From: David van Moolenbroek Date: Fri, 13 Nov 2015 11:08:40 +0000 (+0100) Subject: Integrate ASR instrumentation into build system X-Git-Url: http://zhaoyanbai.com/repos/%22http:/www.isc.org/icons/zpipe.c?a=commitdiff_plain;h=72965c888556d9fcaba2bb0392bec8cae8bf4b98;p=minix.git Integrate ASR instrumentation into build system ASR instrumentation is now performed on all applicable system services if the system is built with MKASR=yes. This setting automatically enables MKMAGIC=yes, which in turn enables MKBITCODE=yes. The number of extra rerandomized service binaries to be generated can be set by passing ASRCOUNT=n to the build system, where n is a number between 1 and 65536. The default ASRCOUNT is 3, meaning that each service will have one randomized base binary and three additional rerandomized binaries. As before, update_asr(8) can be used for runtime rerandomization. Change-Id: Icb498bcc6d1cd8d3f6bcc24eb0b32e29b7e750c2 --- diff --git a/minix/commands/update_asr/update_asr.sh b/minix/commands/update_asr/update_asr.sh index 2b6af99bd..66edd2db6 100644 --- a/minix/commands/update_asr/update_asr.sh +++ b/minix/commands/update_asr/update_asr.sh @@ -6,8 +6,6 @@ SERVICE_PATH=/service # The path to the alternative, ASR-rerandomized system service binaries. # The path used here is typically a symlink into /usr for size reasons. -# As of writing, the only way to create these sets of binaries is by means -# of the host-side "minix/llvm/clientctl buildasr" command. SERVICE_ASR_PATH=$SERVICE_PATH/asr # A space-separated list of labels not to update in any case. The list @@ -84,7 +82,7 @@ for service in $services; do # we avoid potential problems with gaps between the numbers by # stopping at the first number for which no binary is present. total=1 - while [ -f $SERVICE_ASR_PATH/$total/$filename ]; do + while [ -f $SERVICE_ASR_PATH/$filename-$total ]; do total=$(($total + 1)) done @@ -99,7 +97,7 @@ for service in $services; do if [ $count -eq 0 ]; then binary=$SERVICE_PATH/$filename else - binary=$SERVICE_ASR_PATH/$count/$filename + binary=$SERVICE_ASR_PATH/$filename-$count fi # Check whether the live update should use a state other than the @@ -124,8 +122,8 @@ for service in $services; do # Perform the live update. The update may legitimately fail if the # service is not in the right state. TODO: report transient errors # as debugging output only. - service -a update $binary -label $label -asr-count $count \ - $state $maxtime + service -a update $binary -progname $filename -label $label \ + -asr-count $count $state $maxtime error=$? if [ $error -eq 0 ]; then debug "updated $label to number $count, total $total" diff --git a/releasetools/image.functions b/releasetools/image.functions index b814d0005..5aa581b11 100644 --- a/releasetools/image.functions +++ b/releasetools/image.functions @@ -154,9 +154,8 @@ create_input_spec() if [ ${ASR_HACK} -eq 1 ] then # Hacky workaround for ASR-randomized service binaries since they don't get nicely packaged in a tarball - # add any generated ASR-randomized service binaries (but not their root directory, which is already there) + # add any generated ASR-randomized service binaries # TODO: apply stricter file permissions for both these and the base /service binaries, against