[tor-browser-build/master] Bug 22194/20683: Integrate Selfrando into alpha Linux builds - tor-commits

17 May 2017

commit 16d87451179ed55fd6422cd09988a99f5ee886b7
Author: Nicolas Vigier boklm@torproject.org
Date:   Thu May 18 00:10:16 2017 +0200
Bug 22194/20683: Integrate Selfrando into alpha Linux builds
Selfrando is a new defense against code reuse attacks developed by the
    Redactor and Readactor++ people. We should give it a wider testing
    audience by including it in the alpha series.
This is currently only available for 64bit Linux builds, though.
    Supporting other platforms and architectures is work in progress.
tor-browser-bundle.git author: Georg Koppen gk@torproject.org
    tor-browser-bundle.git commit: 332c5b6c16f1b0915f537a4ad5af48295f80c733
    tor-browser-bundle.git commit: 8fe0e322b950efa2456502428bee66dde8b4948a
    tor-browser-bundle.git commit: 3e752843dfa39beec844822c9f6c3dd1f80355ea
---
 keyring/elfutils.gpg                               | Bin 0 -> 10483 bytes
 keyring/selfrando.gpg                              | Bin 0 -> 2759 bytes
 projects/binutils/binutils-224-gold.patch          |  98 +++++++++++++++++++++
 projects/binutils/build                            |   6 ++
 projects/binutils/config                           |   2 +
 projects/elfutils/build                            |  23 +++++
 projects/elfutils/config                           |  22 +++++
 projects/firefox/build                             |   9 ++
 projects/firefox/config                            |   4 +
 projects/selfrando/build                           |  25 ++++++
 projects/selfrando/config                          |  23 +++++
 .../tor-browser/RelativeLink/start-tor-browser     |   1 +
 12 files changed, 213 insertions(+)

diff --git a/keyring/elfutils.gpg b/keyring/elfutils.gpg
new file mode 100644
index 0000000..f1cd4b3
Binary files /dev/null and b/keyring/elfutils.gpg differ
diff --git a/keyring/selfrando.gpg b/keyring/selfrando.gpg
new file mode 100644
index 0000000..276955d
Binary files /dev/null and b/keyring/selfrando.gpg differ
diff --git a/projects/binutils/binutils-224-gold.patch b/projects/binutils/binutils-224-gold.patch
new file mode 100644
index 0000000..a45e49c
--- /dev/null
+++ b/projects/binutils/binutils-224-gold.patch
@@ -0,0 +1,98 @@
+From f984741df04cd68bb116073fdfa9405808810ab4 Mon Sep 17 00:00:00 2001
+From: Cary Coutant ccoutant@google.com
+Date: Wed, 5 Feb 2014 22:59:02 -0800
+Subject: [PATCH] Fix issues with gold undefined symbol diagnostics.
+
+PR binutils/15435 complains that gold issues a visibility error for an
+weak undefined symbol with hidden visibility. The message should be
+suppressed if the symbol is a weak undef.
+
+An earlier patch to add an extra note about key functions when a class's
+vtable symbol is undefined missed a case where the reference to the
+vtable came from a shared library. This patch moves the check to a
+lower-level routine that catches both cases.
+
+gold/
+
+2014-02-05  Cary Coutant  ccoutant@google.com
+
+	* errors.cc (Errors::undefined_symbol): Move undef vtable symbol
+	check to here.
+	* target-reloc.h (is_strong_undefined): New function.
+	(relocate_section): Move undef vtable symbol check from here.
+	Check for is_strong_undefined.
+
+diff --git a/gold/ChangeLog b/gold/ChangeLog
+index dcf7ed41f8..dd7ef72980 100644
+--- a/gold/ChangeLog
++++ b/gold/ChangeLog
+@@ -1,3 +1,14 @@
++2014-02-05  Cary Coutant  ccoutant@google.com
++
++	Fix issues with gold undefined symbol diagnostics.
++
++	PR binutils/15435
++	* errors.cc (Errors::undefined_symbol): Move undef vtable symbol
++	check to here.
++	* target-reloc.h (is_strong_undefined): New function.
++	(relocate_section): Move undef vtable symbol check from here.
++	Check for is_strong_undefined.
++
+ 2013-11-22  Cary Coutant  ccoutant@google.com
+ 
+ 	* testsuite/Makefile.am (exception_x86_64_bnd_test): Use in-tree
+diff --git a/gold/errors.cc b/gold/errors.cc
+index b79764bd1d..98db0fdd86 100644
+--- a/gold/errors.cc
++++ b/gold/errors.cc
+@@ -193,6 +193,11 @@ Errors::undefined_symbol(const Symbol* sym, const std::string& location)
+     fprintf(stderr,
+             _("%s: %s: undefined reference to '%s', version '%s'\n"),
+ 	    location.c_str(), zmsg, sym->demangled_name().c_str(), version);
++
++  if (sym->is_cxx_vtable())
++    gold_info(_("%s: the vtable symbol may be undefined because "
++		"the class is missing its key function"),
++	      program_name);
+ }
+ 
+ // Issue a debugging message.
