeep

@@ -0,0 +1,31 @@
+---
+author: Leon Trampert
+title: "GhostWrite"
+logo: "/ghostwrite.svg"
+logo_header: "/ghostwrite-no-text.svg"
+header_title: "Home"
+header_menu: true
+date: 07-10-2023
+---
+
+The GhostWrite vulnerability affects the T-Head XuanTie C910 RISC-V CPU. 
+This vulnerability allows unprivileged attackers, even those with limited access, to read and write any part of the computer's memory and to control peripheral devices like network cards. 
+GhostWrite renders the CPU's security features ineffective and cannot be fixed without disabling around half of the CPU's functionality.
+
+{{< linkbutton title="READ" icon="fas fa-book fa-1x" url="/riscvuzz.pdf" >}}
+
+<div class="columns" style="margin-top: 1rem">
+    <div>
+{{< modalbutton title="CITE" icon="fa-solid fa-quote-left" id="citebutton" classes="buttonoutline buttonsmall" >}}
+@misc{Thomas2024RISCVuzz,
+  title={{RISCVuzz}: Discovering Architectural {CPU} Vulnerabilities via Differential Hardware Fuzzing},
+  author={Thomas, Fabian and Hetterich, Lorenz and Zhang, Ruiyi and Weber, Daniel and Gerlach, Lukas and Schwarz, Michael},
+  howpublished = {\url{https://ghostwriteattack.com/}},
+  year={2024},
+}
+{{< /modalbutton >}}
+    </div>
+    <div>
+{{< linkbutton title="TRY" icon="fas fa-flask fa-1x" url="https://github.com/cispa/ghostwrite" classes="buttonoutline buttonsmall" >}}
+    </div>
+</div>

config.toml

@@ -0,0 +1,7 @@
+---
+title: "External"
+---
+
+## External Site
+
+Lorem ipsum dolor sit amet consectetur adipisicing elit. Soluta eaque autem consectetur possimus, animi iusto. Eveniet nesciunt nemo blanditiis voluptatibus inventore ipsum magni facilis ut saepe vel? Expedita, possimus ea.

content/_index.md

@@ -0,0 +1,9 @@
+---
+title: "Acknowledgements"
+weight: 80
+slug: "acknowledgements"
+small: true
+---
+
+This work was supported in part by Semiconductor Research Corporation (SRC) Hardware Security Program (HWS) and by a Google Research Scholar award.
+Any opinions, findings, conclusions, or recommendations expressed in this paper are those of the authors and do not necessarily reflect the views of the funding parties.

content/external.md

@@ -0,0 +1,21 @@
+---
+weight: 0
+header_title: "Description"
+header_menu: false
+slug: "fundamentals"
+---
+
+<div width=100% style="text-align: justify;">
+
+{{< title title="Fundamentals." subtitle="Process Isolation and Assembly Instructions.">}}
+
+Modern operating systems work together with the CPU to keep each process running on your system isolated from the others. 
+To do this, the operating system divides the *physical* memory into separate *virtual* memory spaces, one for each process. 
+This ensures that each process can only access its own *virtual* memory and cannot interfere with other processes.
+
+Your computer runs programs by executing instructions on the CPU. 
+These instructions can range from very simple tasks, such as adding two numbers, to more complex operations. 
+Usually, these instructions and their behaviors are thoroughly documented in the CPU vendor's manuals. 
+However, CPUs sometimes also contain undocumented instructions.
+
+</div>