New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Automatic building of the binaries in pwnlib/data/binutils #105
Comments
As in: |
I think that ideally we would want something like that. Perhaps this would also enable us to support more architectures dynamically. I cannot imagine that we would want to do major changes to binutils, so it does not really make sense to have our own repo. The major questions I can see are:
|
Do we still want support for pre-built binaries? At what point to we want to build those binaries? Install-time? First use of a specific architecture? |
None of this is necessary at all. If I recall correctly, this is all borne by @IdolfHatler wanting _every_ architecture in a While that's a cool thing to do, I don't think it has any place in With regard to {dis,}assembling for various architectures, most Debians already make that available. I'd recommend changing the current naming structure to match, e.g. from the bundled
Do we still want support for pre-built binaries? No, but I'd vote for distributing a Things I would not want to see: Downloading a tarball, huge $ sudo apt-get install dpkg-dev
$ sudo apt-get build-dep binutils
$ apt-get source binutils # or binutils=2.24 for specific version
$ cd binutils-*
$ dpkg-buildpackage -us -j8
$ ls -lash ../binutils*deb
3.1M -rw-r--r-- 1 user user 3.1M Sep 10 18:15 ../binutils_2.24-5ubuntu3_amd64.deb
1.9M -rw-r--r-- 1 user user 1.9M Sep 10 18:15 ../binutils-dev_2.24-5ubuntu3_amd64.deb
488K -rw-r--r-- 1 user user 486K Sep 10 18:15 ../binutils-doc_2.24-5ubuntu3_all.deb
1.4M -rw-r--r-- 1 user user 1.4M Sep 10 18:15 ../binutils-multiarch_2.24-5ubuntu3_amd64.deb
4.0K -rw-r--r-- 1 user user 1.2K Sep 10 18:15 ../binutils-multiarch-dev_2.24-5ubuntu3_amd64.deb
17M -rw-r--r-- 1 user user 17M Sep 10 18:16 ../binutils-source_2.24-5ubuntu3_all.deb
728K -rw-r--r-- 1 user user 726K Sep 10 18:15 ../binutils-static_2.24-5ubuntu3_amd64.deb
680K -rw-r--r-- 1 user user 680K Sep 10 18:15 ../binutils-static-udeb_2.24-5ubuntu3_amd64.udeb At what point to we want to build those binaries? Install-time? First use of a specific architecture? I think we should recommend that the users install the existing, Debian/Ubuntu-supplied packages so that we can use e.g.
If the user does |
@zachriggle: I disagree that debian is the solution. We are currently actively supporting both debian, ubuntu and arch linux (and probably loads of other distros, though I do not know of any active users there). A goal of this issue is to support e.g. OpenBSD too. I do agree about the renaming though. There is no reason not to do that. |
Ubuntu is a Debian, so that's taken care of (my examples were actually from Ubuntu). Arch has support for The I think that contributing additional cross-builds upstream (e.g. to Debian, Ubuntu, Arch, and OpenBSD) will make all of the integration cleaner, and benefit projects outside of pwntools. If not upstream, then hosting in a manner compatible with the package manager (e.g. PPA for Debian/Ubuntu) is preferable to bundling with pwntools. |
How about a compromise? Support for using the binaries installed through the package manager and prefer using those. However if they are not available for an architecture that a users tries to use, then a message similar to this is printed:
|
Sure, that works.
|
So I guess the TODO for this issue is something along the lines of:
@zachriggle: Does that sound right to you? |
Sounds wonderful...may I add a possible location? |
@RobertLarsen: Well... That is not currently a good fit for how we use the filesystem in pwntools, though you might argue that it should be. We use the filesystem in the following ways:
We do not at this have anything resembling something you would put inside a lib or an etc directory. I am open to ideas about how we might fit in inside that model, but I have a hard time seeing it. |
In Vegas we were talking about building an elf loader shellcode so that we could more easily build very advanced shellcodes. Working with c2shellcode was mostly a pleasure but there were some caveats so being able to just code shellcodes in C and not worry would be nice. Those I guess would probably be libraries but whether they should go in a lib directory or in some other artifact directory I don't know. |
If they're distributed in the normal manner for a given distro (e.g. Otherwise, I think Regarding a cache directory, for mako or otherwise, it really seems like that ought to be something in For additional dependencies that would go in a |
Well, the idea with the mako cache is that:
With regards to the binutils binaries, I've more or less come to the opinion that:
For this reason I would agree with @RobertLarsen -- ~/.pwntools/bin seems a good a place as any. If we are to summaries this:
@zachriggle, @RobertLarsen: Does that seem reasonable to you? |
So now the question remains, how do we want to create our own binaries? No matter how we do it, we should recommend that people use their distro, but if for some reason that is not possible (for instance because they want to assemble for $obscure_arch), then how do they get the binaries to do this?