+diff --git a/gold/target-reloc.h b/gold/target-reloc.h
+index b544c78f37..d609bcbaa8 100644
+--- a/gold/target-reloc.h
++++ b/gold/target-reloc.h
+@@ -144,6 +144,12 @@ class Default_comdat_behavior
+   }
+ };
+ 
++inline bool
++is_strong_undefined(const Symbol* sym)
++{
++  return sym->is_undefined() && sym->binding() != elfcpp::STB_WEAK;
++}
++
+ // Give an error for a symbol with non-default visibility which is not
+ // defined locally.
+ 
+@@ -411,16 +417,10 @@ relocate_section(
+ 	}
+ 
+       if (issue_undefined_symbol_error(sym))
+-	{
+-	  gold_undefined_symbol_at_location(sym, relinfo, i, offset);
+-	  if (sym->is_cxx_vtable())
+-	    gold_info(_("%s: the vtable symbol may be undefined because "
+-			"the class is missing its key function"),
+-		      program_name);
+-	}
++	gold_undefined_symbol_at_location(sym, relinfo, i, offset);
+       else if (sym != NULL
+ 	       && sym->visibility() != elfcpp::STV_DEFAULT
+-	       && (sym->is_undefined() || sym->is_from_dynobj()))
++	       && (is_strong_undefined(sym) || sym->is_from_dynobj()))
+ 	visibility_error(sym);
+ 
+       if (sym != NULL && sym->has_warning())
+-- 
+2.11.0
+
diff --git a/projects/binutils/build b/projects/binutils/build
index bd949a5..baef68f 100644
--- a/projects/binutils/build
+++ b/projects/binutils/build
@@ -26,6 +26,12 @@ cd [% project %]-[% c("version") %]
   # Zeroing timestamps in PE headers reliably, see bug 12753.
   patch -p1 < ../peXXigen.patch
 [% END -%]
+[% IF c("var/linux-x86_64") -%]
+  # We need to work around a gold linker bug in 2.24 to get selfrando working,
+  # see bug 20683.
+  # XXX: 64bits only for now :(, see #20683.
+  patch -p1 < $rootdir/binutils-224-gold.patch
+[% END -%]
 ./configure --prefix=$distdir [% c('var/configure_opt') %]
 make -j4
 make install
diff --git a/projects/binutils/config b/projects/binutils/config
index 0cb2088..88640f8 100644
--- a/projects/binutils/config
+++ b/projects/binutils/config
@@ -21,3 +21,5 @@ input_files:
     enable: '[% c("var/windows") %]'
   - filename: peXXigen.patch
     enable: '[% c("var/windows") %]'
+  - filename: binutils-224-gold.patch
+    enable: '[% c("var/linux-x86_64") %]'
diff --git a/projects/elfutils/build b/projects/elfutils/build
new file mode 100644
index 0000000..8fdd013
--- /dev/null
+++ b/projects/elfutils/build
@@ -0,0 +1,23 @@
+#!/bin/bash
+[% c("var/set_default_env") -%]
+distdir=/var/tmp/dist/[% project %]
+[% pc(c('var/compiler'), 'var/setup', { compiler_tarfile => c('input_files_by_name/' _ c('var/compiler')) }) %]
+
+mkdir -p /var/tmp/dist
+
+tar -C /var/tmp/dist -xf $rootdir/[% c('input_files_by_name/binutils') %]
+export PATH="/var/tmp/dist/binutils/bin:$PATH"
+
+mkdir -p /var/tmp/build
+tar -C /var/tmp/build -xf $rootdir/[% c('input_files_by_name/elfutils') %]
+
+cd /var/tmp/build/[% project %]-[% c("version") %]
+./configure --prefix="$distdir"
+make -j4
+make install
+
+cd /var/tmp/dist
+[% c('tar', {
+        tar_src => [ project ],
+        tar_args => '-czf ' _ dest_dir _ '/' _ c('filename'),
+        }) %]
diff --git a/projects/elfutils/config b/projects/elfutils/config
new file mode 100644
index 0000000..2c21cf2
--- /dev/null
+++ b/projects/elfutils/config
@@ -0,0 +1,22 @@
+# vim: filetype=yaml sw=2
+version: '0.166'
+filename: 'elfutils-[% c("version") %]-[% c("var/osname") %]-[% c("var/build_id") %].tar.gz'
+tag_gpg_id: 1
+
+var:
+  container:
+    use_container: 1
+  arch_deps:
+    - zlib1g-dev
+
+input_files:
+  - project: container-image
+  - name: elfutils
+    URL: 'https://sourceware.org/elfutils/ftp/%5B% c("version") %]/elfutils-[% c("version") %].tar.bz2'
+    file_gpg_id: 1
+    gpg_keyring: elfutils.gpg
+    sig_ext: sig
+  - name: '[% c("var/compiler") %]'
+    project: '[% c("var/compiler") %]'
+  - project: binutils
+    name: binutils
diff --git a/projects/firefox/build b/projects/firefox/build
index f445454..afb11bb 100644
--- a/projects/firefox/build
+++ b/projects/firefox/build
@@ -27,6 +27,15 @@ mkdir -p /var/tmp/build
   export PATH="/var/tmp/dist/binutils/bin:$PATH"
 [% END -%]
+[% IF c("var/linux-x86_64") -%]
+  # XXX: 64bits only for now :(, see #20683.
