diff --git a/.travis.sh b/.travis.sh index 7e31bc1..293e875 100755 --- a/.travis.sh +++ b/.travis.sh @@ -1,17 +1,61 @@ #!/bin/bash -if [ "$TRAVIS_PULL_REQUEST" != "false" ]; then - file_names=`curl "https://api.github.com/repos/$TRAVIS_REPO_SLUG/pulls/$TRAVIS_PULL_REQUEST/files" | jq '.[] | .filename' | tr '\n' ' ' | tr '"' ' '` +set -euo pipefail +IFS=$'\n\t' + +if [[ -n "${TRAVIS_PULL_REQUEST:-}" ]] || [[ -n "${TRAVIS_COMMIT_RANGE:-}" ]]; then + + if [ "$TRAVIS_PULL_REQUEST" != "false" ]; then + file_names=$(curl "https://api.github.com/repos/$TRAVIS_REPO_SLUG/pulls/$TRAVIS_PULL_REQUEST/files" \ + | jq '.[] | .filename' | tr '\n' ' ' | tr '"' ' ') + else + file_names=$( (git diff --name-only "$TRAVIS_COMMIT_RANGE" || echo "") \ + | tr '\n' ' ' ) + fi + else - file_names=`(git diff --name-only $TRAVIS_COMMIT_RANGE || echo "") | tr '\n' ' '` + echo "WARNING: No travis information present, assuming this is a non-travis test run..." >&2 + NO_TRAVIS=y fi -if echo $file_names | grep -q "Dockerfile"; then - ./base.bash +### Setup activity ticker + +( + while true; do + echo '...' + sleep 10 + done +)& +TICKER_PID=$! +trap 'kill ${TICKER_PID:-} ${BUILD_PID:-}' EXIT + +### base.bash + +if [[ -z "${NO_TRAVIS:-}" ]]; then + if echo "$file_names" | grep -q "Dockerfile"; then + echo -n 'Building base image (if needed) ... ' + make base &>/tmp/base.bash.log + echo 'DONE.' + fi fi -./build.bash --arch=$ARCH +### build.bash + +echo 'Running build of llvm-obfuscator... ' + +make "ARCH=$ARCH" NO_TTY=y build &>/tmp/build.bash.log & +BUILD_PID=$! + +wait $BUILD_PID + +echo 'DONE.' + +### build_example.bash if [[ $ARCH = arm ]]; then - ./build_example.bash + + echo -n 'Building example project... ' + make NO_TTY=y build-example &>/tmp/build_example.bash.log + + echo 'DONE.' fi diff --git a/.travis.yml b/.travis.yml index c8e5c0e..eb9beb2 100644 --- a/.travis.yml +++ b/.travis.yml @@ -21,6 +21,14 @@ after_success: - travis_wait tar -C output -cJf "llvm-obfuscator-$ARCH.txz" . - ./publish.sh llvm-obfuscator-$ARCH.txz +after_failure: + - if [[ -e /tmp/base.bash.log ]]; then echo "*** base.bash.log ***"; fi + - if [[ -e /tmp/base.bash.log ]]; then tail -n 500 /tmp/base.bash.log; fi + - if [[ -e /tmp/build.bash.log ]]; then echo "*** build.bash.log ***"; fi + - if [[ -e /tmp/build.bash.log ]]; then tail -n 500 /tmp/build.bash.log; fi + - if [[ -e /tmp/build_example.bash.log ]]; then echo "*** build_example.bash.log ***"; fi + - if [[ -e /tmp/build_example.bash.log ]]; then tail -n 500 /tmp/build_example.bash.log; fi + env: global: - DOCKER_USER=swiftnav @@ -28,12 +36,13 @@ env: # Example encryption: travis encrypt AWS_SECRET_ACCESS_KEY=foo # See https://docs.travis-ci.com/user/encryption-keys/ # AWS_ACCESS_KEY_ID - - secure: "c6DtuP/y6lcJDhwjpLk/d3T9Oo1Fy9EW9mr0OsBQSq/5ctJsFtRxRsHVr2HtSD41Hd4de7xZoxGrk7kSDtrGxT7uRQwLREzaPRf0Vq/hjWcsfs/4vg6M5zhYrAYUSA28V7r7c2qmRiMLrHxnnzem56wwQG9Cn9kLSUg5Vx0kE4XayEdWKHlps9CP0d6ytgjqmUe0yBV9qJMGkMH/lp+LyK7HWo79iUrWBar+nTBxEeiEVFQqOOESB+LXBawx97L5+NWDL0IVvhkr78FU8XM/lV6gddulw5yOuruJ6bjznRaA6AbPx1dxf8o0ptP8QwgFsVQ/hlXc9cOwtRkobiktsVnDVtm2kuZwwUgRUa8i0A8PzG6w2SxR78UGBVxygDfrUQcQJ/zGIyqEehIi3drx9qEKMwjDoM2OS0b962Bld1Ex9glJdBbtO+TKFuYYU8/wEzzAF3IGMLC2CJ/L7r7IFcs6Y61KbicdUq1AY+Fx2RUpKJoZmQfknpi6IvZd1/1O5w5kqiAoKScqaAfZ5f84MBS6/CtLArFzWxWCliorBL9tW7NNGqtQ5kR+tBZ9/BLnvuNoMOnXlWJOhY9e4nCQeCAGG2AQ5LgcMGqrIcOiAEXHxg0fhuveygHkCd6Qjz5iJKIjrBokbwXZ2cms4ocLSxuJ2olNZXd0RgWKLrjrDhk=" + - secure: "Xwd+CuZwKCMF7zPnpE/05ZkUTfhPSft2SiWPXVEBDV2l6Ze6UQZUbjfA1/VIG/hnKTBxNP52apxH5bctHkSjF6oPgmxdOvUSwGx4kIaXYdz2gnGXfLUOJIUaXnZFNrWS66grqv0+oyv599KA8W/GoTEUARBupZN5gP0WDtCTcuBIfqUgBAjXvxMeLg2ixnZKnrCGvySsUEn6L8HVXO3XDdJKmkaBOC6G5JWdnrOL1ixyETDX8hbXCMaCOiibv1TNXOUDBrv62C7A8AnStSfSiDGzUpi/vx2HWsz2JlUBSc0bWz8PqkL7wUM/aUyGH5Er742kK9cUVLKfeiluw8krx8bLWM1W/8K7veQ3vDxyikB3SpqT/FCxDwgpQTtLUm7F4pFXRDmyhVueq3enX4oOyesYjLNwfTj0RPNOnF2sOQOyDju7VLWNoS56Tow74VaBGzxIcDnDu9deG+HDFiQtrw6tkn5B9IKS8N1ue2A1CF3QM325UjKCmBykSgomy8baaBEnNfyBFQU7L5pobvGsDoaB4dgm1YHdtYEBtFIGHEnKeAt5SzT7R6tuiABMT3SJ5Sr6n2zG7oi2bwC/CR0ch5/mZ460N76axJwLD+ORGwdCuxGII7VF4KetLFk9nkUnWRBFgU9n/m9vuN13xpAZbGblc1+WO7V1i0dnZ7uz4O4=" # AWS_SECRET_ACCESS_KEY - - secure: "I025brJmSPMRp2oAvEYRB/xzqhVNYFJRoQnV8CjdV8uHYXOquHZGFyzLOCT1lRRGJ81geqa5uhWJ6e36sKd9kgk4IXW+DH5aPpOzv2B8p8dJKITIjUP7OpnIRghCsnb8JMFWqZUZ3YhmYShQY/eVByNneAyGLIYh6gsQyfqvoodf0t6ExlgNBLvJPWYfOz+dwpx+zE2HRim1+RRfdOYVMsvTmu5rrHTHn1fWqCbQCjarpvphNFTlgKU2mhxOhcSo4HR8xsYE6GbLc+ysufRLAqTOTMMPg9THiOdJqc1ZtXEvaw0StUeTEbIJlQSAV/lydRvQb1npJHFffoWy1ZdZEIjuX5ZkQkDvh/8TR6AJtGd4QUH3hEKsA5LhUrxgSZRCUMW5JyqWyiu7wC2Q9n2kpKUaDQKL6YfzKpzRa7txCf6YTIoUbzI9797UJUO6fgGgOQJzYhOUsFV23YyOsLete1bRuQkRKl3tmlv+KuoUlxxVtaO2kMWh33CHeE9z986pf1jsiMoHzk1D+tnGtL4lotFK2gQv7Ws9XlsBog0fNuh80kZ4P/hVQAM9TShesR+ebAPLckr334V8zjEdkiyz251fATYL5V7DY2iAZMA187ynz1HgZEopob0Gkz0kcrVI3JAvM8sxmXAEBDmoqysm3gAOQoFDgmjgdQtJW/1RrUE=" + - secure: "tZ9Nmrz9hFdoc5Wdv4LBuBsfziISti2IRp8lCuU9T1uR0QZucwgL/oUdBV4MvHPj8+quD74s8h2I9XT3LhZUkxuPrZI2n++HGf+Er0gd805U+vyANszdYf12VRsTSc5WzD2SjtpbkkkWA7QxegvitBf6LwV3OjIcCqdydzbMjKTbogfOnN+HOY+3jkWsr2tyrV+JtCQbDi+C9Clc5L3X7ed38NjX0X64Pyjg8lpeI298E02wCdyF0a8osX0CrqMgK532g2C3Relrd4k4lKjf/X4mfdNbWJlPK+hv57VWrm7TuiT5fWk4SfGRMp6Y6xFuOnhWiRAYRxssS/dyd1sOXTh89YmZ/al4IrmtmRIigaZBVb7r+hRImdsT2dtRpVQ3OEVtuq1LNrx3n14Iy1JYohzGZ+8Pqolw0527uB5Y0/NzFMiDdvsM2O/MgbThgBJXfkMFhuakEYZ0VbbFQD8yLPmKY1tGxYYcMaphq6jZBLErDOAhKPeQrHkpyxuNHlujDnfFXUN4C0BwIJYCVEXyrDiW5ad0vKGJj9P6+bCt823WL4NMlUbH+YyPS8S84G2KbmaUslGYPoQOy+lfdMe/p4H9jIkzjGtvAau9cyqvWuXH/hv0zJ3NwI3iALTOdihs92KetRjuugo8rRJ+cZ3YogCffjEIwXsRs55JYSmk7HY=" # GITHUB_TOKEN - - secure: "XnCmNEVc2qh1nvKNhEn4/yaeQNWGlAGH/7lSaKjK3LoJDeP4w1rCPs9jghpPes+9rUNEh4e3ekmKGUGIqJwRuzQPWM+zHza4WK4oXs43rd2hyfhRb2y+niLpTNc+RuiGtLobyc3IX3HaUeN6Bf9x9R49/3jxY/+lgYKhQ29Pw25CumQvQQjq6SYRyhndnrXeLQ4LWzSYEPpwYSQ5F7VEDs7FN3tX0IvfJlN+SiP+f8DHdMqoyPOBnDdEodt/erMcO7gm9inhZ6hWvGSJwi5nLd+SI2qlHFgRAFRugPe0kk2FBiBHpGYBPE7cJzKStJrQGQz7dVGgHwcgJrp5T9//HZtp2LH5iGNue+mdDeMtX5zShY+UhvXEX5/nnREHFz/9IFvz57MHqrEjjyxufOVHBnJM/5NVroKxgwUyxojSQZYxNKqzs046nVPHn5QWaseoeC1vxZ6XfxeMjv1Y/9L7OJfFgf4EFukhS/oPv/szrKBiKeBWTq36yQa2Fi+K/UNsE/IzD3RxftOSqz2Nev6fjl/t+keSFtJH/GWskmaKD+vuMkFSKeg8SXE+yZspkkFzAImCiQI5vWJhzzQK/qjoLonvrtwXObqXQU3JY7LfRZzNgNGXebWegw0DLFkAvoV8FxLCHhC+50eK5bob8UM0z7I02cibacim7iKmaP0G4W8=" - - secure: "hhoYAlpElWzp9zzPmofdGYk5mNn/L0SdT+x7L040MFk+8VKKtRbJId4LlRSNfIA+zxgylL56/Jnth10aR7yq9fOhoN0oXvZeIAycz4TnXsPlCFmk8h3gBTYpYhcQ0Hy/tFe4XTOjjZuLIRZZQPuR93VEL/r3iHk6RYkj6f2jy6WpwKFAia7/3ng1zDR5Ixa9T7SwIKUu6l2PIqBml7irT2x0RJxoPhh6/8ol8XqLHdRohGLksAfC5GDBp3WqmvYaBp3TkBzDhfG4lIxghBcHK0a02EYiC0EdPkpaa9IBtn5KcjPgtPwdY6Gq/Yx77fmrufxUoY1IK+nfrIlyAptzSUWssJuKzdXSPUMAtPyN3jm2L0wMgLwpcHwhzCUelDlPdvUM6GM+Jt+MK6H4QE79uQTC7lO7wtpNqnWqkFmqlhN8+/K93sjXtgqEm/aIUGp4WXGbCK5pKcq4Fd0j6LK5ytHAxP3HqobfxfQafeyDlP8c9/heQw8DHRK1Vgm/LO7uCi1i/GIadCf2OCSnT517mTUjTeg+N8q7x5tvD+pWcaijOlYeHgypoa2KveBsOZnLqOpYMYAnbk7Zq8BBJAv1dds+XFZYYGsV8fsr/TXuv4pKg3vj4MXhxsTWpvoTA7JEu1fCSqIjNcluvumpGlHRXLU/SchB/WTXwCEiAadrqcs=" + - secure: "T1wlLXyhfGnMNMPtHv2FspxsWG09hVZgaucSJ6IxN+PZBbgjLb/TMSlqqLXfIzx6s0SuQIzX1xZE8lb/uOzfLtjmxBdc4dGYLW+qR4AwkghQl2DGMK+hzGAi9ZbeCGKWtX7cN4WxLN1tpcTyQBCC8LcnP0xVxd+7Znytdezmlr86ce2d8dmUo+kyLdN+vhEUnch9zhMpuZI+TxV2HQqCS/6e31myP+3Xzw3B6o6uF8dYZ0QlWlNU4KjUNNAD7cLqkxNd38E7wFrQJdyrk03/hZanatl2mcL7Te5Uxo5sWN5WteTNwq8dCKXiEXpkEqP1++4wWTQDeQWoPjHlhHzO4MxGAdEUnlFWafsV78OJvr/gwV0UxDFmfadPwGG/xPPJMyNJjXwDyeztswknbVaNZdbRXp3m7Iri+bWCvOZE9N7rGde/5q0JOz9rwJXRDMPnp7+lyupHQQIdswNpkFraHz3eZ/h4n+Dkr3RtkW0M6ZpPR+/r18uD7jwm/Ye73E9wzq1b6sL0knX/OEwBv3FVvaBaA4SWzb1glDlru8BKnZfVIZ/UxYas6FqGN6H9ROyCHtva86ffv7HvvnB/gUqcOfY5si7WvtPVApIc9kfILcSWEchRWTHQIeUOdEUBfoq8/Km0BL6gguOO9Ge9zzOrdo0NThh8x7NoE0DhHdQctJY=" + # DOCKER_PASS + - secure: "qEmUT+mBsHjLkrBYMZWiLl8+ZXq9UAv+DyMDww+N74hPtGiZxMqLuVIFq94qR/WhiI9zd7k+tjhy6TcgD8rpKoQnQSGXcotFGq6typ3UWEV0ekt40IMV5nBqopqGGIBVIHNfXjq0OTeYTF2eGncpNnznJHAQi8Dvj7vD99y5GA5RoZGSdsiqTyxBGMvZ0cE0QApkb1MH3lBVRzBuh6dotpa1RBlGR+i2xbcH3nAqy5RB38wZgMedAPnlUfg+uB+IQiF8+hbuSmHzADiabNLBkkB/UCOz59k/JkaeN+2gnyP6/so+SpOe1BKfpxKBcN74O4n056ZLDBRjTod2YSc49dKqxhZhQijwNJfFi3Tt5iNrFYdU3KPeqqfNLoQKmbBTKjGXbxHHXm3lnUuCTZH0Yd9QGKSAwn5kxDRy6DuyNMUGwFtu8YxzirwTJiQR6ayodMCMWjZCXuxUc0I5I2Y64CsofRWkuMbznjE4wJwptVPzTwIxkZnMt+aWVoQTXBtZVpiHf4CTJb65dyLDXeMOwhYnKzwLUrvvHHpOm7GygvAbbeDAzHumTDvt7s5nl2VwHNLmTK3TizvvpQCucIjG8M8dEd7iu4VRZh/rxGxV9MJ2qUNETa6hnfX+Z2xaLTcgYAG5z7p60sThPfFfYLopdJL1dO5eA/EncPzuQuh087w=" matrix: - ARCH=x86 - ARCH=arm diff --git a/Dockerfile b/Dockerfile index 80f496f..055771f 100644 --- a/Dockerfile +++ b/Dockerfile @@ -8,16 +8,22 @@ # EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE IMPLIED # WARRANTIES OF MERCHANTABILITY AND/OR FITNESS FOR A PARTICULAR PURPOSE. -FROM ubuntu:16.04 +FROM ubuntu:14.04 RUN mkdir /work WORKDIR /work RUN apt-get update \ - && apt-get install -y build-essential \ + && apt-get install -y wget \ + && wget -O - https://apt.llvm.org/llvm-snapshot.gpg.key | apt-key add - \ + && echo "deb http://apt.llvm.org/trusty/ llvm-toolchain-trusty-4.0 main" \ + >/etc/apt/sources.list.d/llvm40.list \ + && apt-get update \ + && apt-get install -y libcurl4-openssl-dev \ + checkinstall \ + build-essential \ bison \ flex \ - cmake \ ninja-build \ llvm-4.0 \ llvm-4.0-dev \ @@ -32,9 +38,18 @@ RUN apt-get update \ libstdc++6-armhf-cross \ binutils-dev \ binutils-multiarch-dev \ - python - -RUN git clone --depth=1 --single-branch -b llvm-4.0 https://github.com/obfuscator-llvm/obfuscator.git obfuscator-llvm + python \ + && mkdir -p cmake-build && cd cmake-build \ + && wget https://cmake.org/files/v3.10/cmake-3.10.1.tar.gz \ + && tar -xvzf cmake-3.10.1.tar.gz \ + && cd cmake-3.10.1 \ + && ./configure \ + && make -j4 \ + && checkinstall -yD make install \ + && cd .. && rm -rf cmake-* \ + && apt-get -y --force-yes remove checkinstall \ + && apt-get clean \ + && rm -rf /var/lib/apt/lists/* COPY cpp_wrapper.py /bin RUN chmod +x /bin/cpp_wrapper.py diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..798a259 --- /dev/null +++ b/Makefile @@ -0,0 +1,34 @@ +SCRIPTS := .travis.sh \ + base.bash \ + build.bash \ + build_example.bash \ + publish.sh \ + run_build_shell.bash \ + stage_sysroot.bash \ + +check: + docker run -v $(CURDIR):/mnt koalaman/shellcheck -x $(SCRIPTS) + +check-%: + docker run -v $(CURDIR):/mnt koalaman/shellcheck -x $*.bash + +ifeq ($(NO_TTY),y) +NO_TTY_ARG := --no-tty +else +NO_TTY_ARG := +endif + +base: check-base + $(CURDIR)/base.bash $(NO_TTY_ARG) + +build: check-build + $(CURDIR)/build.bash $(NO_TTY_ARG) --arch=$(ARCH) + +stage: check-stage_sysroot + $(CURDIR)/stage_sysroot.bash $(NO_TTY_ARG) + +build-example: check-build_example + $(CURDIR)/build_example.bash $(NO_TTY_ARG) + +run: check-run_build_shell + $(CURDIR)/run_build_shell.bash $(NO_TTY_ARG) diff --git a/base.bash b/base.bash index 63f1f6d..63ec9ee 100755 --- a/base.bash +++ b/base.bash @@ -10,9 +10,50 @@ # EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE IMPLIED # WARRANTIES OF MERCHANTABILITY AND/OR FITNESS FOR A PARTICULAR PURPOSE. -DOCKER_NAMETAG=swiftnav/arm-llvm-obf:4.0 +set -euo pipefail +IFS=$'\n\t' -docker build -f Dockerfile -t $DOCKER_NAMETAG . +[[ -z "${DEBUG:-}" ]] || set -x -docker login --username="$DOCKER_USER" --password="$DOCKER_PASS" -docker push $DOCKER_NAMETAG +[[ -n "${DOCKER_USER:-}" ]] || { + echo "DOCKER_USER: must not be empty" + exit 1 +} + +[[ -n "${DOCKER_PASS:-}" ]] || { + echo "DOCKER_PASS: must not be empty" + exit 1 +} + +DOCKER_NAMETAG=$(cat docker_nametag) + +query_build_pushed() { + + local repo_tag=$1; shift + + repo_tag=${repo_tag##*:} + + TOKEN=$(curl -s -H "Content-Type: application/json" \ + -X POST -d '{"username": "'"${DOCKER_USER}"'", "password": "'"${DOCKER_PASS}"'"}' \ + https://hub.docker.com/v2/users/login/ | jq -r .token) + + ORG=swiftnav + REPO=arm-llvm-obf + + curl -s -H "Authorization: JWT ${TOKEN}" \ + https://hub.docker.com/v2/repositories/${ORG}/${REPO}/tags/?page_size=100 \ + | jq '.results | .[] | .name' \ + | grep "$repo_tag" +} + +if [[ -n "$(query_build_pushed "$DOCKER_NAMETAG")" ]]; then + echo "Build already pushed, exiting..." + exit 0 +fi + +docker build \ + --force-rm --no-cache \ + -f Dockerfile -t "$DOCKER_NAMETAG" . + +echo "$DOCKER_PASS" | docker login --username="$DOCKER_USER" --password-stdin +docker push "$DOCKER_NAMETAG" diff --git a/bin/arm-linux-gnueabihf-clang b/bin/arm-linux-gnueabihf-clang index 364d20e..674ba7b 100755 --- a/bin/arm-linux-gnueabihf-clang +++ b/bin/arm-linux-gnueabihf-clang @@ -31,7 +31,7 @@ else D=$( (cd `dirname $0`/../.. >/dev/null; pwd -P) ) R=$D/sysroot - export LD_LIBRARY_PATH="${R}/usr/lib/x86_64-linux-gnu" + export LD_LIBRARY_PATH="${R}/usr/lib/x86_64-linux-gnu:${R}/usr/x86_64-linux-gnu/arm-linux-gnueabihf" TOOLCHAIN_OPTS="\ \ diff --git a/bin/arm-linux-gnueabihf-clang++ b/bin/arm-linux-gnueabihf-clang++ index eac9498..c4146b2 100755 --- a/bin/arm-linux-gnueabihf-clang++ +++ b/bin/arm-linux-gnueabihf-clang++ @@ -34,7 +34,7 @@ else D=$( (cd `dirname $0`/../.. >/dev/null; pwd -P) ) R=$D/sysroot - export LD_LIBRARY_PATH="${R}/usr/lib/x86_64-linux-gnu" + export LD_LIBRARY_PATH="${R}/usr/lib/x86_64-linux-gnu:${R}/usr/x86_64-linux-gnu/arm-linux-gnueabihf" TOOLCHAIN_OPTS="\ \ @@ -44,8 +44,8 @@ else -B ${R}/usr/lib/gcc-cross/arm-linux-gnueabihf/4.8 \ \ -I ${R}/usr/arm-linux-gnueabihf/include \ - -I ${R}/usr/arm-linux-gnueabihf/include/c++/4.8.5 \ - -I ${R}/usr/arm-linux-gnueabihf/include/c++/4.8.5/arm-linux-gnueabihf \ + -I ${R}/usr/arm-linux-gnueabihf/include/c++/4.8.4 \ + -I ${R}/usr/arm-linux-gnueabihf/include/c++/4.8.4/arm-linux-gnueabihf \ \ -L ${R}/usr/arm-linux-gnueabi/libhf \ -L ${R}/usr/lib/gcc-cross/arm-linux-gnueabihf/4.8 \ diff --git a/bin/arm-linux-gnueabihf-objcopy b/bin/arm-linux-gnueabihf-objcopy index 18a29e6..631f989 100755 --- a/bin/arm-linux-gnueabihf-objcopy +++ b/bin/arm-linux-gnueabihf-objcopy @@ -13,7 +13,7 @@ D=$( (cd `dirname $0`/../.. >/dev/null; pwd -P) ) R=$D/sysroot -export LD_LIBRARY_PATH="${R}/usr/lib/x86_64-linux-gnu" +export LD_LIBRARY_PATH="${R}/usr/lib/x86_64-linux-gnu:${R}/usr/x86_64-linux-gnu/arm-linux-gnueabihf" exec ${R}/usr/bin/arm-linux-gnueabihf-objcopy $@ diff --git a/bin/arm-linux-gnueabihf-strip b/bin/arm-linux-gnueabihf-strip index 43b5202..aa0e28b 100755 --- a/bin/arm-linux-gnueabihf-strip +++ b/bin/arm-linux-gnueabihf-strip @@ -13,6 +13,6 @@ D=$( (cd `dirname $0`/../.. >/dev/null; pwd -P) ) R=$D/sysroot -export LD_LIBRARY_PATH="${R}/usr/lib/x86_64-linux-gnu" +export LD_LIBRARY_PATH="${R}/usr/lib/x86_64-linux-gnu:${R}/usr/x86_64-linux-gnu/arm-linux-gnueabihf" exec ${R}/usr/bin/arm-linux-gnueabihf-strip $@ diff --git a/build.bash b/build.bash index a0684fc..f650df4 100755 --- a/build.bash +++ b/build.bash @@ -10,34 +10,45 @@ # EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE IMPLIED # WARRANTIES OF MERCHANTABILITY AND/OR FITNESS FOR A PARTICULAR PURPOSE. -DOCKER_NAMETAG=swiftnav/arm-llvm-obf:4.0 +set -euo pipefail +IFS=$'\n\t' -set -x -set -e +DOCKER_NAMETAG=$(cat docker_nametag) -mkdir -p build mkdir -p output/opt -MAKE_PACKAGES= VERBOSE= +NO_TTY= while [[ $# -gt 0 ]]; do case $1 in - --verbose) - VERBOSE="-v" - shift - ;; - --arch=x86) - ARCH="X86" - shift - ;; - --arch=arm) - ARCH="ARM" - shift - ;; + --verbose) + VERBOSE="-v" + shift + ;; + --arch=x86) + ARCH="X86" + shift + ;; + --arch=arm) + ARCH="ARM" + shift + ;; + --no-tty) + NO_TTY=--no-tty + shift + ;; + *) shift ;; esac done +if [[ -z "${ARCH:-}" ]]; then + echo "Error: must specify --arch=" + exit 1 +fi + +set -x + CMAKE_COMMAND="\ cmake -G Ninja \ /work/obfuscator-llvm \ @@ -50,18 +61,33 @@ CMAKE_COMMAND="\ -DLLVM_BINUTILS_INCDIR=/usr/include \ -DLLVM_INCLUDE_TESTS=OFF" -PATCH_COMMAND="git apply /patches/*.patch" +PATCH_COMMAND="{ git apply /patches/*.patch || : ; }" + +if [[ -z "$NO_TTY" ]]; then + INTERACTIVE=("-i" "-t") +else + INTERACTIVE=() +fi -docker run -i -t --rm \ - -v $PWD/build:/work/build \ - -v $PWD/output/opt:/opt \ - -v $PWD/patches:/patches \ +# shellcheck disable=SC2068 +docker run ${INTERACTIVE[@]:-} --rm \ + -v "$PWD/output/opt:/opt" \ + -v "$PWD/patches:/patches" \ + -v obfuscator-llvm:/work/obfuscator-llvm \ + -v obfuscator-llvm-build:/work/build \ "$DOCKER_NAMETAG" \ - /bin/bash -c "cd /work/obfuscator-llvm \ + /bin/bash -c "if [ ! -d /work/obfuscator-llvm/.git ]; then \ + git clone --depth=1 --single-branch -b llvm-4.0 \ + https://github.com/obfuscator-llvm/obfuscator.git \ + obfuscator-llvm; + else \ + (cd /work/obfuscator-llvm && git pull); \ + fi \ + && cd /work/obfuscator-llvm \ && $PATCH_COMMAND \ && cd /work/build \ && $CMAKE_COMMAND \ && ninja $VERBOSE \ && ninja $VERBOSE install" -./stage_sysroot.bash +./stage_sysroot.bash $NO_TTY diff --git a/build_example.bash b/build_example.bash index 8be2bb8..eba5d4e 100755 --- a/build_example.bash +++ b/build_example.bash @@ -10,15 +10,37 @@ # EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE IMPLIED # WARRANTIES OF MERCHANTABILITY AND/OR FITNESS FOR A PARTICULAR