From 901d8752a213329508e1600fbb7ae8832d534928 Mon Sep 17 00:00:00 2001 From: Andrew LeFevre Date: Mon, 7 Sep 2020 13:37:46 -0400 Subject: [PATCH] remove unnecessary data from runtime if -tiny is passed --- README.md | 38 +++------- main.go | 11 ++- runtime_api.go | 146 ----------------------------------- runtime_strip.go | 152 +++++++++++++++++++++++++++++++++++++ testdata/scripts/panic.txt | 23 ------ testdata/scripts/tiny.txt | 28 +++++-- 6 files changed, 189 insertions(+), 209 deletions(-) delete mode 100644 runtime_api.go create mode 100644 runtime_strip.go delete mode 100644 testdata/scripts/panic.txt diff --git a/README.md b/README.md index a07ddbb..e90866e 100644 --- a/README.md +++ b/README.md @@ -31,8 +31,7 @@ order to: * Strip filenames and shuffle position information * Strip debugging information and symbol tables * Obfuscate literals, if the `-literals` flag is given -* Expose [additional functions](#runtime-api) in the runtime package that can - optionally hide information during execution +* Removes unnecessary data if the `-tiny` flag is given ### Options @@ -56,32 +55,13 @@ to document the current shortcomings of this tool. * Go plugins are not currently supported; see [#87](https://github.com/burrowers/garble/issues/87). -### Runtime API +### Tiny Mode -The tool adds additional functions to the runtime that can optionally be used to -hide information during execution. The functions added are: +When the `-tiny` flag is passed, unneeded information from is stripped from the +resulting Go binary. This includes line numbers, filenames, and code in the runtime +the prints panics, fatal errors, and trace/debug info. All in all this can make binaries +6-10% smaller in our testing. -```go -// hideFatalErrors suppresses printing fatal error messages and -// fatal panics when hide is true. This behavior can be changed at -// any time by calling hideFatalErrors again. All other behaviors of -// panics remains the same. -func hideFatalErrors(hide bool) -``` - -These functions must be used with the `linkname` compiler directive, like so: - -```go -package main - -import _ "unsafe" - -//go:linkname hideFatalErrors runtime.hideFatalErrors -func hideFatalErrors(hide bool) - -func init() { hideFatalErrors(true) } - -func main() { - panic("ya like jazz?") -} -``` +Note: if `-tiny` is passed, no panics, fatal errors will ever be printed, but they can +still be handled internally with `recover` as normal. In addition, the `GODEBUG` +environmental variable will be ignored. diff --git a/main.go b/main.go index c878c9e..a5d7d06 100644 --- a/main.go +++ b/main.go @@ -423,11 +423,10 @@ func transformCompile(args []string) ([]string, error) { flags = append(flags, "-dwarf=false") pkgPath := flagValue(flags, "-p") - if pkgPath == "runtime" || pkgPath == "runtime/internal/sys" { + if (pkgPath == "runtime" && envGarbleTiny) || pkgPath == "runtime/internal/sys" { // Even though these packages aren't private, we will still process - // them later to remove build information and add additional - // functions to the runtime. However, we only want flags to work on - // private packages. + // them later to remove build information and strip code from the + // runtime. However, we only want flags to work on private packages. envGarbleLiterals = false envGarbleDebugDir = "" } else if !isPrivate(pkgPath) { @@ -526,8 +525,8 @@ func transformCompile(args []string) ([]string, error) { name := origName switch { case pkgPath == "runtime": - // Add additional runtime API - addRuntimeAPI(origName, file) + // strip unneeded runtime code + stripRuntime(origName, file) case pkgPath == "runtime/internal/sys": // The first declaration in zversion.go contains the Go // version as follows. Replace it here, since the diff --git a/runtime_api.go b/runtime_api.go deleted file mode 100644 index bf19c96..0000000 --- a/runtime_api.go +++ /dev/null @@ -1,146 +0,0 @@ -// Copyright (c) 2020, The Garble Authors. -// See LICENSE for licensing information. - -package main - -import ( - "go/ast" - "go/token" - - ah "mvdan.cc/garble/internal/asthelper" -) - -// addRuntimeAPI exposes additional functions in the runtime -// package that may be helpful when hiding information -// during execution is required. -func addRuntimeAPI(filename string, file *ast.File) { - switchPanicPrints := func(node ast.Node) bool { - call, ok := node.(*ast.CallExpr) - if !ok { - return true - } - id, ok := call.Fun.(*ast.Ident) - if !ok { - return true - } - - switch id.Name { - case "print": - id.Name = "panicprint" - return false - case "println": - id.Name = "panicprint" - call.Args = append(call.Args, &ast.BasicLit{Kind: token.STRING, Value: `"\n"`}) - return false - default: - return true - } - } - - switch filename { - case "debug.go": - // Add hideFatalErrors function and internal fatalErrorsHidden variable - file.Decls = append(file.Decls, hideFatalErrorsDecls...) - case "error.go": - // Add a function panicprint, that does nothing if panics are - // hidden, otherwise forwards arguments to printany to print them - // as normal. Although we add an if statement to printany to do - // nothing if panics are hidden, printany only takes one argument, - // and both print and printany are used to print panic messages. - // panicprint's entire purpose is to act as a replacement to print - // that respects hideFatalErrors, and print is variadic, so print - // must be replaced by a variadic function, hence panicprint. - // - // We will also add two statements to printany: - // 1. An if statement that returns early if panics are hidden - // 2. An additional case statement that handles printing runtime.hex - // values. Without this case statement, the default case will print - // the runtime.hex values in a way not consistent with normal panic - // outputs - for _, decl := range file.Decls { - decl, ok := decl.(*ast.FuncDecl) - if !ok || decl.Name.Name != "printany" { - continue - } - for _, stmt := range decl.Body.List { - if stmt, ok := stmt.(*ast.TypeSwitchStmt); ok { - stmt.Body.List = append(stmt.Body.List, printanyHexCase) - break - } - } - decl.Body.List = append([]ast.Stmt{fatalErrorsHiddenCheckStmt}, decl.Body.List...) - break - } - - file.Decls = append(file.Decls, panicprintDecl) - default: - // Change all calls to print, which we don't control, to - // panicprint, which we do control and does the same thing. - ast.Inspect(file, switchPanicPrints) - } -} - -var fatalErrorsHiddenCheckStmt = &ast.IfStmt{ - Cond: ah.Ident("fatalErrorsHidden"), - Body: ah.BlockStmt(ah.ReturnStmt()), -} - -var hideFatalErrorsDecls = []ast.Decl{ - &ast.GenDecl{ - Tok: token.VAR, - Specs: []ast.Spec{&ast.ValueSpec{ - Names: []*ast.Ident{ah.Ident("fatalErrorsHidden")}, - Type: ah.Ident("bool"), - }}, - }, - &ast.FuncDecl{ - Name: ah.Ident("hideFatalErrors"), - Type: &ast.FuncType{Params: &ast.FieldList{ - List: []*ast.Field{{ - Names: []*ast.Ident{ah.Ident("hide")}, - Type: ah.Ident("bool"), - }}, - }}, - Body: ah.BlockStmt( - &ast.AssignStmt{ - Lhs: []ast.Expr{ah.Ident("fatalErrorsHidden")}, - Tok: token.ASSIGN, - Rhs: []ast.Expr{ah.Ident("hide")}, - }, - ), - }, -} - -var printanyHexCase = &ast.CaseClause{ - List: []ast.Expr{ah.Ident("hex")}, - Body: []ast.Stmt{ - ah.ExprStmt(ah.CallExpr(ah.Ident("print"), ah.Ident("v"))), - }, -} - -var panicprintDecl = &ast.FuncDecl{ - Name: ah.Ident("panicprint"), - Type: &ast.FuncType{Params: &ast.FieldList{ - List: []*ast.Field{{ - Names: []*ast.Ident{{Name: "args"}}, - Type: &ast.Ellipsis{Elt: &ast.InterfaceType{ - Methods: &ast.FieldList{}, - }}, - }}, - }}, - Body: ah.BlockStmt( - &ast.IfStmt{ - Cond: ah.Ident("fatalErrorsHidden"), - Body: ah.BlockStmt(ah.ReturnStmt()), - }, - &ast.RangeStmt{ - Key: ah.Ident("_"), - Value: ah.Ident("arg"), - Tok: token.DEFINE, - X: ah.Ident("args"), - Body: ah.BlockStmt( - ah.ExprStmt(ah.CallExpr(ah.Ident("printany"), ah.Ident("arg"))), - ), - }, - ), -} diff --git a/runtime_strip.go b/runtime_strip.go new file mode 100644 index 0000000..d837cb3 --- /dev/null +++ b/runtime_strip.go @@ -0,0 +1,152 @@ +// Copyright (c) 2020, The Garble Authors. +// See LICENSE for licensing information. + +package main + +import ( + "go/ast" + "go/token" + "strings" + + ah "mvdan.cc/garble/internal/asthelper" +) + +// stripRuntime removes unnecessary code from the runtime, +// such as panic and fatal error printing, and code that +// prints trace/debug info of the runtime. +func stripRuntime(filename string, file *ast.File) { + stripPrints := func(node ast.Node) bool { + call, ok := node.(*ast.CallExpr) + if !ok { + return true + } + id, ok := call.Fun.