mirror of
https://github.com/burrowers/garble.git
synced 2025-12-24 12:58:05 +08:00
avoid go:linkname warnings when building on tip
Packages like os and sync have started using go:linknames pointing to
packages outside their dependency tree, much like runtime already did.
This started causing warnings to be printed while obfuscsating std:
> exec garble build -o=out_rebuild ./stdimporter
[stderr]
# sync
//go:linkname refers to syscall.hasWaitingReaders - add `import _ "syscall"` for garble to find the package
# os
//go:linkname refers to net.newUnixFile - add `import _ "net"` for garble to find the package
> bincmp out_rebuild out
PASS
Relax the restriction in listPackage so that any package in std
is now allowed to list packages in runtimeLinknamed,
which makes the warnings and any potential problems go away.
Also make these std test cases check that no warnings are printed,
since I only happened to notice this problem by chance.
This commit is contained in:
Daniel Martí
2
testdata/script/gogarble.txtar
vendored
2
testdata/script/gogarble.txtar
vendored
@@ -29,11 +29,13 @@ env GOGARBLE='*'
|
||||
# Plus, some packages like net make heavy use of complex features like Cgo.
|
||||
# Note that we won't obfuscate a few std packages just yet, mainly those around runtime.
|
||||
exec garble build std
|
||||
! stderr . # no warnings
|
||||
|
||||
# Link a binary importing net/http, which will catch whether or not we
|
||||
# support ImportMap when linking.
|
||||
# Also ensure we are obfuscating low-level std packages.
|
||||
exec garble build -o=out ./stdimporter
|
||||
! stderr . # no warnings
|
||||
! binsubstr out 'http.ListenAndServe' 'debug.WriteHeapDump' 'time.Now' 'syscall.Listen'
|
||||
|
||||
# The same low-level std packages appear in plain sight in regular builds.
|
||||
|
||||
Reference in New Issue
Block a user