PURPOSE. -DOCKER_NAMETAG=swiftnav/arm-llvm-obf:4.0 +set -euo pipefail +IFS=$'\n\t' + +DOCKER_NAMETAG=$(cat docker_nametag) -mkdir -p build mkdir -p output/opt -docker run -i -t --rm \ - -v $PWD/example:/work/example \ - -v $PWD/build:/work/build \ - -v $PWD/output/opt:/opt \ - $DOCKER_NAMETAG \ +NO_TTY= + +while [[ $# -gt 0 ]]; do + case $1 in + --no-tty) + NO_TTY=y + shift + ;; + *) shift ;; + esac +done + +if [[ -z "$NO_TTY" ]]; then + INTERACTIVE=("-i" "-t") +else + INTERACTIVE=() +fi + +# shellcheck disable=SC2068 +docker run ${INTERACTIVE[@]:-} --rm \ + -v "$PWD/example:/work/example" \ + -v "$PWD/output/opt:/opt" \ + -v obfuscator-llvm:/work/obfuscator-llvm \ + -v obfuscator-llvm-build:/work/build \ + "$DOCKER_NAMETAG" \ /bin/bash -c "export PATH=/opt/llvm-obfuscator/bin:/opt/llvm-obfuscator/wrappers/bin:\$PATH; \ make -C example" diff --git a/docker_nametag b/docker_nametag new file mode 100644 index 0000000..5ce5b09 --- /dev/null +++ b/docker_nametag @@ -0,0 +1 @@ +swiftnav/arm-llvm-obf:4.0-ubuntu1404 diff --git a/example/Makefile b/example/Makefile index d14b542..d6a7f82 100644 --- a/example/Makefile +++ b/example/Makefile @@ -13,9 +13,9 @@ OBFUSCATE_OPS := -mllvm -sub -mllvm -bcf -mllvm -fla all: normal obfuscated normal: - arm-linux-gnueabihf-clang++ test.cc -o test-cxx arm-linux-gnueabihf-clang test.c -o test-c + arm-linux-gnueabihf-clang++ test.cc -o test-cxx obfuscated: - arm-linux-gnueabihf-clang++ test.cc -o test-cxx $(OBFUSCATE_OPS) arm-linux-gnueabihf-clang test.c -o test-c $(OBFUSCATE_OPS) + arm-linux-gnueabihf-clang++ test.cc -o test-cxx $(OBFUSCATE_OPS) diff --git a/publish.sh b/publish.sh index 0092c0c..9e5491d 100755 --- a/publish.sh +++ b/publish.sh @@ -34,13 +34,13 @@ if [[ ! -z "$PRODUCT_TYPE" ]]; then BUILD_PATH="$BUILD_PATH/$PRODUCT_TYPE" fi -echo "Uploading $@ to $BUILD_PATH" +echo "Uploading $* to $BUILD_PATH" echo "Publish PULL_REQUEST ($TRAVIS_PULL_REQUEST)" echo "Publish BRANCH ($TRAVIS_BRANCH)" echo "Publish TAG ($TRAVIS_TAG)" for file in "$@"; do - KEY="$BUILD_PATH/$(basename $file)" + KEY="$BUILD_PATH/$(basename "$file")" if [ "$TRAVIS_PULL_REQUEST" == "false" ]; then if [[ "$TRAVIS_BRANCH" == master || "$TRAVIS_TAG" == v* || "$TRAVIS_BRANCH" == v*-release ]]; then OBJECT="s3://$BUCKET/$KEY" diff --git a/run_build_shell.bash b/run_build_shell.bash index 2b79a46..6c0e2ba 100755 --- a/run_build_shell.bash +++ b/run_build_shell.bash @@ -10,16 +10,19 @@ # EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE IMPLIED # WARRANTIES OF MERCHANTABILITY AND/OR FITNESS FOR A PARTICULAR PURPOSE. -DOCKER_NAMETAG=swiftnav/arm-llvm-obf:4.0 +set -euo pipefail +IFS=$'\n\t' + +DOCKER_NAMETAG=$(cat docker_nametag) -mkdir -p build mkdir -p output/opt docker run -i -t --rm \ - -v $PWD/example:/work/example \ - -v $PWD/build:/work/build \ - -v $PWD/output/opt:/opt \ - -v $PWD/bin:/wrapper-bin \ - -v $PWD/patches:/patches \ - $DOCKER_NAMETAG \ - /bin/bash -c "export PATH=/opt/llvm-obfuscator/bin:/wrapper-bin:\$PATH; exec /bin/bash" + -v "$PWD/example:/work/example" \ + -v "$PWD/output/opt:/opt" \ + -v "$PWD/bin:/wrapper-bin" \ + -v "$PWD/patches:/patches" \ + -v obfuscator-llvm:/work/obfuscator-llvm \ + -v obfuscator-llvm-build:/work/build \ + "$DOCKER_NAMETAG" \ + /bin/bash -c "export PATH=/opt/llvm-obfuscator/bin:/opt/llvm-obfuscator/wrappers/bin:\$PATH; exec /bin/bash" diff --git a/stage_sysroot.bash b/stage_sysroot.bash index 9afb87f..da34e48 100755 --- a/stage_sysroot.bash +++ b/stage_sysroot.bash @@ -10,9 +10,32 @@ # EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE IMPLIED # WARRANTIES OF MERCHANTABILITY AND/OR FITNESS FOR A PARTICULAR PURPOSE. +## Strict mode +set -euo pipefail +IFS=$'\n\t' + +## Debug mode set -x -DOCKER_NAMETAG=swiftnav/arm-llvm-obf:4.0 +if [[ -z "${DOCKERCEPTION:-}" ]]; then + + ## Init vars + export DOCKER_NAMETAG + DOCKER_NAMETAG=$(cat docker_nametag) + + export INTERACTIVE + INTERACTIVE=("-i" "-t") + + while [[ $# -gt 0 ]]; do + case $1 in + --no-tty) + export INTERACTIVE=() + shift + ;; + *) shift ;; + esac + done +fi stage_sysroot() { @@ -25,9 +48,10 @@ stage_sysroot() { "/usr/arm-linux-gnueabihf" "/usr/arm-linux-gnueabi" "/usr/lib/gcc-cross/arm-linux-gnueabihf/4.8" + "/usr/x86_64-linux-gnu/arm-linux-gnueabihf/" ) - for SYSROOT_DIR in ${SYSROOT_DIRS[@]}; do + for SYSROOT_DIR in "${SYSROOT_DIRS[@]}"; do mkdir -p "${OUT}/${SYSROOT_DIR}" rsync -azv "${SYSROOT_DIR}/" "${OUT}/${SYSROOT_DIR}/" done @@ -56,30 +80,35 @@ stage_sysroot() { mkdir -p "${OUT}/usr/bin/" - for BINTOOL in ${BINTOOLS[@]}; do - cp -v ${BINTOOL} "${OUT}/usr/bin/" + for BINTOOL in "${BINTOOLS[@]}"; do + cp -v "$BINTOOL" "${OUT}/usr/bin/" done - D="${OUT}/usr/lib/x86_64-linux-gnu/" - - mkdir -p "$D" - - for ARMHF in /usr/lib/x86_64-linux-gnu/*armhf*; do - cp -v "${ARMHF}" "$D/" - done +#### +## Disable this for Ubuntu 14.04, it doesn't seem to be present +#### +# D="${OUT}/usr/lib/x86_64-linux-gnu/" +# +# mkdir -p "$D" +# +# for ARMHF in /usr/lib/x86_64-linux-gnu/*armhf*; do +# cp -v "${ARMHF}" "$D/" +# done } run() { - if [[ -n "$DOCKERCEPTION" ]]; then return; fi + if [[ -n "${DOCKERCEPTION:-}" ]]; then return; fi - docker run -i -t --rm \ - -v $PWD/example:/work/example \ - -v $PWD/build:/work/build \ - -v $PWD/output/opt:/opt \ - -v $PWD:/this_dir \ + # shellcheck disable=SC2068 + docker run ${INTERACTIVE[@]:-} --rm \ + -v "$PWD/example:/work/example" \ + -v "$PWD/output/opt:/opt" \ + -v "$PWD:/this_dir" \ + -v obfuscator-llvm:/work/obfuscator-llvm \ + -v obfuscator-llvm-build:/work/build \ -e DOCKERCEPTION=1 \ - $DOCKER_NAMETAG \ + "$DOCKER_NAMETAG" \ /bin/bash -c ". /this_dir/stage_sysroot.bash; stage_sysroot" }