(*ast.Ident) + if !ok { + return true + } + + switch id.Name { + case "print", "println": + id.Name = "hidePrint" + return false + default: + return true + } + } + + switch filename { + case "error.go": + for _, decl := range file.Decls { + fun, ok := decl.(*ast.FuncDecl) + if !ok { + continue + } + + // only used in panics + switch fun.Name.Name { + case "printany", "printanycustomtype": + fun.Body.List = nil + } + } + case "mprof.go": + for _, decl := range file.Decls { + fun, ok := decl.(*ast.FuncDecl) + if !ok { + continue + } + + // remove all functions that print debug/tracing info + // of the runtime + switch { + case strings.HasPrefix(fun.Name.Name, "trace"): + fun.Body.List = nil + } + } + case "print.go": + for _, decl := range file.Decls { + fun, ok := decl.(*ast.FuncDecl) + if !ok { + gen, ok := decl.(*ast.GenDecl) + if !ok || gen.Tok != token.IMPORT { + continue + } + + for i, spec := range gen.Specs { + imp := spec.(*ast.ImportSpec) + if imp.Path.Value == `"runtime/internal/sys"` { + // remove 'runtime/internal/sys' import, as it was used + // in hexdumpWords + gen.Specs = append(gen.Specs[:i], gen.Specs[i+1:]...) + break + } + } + continue + } + + // only used in tracebacks + if fun.Name.Name == "hexdumpWords" { + fun.Body.List = nil + break + } + } + + // add hidePrint declaration + file.Decls = append(file.Decls, hidePrintDecl) + case "runtime1.go": + for _, decl := range file.Decls { + fun, ok := decl.(*ast.FuncDecl) + if !ok { + continue + } + + switch fun.Name.Name { + case "parsedebugvars": + // set defaults for GODEBUG cgocheck and + // invalidptr, remove code that reads in + // GODEBUG + fun.Body = parsedebugvarsStmts + case "setTraceback": + // tracebacks are completely hidden, no + // sense keeping this function + fun.Body.List = nil + } + } + default: + // replace all 'print' and 'println' statements in + // the runtime with an empty func, which will be + // optimized out by the compiler + ast.Inspect(file, stripPrints) + } +} + +var hidePrintDecl = &ast.FuncDecl{ + Name: ah.Ident("hidePrint"), + Type: &ast.FuncType{Params: &ast.FieldList{ + List: []*ast.Field{{ + Names: []*ast.Ident{{Name: "args"}}, + Type: &ast.Ellipsis{Elt: &ast.InterfaceType{ + Methods: &ast.FieldList{}, + }}, + }}, + }}, + Body: &ast.BlockStmt{}, +} + +var parsedebugvarsStmts = ah.BlockStmt( + &ast.AssignStmt{ + Lhs: []ast.Expr{&ast.SelectorExpr{ + X: ah.Ident("debug"), + Sel: ah.Ident("cgocheck"), + }}, + Tok: token.ASSIGN, + Rhs: []ast.Expr{ah.IntLit(1)}, + }, + &ast.AssignStmt{ + Lhs: []ast.Expr{&ast.SelectorExpr{ + X: ah.Ident("debug"), + Sel: ah.Ident("invalidptr"), + }}, + Tok: token.ASSIGN, + Rhs: []ast.Expr{ah.IntLit(1)}, + }, +) diff --git a/testdata/scripts/panic.txt b/testdata/scripts/panic.txt deleted file mode 100644 index 5175a2c..0000000 --- a/testdata/scripts/panic.txt +++ /dev/null @@ -1,23 +0,0 @@ -env GOPRIVATE=test/main - -garble build -! exec ./main -cmp stderr main.stderr - --- go.mod -- -module test/main --- main.go -- -package main - -import _ "unsafe" - -//go:linkname hideFatalErrors runtime.hideFatalErrors -func hideFatalErrors(hide bool) - -func init() { hideFatalErrors(true) } - -func main() { - panic("ya like jazz?") -} - --- main.stderr -- diff --git a/testdata/scripts/tiny.txt b/testdata/scripts/tiny.txt index a54a081..20fa3bb 100644 --- a/testdata/scripts/tiny.txt +++ b/testdata/scripts/tiny.txt @@ -2,12 +2,15 @@ env GOPRIVATE=test/main # Tiny mode garble -tiny build -exec ./main$exe +env GODEBUG='allocfreetrace=1,gcpacertrace=1,gctrace=1,scavtrace=1,scheddetail=1,schedtrace=10' +! exec ./main$exe +cmp stdout main.stdout stderr '\? 0' [short] stop # no need to verify this with -short # Default mode +env GODEBUG= garble -debugdir=.obf-src build # Check for file name leak protection @@ -15,8 +18,8 @@ grep '^\/\/line :1$' .obf-src/main/main.go # Check for default line obfuscation grep '^\/\/line \w\.go:[1-9][0-9]*$' .obf-src/main/main.go -exec ./main$exe - +! exec ./main$exe +cmp stdout main.stdout stderr '\w\.go [1-9]' -- go.mod -- @@ -24,9 +27,24 @@ module test/main -- main.go -- package main -import "runtime" +import ( + "fmt" + "runtime" +) func main() { + defer func() { + if r := recover(); r != nil { + fmt.Println(r) + panic("oh noes") + } + }() + _, file, line, _ := runtime.Caller(0) println(file, line) -} \ No newline at end of file + + panic("ya like jazz?") +} + +-- main.stdout -- +ya like jazz? \ No newline at end of file