|
Does that seem reasonable to you? |
I agree with @RobertLarsen that I'll step out of the suggestions binaries bit, since I probably sound like a broken record. |
I just tested how long they take to generate. It is currently about 0.1s to generate the mako templates for all the shellcodes on my box (by running shellcraft). That is not enough to annoy me, but if we got ~5 times more it would be. I am not really a fan of pwntools needing to "warm up" after every reboot, but if it bothers you, I can live with using /tmp for it. If not, then I am fine with using @zachriggle: If your opinion simply is "we don't want that", then I do not get it. I get why we do not want it IN pwntools, but what is wrong with having a guide/script of how to get additional binaries? |
Mako Cache
Binaries Here's what I'd expect our instructions to look like. Version and architecture agnostic, all dependencies are automatically installed. What I am/was concerned about is if we tried to do a custom from-source build that looked like Cool Note While I was doing the instructions above, I found that Debian's support via |
Mako Cache Binaries We should not necessarily show people that flowchart, but that is how complicated the process is. Cool Note |
Hah, I was agreeing with you on the mako cache thing! Edit: Ah, I see how you misunderstood. "Nope, doesn't bother me" was talking about which path we use, not the delay. In any case, I literally don't care for the Mako cache, I was just confused as to the why. Your timing and my timing showed the why. Edit 2: Grr lack of sleep make Zach not words properly. |
Cool flow chart! The thing that I linked to would slot into the first ??? for Arch and maybe Guide 2. |
It really is a pain that you cannot get a GNU assembler that supports more than one architecture. Was your guides intended to build multiarch objdump+objcopy or single-arch assemblers? |
Either for Deb. Just a different build script that apt fetches. No idea On Friday, September 12, 2014, IdolfHatler notifications@github.com wrote:
Zach Riggle |
Well... Your build method will not create e.g. an arm assembler on my system. |
+export DEB_TARGET_ARCH=armhf
+echo $DEB_TARGET_ARCH > debian/target
dpkg-buildpackage -us -j8
|
Currently looking at getting the builds to work on Ubuntu Launchpad. They perform the builds on their machines, on source packages that are GPG signed. This would allow us to (effectively) distribute binaries which we can say aren't tampered with, built from source that can be verified to be the same as the official Ubuntu packages. Currently trying a MIPS target as an example here: Not sure if this'll work properly for cross-arch builds, or how to rename the packages so that we can have multiples. The eventual goal is to have a PPA which will install |
This is now completed in an auditable and verifiable way. These packages are built and signed by Ubuntu Launchpad, and are built from the original, unmodified sudo apt-add-repository ppa:pwntools/binutils
sudo apt-get update
sudo apt-get install binutils-{aarch64,alpha,arm,avr,cris,hppa,ia64,m68k,mips,mips64,msp430,powerpc,powerpc64,s390,sparc,vax,xscale}-linux-gnu These are automatically detected by the
|
The script used to upload these packages to Launchpad is below. It uses sudo apt-get build-dep binutils gnupg gnupg-agent
sudo apt-get install devscripts binutils-source
export DEBFULLNAME="Zach Riggle"
export DEBEMAIL="zachriggle@gmail.com"
export DIR=$PWD
set -ex
rm -rf binutils-*
for ARCH in aarch64 alpha arm avr cris hppa ia64 m68k mips mips64 msp430 powerpc powerpc64 s390 sparc vax xscale;
do
cd $DIR
rm -rf binutils-powerpc-cross-0.10
apt-get source binutils-powerpc-cross
cd $DIR/binutils-powerpc-cross-0.10
sed -i "s|powerpc|$ARCH|ig" debian/control
sed -i "s|CROSS_ARCH .*|CROSS_ARCH=$ARCH|ig" debian/rules
sed -i "s|CROSS_GNU_TYPE .*|CROSS_ARCH=$ARCH-linux-gnu|ig" debian/rules
dch --newversion 0.11pwntools5 --package binutils-$ARCH-cross "Create $ARCH version for pwntools"
dch --release "Release"
debuild -S -sa
# Uncomment for local build
# dpkg-buildpackage -us -uc -j8
done
cd $DIR
for CHANGES in *source.changes;
do
dput ppa:pwntools/binutils $CHANGES
done |
There are now 19 architectures available here: https://launchpad.net/~pwntools/+archive/ubuntu/binutils If I can get the damn thing to build statically-linked versions, we can just extract the binaries and be ~done with this. |
Since it's needed by Travis CI, I added more |
Pinging @IdolfHatler @br0ns @RobertLarsen What do we want to do for this? We can do a mixture of the current PPA, and then also give out a Does that satisfy everyone? |
It's probably not a bad idea to submit a formula to the |
I think we should have instructions both for installing the pre-built ubuntu packages and for building yourself. We should possibly also include pre-built static binaries. @zachriggle: Could you add instructions to the docs? For the ubuntu version, there should probably also be a few copy-pastable for installing the packages from that ppa instead of just a link. |
It would be awesome if we did not depend on the pre-built binaries in pwnlib/data/binutils.
I built them originally a long time ago and I have a hard time remembering how. I am pretty sure that with the exception of the objcopy/objdump it was a fairly standard thing to do.
I think that for those two I did some magic to figure out every possible target to compile them in. Or rather: Almost every possible target, as some of them made binutils now build.
The text was updated successfully, but these errors were encountered: