main.go 63 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798991001011021031041051061071081091101111121131141151161171181191201211221231241251261271281291301311321331341351361371381391401411421431441451461471481491501511521531541551561571581591601611621631641651661671681691701711721731741751761771781791801811821831841851861871881891901911921931941951961971981992002012022032042052062072082092102112122132142152162172182192202212222232242252262272282292302312322332342352362372382392402412422432442452462472482492502512522532542552562572582592602612622632642652662672682692702712722732742752762772782792802812822832842852862872882892902912922932942952962972982993003013023033043053063073083093103113123133143153163173183193203213223233243253263273283293303313323333343353363373383393403413423433443453463473483493503513523533543553563573583593603613623633643653663673683693703713723733743753763773783793803813823833843853863873883893903913923933943953963973983994004014024034044054064074084094104114124134144154164174184194204214224234244254264274284294304314324334344354364374384394404414424434444454464474484494504514524534544554564574584594604614624634644654664674684694704714724734744754764774784794804814824834844854864874884894904914924934944954964974984995005015025035045055065075085095105115125135145155165175185195205215225235245255265275285295305315325335345355365375385395405415425435445455465475485495505515525535545555565575585595605615625635645655665675685695705715725735745755765775785795805815825835845855865875885895905915925935945955965975985996006016026036046056066076086096106116126136146156166176186196206216226236246256266276286296306316326336346356366376386396406416426436446456466476486496506516526536546556566576586596606616626636646656666676686696706716726736746756766776786796806816826836846856866876886896906916926936946956966976986997007017027037047057067077087097107117127137147157167177187197207217227237247257267277287297307317327337347357367377387397407417427437447457467477487497507517527537547557567577587597607617627637647657667677687697707717727737747757767777787797807817827837847857867877887897907917927937947957967977987998008018028038048058068078088098108118128138148158168178188198208218228238248258268278288298308318328338348358368378388398408418428438448458468478488498508518528538548558568578588598608618628638648658668678688698708718728738748758768778788798808818828838848858868878888898908918928938948958968978988999009019029039049059069079089099109119129139149159169179189199209219229239249259269279289299309319329339349359369379389399409419429439449459469479489499509519529539549559569579589599609619629639649659669679689699709719729739749759769779789799809819829839849859869879889899909919929939949959969979989991000100110021003100410051006100710081009101010111012101310141015101610171018101910201021102210231024102510261027102810291030103110321033103410351036103710381039104010411042104310441045104610471048104910501051105210531054105510561057105810591060106110621063106410651066106710681069107010711072107310741075107610771078107910801081108210831084108510861087108810891090109110921093109410951096109710981099110011011102110311041105110611071108110911101111111211131114111511161117111811191120112111221123112411251126112711281129113011311132113311341135113611371138113911401141114211431144114511461147114811491150115111521153115411551156115711581159116011611162116311641165116611671168116911701171117211731174117511761177117811791180118111821183118411851186118711881189119011911192119311941195119611971198119912001201120212031204120512061207120812091210121112121213121412151216121712181219122012211222122312241225122612271228122912301231123212331234123512361237123812391240124112421243124412451246124712481249125012511252125312541255125612571258125912601261126212631264126512661267126812691270127112721273127412751276127712781279128012811282128312841285128612871288128912901291129212931294129512961297129812991300130113021303130413051306130713081309131013111312131313141315131613171318131913201321132213231324132513261327132813291330133113321333133413351336133713381339134013411342134313441345134613471348134913501351135213531354135513561357135813591360136113621363136413651366136713681369137013711372137313741375137613771378137913801381138213831384138513861387138813891390139113921393139413951396139713981399140014011402140314041405140614071408140914101411141214131414141514161417141814191420142114221423142414251426142714281429143014311432143314341435143614371438143914401441144214431444144514461447144814491450145114521453145414551456145714581459146014611462146314641465146614671468146914701471147214731474147514761477147814791480148114821483148414851486148714881489149014911492149314941495149614971498149915001501150215031504150515061507150815091510151115121513151415151516151715181519152015211522152315241525152615271528152915301531153215331534153515361537153815391540154115421543154415451546154715481549155015511552155315541555155615571558155915601561156215631564156515661567156815691570157115721573157415751576157715781579158015811582158315841585158615871588158915901591159215931594159515961597159815991600160116021603160416051606160716081609161016111612161316141615161616171618161916201621162216231624162516261627162816291630163116321633163416351636163716381639164016411642164316441645164616471648164916501651165216531654165516561657165816591660166116621663166416651666166716681669167016711672167316741675167616771678167916801681168216831684168516861687168816891690169116921693169416951696169716981699170017011702170317041705170617071708170917101711171217131714171517161717171817191720172117221723172417251726172717281729173017311732173317341735173617371738173917401741174217431744174517461747174817491750175117521753175417551756175717581759176017611762176317641765176617671768176917701771177217731774177517761777177817791780178117821783178417851786178717881789179017911792179317941795179617971798179918001801180218031804180518061807180818091810181118121813181418151816181718181819182018211822182318241825182618271828182918301831183218331834183518361837183818391840184118421843184418451846184718481849185018511852185318541855185618571858185918601861186218631864186518661867186818691870187118721873187418751876187718781879188018811882188318841885188618871888188918901891189218931894189518961897189818991900190119021903190419051906190719081909191019111912191319141915191619171918191919201921192219231924192519261927192819291930193119321933193419351936193719381939194019411942194319441945194619471948194919501951195219531954195519561957195819591960196119621963196419651966196719681969197019711972197319741975197619771978197919801981198219831984198519861987198819891990199119921993199419951996199719981999200020012002200320042005200620072008200920102011201220132014201520162017201820192020202120222023202420252026202720282029203020312032203320342035203620372038203920402041204220432044204520462047204820492050205120522053205420552056205720582059206020612062206320642065206620672068206920702071207220732074207520762077207820792080208120822083208420852086208720882089209020912092209320942095209620972098209921002101210221032104210521062107210821092110
  1. // Copyright (c) 2019, The Garble Authors.
  2. // See LICENSE for licensing information.
  3. package main
  4. import (
  5. "bytes"
  6. "crypto/rand"
  7. "encoding/base64"
  8. "encoding/binary"
  9. "encoding/gob"
  10. "encoding/json"
  11. "errors"
  12. "flag"
  13. "fmt"
  14. "go/ast"
  15. "go/importer"
  16. "go/parser"
  17. "go/token"
  18. "go/types"
  19. "io"
  20. "io/fs"
  21. "log"
  22. mathrand "math/rand"
  23. "os"
  24. "os/exec"
  25. "path/filepath"
  26. "regexp"
  27. "runtime"
  28. "runtime/debug"
  29. "strconv"
  30. "strings"
  31. "time"
  32. "unicode"
  33. "unicode/utf8"
  34. "golang.org/x/exp/maps"
  35. "golang.org/x/exp/slices"
  36. "golang.org/x/mod/modfile"
  37. "golang.org/x/mod/module"
  38. "golang.org/x/mod/semver"
  39. "golang.org/x/tools/go/ast/astutil"
  40. "mvdan.cc/garble/internal/literals"
  41. )
  42. var flagSet = flag.NewFlagSet("garble", flag.ContinueOnError)
  43. var (
  44. flagLiterals bool
  45. flagTiny bool
  46. flagDebug bool
  47. flagDebugDir string
  48. flagSeed seedFlag
  49. )
  50. func init() {
  51. flagSet.Usage = usage
  52. flagSet.BoolVar(&flagLiterals, "literals", false, "Obfuscate literals such as strings")
  53. flagSet.BoolVar(&flagTiny, "tiny", false, "Optimize for binary size, losing some ability to reverse the process")
  54. flagSet.BoolVar(&flagDebug, "debug", false, "Print debug logs to stderr")
  55. flagSet.StringVar(&flagDebugDir, "debugdir", "", "Write the obfuscated source to a directory, e.g. -debugdir=out")
  56. flagSet.Var(&flagSeed, "seed", "Provide a base64-encoded seed, e.g. -seed=o9WDTZ4CN4w\nFor a random seed, provide -seed=random")
  57. }
  58. var rxGarbleFlag = regexp.MustCompile(`-(?:literals|tiny|debug|debugdir|seed)(?:$|=)`)
  59. type seedFlag struct {
  60. random bool
  61. bytes []byte
  62. }
  63. func (f seedFlag) present() bool { return len(f.bytes) > 0 }
  64. func (f seedFlag) String() string {
  65. return base64.RawStdEncoding.EncodeToString(f.bytes)
  66. }
  67. func (f *seedFlag) Set(s string) error {
  68. if s == "random" {
  69. f.bytes = make([]byte, 16) // random 128 bit seed
  70. if _, err := rand.Read(f.bytes); err != nil {
  71. return fmt.Errorf("error generating random seed: %v", err)
  72. }
  73. } else {
  74. // We expect unpadded base64, but to be nice, accept padded
  75. // strings too.
  76. s = strings.TrimRight(s, "=")
  77. seed, err := base64.RawStdEncoding.DecodeString(s)
  78. if err != nil {
  79. return fmt.Errorf("error decoding seed: %v", err)
  80. }
  81. if len(seed) < 8 {
  82. return fmt.Errorf("-seed needs at least 8 bytes, have %d", len(seed))
  83. }
  84. f.bytes = seed
  85. }
  86. return nil
  87. }
  88. func usage() {
  89. fmt.Fprintf(os.Stderr, `
  90. Garble obfuscates Go code by wrapping the Go toolchain.
  91. garble [garble flags] command [go flags] [go arguments]
  92. For example, to build an obfuscated program:
  93. garble build ./cmd/foo
  94. Similarly, to combine garble flags and Go build flags:
  95. garble -literals build -tags=purego ./cmd/foo
  96. The following commands are supported:
  97. build replace "go build"
  98. test replace "go test"
  99. version print Garble version
  100. reverse de-obfuscate output such as stack traces
  101. To learn more about a command, run "garble help <command>".
  102. garble accepts the following flags before a command:
  103. `[1:])
  104. flagSet.PrintDefaults()
  105. fmt.Fprintf(os.Stderr, `
  106. For more information, see https://github.com/burrowers/garble.
  107. `[1:])
  108. }
  109. func main() { os.Exit(main1()) }
  110. var (
  111. fset = token.NewFileSet()
  112. sharedTempDir = os.Getenv("GARBLE_SHARED")
  113. parentWorkDir = os.Getenv("GARBLE_PARENT_WORK")
  114. // origImporter is a go/types importer which uses the original versions
  115. // of packages, without any obfuscation. This is helpful to make
  116. // decisions on how to obfuscate our input code.
  117. origImporter = importerWithMap(importer.ForCompiler(fset, "gc", func(path string) (io.ReadCloser, error) {
  118. pkg, err := listPackage(path)
  119. if err != nil {
  120. return nil, err
  121. }
  122. return os.Open(pkg.Export)
  123. }).(types.ImporterFrom).ImportFrom)
  124. // Basic information about the package being currently compiled or linked.
  125. curPkg *listedPackage
  126. )
  127. type importerWithMap func(path, dir string, mode types.ImportMode) (*types.Package, error)
  128. func (fn importerWithMap) Import(path string) (*types.Package, error) {
  129. panic("should never be called")
  130. }
  131. func (fn importerWithMap) ImportFrom(path, dir string, mode types.ImportMode) (*types.Package, error) {
  132. if path2 := curPkg.ImportMap[path]; path2 != "" {
  133. path = path2
  134. }
  135. return fn(path, dir, mode)
  136. }
  137. // uniqueLineWriter sits underneath log.SetOutput to deduplicate log lines.
  138. // We log bits of useful information for debugging,
  139. // and logging the same detail twice is not going to help the user.
  140. // Duplicates are relatively normal, given that names tend to repeat.
  141. type uniqueLineWriter struct {
  142. out io.Writer
  143. seen map[string]bool
  144. }
  145. func (w *uniqueLineWriter) Write(p []byte) (n int, err error) {
  146. if !flagDebug {
  147. panic("unexpected use of uniqueLineWriter with -debug unset")
  148. }
  149. if bytes.Count(p, []byte("\n")) != 1 {
  150. panic(fmt.Sprintf("log write wasn't just one line: %q", p))
  151. }
  152. if w.seen[string(p)] {
  153. return len(p), nil
  154. }
  155. if w.seen == nil {
  156. w.seen = make(map[string]bool)
  157. }
  158. w.seen[string(p)] = true
  159. return w.out.Write(p)
  160. }
  161. // debugSince is like time.Since but resulting in shorter output.
  162. // A build process takes at least hundreds of milliseconds,
  163. // so extra decimal points in the order of microseconds aren't meaningful.
  164. func debugSince(start time.Time) time.Duration {
  165. return time.Since(start).Truncate(10 * time.Microsecond)
  166. }
  167. func main1() int {
  168. defer func() {
  169. if os.Getenv("GARBLE_WRITE_ALLOCS") != "true" {
  170. return
  171. }
  172. var memStats runtime.MemStats
  173. runtime.ReadMemStats(&memStats)
  174. fmt.Fprintf(os.Stderr, "garble allocs: %d\n", memStats.Mallocs)
  175. }()
  176. if err := flagSet.Parse(os.Args[1:]); err != nil {
  177. return 2
  178. }
  179. log.SetPrefix("[garble] ")
  180. log.SetFlags(0) // no timestamps, as they aren't very useful
  181. if flagDebug {
  182. // TODO: cover this in the tests.
  183. log.SetOutput(&uniqueLineWriter{out: os.Stderr})
  184. } else {
  185. log.SetOutput(io.Discard)
  186. }
  187. args := flagSet.Args()
  188. if len(args) < 1 {
  189. usage()
  190. return 2
  191. }
  192. if err := mainErr(args); err != nil {
  193. if code, ok := err.(errJustExit); ok {
  194. return int(code)
  195. }
  196. fmt.Fprintln(os.Stderr, err)
  197. // If the build failed and a random seed was used,
  198. // the failure might not reproduce with a different seed.
  199. // Print it before we exit.
  200. if flagSeed.random {
  201. fmt.Fprintf(os.Stderr, "random seed: %s\n", base64.RawStdEncoding.EncodeToString(flagSeed.bytes))
  202. }
  203. return 1
  204. }
  205. return 0
  206. }
  207. type errJustExit int
  208. func (e errJustExit) Error() string { return fmt.Sprintf("exit: %d", e) }
  209. // toolchainVersionSemver is a semver-compatible version of the Go toolchain currently
  210. // being used, as reported by "go env GOVERSION".
  211. // Note that the version of Go that built the garble binary might be newer.
  212. var toolchainVersionSemver string
  213. func goVersionOK() bool {
  214. const (
  215. minGoVersionSemver = "v1.18.0"
  216. suggestedGoVersion = "1.18.x"
  217. )
  218. // rxVersion looks for a version like "go1.2" or "go1.2.3"
  219. rxVersion := regexp.MustCompile(`go\d+\.\d+(?:\.\d+)?`)
  220. toolchainVersionFull := cache.GoEnv.GOVERSION
  221. toolchainVersion := rxVersion.FindString(cache.GoEnv.GOVERSION)
  222. if toolchainVersion == "" {
  223. // Go 1.15.x and older do not have GOVERSION yet.
  224. // We could go the extra mile and fetch it via 'go toolchainVersion',
  225. // but we'd have to error anyway.
  226. fmt.Fprintf(os.Stderr, "Go version is too old; please upgrade to Go %s or a newer devel version\n", suggestedGoVersion)
  227. return false
  228. }
  229. toolchainVersionSemver = "v" + strings.TrimPrefix(toolchainVersion, "go")
  230. if semver.Compare(toolchainVersionSemver, minGoVersionSemver) < 0 {
  231. fmt.Fprintf(os.Stderr, "Go version %q is too old; please upgrade to Go %s\n", toolchainVersionFull, suggestedGoVersion)
  232. return false
  233. }
  234. // Ensure that the version of Go that built the garble binary is equal or
  235. // newer than toolchainVersionSemver.
  236. builtVersionFull := os.Getenv("GARBLE_TEST_GOVERSION")
  237. if builtVersionFull == "" {
  238. builtVersionFull = runtime.Version()
  239. }
  240. builtVersion := rxVersion.FindString(builtVersionFull)
  241. if builtVersion == "" {
  242. // If garble built itself, we don't know what Go version was used.
  243. // Fall back to not performing the check against the toolchain version.
  244. return true
  245. }
  246. builtVersionSemver := "v" + strings.TrimPrefix(builtVersion, "go")
  247. if semver.Compare(builtVersionSemver, toolchainVersionSemver) < 0 {
  248. fmt.Fprintf(os.Stderr, "garble was built with %q and is being used with %q; please rebuild garble with the newer version\n",
  249. builtVersionFull, toolchainVersionFull)
  250. return false
  251. }
  252. return true
  253. }
  254. func mainErr(args []string) error {
  255. // If we recognize an argument, we're not running within -toolexec.
  256. switch command, args := args[0], args[1:]; command {
  257. case "help":
  258. if hasHelpFlag(args) || len(args) > 1 {
  259. fmt.Fprintf(os.Stderr, "usage: garble help [command]\n")
  260. return errJustExit(2)
  261. }
  262. if len(args) == 1 {
  263. return mainErr([]string{args[0], "-h"})
  264. }
  265. usage()
  266. return errJustExit(2)
  267. case "version":
  268. if hasHelpFlag(args) || len(args) > 0 {
  269. fmt.Fprintf(os.Stderr, "usage: garble version\n")
  270. return errJustExit(2)
  271. }
  272. info, ok := debug.ReadBuildInfo()
  273. if !ok {
  274. // The build binary was stripped of build info?
  275. // Could be the case if garble built itself.
  276. fmt.Println("unknown")
  277. return nil
  278. }
  279. mod := &info.Main
  280. if mod.Replace != nil {
  281. mod = mod.Replace
  282. }
  283. // For the tests.
  284. if v := os.Getenv("GARBLE_TEST_SETTINGS"); v != "" {
  285. var extra []debug.BuildSetting
  286. if err := json.Unmarshal([]byte(v), &extra); err != nil {
  287. return err
  288. }
  289. info.Settings = append(info.Settings, extra...)
  290. }
  291. // Until https://github.com/golang/go/issues/50603 is implemented,
  292. // manually construct something like a pseudo-version.
  293. // TODO: remove when this code is dead, hopefully in Go 1.20.
  294. if mod.Version == "(devel)" {
  295. var vcsTime time.Time
  296. var vcsRevision string
  297. for _, setting := range info.Settings {
  298. switch setting.Key {
  299. case "vcs.time":
  300. // If the format is invalid, we'll print a zero timestamp.
  301. vcsTime, _ = time.Parse(time.RFC3339Nano, setting.Value)
  302. case "vcs.revision":
  303. vcsRevision = setting.Value
  304. if len(vcsRevision) > 12 {
  305. vcsRevision = vcsRevision[:12]
  306. }
  307. }
  308. }
  309. if vcsRevision != "" {
  310. mod.Version = module.PseudoVersion("", "", vcsTime, vcsRevision)
  311. }
  312. }
  313. fmt.Printf("%s %s\n\n", mod.Path, mod.Version)
  314. fmt.Printf("Build settings:\n")
  315. for _, setting := range info.Settings {
  316. if setting.Value == "" {
  317. continue // do empty build settings even matter?
  318. }
  319. // The padding helps keep readability by aligning:
  320. //
  321. // veryverylong.key value
  322. // short.key some-other-value
  323. //
  324. // Empirically, 16 is enough; the longest key seen is "vcs.revision".
  325. fmt.Printf("%16s %s\n", setting.Key, setting.Value)
  326. }
  327. return nil
  328. case "reverse":
  329. return commandReverse(args)
  330. case "build", "test":
  331. cmd, err := toolexecCmd(command, args)
  332. defer os.RemoveAll(os.Getenv("GARBLE_SHARED"))
  333. if err != nil {
  334. return err
  335. }
  336. cmd.Stdout = os.Stdout
  337. cmd.Stderr = os.Stderr
  338. log.Printf("calling via toolexec: %s", cmd)
  339. return cmd.Run()
  340. }
  341. if !filepath.IsAbs(args[0]) {
  342. // -toolexec gives us an absolute path to the tool binary to
  343. // run, so this is most likely misuse of garble by a user.
  344. return fmt.Errorf("unknown command: %q", args[0])
  345. }
  346. // We're in a toolexec sub-process, not directly called by the user.
  347. // Load the shared data and wrap the tool, like the compiler or linker.
  348. if err := loadSharedCache(); err != nil {
  349. return err
  350. }
  351. _, tool := filepath.Split(args[0])
  352. if runtime.GOOS == "windows" {
  353. tool = strings.TrimSuffix(tool, ".exe")
  354. }
  355. if len(args) == 2 && args[1] == "-V=full" {
  356. return alterToolVersion(tool, args)
  357. }
  358. toolexecImportPath := os.Getenv("TOOLEXEC_IMPORTPATH")
  359. curPkg = cache.ListedPackages[toolexecImportPath]
  360. if curPkg == nil {
  361. return fmt.Errorf("TOOLEXEC_IMPORTPATH not found in listed packages: %s", toolexecImportPath)
  362. }
  363. transform := transformFuncs[tool]
  364. transformed := args[1:]
  365. if transform != nil {
  366. startTime := time.Now()
  367. log.Printf("transforming %s with args: %s", tool, strings.Join(transformed, " "))
  368. var err error
  369. if transformed, err = transform(transformed); err != nil {
  370. return err
  371. }
  372. log.Printf("transformed args for %s in %s: %s", tool, debugSince(startTime), strings.Join(transformed, " "))
  373. } else {
  374. log.Printf("skipping transform on %s with args: %s", tool, strings.Join(transformed, " "))
  375. }
  376. cmd := exec.Command(args[0], transformed...)