+  tar -C /var/tmp/dist -xf $rootdir/[% c('input_files_by_name/selfrando') %]
+  # Selfrando wrapper
+  export PATH="/var/tmp/dist/selfrando/Tools/TorBrowser/tc-wrapper/:$PATH"
+  # We need to avoid the shuffling while building as this breaks compilation
+  export SELFRANDO_skip_shuffle=
+[% END -%]
+
 tar -C /var/tmp/build -xf [% project %]-[% c('version') %].tar.gz
[% IF c("var/osx") %]
diff --git a/projects/firefox/config b/projects/firefox/config
index 9c807ad..1cd986f 100644
--- a/projects/firefox/config
+++ b/projects/firefox/config
@@ -71,6 +71,10 @@ input_files:
   - project: binutils
     name: binutils
     enable: '[% c("var/linux") %]'
+  - project: selfrando
+    name: selfrando
+    # XXX: 64bits only for now :(, see #20683.
+    enable: '[% c("var/linux-x86_64") %]'
   - filename: fix-info-plist.py
     enable: '[% c("var/osx") %]'
   - URL: https://people.torproject.org/~mikeperry/mirrors/sources/msvcr100.dll
diff --git a/projects/selfrando/build b/projects/selfrando/build
new file mode 100644
index 0000000..8bbd63e
--- /dev/null
+++ b/projects/selfrando/build
@@ -0,0 +1,25 @@
+#!/bin/bash
+[% c("var/set_default_env") -%]
+distdir=/var/tmp/dist/[% project %]
+[% pc(c('var/compiler'), 'var/setup', { compiler_tarfile => c('input_files_by_name/' _ c('var/compiler')) }) %]
+
+mkdir -p /var/tmp/dist
+
+tar -C /var/tmp/dist -xf $rootdir/[% c('input_files_by_name/elfutils') %]
+tar -C /var/tmp/dist -xf $rootdir/[% c('input_files_by_name/binutils') %]
+export PATH="/var/tmp/dist/binutils/bin:$PATH"
+
+tar -C /var/tmp/dist -xf $rootdir/[% project %]-[% c("version") %].tar.gz
+
+cd /var/tmp/dist
+mv [% project %]-[% c("version") %] [% project %]
+cd [% project %]
+scons -Q arch=x86_64 LIBELF_PATH="/var/tmp/dist/elfutils" FORCE_INPLACE=1 DEBUG_LEVEL=env WRITE_LAYOUTS=env LOG=console
+# Fix the path where we install selfrando
+sed -i 's|^SR_PATH=.*|SR_PATH=/var/tmp/dist/selfrando/out/x86_64/bin|' Tools/TorBrowser/tc-wrapper/ld
+
+cd /var/tmp/dist
+[% c('tar', {
+        tar_src => [ project ],
+        tar_args => '-czf ' _ dest_dir _ '/' _ c('filename'),
+        }) %]
diff --git a/projects/selfrando/config b/projects/selfrando/config
new file mode 100644
index 0000000..8b73080
--- /dev/null
+++ b/projects/selfrando/config
@@ -0,0 +1,23 @@
+# vim: filetype=yaml sw=2
+filename: '[% project %]-[% c("version") %]-[% c("var/osname") %]-[% c("var/build_id") %].tar.gz'
+version: 0.2
+git_hash: 'tb-v[% c("version") %]'
+git_url: https://github.com/immunant/selfrando.git
+gpg_keyring: selfrando.gpg
+tag_gpg_id: 1
+
+var:
+  container:
+    use_container: 1
+  arch_deps:
+    - scons
+    - zlib1g-dev
+
+input_files:
+  - project: container-image
+  - name: binutils
+    project: binutils
+  - name: elfutils
+    project: elfutils
+  - name: '[% c("var/compiler") %]'
+    project: '[% c("var/compiler") %]'
diff --git a/projects/tor-browser/RelativeLink/start-tor-browser b/projects/tor-browser/RelativeLink/start-tor-browser
index a78b367..2dd40fc 100755
--- a/projects/tor-browser/RelativeLink/start-tor-browser
+++ b/projects/tor-browser/RelativeLink/start-tor-browser
@@ -270,6 +270,7 @@ fi
LD_LIBRARY_PATH="${HOME}/TorBrowser/Tor/"
 export LD_LIBRARY_PATH
+export SELFRANDO_write_layout_file=
function setControlPortPasswd() {
     local ctrlPasswd=$1

    