[tbb-commits] [tor-browser-bundle/master] Bug 20683: Integrate Selfrando into alpha Linux builds
gk at torproject.org
gk at torproject.org
Mon May 8 18:37:51 UTC 2017
commit 332c5b6c16f1b0915f537a4ad5af48295f80c733
Author: Georg Koppen <gk at torproject.org>
Date: Tue Apr 25 11:20:53 2017 +0000
Bug 20683: Integrate Selfrando into alpha Linux builds
Selfrando is a new defense against code reuse attacks developed by the
Redactor and Readactor++ people. We should give it a wider testing
audience by including it in the alpha series.
This is currently only available for 64bit Linux builds, though.
Supporting other platforms and architectures is work in progress.
---
RelativeLink/start-tor-browser | 1 +
gitian/descriptors/linux/gitian-firefox.yml | 17 +++++
gitian/descriptors/linux/gitian-utils.yml | 46 +++++++++++++
gitian/fetch-inputs.sh | 4 +-
gitian/gpg/ELFUTILS.gpg | Bin 0 -> 10483 bytes
gitian/mkbundle-linux.sh | 13 ++--
gitian/patches/binutils-224-gold.patch | 98 ++++++++++++++++++++++++++++
gitian/verify-tags.sh | 3 +-
gitian/versions.alpha | 4 ++
gitian/versions.nightly | 4 ++
10 files changed, 183 insertions(+), 7 deletions(-)
diff --git a/RelativeLink/start-tor-browser b/RelativeLink/start-tor-browser
index a78b367..2dd40fc 100755
--- a/RelativeLink/start-tor-browser
+++ b/RelativeLink/start-tor-browser
@@ -270,6 +270,7 @@ fi
LD_LIBRARY_PATH="${HOME}/TorBrowser/Tor/"
export LD_LIBRARY_PATH
+export SELFRANDO_write_layout_file=
function setControlPortPasswd() {
local ctrlPasswd=$1
diff --git a/gitian/descriptors/linux/gitian-firefox.yml b/gitian/descriptors/linux/gitian-firefox.yml
index c9ced44..db4f232 100644
--- a/gitian/descriptors/linux/gitian-firefox.yml
+++ b/gitian/descriptors/linux/gitian-firefox.yml
@@ -27,6 +27,8 @@ reference_datetime: "2000-01-01 00:00:00"
remotes:
- "url": "https://git.torproject.org/tor-browser.git"
"dir": "tor-browser"
+- "url": "https://github.com/immunant/selfrando.git"
+ "dir": "selfrando"
files:
- "binutils-linux32-utils.zip"
- "binutils-linux64-utils.zip"
@@ -36,6 +38,8 @@ files:
- "re-dzip.sh"
- "dzip.sh"
- "versions"
+# XXX: 64bits only for now :(, see #20683.
+- "selfrando-linux64-utils.zip"
script: |
source versions
INSTDIR="$HOME/install"
@@ -53,6 +57,11 @@ script: |
export DEB_BUILD_HARDENING_FORMAT=1
export DEB_BUILD_HARDENING_PIE=1
#
+ # XXX: 64bits only for now :(, see #20683.
+ if [ $GBUILD_BITS == "64" ];
+ then
+ unzip -d $INSTDIR selfrando-linux64-utils.zip
+ fi
# Preparing Binutils and GCC for Tor Browser
unzip -d $INSTDIR binutils-linux$GBUILD_BITS-utils.zip
# Make sure gold is used with the hardening wrapper for full RELRO, see
@@ -94,6 +103,14 @@ script: |
find -type f -print0 | xargs -0 touch --date="$REFERENCE_DATETIME"
rm -f configure
rm -f js/src/configure
+ # XXX: 64bits only for now :(, see #20683.