  377. cmd.Stdout = os.Stdout
  378. cmd.Stderr = os.Stderr
  379. if err := cmd.Run(); err != nil {
  380. return err
  381. }
  382. return nil
  383. }
  384. func hasHelpFlag(flags []string) bool {
  385. for _, f := range flags {
  386. switch f {
  387. case "-h", "-help", "--help":
  388. return true
  389. }
  390. }
  391. return false
  392. }
  393. // toolexecCmd builds an *exec.Cmd which is set up for running "go <command>"
  394. // with -toolexec=garble and the supplied arguments.
  395. //
  396. // Note that it uses and modifies global state; in general, it should only be
  397. // called once from mainErr in the top-level garble process.
  398. func toolexecCmd(command string, args []string) (*exec.Cmd, error) {
  399. // Split the flags from the package arguments, since we'll need
  400. // to run 'go list' on the same set of packages.
  401. flags, args := splitFlagsFromArgs(args)
  402. if hasHelpFlag(flags) {
  403. out, _ := exec.Command("go", command, "-h").CombinedOutput()
  404. fmt.Fprintf(os.Stderr, `
  405. usage: garble [garble flags] %s [arguments]
  406. This command wraps "go %s". Below is its help:
  407. %s`[1:], command, command, out)
  408. return nil, errJustExit(2)
  409. }
  410. for _, flag := range flags {
  411. if rxGarbleFlag.MatchString(flag) {
  412. return nil, fmt.Errorf("garble flags must precede command, like: garble %s build ./pkg", flag)
  413. }
  414. }
  415. // Here is the only place we initialize the cache.
  416. // The sub-processes will parse it from a shared gob file.
  417. cache = &sharedCache{}
  418. // Note that we also need to pass build flags to 'go list', such
  419. // as -tags.
  420. cache.ForwardBuildFlags, _ = filterForwardBuildFlags(flags)
  421. if command == "test" {
  422. cache.ForwardBuildFlags = append(cache.ForwardBuildFlags, "-test")
  423. }
  424. if err := fetchGoEnv(); err != nil {
  425. return nil, err
  426. }
  427. if !goVersionOK() {
  428. return nil, errJustExit(1)
  429. }
  430. var err error
  431. cache.ExecPath, err = os.Executable()
  432. if err != nil {
  433. return nil, err
  434. }
  435. binaryBuildID, err := buildidOf(cache.ExecPath)
  436. if err != nil {
  437. return nil, err
  438. }
  439. cache.BinaryContentID = decodeHash(splitContentID(binaryBuildID))
  440. if err := appendListedPackages(args, true); err != nil {
  441. return nil, err
  442. }
  443. sharedTempDir, err = saveSharedCache()
  444. if err != nil {
  445. return nil, err
  446. }
  447. os.Setenv("GARBLE_SHARED", sharedTempDir)
  448. wd, err := os.Getwd()
  449. if err != nil {
  450. return nil, err
  451. }
  452. os.Setenv("GARBLE_PARENT_WORK", wd)
  453. if flagDebugDir != "" {
  454. if !filepath.IsAbs(flagDebugDir) {
  455. flagDebugDir = filepath.Join(wd, flagDebugDir)
  456. }
  457. if err := os.RemoveAll(flagDebugDir); err != nil {
  458. return nil, fmt.Errorf("could not empty debugdir: %v", err)
  459. }
  460. if err := os.MkdirAll(flagDebugDir, 0o755); err != nil {
  461. return nil, err
  462. }
  463. }
  464. goArgs := []string{
  465. command,
  466. "-trimpath",
  467. "-buildvcs=false",
  468. }
  469. // Pass the garble flags down to each toolexec invocation.
  470. // This way, all garble processes see the same flag values.
  471. var toolexecFlag strings.Builder
  472. toolexecFlag.WriteString("-toolexec=")
  473. quotedExecPath, err := cmdgoQuotedJoin([]string{cache.ExecPath})
  474. if err != nil {
  475. // Can only happen if the absolute path to the garble binary contains
  476. // both single and double quotes. Seems extremely unlikely.
  477. return nil, err
  478. }
  479. toolexecFlag.WriteString(quotedExecPath)
  480. appendFlags(&toolexecFlag, false)
  481. goArgs = append(goArgs, toolexecFlag.String())
  482. if flagDebugDir != "" {
  483. // In case the user deletes the debug directory,
  484. // and a previous build is cached,
  485. // rebuild all packages to re-fill the debug dir.
  486. goArgs = append(goArgs, "-a")
  487. }
  488. if command == "test" {
  489. // vet is generally not useful on obfuscated code; keep it
  490. // disabled by default.
  491. goArgs = append(goArgs, "-vet=off")
  492. }
  493. goArgs = append(goArgs, flags...)
  494. goArgs = append(goArgs, args...)
  495. return exec.Command("go", goArgs...), nil
  496. }
  497. var transformFuncs = map[string]func([]string) ([]string, error){
  498. "asm": transformAsm,
  499. "compile": transformCompile,
  500. "link": transformLink,
  501. }
  502. func transformAsm(args []string) ([]string, error) {
  503. if !curPkg.ToObfuscate {
  504. return args, nil // we're not obfuscating this package
  505. }
  506. flags, paths := splitFlagsFromFiles(args, ".s")
  507. // When assembling, the import path can make its way into the output object file.
  508. if curPkg.Name != "main" {
  509. flags = flagSetValue(flags, "-p", curPkg.obfuscatedImportPath())
  510. }
  511. flags = alterTrimpath(flags)
  512. // If the assembler is running just for -gensymabis,
  513. // don't obfuscate the source, as we are not assembling yet.
  514. // The assembler will run again later; obfuscating twice is just wasteful.
  515. newPaths := make([]string, 0, len(paths))
  516. if !slices.Contains(args, "-gensymabis") {
  517. for _, path := range paths {
  518. name := filepath.Base(path)
  519. pkgDir := filepath.Join(sharedTempDir, filepath.FromSlash(curPkg.ImportPath))
  520. newPath := filepath.Join(pkgDir, name)
  521. newPaths = append(newPaths, newPath)
  522. }
  523. return append(flags, newPaths...), nil
  524. }
  525. // We need to replace all function references with their obfuscated name
  526. // counterparts.
  527. // Luckily, all func names in Go assembly files are immediately followed
  528. // by the unicode "middle dot", like:
  529. //
  530. // TEXT ·privateAdd(SB),$0-24
  531. const middleDot = '·'
  532. middleDotLen := utf8.RuneLen(middleDot)
  533. var buf bytes.Buffer
  534. for _, path := range paths {
  535. // Read the entire file into memory.
  536. // If we find issues with large files, we can use bufio.
  537. content, err := os.ReadFile(path)
  538. if err != nil {
  539. return nil, err
  540. }
  541. buf.Reset()
  542. // Find all middle-dot names, and replace them.
  543. remaining := content
  544. for {
  545. i := bytes.IndexRune(remaining, middleDot)
  546. if i < 0 {
  547. buf.Write(remaining)
  548. remaining = nil
  549. break
  550. }
  551. // We want to replace "OP ·foo" and "OP $·foo",
  552. // but not "OP somepkg·foo" just yet.
  553. // "somepkg" is often runtime, syscall, etc.
  554. // We don't obfuscate any of those for now.
  555. //
  556. // TODO: we'll likely need to deal with this
  557. // when we start obfuscating the runtime.
  558. // When we do, note that we can't hash with curPkg.
  559. localName := false
  560. if i >= 0 {
  561. switch remaining[i-1] {
  562. case ' ', '\t', '$':
  563. localName = true
  564. }
  565. }
  566. i += middleDotLen
  567. buf.Write(remaining[:i])
  568. remaining = remaining[i:]
  569. // The name ends at the first rune which cannot be part
  570. // of a Go identifier, such as a comma or space.
  571. nameEnd := 0
  572. for nameEnd < len(remaining) {
  573. c, size := utf8.DecodeRune(remaining[nameEnd:])
  574. if !unicode.IsLetter(c) && c != '_' && !unicode.IsDigit(c) {
  575. break
  576. }
  577. nameEnd += size
  578. }
  579. name := string(remaining[:nameEnd])
  580. remaining = remaining[nameEnd:]
  581. if !localName {
  582. buf.WriteString(name)
  583. continue
  584. }
  585. newName := hashWithPackage(curPkg, name)
  586. log.Printf("asm name %q hashed with %x to %q", name, curPkg.GarbleActionID, newName)
  587. buf.WriteString(newName)
  588. }
  589. // Uncomment for some quick debugging. Do not delete.
  590. // if curPkg.ToObfuscate {
  591. // fmt.Fprintf(os.Stderr, "\n-- %s --\n%s", path, buf.Bytes())
  592. // }
  593. name := filepath.Base(path)
  594. if path, err := writeTemp(name, buf.Bytes()); err != nil {
  595. return nil, err
  596. } else {
  597. newPaths = append(newPaths, path)
  598. }
  599. }
  600. return append(flags, newPaths...), nil
  601. }
  602. // writeTemp is a mix between os.CreateTemp and os.WriteFile, as it writes a
  603. // named source file in sharedTempDir given an input buffer.
  604. //
  605. // Note that the file is created under a directory tree following curPkg's
  606. // import path, mimicking how files are laid out in modules and GOROOT.
  607. func writeTemp(name string, content []byte) (string, error) {
  608. pkgDir := filepath.Join(sharedTempDir, filepath.FromSlash(curPkg.ImportPath))
  609. if err := os.MkdirAll(pkgDir, 0o777); err != nil {
  610. return "", err
  611. }
  612. dstPath := filepath.Join(pkgDir, name)
  613. if err := writeFileExclusive(dstPath, content); err != nil {
  614. return "", err
  615. }
  616. return dstPath, nil
  617. }
  618. func transformCompile(args []string) ([]string, error) {
  619. var err error
  620. flags, paths := splitFlagsFromFiles(args, ".go")
  621. // We will force the linker to drop DWARF via -w, so don't spend time
  622. // generating it.
  623. flags = append(flags, "-dwarf=false")
  624. var files []*ast.File
  625. for _, path := range paths {
  626. file, err := parser.ParseFile(fset, path, nil, parser.SkipObjectResolution|parser.ParseComments)
  627. if err != nil {
  628. return nil, err
  629. }
  630. files = append(files, file)
  631. }
  632. tf := newTransformer()
  633. if err := tf.typecheck(files); err != nil {
  634. return nil, err
  635. }
  636. flags = alterTrimpath(flags)
  637. // Note that if the file already exists in the cache from another build,
  638. // we don't need to write to it again thanks to the hash.
  639. // TODO: as an optimization, just load that one gob file.
