Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[ILASM] Add support for deterministic builds and PDB checksums #109091

Merged
merged 79 commits into from
Jan 9, 2025
Merged
Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
79 commits
Select commit Hold shift + click to select a range
1419f57
Added '/DET' flag to ILASM for deterministic compilations
TIHan Apr 25, 2023
d3b329c
Using 'm_pInternalEmitForDeterministicMvid'
TIHan Apr 25, 2023
0357bf1
Removing use of BCRYPT APIs. Added TODOs.
TIHan Apr 25, 2023
54147cc
Add use of BCYRPT for windows-only. Added TODO for non-win32.
TIHan Apr 25, 2023
5516e77
Preliminary work for deterministic PDB guid
TIHan Apr 25, 2023
d6a16fa
Fixed ordering problem
TIHan Apr 25, 2023
f2e4d2c
Computing checksum and using result for the PDB guid
TIHan Apr 25, 2023
89df2d8
Refactoring apis
TIHan Apr 26, 2023
7374450
Added PdbChecksum and Deterministic Debug Directory entries
TIHan Apr 26, 2023
7a0dfcb
Minor whitespace cleanup
TIHan Apr 26, 2023
615c6ce
Merge remote-tracking branch 'upstream/main' into ilasm-det
TIHan Jul 14, 2023
68482a4
mering with main
TIHan Jun 4, 2024
ef59bed
Fix build
TIHan Jun 4, 2024
028a8b6
Added IILAsmPortablePdbWriter interface
TIHan Jun 4, 2024
e1a10f8
Checking deterministic output for ILASM for all roundtrip tests
TIHan Jun 4, 2024
8ba6868
Fixed getting interface. Testing determinism of pdb.
TIHan Jun 5, 2024
c023315
add comment
TIHan Jun 5, 2024
9e14b48
Remove use of goto
TIHan Jun 5, 2024
4038a1f
Added sha256 for non-win32
TIHan Jun 5, 2024
69fadf4
Using different impl for getting sha256 of a file in python. Using sh…
TIHan Jun 5, 2024
936f0a3
Trying to fix build
TIHan Jun 5, 2024
d6b4258
Fix build
TIHan Jun 6, 2024
9c1a645
disable testing determinism due to timeouts
TIHan Jun 6, 2024
e8b9b7f
Merge remote-tracking branch 'upstream/main' into ilasm-det
TIHan Jul 23, 2024
3331d9d
Temporarily disable emitting debug directories to see if the tests ti…
TIHan Jul 23, 2024
7df2c80
Merge branch 'ilasm-det' of https://github.com/TIHan/runtime into ila…
TIHan Jul 23, 2024
e78450f
Merge remote-tracking branch 'upstream/main' into ilasm-det
TIHan Jul 24, 2024
8e357b8
Renable deterministic tests and debug directory creation
TIHan Jul 24, 2024
8867295
Added sha256.cpp
TIHan Jul 24, 2024
6dd077f
Remove sha256 impl for now
TIHan Jul 24, 2024
ce016fa
memset for now
TIHan Jul 24, 2024
0086e7d
Temp disable det testing
TIHan Jul 25, 2024
246e42e
Wip: windows/macos sha256 impl
amanasifkhalid Oct 21, 2024
b65f049
Fix build
amanasifkhalid Oct 21, 2024
7cad7db
Non-zero default timestamp
amanasifkhalid Oct 22, 2024
d673645
OpenSSL shim dependency
amanasifkhalid Oct 24, 2024
f3fbd13
Revert default timestamp
amanasifkhalid Oct 24, 2024
5dc8b2a
Error checking in Apple sha256 impl
amanasifkhalid Oct 24, 2024
dd1161c
Linux hash impl
amanasifkhalid Oct 24, 2024
11e02e7
Move static dep to sha256 impl
amanasifkhalid Oct 24, 2024
984f323
whitespace
amanasifkhalid Oct 24, 2024
9665944
Enable determinism tests
amanasifkhalid Oct 24, 2024
dba93ca
Remove debug code; fix macOS build
amanasifkhalid Oct 24, 2024
52c29fd
Fix source build
amanasifkhalid Oct 24, 2024
8802b8d
Remove OpenSSL find requirement
amanasifkhalid Oct 24, 2024
80b4fa4
Fix building linuxdac on win
amanasifkhalid Oct 24, 2024
f8272ff
Ensure OpenSSL is initialized
amanasifkhalid Oct 31, 2024
6c1b4ea
Merge branch 'main' into ilasm-det
amanasifkhalid Nov 1, 2024
0e06b0a
Exclude incompatible test from ILAsm roundtrip
amanasifkhalid Nov 1, 2024
097067d
Revert "Exclude incompatible test from ILAsm roundtrip"
amanasifkhalid Nov 1, 2024
9bfcb7f
Run determinism tests only if build succeeded
amanasifkhalid Nov 1, 2024
0940674
File header timestamp of 1
amanasifkhalid Nov 4, 2024
786061d
print hashes
amanasifkhalid Nov 5, 2024
6780404
Fix int cmp
amanasifkhalid Nov 5, 2024
b2b92a7
One-shot CommonCrypto SHA-256
amanasifkhalid Nov 5, 2024
41c6e27
Remove debug logic
amanasifkhalid Nov 5, 2024
047da9b
Move SHA-256 impl to ilasm
amanasifkhalid Nov 5, 2024
1bf147c
Add hash function arg to ComputeSha256Checksum
amanasifkhalid Nov 5, 2024
5cbe577
Merge from main
amanasifkhalid Nov 7, 2024
8214e8d
Fix hash call site
amanasifkhalid Nov 7, 2024
ca3edb1
Tweak determinism test logic
amanasifkhalid Nov 7, 2024
ea562ae
Revert "Tweak determinism test logic"
amanasifkhalid Nov 8, 2024
6d6b058
Whitespace
amanasifkhalid Nov 8, 2024
91c2acf
Clean up macro
amanasifkhalid Nov 8, 2024
4d0789d
Merge branch 'main' into ilasm-det
amanasifkhalid Dec 14, 2024
db19e8a
Use valid deterministic timestamp
amanasifkhalid Jan 6, 2025
f7162b4
Ensure SHA256 prefix to PDB checksum is null-terminated
amanasifkhalid Jan 6, 2025
2614e36
Error out if OpenSSL not available
amanasifkhalid Jan 7, 2025
9247c7a
Compare files instead of hashes for determinism test
amanasifkhalid Jan 7, 2025
92ef0a9
Computed timestamp for debug dirs from PDB checksum
amanasifkhalid Jan 7, 2025
b7ad2c6
Extend PEWriter API surface to change file header timestamp
amanasifkhalid Jan 7, 2025
b15f810
Fix ILAsm roundtrip tests
amanasifkhalid Jan 7, 2025
db1cdfe
Remove comment
amanasifkhalid Jan 7, 2025
2ce7321
Don't use PDB checksum for GUID/timestamp
amanasifkhalid Jan 8, 2025
266538d
Fix file renaming in determinism tests on Windows
amanasifkhalid Jan 8, 2025
c957abf
Error message consistency
amanasifkhalid Jan 8, 2025
f3da380
Fix build for clang
amanasifkhalid Jan 8, 2025
0903e15
Revert test changes
amanasifkhalid Jan 9, 2025
9b2954e
Revert no-op change
amanasifkhalid Jan 9, 2025
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
Merge from main
  • Loading branch information
amanasifkhalid committed Nov 7, 2024
commit 5cbe577f134f5e6ca8dfb67337ea480b9c61763b
9 changes: 4 additions & 5 deletions src/coreclr/ilasm/CMakeLists.txt
Original file line number Diff line number Diff line change
Expand Up @@ -37,14 +37,14 @@ set(ILASM_HEADERS
sha256.h
)