+ if [ $GBUILD_BITS == "64" ];
+ then
+ # Selfrando wrapper
+ export PATH="$HOME/build/selfrando/Tools/TorBrowser/tc-wrapper/:$PATH"
+ # We need to avoid the shuffling while building as this breaks compilation
+ export SELFRANDO_skip_shuffle=
+ fi
make -f client.mk configure CONFIGURE_ARGS="--with-tor-browser-version=${TORBROWSER_VERSION} --with-distribution-id=org.torproject --enable-update-channel=${TORBROWSER_UPDATE_CHANNEL} --enable-bundled-fonts"
find -type f -print0 | xargs -0 touch --date="$REFERENCE_DATETIME"
make $MAKEOPTS -f client.mk build
diff --git a/gitian/descriptors/linux/gitian-utils.yml b/gitian/descriptors/linux/gitian-utils.yml
index d10422b..eb340b8 100644
--- a/gitian/descriptors/linux/gitian-utils.yml
+++ b/gitian/descriptors/linux/gitian-utils.yml
@@ -24,10 +24,14 @@ packages:
- "libssl-dev"
# Needed for binutils (64bit) as we are building with PIE enabled.
- "libstdc++6-4.7-pic"
+# Needed for Selfrando
+- "scons"
reference_datetime: "2000-01-01 00:00:00"
remotes:
- "url": "https://github.com/libevent/libevent.git"
"dir": "libevent"
+- "url": "https://github.com/immunant/selfrando.git"
+ "dir": "selfrando"
files:
- "binutils.tar.bz2"
- "gcc.tar.bz2"
@@ -37,6 +41,8 @@ files:
- "go.tar.gz"
- "versions"
- "dzip.sh"
+- "elfutils.tar.bz2"
+- "binutils-224-gold.patch"
script: |
INSTDIR="$HOME/install"
source versions
@@ -52,6 +58,12 @@ script: |
export DEB_BUILD_HARDENING_FORMAT=1
export DEB_BUILD_HARDENING_PIE=1
+ ARCH=""
+ if [ $GBUILD_BITS == "64" ];
+ then
+ ARCH="64"
+ fi
+
# Building Binutils
tar xjf binutils.tar.bz2
# The libstdc++ shipped by default is non-PIC which breaks the binutils build
@@ -63,6 +75,13 @@ script: |
export LDFLAGS="-L/home/debian -lstdc++"
fi
cd binutils*
+ # We need to work around a gold linker bug in 2.24 to get selfrando working,
+ # see bug 20683.
+ # XXX: 64bits only for now :(, see #20683.
+ if [ $GBUILD_BITS == "64" ];
+ then
+ patch -p1 < ../binutils-224-gold.patch
+ fi
# We want to use gold as the linker in our toolchain mainly as it is way
# faster when linking Tor Browser code (especially libxul). But apart from
# that it fixes #12103 and issues with ESR 31 and our Gitian setup as well
@@ -86,6 +105,28 @@ script: |
cd ..
export DEB_BUILD_HARDENING_FORMAT=1
+ export PATH="$INSTDIR/binutils/bin:$INSTDIR/gcc/bin:$PATH"
+ export LD_LIBRARY_PATH="$INSTDIR/gcc/lib$ARCH"
+
+ # XXX: 64bits only for now :(, see #20683.
+ if [ $GBUILD_BITS == "64" ];
+ then
+ # Building Elfutils
+ tar xjf elfutils.tar.bz2
+ cd elfutils*/
+ ./configure --prefix=$INSTDIR/elfutils
+ make $MAKEOPTS
+ make install
+ cd ..
+
+ # Building Selfrando
+ cd selfrando
+ scons -Q arch=x86_64 LIBELF_PATH="$INSTDIR/elfutils" FORCE_INPLACE=1 DEBUG_LEVEL=env WRITE_LAYOUTS=env LOG=console
+ mkdir -p $INSTDIR/selfrando
+ cp out/x86_64/bin/* $INSTDIR/selfrando/
+ cd ..
+ fi
+
# Building Libevent
cd libevent
./autogen.sh
@@ -157,4 +198,9 @@ script: |
~/build/dzip.sh libevent-${LIBEVENT_TAG#release-}-linux$GBUILD_BITS-utils.zip libevent
~/build/dzip.sh gmp-$GMP_VER-linux$GBUILD_BITS-utils.zip gmp
~/build/dzip.sh go-$GO_VER-linux$GBUILD_BITS-utils.zip go
+ # XXX: 64bits only for now :(, see #20683.