  640. if err := loadCachedOutputs(); err != nil {
  641. return nil, err
  642. }
  643. tf.findReflectFunctions(files)
  644. newImportCfg, err := processImportCfg(flags)
  645. if err != nil {
  646. return nil, err
  647. }
  648. // Literal obfuscation uses math/rand, so seed it deterministically.
  649. randSeed := curPkg.GarbleActionID
  650. if flagSeed.present() {
  651. randSeed = flagSeed.bytes
  652. }
  653. // log.Printf("seeding math/rand with %x\n", randSeed)
  654. mathrand.Seed(int64(binary.BigEndian.Uint64(randSeed)))
  655. if err := tf.prefillObjectMaps(files); err != nil {
  656. return nil, err
  657. }
  658. // If this is a package to obfuscate, swap the -p flag with the new package path.
  659. // We don't if it's the main package, as that just uses "-p main".
  660. // We only set newPkgPath if we're obfuscating the import path,
  661. // to replace the original package name in the package clause below.
  662. newPkgPath := ""
  663. if curPkg.Name != "main" && curPkg.ToObfuscate {
  664. newPkgPath = curPkg.obfuscatedImportPath()
  665. flags = flagSetValue(flags, "-p", newPkgPath)
  666. }
  667. newPaths := make([]string, 0, len(files))
  668. for i, file := range files {
  669. filename := filepath.Base(paths[i])
  670. log.Printf("obfuscating %s", filename)
  671. if curPkg.ImportPath == "runtime" && flagTiny {
  672. // strip unneeded runtime code
  673. stripRuntime(filename, file)
  674. tf.removeUnnecessaryImports(file)
  675. }
  676. tf.handleDirectives(file.Comments)
  677. file = tf.transformGo(file)
  678. if newPkgPath != "" {
  679. file.Name.Name = newPkgPath
  680. }
  681. src, err := printFile(file)
  682. if err != nil {
  683. return nil, err
  684. }
  685. // It is possible to end up in an edge case where two instances of the
  686. // same package have different Action IDs, but their obfuscation and
  687. // builds produce exactly the same results.
  688. // In such an edge case, Go's build cache is smart enough for the second
  689. // instance to reuse the first's build artifact.
  690. // However, garble's caching via garbleExportFile is not as smart,
  691. // as we base the location of these files purely based on Action IDs.
  692. // Thus, the incremental build can fail to find garble's cached file.
  693. // To sidestep this bug entirely, ensure that different action IDs never
  694. // produce the same cached output when building with garble.
  695. // Note that this edge case tends to happen when a -seed is provided,
  696. // as then a package's Action ID is not used as an obfuscation seed.
  697. // TODO(mvdan): replace this workaround with an actual fix if we can.
  698. // This workaround is presumably worse on the build cache,
  699. // as we end up with extra near-duplicate cached artifacts.
  700. if i == 0 {
  701. src = append(src, fmt.Sprintf(
  702. "\nvar garbleActionID = %q\n", hashToString(curPkg.GarbleActionID),
  703. )...)
  704. }
  705. // Uncomment for some quick debugging. Do not delete.
  706. // if curPkg.ToObfuscate {
  707. // fmt.Fprintf(os.Stderr, "\n-- %s/%s --\n%s", curPkg.ImportPath, filename, src)
  708. // }
  709. if path, err := writeTemp(filename, src); err != nil {
  710. return nil, err
  711. } else {
  712. newPaths = append(newPaths, path)
  713. }
  714. if flagDebugDir != "" {
  715. osPkgPath := filepath.FromSlash(curPkg.ImportPath)
  716. pkgDebugDir := filepath.Join(flagDebugDir, osPkgPath)
  717. if err := os.MkdirAll(pkgDebugDir, 0o755); err != nil {
  718. return nil, err
  719. }
  720. debugFilePath := filepath.Join(pkgDebugDir, filename)
  721. if err := os.WriteFile(debugFilePath, src, 0o666); err != nil {
  722. return nil, err
  723. }
  724. }
  725. }
  726. flags = flagSetValue(flags, "-importcfg", newImportCfg)
  727. if err := writeGobExclusive(
  728. garbleExportFile(curPkg),
  729. cachedOutput,
  730. ); err != nil && !errors.Is(err, fs.ErrExist) {
  731. return nil, err
  732. }
  733. return append(flags, newPaths...), nil
  734. }
  735. // handleDirectives looks at all the comments in a file containing build
  736. // directives, and does the necessary for the obfuscation process to work.
  737. //
  738. // Right now, this means recording what local names are used with go:linkname,
  739. // and rewriting those directives to use obfuscated name from other packages.
  740. func (tf *transformer) handleDirectives(comments []*ast.CommentGroup) {
  741. for _, group := range comments {
  742. for _, comment := range group.List {
  743. if !strings.HasPrefix(comment.Text, "//go:linkname ") {
  744. continue
  745. }
  746. fields := strings.Fields(comment.Text)
  747. if len(fields) != 3 {
  748. // TODO: the 2nd argument is optional, handle when it's not present
  749. continue
  750. }
  751. // This directive has two arguments: "go:linkname localName newName"
  752. // obfuscate the local name, if the current package is obfuscated
  753. if curPkg.ToObfuscate {
  754. fields[1] = hashWithPackage(curPkg, fields[1])
  755. }
  756. // If the new name is of the form "pkgpath.Name", and
  757. // we've obfuscated "Name" in that package, rewrite the
  758. // directive to use the obfuscated name.
  759. newName := fields[2]
  760. dotCnt := strings.Count(newName, ".")
  761. if dotCnt < 1 {
  762. // cgo-generated code uses linknames to made up symbol names,
  763. // which do not have a package path at all.
  764. // Replace the comment in case the local name was obfuscated.
  765. comment.Text = strings.Join(fields, " ")
  766. continue
  767. }
  768. switch newName {
  769. case "main.main", "main..inittask", "runtime..inittask":
  770. // The runtime uses some special symbols with "..".
  771. // We aren't touching those at the moment.
  772. continue
  773. }
  774. // If the package path has multiple dots, split on the
  775. // last one.
  776. lastDotIdx := strings.LastIndex(newName, ".")
  777. pkgPath, name := newName[:lastDotIdx], newName[lastDotIdx+1:]
  778. lpkg, err := listPackage(pkgPath)
  779. if err != nil {
  780. // Probably a made up name like above, but with a dot.
  781. comment.Text = strings.Join(fields, " ")
  782. continue
  783. }
  784. if lpkg.ToObfuscate {
  785. // The name exists and was obfuscated; obfuscate
  786. // the new name.
  787. newName := hashWithPackage(lpkg, name)
  788. newPkgPath := pkgPath
  789. if pkgPath != "main" {
  790. newPkgPath = lpkg.obfuscatedImportPath()
  791. }
  792. fields[2] = newPkgPath + "." + newName
  793. }
  794. comment.Text = strings.Join(fields, " ")
  795. }
  796. }
  797. }
  798. // processImportCfg parses the importcfg file passed to a compile or link step.
  799. // It also builds a new importcfg file to account for obfuscated import paths.
  800. func processImportCfg(flags []string) (newImportCfg string, _ error) {
  801. importCfg := flagValue(flags, "-importcfg")
  802. if importCfg == "" {
  803. return "", fmt.Errorf("could not find -importcfg argument")
  804. }
  805. data, err := os.ReadFile(importCfg)
  806. if err != nil {
  807. return "", err
  808. }
  809. var packagefiles, importmaps [][2]string
  810. for _, line := range strings.Split(string(data), "\n") {
  811. if line == "" || strings.HasPrefix(line, "#") {
  812. continue
  813. }
  814. verb, args, found := strings.Cut(line, " ")
  815. if !found {
  816. continue
  817. }
  818. switch verb {
  819. case "importmap":
  820. beforePath, afterPath, found := strings.Cut(args, "=")
  821. if !found {
  822. continue
  823. }
  824. importmaps = append(importmaps, [2]string{beforePath, afterPath})
  825. case "packagefile":
  826. importPath, objectPath, found := strings.Cut(args, "=")
  827. if !found {
  828. continue
  829. }
  830. packagefiles = append(packagefiles, [2]string{importPath, objectPath})
  831. }
  832. }
  833. // Produce the modified importcfg file.
  834. // This is mainly replacing the obfuscated paths.
  835. // Note that we range over maps, so this is non-deterministic, but that
  836. // should not matter as the file is treated like a lookup table.
  837. newCfg, err := os.CreateTemp(sharedTempDir, "importcfg")
  838. if err != nil {
  839. return "", err
  840. }
  841. for _, pair := range importmaps {
  842. beforePath, afterPath := pair[0], pair[1]
  843. lpkg, err := listPackage(beforePath)
  844. if err != nil {
  845. panic(err) // shouldn't happen
  846. }
  847. if lpkg.ToObfuscate {
  848. // Note that beforePath is not the canonical path.
  849. // For beforePath="vendor/foo", afterPath and
  850. // lpkg.ImportPath can be just "foo".
  851. // Don't use obfuscatedImportPath here.
  852. beforePath = hashWithPackage(lpkg, beforePath)
  853. afterPath = lpkg.obfuscatedImportPath()
  854. }
  855. fmt.Fprintf(newCfg, "importmap %s=%s\n", beforePath, afterPath)
  856. }
  857. for _, pair := range packagefiles {
  858. impPath, pkgfile := pair[0], pair[1]
  859. lpkg, err := listPackage(impPath)
  860. if err != nil {
  861. // TODO: it's unclear why an importcfg can include an import path
  862. // that's not a dependency in an edge case with "go test ./...".
  863. // See exporttest/*.go in testdata/scripts/test.txt.
  864. // For now, spot the pattern and avoid the unnecessary error;
  865. // the dependency is unused, so the packagefile line is redundant.
  866. // This still triggers as of go1.19beta1.
  867. if strings.HasSuffix(curPkg.ImportPath, ".test]") && strings.HasPrefix(curPkg.ImportPath, impPath) {
  868. continue
  869. }
  870. panic(err) // shouldn't happen
  871. }
  872. if lpkg.Name != "main" {
  873. impPath = lpkg.obfuscatedImportPath()
  874. }
  875. fmt.Fprintf(newCfg, "packagefile %s=%s\n", impPath, pkgfile)
  876. }
  877. // Uncomment to debug the transformed importcfg. Do not delete.
  878. // newCfg.Seek(0, 0)
  879. // io.Copy(os.Stderr, newCfg)
  880. if err := newCfg.Close(); err != nil {
  881. return "", err
  882. }
  883. return newCfg.Name(), nil
  884. }
  885. type (
  886. funcFullName = string // as per go/types.Func.FullName
  887. objectString = string // as per recordedObjectString
  888. reflectParameter struct {
  889. Position int // 0-indexed
  890. Variadic bool // ...int
  891. }
  892. typeName struct {
  893. PkgPath, Name string
  894. }
  895. )
  896. // TODO: read-write globals like these should probably be inside transformer
  897. // knownCannotObfuscateUnexported is like KnownCannotObfuscate but for
  898. // unexported names. We don't need to store this in the build cache,
  899. // because these names cannot be referenced by downstream packages.
