Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

obfuscated names in header files included from assembly fail at link time #553

Closed
zcrypt0 opened this issue Jun 17, 2022 · 3 comments · Fixed by #583
Closed

obfuscated names in header files included from assembly fail at link time #553

zcrypt0 opened this issue Jun 17, 2022 · 3 comments · Fixed by #583
Assignees

Comments

@zcrypt0
Copy link

zcrypt0 commented Jun 17, 2022

What version of Garble and Go are you using?

$ garble version v0.7.0

$ go version v1.18.3

What environment are you running Garble on?

go env Output
$ go env
GO111MODULE=""
GOARCH="amd64"
GOBIN=""
GOCACHE="/home/user/.cache/go-build"
GOENV="/home/user/.config/go/env"
GOEXE=""
GOEXPERIMENT=""
GOFLAGS=""
GOHOSTARCH="amd64"
GOHOSTOS="linux"
GOINSECURE=""
GOMODCACHE="/go/pkg/mod"
GONOPROXY=""
GONOSUMDB=""
GOOS="linux"
GOPATH="/go"
GOPRIVATE=""
GOPROXY="https://proxy.golang.org,direct"
GOROOT="/usr/local/go"
GOSUMDB="sum.golang.org"
GOTMPDIR=""
GOTOOLDIR="/usr/local/go/pkg/tool/linux_amd64"
GOVCS=""
GOVERSION="go1.18.3"
GCCGO="gccgo"
GOAMD64="v1"
AR="ar"
CC="gcc"
CXX="g++"
CGO_ENABLED="1"
GOMOD="/go-ethereum/go.mod"
GOWORK=""
CGO_CFLAGS="-g -O2"
CGO_CPPFLAGS=""
CGO_CXXFLAGS="-g -O2"
CGO_FFLAGS="-g -O2"
CGO_LDFLAGS="-g -O2"
PKG_CONFIG="pkg-config"
GOGCCFLAGS="-fPIC -m64 -pthread -fmessage-length=0 -fdebug-prefix-map=/tmp/go-build3469986570=/tmp/go-build -gno-record-gcc-switches"

What did you do?

$ git clone https://github.com/ethereum/go-ethereum
$ cd go-ethereum
$ garble build -trimpath -v -o ./build/bin/geth ./cmd/geth

What did you expect to see?

Successfully compiling go-ethereum.

What did you see instead?

Lots of undefined references during linking, similar to the below.

/usr/local/go/pkg/tool/linux_amd64/link: running gcc failed: exit status 1

...

/usr/lib/gcc/x86_64-alpine-linux-musl/11.2.1/../../../../x86_64-alpine-linux-musl/bin/ld: go.go:(.text+0x539c15): undefined reference to `qlz7tY23.p2'
/usr/lib/gcc/x86_64-alpine-linux-musl/11.2.1/../../../../x86_64-alpine-linux-musl/bin/ld: go.go:(.text+0x539c2b): undefined reference to `qlz7tY23.p2'
/usr/lib/gcc/x86_64-alpine-linux-musl/11.2.1/../../../../x86_64-alpine-linux-musl/bin/ld: go.go:(.text+0x539c41): undefined reference to `qlz7tY23.p2'
/usr/lib/gcc/x86_64-alpine-linux-musl/11.2.1/../../../../x86_64-alpine-linux-musl/bin/ld: go.go:(.text+0x539c73): undefined reference to `qlz7tY23.p2'
/usr/lib/gcc/x86_64-alpine-linux-musl/11.2.1/../../../../x86_64-alpine-linux-musl/bin/ld: /tmp/go-link-1607869154/go.o:go.go:(.text+0x539c85): more undefined references to `qlz7tY23.p2' 

Comments

I dug in a little bit and with a whitelist, select packages can be obfuscated just fine.

Running with -debug I can see the package with undefined references:

[garble] import path "github.com/ethereum/go-ethereum/crypto/bn256/cloudflare" hashed with 5afaf34cfd103d0ff82a7f16d49c61 to "qlz7tY23"

Seeing the same result on tip of master.

EDIT:
I blacklisted that particular module from being obfuscated, and the rest of go-ethereum obfuscated just fine.

EDIT2:
Reversing also fails on the rpc subpackage (github.com/ethereum/go-ethereum), no actual panic output is required.

$ garble reverse ./cmd/geth ./out/panic-output.txt
typecheck error: /go-ethereum/rpc/ipc_unix.go:34:25: undeclared name: max_path_size

Additionally blacklisting this package and reverse works as expected.

@mvdan
Copy link
Member

mvdan commented Jun 17, 2022

Thank you - it seems like what's happening here is that names like p2 are not only used in assembly files, but also in header files, and we're currently not fixing those up.

@mvdan mvdan self-assigned this Jun 17, 2022
@mvdan mvdan changed the title Fails to build github.com/ethereum/go-ethereum obfuscated names in header files included from assembly fail at link time Jun 17, 2022
@zcrypt0
Copy link
Author

zcrypt0 commented Jun 17, 2022

@mvdan Note my second edit, which should probably be a separate issue.

The var max_path_size is a package level var declared in another file and reverse (not build) seems to have some issue with it. Looks like it makes a call out to C for its value.

https://github.com/ethereum/go-ethereum/blob/master/rpc/ipc_unix.go#L34
https://github.com/ethereum/go-ethereum/blob/master/rpc/constants_unix.go#L33

@mvdan
Copy link
Member

mvdan commented Jun 17, 2022

Thanks - could you please file that as a separate issue with repro steps? I'm fairly sure the two bugs are unrelated, and the assembly one is already a pretty involved fix.

mvdan added a commit to mvdan/garble-fork that referenced this issue Sep 21, 2022
Assembly files can include header files within the same Go module,
and those header files can include "defines" which refer to Go names.

Since those Go names are likely being obfuscated,
we need to replace them just like we do in assembly files.

The added mechanism is rather basic; we add two TODOs to improve it.
This should help when building projects like go-ethereum.

Fixes burrowers#553.
mvdan added a commit to mvdan/garble-fork that referenced this issue Sep 21, 2022
Assembly files can include header files within the same Go module,
and those header files can include "defines" which refer to Go names.

Since those Go names are likely being obfuscated,
we need to replace them just like we do in assembly files.

The added mechanism is rather basic; we add two TODOs to improve it.
This should help when building projects like go-ethereum.

Fixes burrowers#553.
mvdan added a commit that referenced this issue Sep 23, 2022
Assembly files can include header files within the same Go module,
and those header files can include "defines" which refer to Go names.

Since those Go names are likely being obfuscated,
we need to replace them just like we do in assembly files.

The added mechanism is rather basic; we add two TODOs to improve it.
This should help when building projects like go-ethereum.

Fixes #553.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Development

Successfully merging a pull request may close this issue.

2 participants