+ if [ $GBUILD_BITS == "64" ];
+ then
+ ~/build/dzip.sh selfrando-$SELFRANDO_TAG-linux$GBUILD_BITS-utils.zip selfrando
+ fi
cp *utils.zip $OUTDIR/
diff --git a/gitian/fetch-inputs.sh b/gitian/fetch-inputs.sh
index b7fcf36..c110eb8 100755
--- a/gitian/fetch-inputs.sh
+++ b/gitian/fetch-inputs.sh
@@ -113,7 +113,7 @@ update_git() {
##############################################################################
# Get+verify sigs that exist
-for i in OPENSSL BINUTILS GCC PYTHON_MSI GMP LLVM CFE LIBCXX LIBCXXABI
+for i in OPENSSL BINUTILS GCC PYTHON_MSI GMP LLVM CFE LIBCXX LIBCXXABI ELFUTILS
do
PACKAGE="${i}_PACKAGE"
URL="${i}_URL"
@@ -252,6 +252,7 @@ ln -sf "$GO_PACKAGE" go.tar.gz
ln -sf "$NSIS_PACKAGE" nsis.tar.bz2
ln -sf "$NSIS_DEBIAN_PACKAGE" nsis-debian.tar.xz
ln -sf "$YASM_PACKAGE" yasm.tar.gz
+ln -sf "$ELFUTILS_PACKAGE" elfutils.tar.bz2
# Fetch latest gitian-builder itself
# XXX - this is broken if a non-standard inputs dir is selected using the command line flag.
@@ -303,6 +304,7 @@ depot_tools https://chromium.googlesource.com/chromium/tools/depot_too
go-webrtc https://github.com/keroserene/go-webrtc $GO_WEBRTC_TAG
snowflake https://git.torproject.org/pluggable-transports/snowflake.git $SNOWFLAKE_TAG
uniuri https://github.com/dchest/uniuri $UNIURI_TAG
+selfrando https://github.com/immunant/selfrando.git $SELFRANDO_TAG
EOF
# HTTPS-Everywhere is special, too. We need to initialize the git submodules and
diff --git a/gitian/gpg/ELFUTILS.gpg b/gitian/gpg/ELFUTILS.gpg
new file mode 100644
index 0000000..f1cd4b3
Binary files /dev/null and b/gitian/gpg/ELFUTILS.gpg differ
diff --git a/gitian/mkbundle-linux.sh b/gitian/mkbundle-linux.sh
index 6dbbe51..0a1613f 100755
--- a/gitian/mkbundle-linux.sh
+++ b/gitian/mkbundle-linux.sh
@@ -35,7 +35,7 @@ fi
if [ -z "$VM_MEMORY" ];
then
- export VM_MEMORY=4000
+ export VM_MEMORY=6000
fi
./make-vms.sh
@@ -99,7 +99,7 @@ then
fi
cd $GITIAN_DIR
-
+# XXX: 64bits selfrando only for now :(, see #20683.
if [ ! -f inputs/binutils-$BINUTILS_VER-linux32-utils.zip -o \
! -f inputs/binutils-$BINUTILS_VER-linux64-utils.zip -o \
! -f inputs/gcc-$GCC_VER-linux32-utils.zip -o \
@@ -111,13 +111,14 @@ if [ ! -f inputs/binutils-$BINUTILS_VER-linux32-utils.zip -o \
! -f inputs/gmp-$GMP_VER-linux32-utils.zip -o \
! -f inputs/gmp-$GMP_VER-linux64-utils.zip -o \
! -f inputs/go-$GO_VER-linux32-utils.zip -o \
- ! -f inputs/go-$GO_VER-linux64-utils.zip ];
+ ! -f inputs/go-$GO_VER-linux64-utils.zip -o \
+ ! -f inputs/selfrando-$SELFRANDO_TAG-linux64-utils.zip ];
then
echo
echo "****** Starting Utilities Component of Linux Bundle (1/7 for Linux) ******"
echo
- ./bin/gbuild -j $NUM_PROCS -m $VM_MEMORY --commit libevent=$LIBEVENT_TAG $DESCRIPTOR_DIR/linux/gitian-utils.yml
+ ./bin/gbuild -j $NUM_PROCS -m $VM_MEMORY --commit libevent=$LIBEVENT_TAG,selfrando=$SELFRANDO_TAG $DESCRIPTOR_DIR/linux/gitian-utils.yml
if [ $? -ne 0 ];
then
#mv var/build.log ./utils-fail-linux.log.`date +%Y%m%d%H%M%S`
@@ -138,6 +139,7 @@ then
ln -sf gmp-$GMP_VER-linux64-utils.zip gmp-linux64-utils.zip
ln -sf go-$GO_VER-linux32-utils.zip go-linux32-utils.zip
ln -sf go-$GO_VER-linux64-utils.zip go-linux64-utils.zip
+ ln -sf selfrando-$SELFRANDO_TAG-linux64-utils.zip selfrando-linux64-utils.zip
cd ..