  900. var knownCannotObfuscateUnexported = map[types.Object]bool{}
  901. // cachedOutput contains information that will be stored as per garbleExportFile.
  902. // Note that cachedOutput gets loaded from all direct package dependencies,
  903. // and gets filled while obfuscating the current package, so it ends up
  904. // containing entries for the current package and its transitive dependencies.
  905. var cachedOutput = struct {
  906. // KnownReflectAPIs is a static record of what std APIs use reflection on their
  907. // parameters, so we can avoid obfuscating types used with them.
  908. //
  909. // TODO: we're not including fmt.Printf, as it would have many false positives,
  910. // unless we were smart enough to detect which arguments get used as %#v or %T.
  911. KnownReflectAPIs map[funcFullName][]reflectParameter
  912. // KnownCannotObfuscate is filled with the fully qualified names from each
  913. // package that we cannot obfuscate.
  914. // This record is necessary for knowing what names from imported packages
  915. // weren't obfuscated, so we can obfuscate their local uses accordingly.
  916. KnownCannotObfuscate map[objectString]struct{}
  917. // KnownEmbeddedAliasFields records which embedded fields use a type alias.
  918. // They are the only instance where a type alias matters for obfuscation,
  919. // because the embedded field name is derived from the type alias itself,
  920. // and not the type that the alias points to.
  921. // In that way, the type alias is obfuscated as a form of named type,
  922. // bearing in mind that it may be owned by a different package.
  923. KnownEmbeddedAliasFields map[objectString]typeName
  924. }{
  925. KnownReflectAPIs: map[funcFullName][]reflectParameter{
  926. "reflect.TypeOf": {{Position: 0, Variadic: false}},
  927. "reflect.ValueOf": {{Position: 0, Variadic: false}},
  928. },
  929. KnownCannotObfuscate: map[objectString]struct{}{},
  930. KnownEmbeddedAliasFields: map[objectString]typeName{},
  931. }
  932. // garbleExportFile returns an absolute path to a build cache entry
  933. // which belongs to garble and corresponds to the given Go package.
  934. //
  935. // Unlike pkg.Export, it is only read and written by garble itself.
  936. // Also unlike pkg.Export, it includes GarbleActionID,
  937. // so its path will change if the obfuscated build changes.
  938. //
  939. // The purpose of such a file is to store garble-specific information
  940. // in the build cache, to be reused at a later time.
  941. // The file should have the same lifetime as pkg.Export,
  942. // as it lives under the same cache directory that gets trimmed automatically.
  943. func garbleExportFile(pkg *listedPackage) string {
  944. trimmed := strings.TrimSuffix(pkg.Export, "-d")
  945. if trimmed == pkg.Export {
  946. panic(fmt.Sprintf("unexpected export path of %s: %q", pkg.ImportPath, pkg.Export))
  947. }
  948. return trimmed + "-garble-" + hashToString(pkg.GarbleActionID) + "-d"
  949. }
  950. func loadCachedOutputs() error {
  951. startTime := time.Now()
  952. loaded := 0
  953. for _, path := range curPkg.Deps {
  954. pkg, err := listPackage(path)
  955. if err != nil {
  956. panic(err) // shouldn't happen
  957. }
  958. if pkg.Export == "" {
  959. continue // nothing to load
  960. }
  961. // this function literal is used for the deferred close
  962. if err := func() error {
  963. filename := garbleExportFile(pkg)
  964. f, err := os.Open(filename)
  965. if err != nil {
  966. return err
  967. }
  968. defer f.Close()
  969. // Decode appends new entries to the existing maps
  970. if err := gob.NewDecoder(f).Decode(&cachedOutput); err != nil {
  971. return fmt.Errorf("gob decode: %w", err)
  972. }
  973. return nil
  974. }(); err != nil {
  975. return fmt.Errorf("cannot load garble export file for %s: %w", path, err)
  976. }
  977. loaded++
  978. }
  979. log.Printf("%d cached output files loaded in %s", loaded, debugSince(startTime))
  980. return nil
  981. }
  982. func (tf *transformer) findReflectFunctions(files []*ast.File) {
  983. seenReflectParams := make(map[*types.Var]bool)
  984. visitFuncDecl := func(funcDecl *ast.FuncDecl) {
  985. funcObj := tf.info.Defs[funcDecl.Name].(*types.Func)
  986. funcType := funcObj.Type().(*types.Signature)
  987. funcParams := funcType.Params()
  988. maps.Clear(seenReflectParams)
  989. for i := 0; i < funcParams.Len(); i++ {
  990. seenReflectParams[funcParams.At(i)] = false
  991. }
  992. ast.Inspect(funcDecl, func(node ast.Node) bool {
  993. call, ok := node.(*ast.CallExpr)
  994. if !ok {
  995. return true
  996. }
  997. sel, ok := call.Fun.(*ast.SelectorExpr)
  998. if !ok {
  999. return true
  1000. }
  1001. calledFunc, _ := tf.info.Uses[sel.Sel].(*types.Func)
  1002. if calledFunc == nil || calledFunc.Pkg() == nil {
  1003. return true
  1004. }
  1005. fullName := calledFunc.FullName()
  1006. for _, reflectParam := range cachedOutput.KnownReflectAPIs[fullName] {
  1007. // We need a range to handle any number of variadic arguments,
  1008. // which could be 0 or multiple.
  1009. // The non-variadic case is always one argument,
  1010. // but we still use the range to deduplicate code.
  1011. argStart := reflectParam.Position
  1012. argEnd := argStart + 1
  1013. if reflectParam.Variadic {
  1014. argEnd = len(call.Args)
  1015. }
  1016. for _, arg := range call.Args[argStart:argEnd] {
  1017. ident, ok := arg.(*ast.Ident)
  1018. if !ok {
  1019. continue
  1020. }
  1021. obj, _ := tf.info.Uses[ident].(*types.Var)
  1022. if obj == nil {
  1023. continue
  1024. }
  1025. if _, ok := seenReflectParams[obj]; ok {
  1026. seenReflectParams[obj] = true
  1027. }
  1028. }
  1029. }
  1030. var reflectParams []reflectParameter
  1031. for i := 0; i < funcParams.Len(); i++ {
  1032. if seenReflectParams[funcParams.At(i)] {
  1033. reflectParams = append(reflectParams, reflectParameter{
  1034. Position: i,
  1035. Variadic: funcType.Variadic() && i == funcParams.Len()-1,
  1036. })
  1037. }
  1038. }
  1039. if len(reflectParams) > 0 {
  1040. cachedOutput.KnownReflectAPIs[funcObj.FullName()] = reflectParams
  1041. }
  1042. return true
  1043. })
  1044. }
  1045. lenPrevKnownReflectAPIs := len(cachedOutput.KnownReflectAPIs)
  1046. for _, file := range files {
  1047. for _, decl := range file.Decls {
  1048. if decl, ok := decl.(*ast.FuncDecl); ok {
  1049. visitFuncDecl(decl)
  1050. }
  1051. }
  1052. }
  1053. // if a new reflectAPI is found we need to Re-evaluate all functions which might be using that API
  1054. if len(cachedOutput.KnownReflectAPIs) > lenPrevKnownReflectAPIs {
  1055. tf.findReflectFunctions(files)
  1056. }
  1057. }
  1058. // cmd/bundle will include a go:generate directive in its output by default.
  1059. // Ours specifies a version and doesn't assume bundle is in $PATH, so drop it.
  1060. //go:generate go run golang.org/x/tools/cmd/bundle@v0.1.9 -o cmdgo_quoted.go -prefix cmdgoQuoted cmd/internal/quoted
  1061. //go:generate sed -i /go:generate/d cmdgo_quoted.go
  1062. // prefillObjectMaps collects objects which should not be obfuscated,
  1063. // such as those used as arguments to reflect.TypeOf or reflect.ValueOf.
  1064. // Since we obfuscate one package at a time, we only detect those if the type
  1065. // definition and the reflect usage are both in the same package.
  1066. func (tf *transformer) prefillObjectMaps(files []*ast.File) error {
  1067. tf.linkerVariableStrings = make(map[*types.Var]string)
  1068. // TODO: this is a linker flag that affects how we obfuscate a package at
  1069. // compile time. Note that, if the user changes ldflags, then Go may only
  1070. // re-link the final binary, without re-compiling any packages at all.
  1071. // It's possible that this could result in:
  1072. //
  1073. // garble -literals build -ldflags=-X=pkg.name=before # name="before"
  1074. // garble -literals build -ldflags=-X=pkg.name=after # name="before" as cached
  1075. //
  1076. // We haven't been able to reproduce this problem for now,
  1077. // but it's worth noting it and keeping an eye out for it in the future.
  1078. // If we do confirm this theoretical bug,
  1079. // the solution will be to either find a different solution for -literals,
  1080. // or to force including -ldflags into the build cache key.
  1081. ldflags, err := cmdgoQuotedSplit(flagValue(cache.ForwardBuildFlags, "-ldflags"))
  1082. if err != nil {
  1083. return err
  1084. }
  1085. flagValueIter(ldflags, "-X", func(val string) {
  1086. // val is in the form of "foo.com/bar.name=value".
  1087. fullName, stringValue, found := strings.Cut(val, "=")
  1088. if !found {
  1089. return // invalid
  1090. }
  1091. // fullName is "foo.com/bar.name"
  1092. i := strings.LastIndexByte(fullName, '.')
  1093. path, name := fullName[:i], fullName[i+1:]
  1094. // -X represents the main package as "main", not its import path.
  1095. if path != curPkg.ImportPath && !(path == "main" && curPkg.Name == "main") {
  1096. return // not the current package
  1097. }
  1098. obj, _ := tf.pkg.Scope().Lookup(name).(*types.Var)
  1099. if obj == nil {
  1100. return // no such variable; skip
  1101. }
  1102. tf.linkerVariableStrings[obj] = stringValue
  1103. })
  1104. visit := func(node ast.Node) bool {
  1105. call, ok := node.(*ast.CallExpr)
  1106. if !ok {
  1107. return true
  1108. }
  1109. ident, ok := call.Fun.(*ast.Ident)
  1110. if !ok {
  1111. sel, ok := call.Fun.(*ast.SelectorExpr)
  1112. if !ok {
  1113. return true
  1114. }
  1115. ident = sel.Sel
  1116. }
  1117. fnType, _ := tf.info.Uses[ident].(*types.Func)
  1118. if fnType == nil || fnType.Pkg() == nil {
  1119. return true
  1120. }
  1121. fullName := fnType.FullName()
  1122. for _, reflectParam := range cachedOutput.KnownReflectAPIs[fullName] {
  1123. argStart := reflectParam.Position
  1124. argEnd := argStart + 1
  1125. if reflectParam.Variadic {
  1126. argEnd = len(call.Args)
  1127. }
  1128. for _, arg := range call.Args[argStart:argEnd] {
  1129. argType := tf.info.TypeOf(arg)
  1130. tf.recursivelyRecordAsNotObfuscated(argType)
  1131. }
  1132. }
  1133. return true
  1134. }
  1135. for _, file := range files {
  1136. ast.Inspect(file, visit)
  1137. }
  1138. return nil
  1139. }
  1140. // transformer holds all the information and state necessary to obfuscate a
  1141. // single Go package.
