Integrate ASR instrumentation into build system

ASR instrumentation is now performed on all applicable system services
if the system is built with MKASR=yes.  This setting automatically
enables MKMAGIC=yes, which in turn enables MKBITCODE=yes.

The number of extra rerandomized service binaries to be generated can
be set by passing ASRCOUNT=n to the build system, where n is a number
between 1 and 65536.  The default ASRCOUNT is 3, meaning that each
service will have one randomized base binary and three additional
rerandomized binaries.  As before, update_asr(8) can be used for
runtime rerandomization.

Change-Id: Icb498bcc6d1cd8d3f6bcc24eb0b32e29b7e750c2

minix/commands/update_asr/update_asr.sh

@@ -6,8 +6,6 @@ SERVICE_PATH=/service
 
 # The path to the alternative, ASR-rerandomized system service binaries.
 # The path used here is typically a symlink into /usr for size reasons.
-# As of writing, the only way to create these sets of binaries is by means
-# of the host-side "minix/llvm/clientctl buildasr" command.
 SERVICE_ASR_PATH=$SERVICE_PATH/asr
 
 # A space-separated list of labels not to update in any case.  The list
@@ -84,7 +82,7 @@ for service in $services; do
 	# we avoid potential problems with gaps between the numbers by
 	# stopping at the first number for which no binary is present.
 	total=1
-	while [ -f $SERVICE_ASR_PATH/$total/$filename ]; do
+	while [ -f $SERVICE_ASR_PATH/$filename-$total ]; do
 		total=$(($total + 1))
 	done
 
@@ -99,7 +97,7 @@ for service in $services; do
 	if [ $count -eq 0 ]; then
 		binary=$SERVICE_PATH/$filename
 	else
-		binary=$SERVICE_ASR_PATH/$count/$filename
+		binary=$SERVICE_ASR_PATH/$filename-$count
 	fi
 
 	# Check whether the live update should use a state other than the
@@ -124,8 +122,8 @@ for service in $services; do
 	# Perform the live update.  The update may legitimately fail if the
 	# service is not in the right state.  TODO: report transient errors
 	# as debugging output only.
-	service -a update $binary -label $label -asr-count $count \
-		$state $maxtime
+	service -a update $binary -progname $filename -label $label \
+		-asr-count $count $state $maxtime
 	error=$?
 	if [ $error -eq 0 ]; then
 		debug "updated $label to number $count, total $total"

releasetools/image.functions

@@ -154,9 +154,8 @@ create_input_spec()
 	if [ ${ASR_HACK} -eq 1 ]
 	then
 		# Hacky workaround for ASR-randomized service binaries since they don't get nicely packaged in a tarball
-		# add any generated ASR-randomized service binaries (but not their root directory, which is already there)
+		# add any generated ASR-randomized service binaries
 		# TODO: apply stricter file permissions for both these and the base /service binaries, against local attacks
-		(cd ${DESTDIR} && find ./usr/service/asr -type d | sed '1d;s/$/ type=dir uid=0 gid=0 mode=0755/') >> ${WORK_DIR}/input
 		(cd ${DESTDIR} && find ./usr/service/asr -type f | sed 's/$/ type=file uid=0 gid=0 mode=0755/') >> ${WORK_DIR}/input
 		cp -r ${DESTDIR}/usr/service/asr ${ROOT_DIR}/usr/service
 	fi

share/mk/bsd.own.mk

@@ -1305,7 +1305,7 @@ _MKVARS.no= \
 
 #MINIX-specific vars
 _MKVARS.no+= \
-	MKIMAGEONLY MKSMALL MKBITCODE MKMAGIC MKSRC
+	MKIMAGEONLY MKSMALL MKBITCODE MKMAGIC MKASR MKSRC
 .if !empty(MACHINE_ARCH:Mearm*)
 _MKVARS.no+= \
 	MKWATCHDOG MKACPI MKAPIC MKDEBUGREG MKINSTALLBOOT MKPCI
@@ -1411,6 +1411,11 @@ MKSYSDEBUG:=	no
 MKLIVEUPDATE:=	no
 .endif
 