#cp -a result/utils-linux-res.yml inputs/
else
@@ -159,6 +161,7 @@ else
ln -sf gmp-$GMP_VER-linux64-utils.zip gmp-linux64-utils.zip
ln -sf go-$GO_VER-linux32-utils.zip go-linux32-utils.zip
ln -sf go-$GO_VER-linux64-utils.zip go-linux64-utils.zip
+ ln -sf selfrando-$SELFRANDO_TAG-linux64-utils.zip selfrando-linux64-utils.zip
cd ..
fi
@@ -193,7 +196,7 @@ then
echo "****** Starting TorBrowser Component of Linux Bundle (3/7 for Linux) ******"
echo
- ./bin/gbuild -j $NUM_PROCS -m $VM_MEMORY --commit tor-browser=$TORBROWSER_TAG,faketime=$FAKETIME_TAG $DESCRIPTOR_DIR/linux/gitian-firefox.yml
+ ./bin/gbuild -j $NUM_PROCS -m $VM_MEMORY --commit tor-browser=$TORBROWSER_TAG,faketime=$FAKETIME_TAG,selfrando=$SELFRANDO_TAG $DESCRIPTOR_DIR/linux/gitian-firefox.yml
if [ $? -ne 0 ];
then
#mv var/build.log ./firefox-fail-linux.log.`date +%Y%m%d%H%M%S`
diff --git a/gitian/patches/binutils-224-gold.patch b/gitian/patches/binutils-224-gold.patch
new file mode 100644
index 0000000..a45e49c
--- /dev/null
+++ b/gitian/patches/binutils-224-gold.patch
@@ -0,0 +1,98 @@
+From f984741df04cd68bb116073fdfa9405808810ab4 Mon Sep 17 00:00:00 2001
+From: Cary Coutant <ccoutant at google.com>
+Date: Wed, 5 Feb 2014 22:59:02 -0800
+Subject: [PATCH] Fix issues with gold undefined symbol diagnostics.
+
+PR binutils/15435 complains that gold issues a visibility error for an
+weak undefined symbol with hidden visibility. The message should be
+suppressed if the symbol is a weak undef.
+
+An earlier patch to add an extra note about key functions when a class's
+vtable symbol is undefined missed a case where the reference to the
+vtable came from a shared library. This patch moves the check to a
+lower-level routine that catches both cases.
+
+gold/
+
+2014-02-05 Cary Coutant <ccoutant at google.com>
+
+ * errors.cc (Errors::undefined_symbol): Move undef vtable symbol
+ check to here.
+ * target-reloc.h (is_strong_undefined): New function.
+ (relocate_section): Move undef vtable symbol check from here.
+ Check for is_strong_undefined.
+
+diff --git a/gold/ChangeLog b/gold/ChangeLog
+index dcf7ed41f8..dd7ef72980 100644
+--- a/gold/ChangeLog
++++ b/gold/ChangeLog
+@@ -1,3 +1,14 @@
++2014-02-05 Cary Coutant <ccoutant at google.com>
++
++ Fix issues with gold undefined symbol diagnostics.
