garble/internal/linker/patches/go1.23/0003-add-entryOff-encryption.patch

From 6bb03c1a0c523530b29fe6fdc48ca8f24f0bb13c Mon Sep 17 00:00:00 2001
From: pagran <pagran@protonmail.com>
Date: Sat, 14 Jan 2023 21:36:16 +0100
Subject: [PATCH 3/3] add entryOff encryption

---
 cmd/link/internal/ld/pcln.go | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)

diff --git a/cmd/link/internal/ld/pcln.go b/cmd/link/internal/ld/pcln.go
index 056a1d3a72..37226d0327 100644
--- a/cmd/link/internal/ld/pcln.go
+++ b/cmd/link/internal/ld/pcln.go
@@ -806,6 +806,26 @@ func writeFuncs(ctxt *Link, sb *loader.SymbolBuilder, funcs []loader.Sym, inlSym
 			sb.SetUint32(ctxt.Arch, dataoff, uint32(ldr.SymValue(fdsym)-gofuncBase))
 		}
 	}
+
+	// Moving next code higher is not recommended.
+	// Only at the end of the current function no edits between go versions
+	garbleEntryOffKeyStr := os.Getenv("GARBLE_LINK_ENTRYOFF_KEY")
+	if garbleEntryOffKeyStr == "" {
+		panic("[garble] entryOff key must be set")
+	}
+	var garbleEntryOffKey uint32
+	// Use fmt package instead of strconv to avoid importing a new package
+	if _, err := fmt.Sscan(garbleEntryOffKeyStr, &garbleEntryOffKey); err != nil {
+		panic(fmt.Errorf("[garble] invalid entryOff key %s: %v", garbleEntryOffKeyStr, err))
+	}
+
+	garbleData := sb.Data()
+	for _, off := range startLocations {
+		entryOff := ctxt.Arch.ByteOrder.Uint32(garbleData[off:])
+		nameOff := ctxt.Arch.ByteOrder.Uint32(garbleData[off+4:])
+
+		sb.SetUint32(ctxt.Arch, int64(off), entryOff^(nameOff*garbleEntryOffKey))
+	}
 }
 
 // pclntab initializes the pclntab symbol with
-- 
2.46.0