local attacks - (cd ${DESTDIR} && find ./usr/service/asr -type d | sed '1d;s/$/ type=dir uid=0 gid=0 mode=0755/') >> ${WORK_DIR}/input (cd ${DESTDIR} && find ./usr/service/asr -type f | sed 's/$/ type=file uid=0 gid=0 mode=0755/') >> ${WORK_DIR}/input cp -r ${DESTDIR}/usr/service/asr ${ROOT_DIR}/usr/service fi diff --git a/share/mk/bsd.own.mk b/share/mk/bsd.own.mk index f66aef792..967517b7e 100644 --- a/share/mk/bsd.own.mk +++ b/share/mk/bsd.own.mk @@ -1305,7 +1305,7 @@ _MKVARS.no= \ #MINIX-specific vars _MKVARS.no+= \ - MKIMAGEONLY MKSMALL MKBITCODE MKMAGIC MKSRC + MKIMAGEONLY MKSMALL MKBITCODE MKMAGIC MKASR MKSRC .if !empty(MACHINE_ARCH:Mearm*) _MKVARS.no+= \ MKWATCHDOG MKACPI MKAPIC MKDEBUGREG MKINSTALLBOOT MKPCI @@ -1411,6 +1411,11 @@ MKSYSDEBUG:= no MKLIVEUPDATE:= no .endif +# MINIX: MKASR implies MKMAGIC +.if ${MKASR} == "yes" +MKMAGIC:= yes +.endif + # MINIX: MKMAGIC implies MKBITCODE .if ${MKMAGIC} == "yes" MKBITCODE:= yes @@ -1492,7 +1497,7 @@ ${var}?= yes #MINIX-specific vars .for var in \ USE_WATCHDOG USE_ACPI USE_APIC USE_DEBUGREG USE_SYSDEBUG \ - USE_LIVEUPDATE USE_PCI USE_BITCODE USE_MAGIC + USE_LIVEUPDATE USE_PCI USE_BITCODE USE_MAGIC USE_ASR .if (${${var:S/USE_/MK/}} == "no") ${var}:= no .else diff --git a/share/mk/minix.service.mk b/share/mk/minix.service.mk index 1ee481388..ad5f669db 100644 --- a/share/mk/minix.service.mk +++ b/share/mk/minix.service.mk @@ -51,6 +51,46 @@ BITCODE_LD_FLAGS_1ST.${_P}?= ${LIBMAGICST} MAGICFLAGS?= OPTFLAGS+= -load ${MAGICPASS} -magic ${MAGICFLAGS} + +# For MKASR builds, generate an additional set of rerandomized service +# binaries. +.if ${USE_ASR:Uno} == "yes" +ASRPASS?= ${NETBSDSRCDIR}/minix/llvm/bin/asr.so +ASRCOUNT?= 3 +ASRDIR?= /usr/service/asr + +DPADD+= ${ASRPASS} + +OPTFLAGS+= -load ${ASRPASS} -asr + +# Produce a variable _RANGE that contains "1 2 3 .. ${ASRCOUNT}". We do not +# want to invoke a shell command to do this; what if the host platform does not +# have seq(1) ? So, we do it with built-in BSD make features instead. There +# are probably substantially better ways to do this, though. Right now the +# maximum ASRCOUNT is 65536 (16**4), which should be plenty. An ASRCOUNT of 0 +# is not supported, nor would it be very useful. +_RANGE= 0 +_G0= xxxxxxxxxxxxxxxx +_G= ${_G0:S/x/${_G0}/g:S/x/${_G0}/g:S/x/${_G0}/g} +.for _X in ${_G:C/^(.{${ASRCOUNT}}).*/\1/:S/x/x /g} +_RANGE:= ${_RANGE} ${_RANGE:[#]} +.endfor +_RANGE:= ${_RANGE:[2..-1]} + +# Add progname-1, progname-2, progname-3 (etc) to the list of programs to +# generate, and install (just) these to ASRDIR. +PROGS?= ${PROG} +_PROGLIST:= ${PROGS} +.for _N in ${_RANGE} +.for _P in ${_PROGLIST} +PROGS+= ${_P}-${_N} +SRCS.${_P}-${_N}= ${SRCS.${_P}:U${SRCS}} +BITCODE_LD_FLAGS_1ST.${_P}-${_N}:= ${BITCODE_LD_FLAGS_1ST.${_P}} +BINDIR.${_P}-${_N}= ${ASRDIR} +.endfor +.endfor + +.endif # ${USE_ASR:Uno} == "yes" .endif # ${USE_BITCODE:Uno} == "yes" && ${USE_MAGIC:Uno} == "yes" .include diff --git a/share/mk/sys.mk b/share/mk/sys.mk index 210c80958..dc031d23e 100644 --- a/share/mk/sys.mk +++ b/share/mk/sys.mk @@ -22,7 +22,7 @@ CPPFLAGS+= -DNDEBUG DBG= -Os .endif -.if ${MKMAGIC:Uno} == "yes" +.if ${MKMAGIC:Uno} == "yes" || ${MKASR:Uno} == "yes" CPPFLAGS+= -D_MINIX_MAGIC=1 STRIPFLAG= -s DBG=-g