  1142. type transformer struct {
  1143. // The type-checking results; the package itself, and the Info struct.
  1144. pkg *types.Package
  1145. info *types.Info
  1146. // linkerVariableStrings is also initialized by prefillObjectMaps.
  1147. // It records objects for variables used in -ldflags=-X flags,
  1148. // as well as the strings the user wants to inject them with.
  1149. linkerVariableStrings map[*types.Var]string
  1150. // recordTypeDone helps avoid type cycles in recordType.
  1151. // We only need to track named types, as all cycles must use them.
  1152. recordTypeDone map[*types.Named]bool
  1153. // fieldToStruct helps locate struct types from any of their field
  1154. // objects. Useful when obfuscating field names.
  1155. fieldToStruct map[*types.Var]*types.Struct
  1156. }
  1157. // newTransformer helps initialize some maps.
  1158. func newTransformer() *transformer {
  1159. return &transformer{
  1160. info: &types.Info{
  1161. Types: make(map[ast.Expr]types.TypeAndValue),
  1162. Defs: make(map[*ast.Ident]types.Object),
  1163. Uses: make(map[*ast.Ident]types.Object),
  1164. },
  1165. recordTypeDone: make(map[*types.Named]bool),
  1166. fieldToStruct: make(map[*types.Var]*types.Struct),
  1167. }
  1168. }
  1169. func (tf *transformer) typecheck(files []*ast.File) error {
  1170. origTypesConfig := types.Config{Importer: origImporter}
  1171. pkg, err := origTypesConfig.Check(curPkg.ImportPath, fset, files, tf.info)
  1172. if err != nil {
  1173. return fmt.Errorf("typecheck error: %v", err)
  1174. }
  1175. tf.pkg = pkg
  1176. // Run recordType on all types reachable via types.Info.
  1177. // A bit hacky, but I could not find an easier way to do this.
  1178. for _, obj := range tf.info.Defs {
  1179. if obj != nil {
  1180. tf.recordType(obj.Type(), nil)
  1181. }
  1182. }
  1183. for name, obj := range tf.info.Uses {
  1184. if obj == nil {
  1185. continue
  1186. }
  1187. tf.recordType(obj.Type(), nil)
  1188. // Record into KnownEmbeddedAliasFields.
  1189. obj, ok := obj.(*types.TypeName)
  1190. if !ok || !obj.IsAlias() {
  1191. continue
  1192. }
  1193. vr, _ := tf.info.Defs[name].(*types.Var)
  1194. if vr == nil || !vr.Embedded() {
  1195. continue
  1196. }
  1197. vrStr := recordedObjectString(vr)
  1198. if vrStr == "" {
  1199. continue
  1200. }
  1201. aliasTypeName := typeName{
  1202. PkgPath: obj.Pkg().Path(),
  1203. Name: obj.Name(),
  1204. }
  1205. cachedOutput.KnownEmbeddedAliasFields[vrStr] = aliasTypeName
  1206. }
  1207. for _, tv := range tf.info.Types {
  1208. tf.recordType(tv.Type, nil)
  1209. }
  1210. return nil
  1211. }
  1212. // recordType visits every reachable type after typechecking a package.
  1213. // Right now, all it does is fill the fieldToStruct field.
  1214. // Since types can be recursive, we need a map to avoid cycles.
  1215. func (tf *transformer) recordType(used, origin types.Type) {
  1216. if origin == nil {
  1217. origin = used
  1218. }
  1219. type Container interface{ Elem() types.Type }
  1220. switch used := used.(type) {
  1221. case Container:
  1222. origin := origin.(Container)
  1223. tf.recordType(used.Elem(), origin.Elem())
  1224. case *types.Named:
  1225. if tf.recordTypeDone[used] {
  1226. return
  1227. }
  1228. tf.recordTypeDone[used] = true
  1229. // If we have a generic struct like
  1230. //
  1231. // type Foo[T any] struct { Bar T }
  1232. //
  1233. // then we want the hashing to use the original "Bar T",
  1234. // because otherwise different instances like "Bar int" and "Bar bool"
  1235. // will result in different hashes and the field names will break.
  1236. // Ensure we record the original generic struct, if there is one.
  1237. tf.recordType(used.Underlying(), used.Origin().Underlying())
  1238. case *types.Struct:
  1239. origin := origin.(*types.Struct)
  1240. for i := 0; i < used.NumFields(); i++ {
  1241. field := used.Field(i)
  1242. tf.fieldToStruct[field] = origin
  1243. if field.Embedded() {
  1244. tf.recordType(field.Type(), origin.Field(i).Type())
  1245. }
  1246. }
  1247. }
  1248. }
  1249. // TODO: consider caching recordedObjectString via a map,
  1250. // if that shows an improvement in our benchmark
  1251. func recordedObjectString(obj types.Object) objectString {
  1252. if obj, ok := obj.(*types.Var); ok && obj.IsField() {
  1253. // For exported fields, "pkgpath.Field" is not unique,
  1254. // because two exported top-level types could share "Field".
  1255. //
  1256. // Moreover, note that not all fields belong to named struct types;
  1257. // an API could be exposing:
  1258. //
  1259. // var usedInReflection = struct{Field string}
  1260. //
  1261. // For now, a hack: assume that packages don't declare the same field
  1262. // more than once in the same line. This works in practice, but one
  1263. // could craft Go code to break this assumption.
  1264. // Also note that the compiler's object files include filenames and line
  1265. // numbers, but not column numbers nor byte offsets.
  1266. // TODO(mvdan): give this another think, and add tests involving anon types.
  1267. pos := fset.Position(obj.Pos())
  1268. return fmt.Sprintf("%s.%s - %s:%d", obj.Pkg().Path(), obj.Name(),
  1269. filepath.Base(pos.Filename), pos.Line)
  1270. }
  1271. // Names which are not at the top level cannot be imported,
  1272. // so we don't need to record them either.
  1273. // Note that this doesn't apply to fields, which are never top-level.
  1274. if obj.Pkg().Scope().Lookup(obj.Name()) != obj {
  1275. return ""
  1276. }
  1277. // For top-level exported names, "pkgpath.Name" is unique.
  1278. return fmt.Sprintf("%s.%s", obj.Pkg().Path(), obj.Name())
  1279. }
  1280. // recordAsNotObfuscated records all the objects whose names we cannot obfuscate.
  1281. // An object is any named entity, such as a declared variable or type.
  1282. //
  1283. // As of June 2022, this only records types which are used in reflection.
  1284. // TODO(mvdan): If this is still the case in a year's time,
  1285. // we should probably rename "not obfuscated" and "cannot obfuscate" to be
  1286. // directly about reflection, e.g. "used in reflection".
  1287. func recordAsNotObfuscated(obj types.Object) {
  1288. if obj.Pkg().Path() != curPkg.ImportPath {
  1289. panic("called recordedAsNotObfuscated with a foreign object")
  1290. }
  1291. if !obj.Exported() {
  1292. // Unexported names will never be used by other packages,
  1293. // so we don't need to bother recording them in cachedOutput.
  1294. knownCannotObfuscateUnexported[obj] = true
  1295. return
  1296. }
  1297. objStr := recordedObjectString(obj)
  1298. if objStr == "" {
  1299. // If the object can't be described via a qualified string,
  1300. // then other packages can't use it.
  1301. // TODO: should we still record it in knownCannotObfuscateUnexported?
  1302. return
  1303. }
  1304. cachedOutput.KnownCannotObfuscate[objStr] = struct{}{}
  1305. }
  1306. func recordedAsNotObfuscated(obj types.Object) bool {
  1307. if knownCannotObfuscateUnexported[obj] {
  1308. return true
  1309. }
  1310. objStr := recordedObjectString(obj)
  1311. if objStr == "" {
  1312. return false
  1313. }
  1314. _, ok := cachedOutput.KnownCannotObfuscate[objStr]
  1315. return ok
  1316. }
  1317. func (tf *transformer) removeUnnecessaryImports(file *ast.File) {
  1318. usedImports := make(map[string]bool)
  1319. ast.Inspect(file, func(n ast.Node) bool {
  1320. node, ok := n.(*ast.Ident)
  1321. if !ok {
  1322. return true
  1323. }
  1324. uses, ok := tf.info.Uses[node].(*types.PkgName)
  1325. if !ok {
  1326. return true
  1327. }
  1328. usedImports[uses.Imported().Path()] = true
  1329. return true
  1330. })
  1331. for _, imp := range file.Imports {
  1332. if imp.Name != nil && (imp.Name.Name == "_" || imp.Name.Name == ".") {
  1333. continue
  1334. }
  1335. path, err := strconv.Unquote(imp.Path.Value)
  1336. if err != nil {
  1337. panic(err)
  1338. }
  1339. // The import path can't be used directly here, because the actual
  1340. // path resolved via go/types might be different from the naive path.
  1341. lpkg, err := listPackage(path)
  1342. if err != nil {
  1343. panic(err)
  1344. }
  1345. if usedImports[lpkg.ImportPath] {
  1346. continue
  1347. }
  1348. imp.Name = ast.NewIdent("_")
  1349. }
  1350. }
  1351. // transformGo obfuscates the provided Go syntax file.
  1352. func (tf *transformer) transformGo(file *ast.File) *ast.File {
  1353. // Only obfuscate the literals here if the flag is on
  1354. // and if the package in question is to be obfuscated.
  1355. //
  1356. // We can't obfuscate literals in the runtime and its dependencies,
  1357. // because obfuscated literals sometimes escape to heap,
  1358. // and that's not allowed in the runtime itself.
  1359. if flagLiterals && curPkg.ToObfuscate {
  1360. file = literals.Obfuscate(file, tf.info, fset, tf.linkerVariableStrings)
  1361. // some imported constants might not be needed anymore, remove unnecessary imports
  1362. tf.removeUnnecessaryImports(file)
  1363. }
  1364. pre := func(cursor *astutil.Cursor) bool {
  1365. node, ok := cursor.Node().(*ast.Ident)
  1366. if !ok {
  1367. return true
  1368. }
  1369. name := node.Name
  1370. if name == "_" {
  1371. return true // unnamed remains unnamed
  1372. }
  1373. obj := tf.info.ObjectOf(node)
  1374. if obj == nil {
  1375. _, isImplicit := tf.info.Defs[node]
  1376. _, parentIsFile := cursor.Parent().(*ast.File)
  1377. if !isImplicit || parentIsFile {
  1378. // We only care about nil objects in the switch scenario below.