if(CLR_CMAKE_TARGET_LINUX)
if(CLR_CMAKE_TARGET_UNIX AND NOT CLR_CMAKE_TARGET_APPLE)
configure_file(
../../native/libs/System.Security.Cryptography.Native/pal_crypto_config.h.in
${CMAKE_CURRENT_BINARY_DIR}/pal_crypto_config.h)
include_directories(../../native/libs/Common)
include_directories(../../native/libs/System.Security.Cryptography.Native)
include_directories(${CMAKE_CURRENT_BINARY_DIR})
endif(CLR_CMAKE_TARGET_LINUX)
endif(CLR_CMAKE_TARGET_UNIX AND NOT CLR_CMAKE_TARGET_APPLE)

if(CLR_CMAKE_TARGET_WIN32)
list(APPEND ILASM_SOURCES ${ILASM_HEADERS})
Expand Down Expand Up @@ -117,16 +117,15 @@ else()
)
endif(CLR_CMAKE_TARGET_WIN32)

if(CLR_CMAKE_TARGET_LINUX)
if(CLR_CMAKE_TARGET_UNIX AND NOT CLR_CMAKE_TARGET_APPLE)
list(APPEND ILASM_LINK_LIBRARIES System.Security.Cryptography.Native.OpenSsl-Static)
if(NOT FEATURE_DISTRO_AGNOSTIC_SSL)
find_package(OpenSSL QUIET)
if(OPENSSL_FOUND)
list(APPEND ILASM_LINK_LIBRARIES OpenSSL::SSL OpenSSL::Crypto)
endif(OPENSSL_FOUND)
endif(NOT FEATURE_DISTRO_AGNOSTIC_SSL)
endif(CLR_CMAKE_TARGET_LINUX)

endif(CLR_CMAKE_TARGET_UNIX AND NOT CLR_CMAKE_TARGET_APPLE)

if(CLR_CMAKE_HOST_UNIX)
target_link_libraries(ilasm
Expand Down
97 changes: 28 additions & 69 deletions src/coreclr/ilasm/sha256.h
Original file line number Diff line number Diff line change
Expand Up @@ -8,73 +8,54 @@
// contains implementation of sha256 hash algorithm
//
//*****************************************************************************
#ifndef __sha256__h__
#define __sha256__h__
#ifndef HAVE_SHA256_H
#define HAVE_SHA256_H