++
++ PR binutils/15435
++ * errors.cc (Errors::undefined_symbol): Move undef vtable symbol
++ check to here.
++ * target-reloc.h (is_strong_undefined): New function.
++ (relocate_section): Move undef vtable symbol check from here.
++ Check for is_strong_undefined.
++
+ 2013-11-22 Cary Coutant <ccoutant at google.com>
+
+ * testsuite/Makefile.am (exception_x86_64_bnd_test): Use in-tree
+diff --git a/gold/errors.cc b/gold/errors.cc
+index b79764bd1d..98db0fdd86 100644
+--- a/gold/errors.cc
++++ b/gold/errors.cc
+@@ -193,6 +193,11 @@ Errors::undefined_symbol(const Symbol* sym, const std::string& location)
+ fprintf(stderr,
+ _("%s: %s: undefined reference to '%s', version '%s'\n"),
+ location.c_str(), zmsg, sym->demangled_name().c_str(), version);
++
++ if (sym->is_cxx_vtable())
++ gold_info(_("%s: the vtable symbol may be undefined because "
++ "the class is missing its key function"),
++ program_name);
+ }
+
+ // Issue a debugging message.
+diff --git a/gold/target-reloc.h b/gold/target-reloc.h
+index b544c78f37..d609bcbaa8 100644
+--- a/gold/target-reloc.h
++++ b/gold/target-reloc.h
+@@ -144,6 +144,12 @@ class Default_comdat_behavior
+ }
+ };
+
++inline bool
++is_strong_undefined(const Symbol* sym)
++{
++ return sym->is_undefined() && sym->binding() != elfcpp::STB_WEAK;
++}
++
+ // Give an error for a symbol with non-default visibility which is not
+ // defined locally.
+
+@@ -411,16 +417,10 @@ relocate_section(
+ }
+
+ if (issue_undefined_symbol_error(sym))
+- {
+- gold_undefined_symbol_at_location(sym, relinfo, i, offset);
+- if (sym->is_cxx_vtable())
+- gold_info(_("%s: the vtable symbol may be undefined because "
+- "the class is missing its key function"),
+- program_name);
+- }
++ gold_undefined_symbol_at_location(sym, relinfo, i, offset);
+ else if (sym != NULL
+ && sym->visibility() != elfcpp::STV_DEFAULT
+- && (sym->is_undefined() || sym->is_from_dynobj()))
++ && (is_strong_undefined(sym) || sym->is_from_dynobj()))
+ visibility_error(sym);
+
+ if (sym != NULL && sym->has_warning())
+--
+2.11.0
+
diff --git a/gitian/verify-tags.sh b/gitian/verify-tags.sh
index dc207f5..7d551b8 100755
--- a/gitian/verify-tags.sh
+++ b/gitian/verify-tags.sh
@@ -125,10 +125,11 @@ depot_tools $DEPOT_TOOLS_TAG
go-webrtc $GO_WEBRTC_TAG
snowflake $SNOWFLAKE_TAG
uniuri $UNIURI_TAG
+selfrando $SELFRANDO_TAG
EOF
# Verify signatures on signed packages
-for i in OPENSSL BINUTILS GCC PYTHON_MSI GMP LLVM CFE LIBCXX LIBCXXABI
+for i in OPENSSL BINUTILS GCC PYTHON_MSI GMP LLVM CFE LIBCXX LIBCXXABI ELFUTILS
do
PACKAGE="${i}_PACKAGE"
URL="${i}_URL"
diff --git a/gitian/versions.alpha b/gitian/versions.alpha
index adb9dbf..33be86d 100755