  1379. return true
  1380. }
  1381. // In a type switch like "switch foo := bar.(type) {",
  1382. // "foo" is being declared as a symbolic variable,
  1383. // as it is only actually declared in each "case SomeType:".
  1384. //
  1385. // As such, the symbolic "foo" in the syntax tree has no object,
  1386. // but it is still recorded under Defs with a nil value.
  1387. // We still want to obfuscate that syntax tree identifier,
  1388. // so if we detect the case, create a dummy types.Var for it.
  1389. //
  1390. // Note that "package mypkg" also denotes a nil object in Defs,
  1391. // and we don't want to treat that "mypkg" as a variable,
  1392. // so avoid that case by checking the type of cursor.Parent.
  1393. obj = types.NewVar(node.Pos(), tf.pkg, name, nil)
  1394. }
  1395. pkg := obj.Pkg()
  1396. if vr, ok := obj.(*types.Var); ok && vr.Embedded() {
  1397. // The docs for ObjectOf say:
  1398. //
  1399. // If id is an embedded struct field, ObjectOf returns the
  1400. // field (*Var) it defines, not the type (*TypeName) it uses.
  1401. //
  1402. // If this embedded field is a type alias, we want to
  1403. // handle the alias's TypeName instead of treating it as
  1404. // the type the alias points to.
  1405. //
  1406. // Alternatively, if we don't have an alias, we still want to
  1407. // use the embedded type, not the field.
  1408. vrStr := recordedObjectString(vr)
  1409. aliasTypeName, ok := cachedOutput.KnownEmbeddedAliasFields[vrStr]
  1410. if ok {
  1411. pkg2 := tf.pkg
  1412. if path := aliasTypeName.PkgPath; pkg2.Path() != path {
  1413. // If the package is a dependency, import it.
  1414. // We can't grab the package via tf.pkg.Imports,
  1415. // because some of the packages under there are incomplete.
  1416. // ImportFrom will cache complete imports, anyway.
  1417. var err error
  1418. pkg2, err = origImporter.ImportFrom(path, parentWorkDir, 0)
  1419. if err != nil {
  1420. panic(err)
  1421. }
  1422. }
  1423. tname, ok := pkg2.Scope().Lookup(aliasTypeName.Name).(*types.TypeName)
  1424. if !ok || !tname.IsAlias() {
  1425. if !ok {
  1426. panic(fmt.Sprintf("KnownEmbeddedAliasFields pointed %q to a missing type %q", vrStr, aliasTypeName))
  1427. }
  1428. panic(fmt.Sprintf("KnownEmbeddedAliasFields pointed %q to a non-alias type %q", vrStr, aliasTypeName))
  1429. }
  1430. obj = tname
  1431. } else {
  1432. named := namedType(obj.Type())
  1433. if named == nil {
  1434. return true // unnamed type (probably a basic type, e.g. int)
  1435. }
  1436. obj = named.Obj()
  1437. }
  1438. pkg = obj.Pkg()
  1439. }
  1440. if pkg == nil {
  1441. return true // universe scope
  1442. }
  1443. if pkg.Path() == "embed" {
  1444. // The Go compiler needs to detect types such as embed.FS.
  1445. // That will fail if we change the import path or type name.
  1446. // Leave it as is.
  1447. // Luckily, the embed package just declares the FS type.
  1448. return true
  1449. }
  1450. // The package that declared this object did not obfuscate it.
  1451. if recordedAsNotObfuscated(obj) {
  1452. return true
  1453. }
  1454. // TODO(mvdan): investigate obfuscating these too.
  1455. filename := fset.Position(obj.Pos()).Filename
  1456. if strings.HasPrefix(filename, "_cgo_") || strings.Contains(filename, ".cgo1.") {
  1457. return true
  1458. }
  1459. path := pkg.Path()
  1460. lpkg, err := listPackage(path)
  1461. if err != nil {
  1462. panic(err) // shouldn't happen
  1463. }
  1464. if !lpkg.ToObfuscate {
  1465. return true // we're not obfuscating this package
  1466. }
  1467. hashToUse := lpkg.GarbleActionID
  1468. debugName := "variable"
  1469. // log.Printf("%s: %#v %T", fset.Position(node.Pos()), node, obj)
  1470. switch obj := obj.(type) {
  1471. case *types.Var:
  1472. if !obj.IsField() {
  1473. // Identifiers denoting variables are always obfuscated.
  1474. break
  1475. }
  1476. debugName = "field"
  1477. // From this point on, we deal with struct fields.
  1478. // Fields don't get hashed with the package's action ID.
  1479. // They get hashed with the type of their parent struct.
  1480. // This is because one struct can be converted to another,
  1481. // as long as the underlying types are identical,
  1482. // even if the structs are defined in different packages.
  1483. //
  1484. // TODO: Consider only doing this for structs where all
  1485. // fields are exported. We only need this special case
  1486. // for cross-package conversions, which can't work if
  1487. // any field is unexported. If that is done, add a test
  1488. // that ensures unexported fields from different
  1489. // packages result in different obfuscated names.
  1490. strct := tf.fieldToStruct[obj]
  1491. if strct == nil {
  1492. panic("could not find for " + name)
  1493. }
  1494. node.Name = hashWithStruct(strct, name)
  1495. log.Printf("%s %q hashed with struct fields to %q", debugName, name, node.Name)
  1496. return true
  1497. case *types.TypeName:
  1498. debugName = "type"
  1499. case *types.Func:
  1500. sign := obj.Type().(*types.Signature)
  1501. if sign.Recv() == nil {
  1502. debugName = "func"
  1503. } else {
  1504. debugName = "method"
  1505. }
  1506. if obj.Exported() && sign.Recv() != nil {
  1507. return true // might implement an interface
  1508. }
  1509. switch name {
  1510. case "main", "init", "TestMain":
  1511. return true // don't break them
  1512. }
  1513. if strings.HasPrefix(name, "Test") && isTestSignature(sign) {
  1514. return true // don't break tests
  1515. }
  1516. default:
  1517. return true // we only want to rename the above
  1518. }
  1519. node.Name = hashWithPackage(lpkg, name)
  1520. // TODO: probably move the debugf lines inside the hash funcs
  1521. log.Printf("%s %q hashed with %x… to %q", debugName, name, hashToUse[:4], node.Name)
  1522. return true
  1523. }
  1524. post := func(cursor *astutil.Cursor) bool {
  1525. imp, ok := cursor.Node().(*ast.ImportSpec)
  1526. if !ok {
  1527. return true
  1528. }
  1529. path, err := strconv.Unquote(imp.Path.Value)
  1530. if err != nil {
  1531. panic(err) // should never happen
  1532. }
  1533. // We're importing an obfuscated package.
  1534. // Replace the import path with its obfuscated version.
  1535. // If the import was unnamed, give it the name of the
  1536. // original package name, to keep references working.
  1537. lpkg, err := listPackage(path)
  1538. if err != nil {
  1539. panic(err) // should never happen
  1540. }
  1541. if !lpkg.ToObfuscate {
  1542. return true
  1543. }
  1544. newPath := lpkg.obfuscatedImportPath()
  1545. imp.Path.Value = strconv.Quote(newPath)
  1546. if imp.Name == nil {
  1547. imp.Name = &ast.Ident{Name: lpkg.Name}
  1548. }
  1549. return true
  1550. }
  1551. return astutil.Apply(file, pre, post).(*ast.File)
  1552. }
  1553. // recursivelyRecordAsNotObfuscated calls recordAsNotObfuscated on any named
  1554. // types and fields under typ.
  1555. //
  1556. // Only the names declared in the current package are recorded. This is to ensure
  1557. // that reflection detection only happens within the package declaring a type.
  1558. // Detecting it in downstream packages could result in inconsistencies.
  1559. func (tf *transformer) recursivelyRecordAsNotObfuscated(t types.Type) {
  1560. switch t := t.(type) {
  1561. case *types.Named:
  1562. obj := t.Obj()
  1563. if obj.Pkg() == nil || obj.Pkg() != tf.pkg {
  1564. return // not from the specified package
  1565. }
  1566. if recordedAsNotObfuscated(obj) {
  1567. return // prevent endless recursion
  1568. }
  1569. recordAsNotObfuscated(obj)
  1570. // Record the underlying type, too.
  1571. tf.recursivelyRecordAsNotObfuscated(t.Underlying())
  1572. case *types.Struct:
  1573. for i := 0; i < t.NumFields(); i++ {
  1574. field := t.Field(i)
  1575. // This check is similar to the one in *types.Named.
  1576. // It's necessary for unnamed struct types,
  1577. // as they aren't named but still have named fields.
  1578. if field.Pkg() == nil || field.Pkg() != tf.pkg {
  1579. return // not from the specified package
  1580. }
  1581. // Record the field itself, too.
  1582. recordAsNotObfuscated(field)
  1583. tf.recursivelyRecordAsNotObfuscated(field.Type())
  1584. }
  1585. case interface{ Elem() types.Type }:
  1586. // Get past pointers, slices, etc.
  1587. tf.recursivelyRecordAsNotObfuscated(t.Elem())
  1588. }
  1589. }
  1590. // named tries to obtain the *types.Named behind a type, if there is one.
  1591. // This is useful to obtain "testing.T" from "*testing.T", or to obtain the type
  1592. // declaration object from an embedded field.
  1593. func namedType(t types.Type) *types.Named {
  1594. switch t := t.(type) {
  1595. case *types.Named:
  1596. return t
  1597. case interface{ Elem() types.Type }:
  1598. return namedType(t.Elem())
  1599. default:
  1600. return nil
  1601. }
  1602. }
  1603. // isTestSignature returns true if the signature matches "func _(*testing.T)".
  1604. func isTestSignature(sign *types.Signature) bool {
  1605. if sign.Recv() != nil {
  1606. return false // test funcs don't have receivers
  1607. }
  1608. params := sign.Params()
  1609. if params.Len() != 1 {
  1610. return false // too many parameters for a test func
  1611. }
  1612. named := namedType(params.At(0).Type())
  1613. if named == nil {
  1614. return false // the only parameter isn't named, like "string"
  1615. }
  1616. obj := named.Obj()
  1617. return obj != nil && obj.Pkg().Path() == "testing" && obj.Name() == "T"
  1618. }
  1619. func transformLink(args []string) ([]string, error) {
  1620. // We can't split by the ".a" extension, because cached object files
  1621. // lack any extension.
  1622. flags, args := splitFlagsFromArgs(args)
  1623. newImportCfg, err := processImportCfg(flags)
  1624. if err != nil {
  1625. return nil, err
  1626. }
  1627. // TODO: unify this logic with the -X handling when using -literals.
  1628. // We should be able to handle both cases via the syntax tree.
  1629. //
  1630. // Make sure -X works with obfuscated identifiers.
  1631. // To cover both obfuscated and non-obfuscated names,
  1632. // duplicate each flag with a obfuscated version.