#ifdef _WIN32
inline HRESULT Sha256Hash(BYTE* pSrc, DWORD srcSize, BYTE* pDst, DWORD dstSize)
{
NTSTATUS status;

BCRYPT_ALG_HANDLE algHandle = NULL;
BCRYPT_HASH_HANDLE hashHandle = NULL;

BYTE hash[32]; // 256 bits
DWORD hashLength = 0;
DWORD resultLength = 0;
status = BCryptOpenAlgorithmProvider(&algHandle, BCRYPT_SHA256_ALGORITHM, NULL, BCRYPT_HASH_REUSABLE_FLAG);
if(!NT_SUCCESS(status))
{
goto cleanup;
}
status = BCryptGetProperty(algHandle, BCRYPT_HASH_LENGTH, (PBYTE)&hashLength, sizeof(hashLength), &resultLength, 0);
if(!NT_SUCCESS(status))
if (dstSize != 32)
{
goto cleanup;
return E_FAIL;
}
if (hashLength != 32)

BCRYPT_ALG_HANDLE algHandle = NULL;
BCRYPT_HASH_HANDLE hashHandle = NULL;

NTSTATUS status = BCryptOpenAlgorithmProvider(&algHandle, BCRYPT_SHA256_ALGORITHM, NULL, 0);

if (!NT_SUCCESS(status))
{
status = STATUS_NO_MEMORY;
goto cleanup;
}

status = BCryptCreateHash(algHandle, &hashHandle, NULL, 0, NULL, 0, 0);
if(!NT_SUCCESS(status))

if (!NT_SUCCESS(status))
{
goto cleanup;
}

status = BCryptHashData(hashHandle, pSrc, srcSize, 0);
if(!NT_SUCCESS(status))
{
goto cleanup;
}

status = BCryptFinishHash(hashHandle, hash, hashLength, 0);
if(!NT_SUCCESS(status))
if (!NT_SUCCESS(status))
{
goto cleanup;
}

if (dstSize < hashLength)
{
memcpy(pDst, hash, dstSize);
}
else
{
memcpy(pDst, hash, hashLength);
}

status = S_OK;
status = BCryptFinishHash(hashHandle, pDst, dstSize, 0);

cleanup:
if (NULL != hashHandle)
if (hashHandle != NULL)
{
BCryptDestroyHash(hashHandle);
}
if(NULL != algHandle)

if (algHandle != NULL)
{
BCryptCloseAlgorithmProvider(algHandle, 0);
}

return status;
}
#elif defined(__APPLE__)
Expand All @@ -83,21 +64,15 @@ inline HRESULT Sha256Hash(BYTE* pSrc, DWORD srcSize, BYTE* pDst, DWORD dstSize)

inline HRESULT Sha256Hash(BYTE* pSrc, DWORD srcSize, BYTE* pDst, DWORD dstSize)
{
BYTE hash[32];
CC_SHA256(pSrc, (CC_LONG)srcSize, hash);

if (dstSize < CC_SHA256_DIGEST_LENGTH)
if (dstSize != CC_SHA256_DIGEST_LENGTH)
{
memcpy(pDst, hash, dstSize);
}
else
{
memcpy(pDst, hash, CC_SHA256_DIGEST_LENGTH);
return E_FAIL;
}

CC_SHA256(pSrc, (CC_LONG)srcSize, pDst);
return S_OK;
}
#elif defined(__linux__)
#else
extern "C" {
#include "openssl.h"
#include "pal_evp.h"
Expand All @@ -110,36 +85,20 @@ inline bool IsOpenSslAvailable()

inline HRESULT Sha256Hash(BYTE* pSrc, DWORD srcSize, BYTE* pDst, DWORD dstSize)
{
if (!IsOpenSslAvailable() || CryptoNative_EnsureOpenSslInitialized())
if (CryptoNative_EnsureOpenSslInitialized() || (dstSize != 32))
{
return E_FAIL;
}

BYTE hash[32];
DWORD hashLength = 0;
uint32_t hashLength = 0;

if (!CryptoNative_EvpDigestOneShot(CryptoNative_EvpSha256(), pSrc, srcSize, hash, &hashLength))
if (!CryptoNative_EvpDigestOneShot(CryptoNative_EvpSha256(), pSrc, srcSize, pDst, &hashLength))
{
return E_FAIL;
}

if (dstSize < hashLength)
{
memcpy(pDst, hash, dstSize);
}
else
{
memcpy(pDst, hash, hashLength);
}

return S_OK;
}
#else
// Unsupported platform
inline HRESULT Sha256Hash(BYTE* pSrc, DWORD srcSize, BYTE* pDst, DWORD dstSize)
{
return E_FAIL;
}
#endif

#endif // __sha256__h__
#endif // HAVE_SHA256_H
You are viewing a condensed version of this merge commit. You can view the full changes here.