+# MINIX: MKASR implies MKMAGIC
+.if ${MKASR} == "yes"
+MKMAGIC:=	yes
+.endif
+
 # MINIX: MKMAGIC implies MKBITCODE
 .if ${MKMAGIC} == "yes"
 MKBITCODE:=	yes
@@ -1492,7 +1497,7 @@ ${var}?= yes
 #MINIX-specific vars
 .for var in \
 	USE_WATCHDOG USE_ACPI USE_APIC USE_DEBUGREG USE_SYSDEBUG \
-	USE_LIVEUPDATE USE_PCI USE_BITCODE USE_MAGIC
+	USE_LIVEUPDATE USE_PCI USE_BITCODE USE_MAGIC USE_ASR
 .if (${${var:S/USE_/MK/}} == "no")
 ${var}:= no
 .else

share/mk/minix.service.mk

@@ -51,6 +51,46 @@ BITCODE_LD_FLAGS_1ST.${_P}?= ${LIBMAGICST}
 
 MAGICFLAGS?=
 OPTFLAGS+= -load ${MAGICPASS} -magic ${MAGICFLAGS}
+
+# For MKASR builds, generate an additional set of rerandomized service
+# binaries.
+.if ${USE_ASR:Uno} == "yes"
+ASRPASS?= ${NETBSDSRCDIR}/minix/llvm/bin/asr.so
+ASRCOUNT?= 3
+ASRDIR?= /usr/service/asr
+
+DPADD+= ${ASRPASS}
+
+OPTFLAGS+= -load ${ASRPASS} -asr
+
+# Produce a variable _RANGE that contains "1 2 3 .. ${ASRCOUNT}".  We do not
+# want to invoke a shell command to do this; what if the host platform does not
+# have seq(1) ?  So, we do it with built-in BSD make features instead.  There
+# are probably substantially better ways to do this, though.  Right now the
+# maximum ASRCOUNT is 65536 (16**4), which should be plenty.  An ASRCOUNT of 0
+# is not supported, nor would it be very useful.
+_RANGE= 0
+_G0= xxxxxxxxxxxxxxxx
+_G= ${_G0:S/x/${_G0}/g:S/x/${_G0}/g:S/x/${_G0}/g}
+.for _X in ${_G:C/^(.{${ASRCOUNT}}).*/\1/:S/x/x /g}
+_RANGE:= ${_RANGE} ${_RANGE:[#]}
+.endfor
+_RANGE:= ${_RANGE:[2..-1]}
+
+# Add progname-1, progname-2, progname-3 (etc) to the list of programs to
+# generate, and install (just) these to ASRDIR.
+PROGS?= ${PROG}
+_PROGLIST:= ${PROGS}
+.for _N in ${_RANGE}
+.for _P in ${_PROGLIST}
+PROGS+= ${_P}-${_N}
+SRCS.${_P}-${_N}= ${SRCS.${_P}:U${SRCS}}
+BITCODE_LD_FLAGS_1ST.${_P}-${_N}:= ${BITCODE_LD_FLAGS_1ST.${_P}}
+BINDIR.${_P}-${_N}= ${ASRDIR}
+.endfor
+.endfor
+
+.endif # ${USE_ASR:Uno} == "yes"
 .endif # ${USE_BITCODE:Uno} == "yes" && ${USE_MAGIC:Uno} == "yes"
 
 .include <bsd.prog.mk>

share/mk/sys.mk

@@ -22,7 +22,7 @@ CPPFLAGS+= -DNDEBUG
 DBG=	-Os
 .endif
 
-.if ${MKMAGIC:Uno} == "yes"
+.if ${MKMAGIC:Uno} == "yes" || ${MKASR:Uno} == "yes"
 CPPFLAGS+= -D_MINIX_MAGIC=1
 STRIPFLAG= -s
 DBG=-g