--- a/gitian/versions.alpha
+++ b/gitian/versions.alpha
@@ -47,6 +47,7 @@ WEBRTC_TAG=c279861207c5b15fc51069e96595782350e0ac12 # https://chromium.googlesou
GO_WEBRTC_TAG=ab1b64862e0c4b4182010699911c2c5818f0a101
SNOWFLAKE_TAG=9f2e9a6ecb696149708716ca06ce842df03cf492
UNIURI_TAG=8902c56451e9b58ff940bbe5fec35d5f9c04584a
+SELFRANDO_TAG=aa4130fe9d782ff7ef581555ef3470663b110bdb
GITIAN_TAG=tor-browser-builder-4-4
@@ -71,6 +72,7 @@ GO14_VER=1.4.3
GO_VER=1.8.1
NSIS_VER=2.51
YASM_VER=1.2.0
+ELFUTILS_VER=0.160
## File names for the source packages
OPENSSL_PACKAGE=openssl-${OPENSSL_VER}.tar.gz
@@ -105,6 +107,7 @@ NOTOKRFONT_PACKAGE=NotoSansKR-Regular.otf
NOTOSCFONT_PACKAGE=NotoSansSC-Regular.otf
NOTOTCFONT_PACKAGE=NotoSansTC-Regular.otf
YASM_PACKAGE=yasm-${YASM_VER}.tar.gz
+ELFUTILS_PACKAGE=elfutils-${ELFUTILS_VER}.tar.bz2
# Hashes for packages with weak sigs or no sigs
OPENSSL_HASH=6b3977c61f2aedf0f96367dcfb5c6e578cf37e7b8d913b4ecb6643c3cb88d8c0
@@ -167,3 +170,4 @@ NOTOKRFONT_URL=${NOTOCJKBASE_URL}/${NOTOKRFONT_PACKAGE}
NOTOSCFONT_URL=${NOTOCJKBASE_URL}/${NOTOSCFONT_PACKAGE}
NOTOTCFONT_URL=${NOTOCJKBASE_URL}/${NOTOTCFONT_PACKAGE}
YASM_URL=https://www.tortall.net/projects/yasm/releases/${YASM_PACKAGE}
+ELFUTILS_URL=https://sourceware.org/elfutils/ftp/${ELFUTILS_VER}/${ELFUTILS_PACKAGE}
diff --git a/gitian/versions.nightly b/gitian/versions.nightly
index 4e1618c..69ddb47 100755
--- a/gitian/versions.nightly
+++ b/gitian/versions.nightly
@@ -54,6 +54,7 @@ WEBRTC_TAG=c279861207c5b15fc51069e96595782350e0ac12 # https://chromium.googlesou
GO_WEBRTC_TAG=master
SNOWFLAKE_TAG=master
UNIURI_TAG=master
+SELFRANDO_TAG=aa4130fe9d782ff7ef581555ef3470663b110bdb
GITIAN_TAG=tor-browser-builder-4
@@ -78,6 +79,7 @@ GO14_VER=1.4.3
GO_VER=1.8.1
NSIS_VER=2.51
YASM_VER=1.2.0
+ELFUTILS_VER=0.166
## File names for the source packages
OPENSSL_PACKAGE=openssl-${OPENSSL_VER}.tar.gz
@@ -112,6 +114,7 @@ NOTOKRFONT_PACKAGE=NotoSansKR-Regular.otf
NOTOSCFONT_PACKAGE=NotoSansSC-Regular.otf
NOTOTCFONT_PACKAGE=NotoSansTC-Regular.otf
YASM_PACKAGE=yasm-${YASM_VER}.tar.gz
+ELFUTILS_PACKAGE=elfutils-${ELFUTILS_VER}.tar.bz2
# Hashes for packages with weak sigs or no sigs
OPENSSL_HASH=6b3977c61f2aedf0f96367dcfb5c6e578cf37e7b8d913b4ecb6643c3cb88d8c0
@@ -174,3 +177,4 @@ NOTOKRFONT_URL=${NOTOCJKBASE_URL}/${NOTOKRFONT_PACKAGE}
NOTOSCFONT_URL=${NOTOCJKBASE_URL}/${NOTOSCFONT_PACKAGE}
NOTOTCFONT_URL=${NOTOCJKBASE_URL}/${NOTOTCFONT_PACKAGE}
YASM_URL=https://www.tortall.net/projects/yasm/releases/${YASM_PACKAGE}
+ELFUTILS_URL=https://sourceware.org/elfutils/ftp/${ELFUTILS_VER}/${ELFUTILS_PACKAGE}
More information about the tbb-commits
mailing list