  1633. flagValueIter(flags, "-X", func(val string) {
  1634. // val is in the form of "foo.com/bar.name=value".
  1635. fullName, stringValue, found := strings.Cut(val, "=")
  1636. if !found {
  1637. return // invalid
  1638. }
  1639. // fullName is "foo.com/bar.name"
  1640. i := strings.LastIndexByte(fullName, '.')
  1641. path, name := fullName[:i], fullName[i+1:]
  1642. // If the package path is "main", it's the current top-level
  1643. // package we are linking.
  1644. // Otherwise, find it in the cache.
  1645. lpkg := curPkg
  1646. if path != "main" {
  1647. lpkg = cache.ListedPackages[path]
  1648. }
  1649. if lpkg == nil {
  1650. // We couldn't find the package.
  1651. // Perhaps a typo, perhaps not part of the build.
  1652. // cmd/link ignores those, so we should too.
  1653. return
  1654. }
  1655. // As before, the main package must remain as "main".
  1656. newPath := path
  1657. if path != "main" {
  1658. newPath = lpkg.obfuscatedImportPath()
  1659. }
  1660. newName := hashWithPackage(lpkg, name)
  1661. flags = append(flags, fmt.Sprintf("-X=%s.%s=%s", newPath, newName, stringValue))
  1662. })
  1663. // Starting in Go 1.17, Go's version is implicitly injected by the linker.
  1664. // It's the same method as -X, so we can override it with an extra flag.
  1665. flags = append(flags, "-X=runtime.buildVersion=unknown")
  1666. // Ensure we strip the -buildid flag, to not leak any build IDs for the
  1667. // link operation or the main package's compilation.
  1668. flags = flagSetValue(flags, "-buildid", "")
  1669. // Strip debug information and symbol tables.
  1670. flags = append(flags, "-w", "-s")
  1671. flags = flagSetValue(flags, "-importcfg", newImportCfg)
  1672. return append(flags, args...), nil
  1673. }
  1674. func splitFlagsFromArgs(all []string) (flags, args []string) {
  1675. for i := 0; i < len(all); i++ {
  1676. arg := all[i]
  1677. if !strings.HasPrefix(arg, "-") {
  1678. return all[:i:i], all[i:]
  1679. }
  1680. if booleanFlags[arg] || strings.Contains(arg, "=") {
  1681. // Either "-bool" or "-name=value".
  1682. continue
  1683. }
  1684. // "-name value", so the next arg is part of this flag.
  1685. i++
  1686. }
  1687. return all, nil
  1688. }
  1689. func alterTrimpath(flags []string) []string {
  1690. // If the value of -trimpath doesn't contain the separator ';', the 'go
  1691. // build' command is most likely not using '-trimpath'.
  1692. trimpath := flagValue(flags, "-trimpath")
  1693. // Add our temporary dir to the beginning of -trimpath, so that we don't
  1694. // leak temporary dirs. Needs to be at the beginning, since there may be
  1695. // shorter prefixes later in the list, such as $PWD if TMPDIR=$PWD/tmp.
  1696. return flagSetValue(flags, "-trimpath", sharedTempDir+"=>;"+trimpath)
  1697. }
  1698. // forwardBuildFlags is obtained from 'go help build' as of Go 1.18beta1.
  1699. var forwardBuildFlags = map[string]bool{
  1700. // These shouldn't be used in nested cmd/go calls.
  1701. "-a": false,
  1702. "-n": false,
  1703. "-x": false,
  1704. "-v": false,
  1705. // These are always set by garble.
  1706. "-trimpath": false,
  1707. "-toolexec": false,
  1708. "-buildvcs": false,
  1709. "-p": true,
  1710. "-race": true,
  1711. "-msan": true,
  1712. "-asan": true,
  1713. "-work": true,
  1714. "-asmflags": true,
  1715. "-buildmode": true,
  1716. "-compiler": true,
  1717. "-gccgoflags": true,
  1718. "-gcflags": true,
  1719. "-installsuffix": true,
  1720. "-ldflags": true,
  1721. "-linkshared": true,
  1722. "-mod": true,
  1723. "-modcacherw": true,
  1724. "-modfile": true,
  1725. "-pkgdir": true,
  1726. "-tags": true,
  1727. "-workfile": true,
  1728. "-overlay": true,
  1729. }
  1730. // booleanFlags is obtained from 'go help build' and 'go help testflag' as of Go 1.19beta1.
  1731. var booleanFlags = map[string]bool{
  1732. // Shared build flags.
  1733. "-a": true,
  1734. "-i": true,
  1735. "-n": true,
  1736. "-v": true,
  1737. "-work": true,
  1738. "-x": true,
  1739. "-race": true,
  1740. "-msan": true,
  1741. "-asan": true,
  1742. "-linkshared": true,
  1743. "-modcacherw": true,
  1744. "-trimpath": true,
  1745. "-buildvcs": true,
  1746. // Test flags (TODO: support its special -args flag)
  1747. "-c": true,
  1748. "-json": true,
  1749. "-cover": true,
  1750. "-failfast": true,
  1751. "-short": true,
  1752. "-benchmem": true,
  1753. }
  1754. func filterForwardBuildFlags(flags []string) (filtered []string, firstUnknown string) {
  1755. for i := 0; i < len(flags); i++ {
  1756. arg := flags[i]
  1757. if strings.HasPrefix(arg, "--") {
  1758. arg = arg[1:] // "--name" to "-name"; keep the short form
  1759. }
  1760. name, _, _ := strings.Cut(arg, "=") // "-name=value" to "-name"
  1761. buildFlag := forwardBuildFlags[name]
  1762. if buildFlag {
  1763. filtered = append(filtered, arg)
  1764. } else {
  1765. firstUnknown = name
  1766. }
  1767. if booleanFlags[arg] || strings.Contains(arg, "=") {
  1768. // Either "-bool" or "-name=value".
  1769. continue
  1770. }
  1771. // "-name value", so the next arg is part of this flag.
  1772. if i++; buildFlag && i < len(flags) {
  1773. filtered = append(filtered, flags[i])
  1774. }
  1775. }
  1776. return filtered, firstUnknown
  1777. }
  1778. // splitFlagsFromFiles splits args into a list of flag and file arguments. Since
  1779. // we can't rely on "--" being present, and we don't parse all flags upfront, we
  1780. // rely on finding the first argument that doesn't begin with "-" and that has
  1781. // the extension we expect for the list of paths.
  1782. //
  1783. // This function only makes sense for lower-level tool commands, such as
  1784. // "compile" or "link", since their arguments are predictable.
  1785. //
  1786. // We iterate from the end rather than from the start, to better protect
  1787. // oursrelves from flag arguments that may look like paths, such as:
  1788. //
  1789. // compile [flags...] -p pkg/path.go [more flags...] file1.go file2.go
  1790. //
  1791. // For now, since those confusing flags are always followed by more flags,
  1792. // iterating in reverse order works around them entirely.
  1793. func splitFlagsFromFiles(all []string, ext string) (flags, paths []string) {
  1794. for i := len(all) - 1; i >= 0; i-- {
  1795. arg := all[i]
  1796. if strings.HasPrefix(arg, "-") || !strings.HasSuffix(arg, ext) {
  1797. cutoff := i + 1 // arg is a flag, not a path
  1798. return all[:cutoff:cutoff], all[cutoff:]
  1799. }
  1800. }
  1801. return nil, all
  1802. }
  1803. // flagValue retrieves the value of a flag such as "-foo", from strings in the
  1804. // list of arguments like "-foo=bar" or "-foo" "bar". If the flag is repeated,
  1805. // the last value is returned.
  1806. func flagValue(flags []string, name string) string {
  1807. lastVal := ""
  1808. flagValueIter(flags, name, func(val string) {
  1809. lastVal = val
  1810. })
  1811. return lastVal
  1812. }
  1813. // flagValueIter retrieves all the values for a flag such as "-foo", like
  1814. // flagValue. The difference is that it allows handling complex flags, such as
  1815. // those whose values compose a list.
  1816. func flagValueIter(flags []string, name string, fn func(string)) {
  1817. for i, arg := range flags {
  1818. if val := strings.TrimPrefix(arg, name+"="); val != arg {
  1819. // -name=value
  1820. fn(val)
  1821. }
  1822. if arg == name { // -name ...
  1823. if i+1 < len(flags) {
  1824. // -name value
  1825. fn(flags[i+1])
  1826. }
  1827. }
  1828. }
  1829. }
  1830. func flagSetValue(flags []string, name, value string) []string {
  1831. for i, arg := range flags {
  1832. if strings.HasPrefix(arg, name+"=") {
  1833. // -name=value
  1834. flags[i] = name + "=" + value
  1835. return flags
  1836. }
  1837. if arg == name { // -name ...
  1838. if i+1 < len(flags) {
  1839. // -name value
  1840. flags[i+1] = value
  1841. return flags
  1842. }
  1843. return flags
  1844. }
  1845. }
  1846. return append(flags, name+"="+value)
  1847. }
  1848. func fetchGoEnv() error {
  1849. out, err := exec.Command("go", "env", "-json",
  1850. "GOOS", "GOPRIVATE", "GOMOD", "GOVERSION", "GOCACHE",
  1851. ).CombinedOutput()
  1852. if err != nil {
  1853. // TODO: cover this in the tests.
  1854. fmt.Fprintf(os.Stderr, `Can't find the Go toolchain: %v
  1855. This is likely due to Go not being installed/setup correctly.
  1856. To install Go, see: https://go.dev/doc/install
  1857. `, err)
  1858. return errJustExit(1)
  1859. }
  1860. if err := json.Unmarshal(out, &cache.GoEnv); err != nil {
  1861. return fmt.Errorf(`cannot unmarshal from "go env -json": %w`, err)
  1862. }
  1863. cache.GOGARBLE = os.Getenv("GOGARBLE")
  1864. if cache.GOGARBLE != "" {
  1865. // GOGARBLE is non-empty; nothing to do.
  1866. } else if cache.GoEnv.GOPRIVATE != "" {
  1867. // GOGARBLE is empty and GOPRIVATE is non-empty.
  1868. // Set GOGARBLE to GOPRIVATE's value.
  1869. cache.GOGARBLE = cache.GoEnv.GOPRIVATE
  1870. } else {
  1871. // If GOPRIVATE isn't set and we're in a module, use its module
  1872. // path as a GOPRIVATE default. Include a _test variant too.
  1873. // TODO(mvdan): we shouldn't need the _test variant here,
  1874. // as the import path should not include it; only the package name.
  1875. if mod, err := os.ReadFile(cache.GoEnv.GOMOD); err == nil {
  1876. modpath := modfile.ModulePath(mod)
  1877. if modpath != "" {
  1878. cache.GOGARBLE = modpath + "," + modpath + "_test"
  1879. }
  1880. }
  1881. }
  1882. return nil
  1883. }