Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

revised reflection handling #889

Merged
merged 1 commit into from
Nov 27, 2024
Merged

revised reflection handling #889

merged 1 commit into from
Nov 27, 2024

Conversation

lu4p
Copy link
Member

@lu4p lu4p commented Nov 23, 2024

(see commit message)

@lu4p

This comment was marked as outdated.

@lu4p

This comment was marked as outdated.

@lu4p lu4p changed the title WIP: revised reflection handling revised reflection handling Nov 25, 2024
@lu4p lu4p removed request for mvdan and pagran November 25, 2024 23:10
@lu4p lu4p requested a review from mvdan November 25, 2024 23:48
@lu4p

This comment was marked as outdated.

@lu4p lu4p requested a review from pagran November 26, 2024 12:42
shared.go Outdated Show resolved Hide resolved
main.go Outdated Show resolved Hide resolved
main.go Outdated Show resolved Hide resolved
main.go Outdated Show resolved Hide resolved
main.go Outdated Show resolved Hide resolved
reflect_abi_patch.go Outdated Show resolved Hide resolved
reflect_abi_patch.go Show resolved Hide resolved
reflect_abi_patch.go Outdated Show resolved Hide resolved
reflect_abi_patch.go Outdated Show resolved Hide resolved
reflect_abi_patch.go Show resolved Hide resolved
@lu4p lu4p force-pushed the obfuscateAll branch 3 times, most recently from a4dc374 to 18fcf7c Compare November 27, 2024 17:06
reflect_abi_patch.go Outdated Show resolved Hide resolved
reflect_abi_patch.go Outdated Show resolved Hide resolved
main.go Outdated Show resolved Hide resolved
main.go Outdated Show resolved Hide resolved
reflect_abi_patch.go Show resolved Hide resolved
reflect_abi_patch.go Show resolved Hide resolved
@lu4p lu4p force-pushed the obfuscateAll branch 3 times, most recently from f7e59c3 to e31525c Compare November 27, 2024 19:49
@lu4p lu4p requested a review from mvdan November 27, 2024 19:52
Copy link
Member

@mvdan mvdan left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

SGTM - looks a lot better without all the pkgcache changes. I'm still mildly worried about the internal/abi performance but we can measure and improve that once it hits master. Please revert the change to the hashed name lengths though, as described.

reflect_abi_patch.go Show resolved Hide resolved
@mvdan
Copy link
Member

mvdan commented Nov 27, 2024

Also, how about this for a more detailed commit message:

obfuscate all names used in reflection

Go code can retrieve and use field and method names via the `reflect` package.
For that reason, historically we did not obfuscate names of fields and methods
underneath types that we detected as used for reflection, via e.g. `reflect.TypeOf`.

However, that caused a number of issues. Since we obfuscate and build one package
at a time, we could only detect when types were used for reflection in their own package
or in upstream packages. Use of reflection in downstream packages would be detected
too late, causing one package to obfuscate the names and the other not to, and a failure.

A different approach is implemented here. All names are obfuscated now, but we collect
those types used for reflection, and at the end of a build in `package main`,
we inject a function into the runtime's `internal/abi` package to reverse the obfuscation
for those names which can be used for reflection.

This does mean that the obfuscation for the names is very weak, as the binary
contains a one-to-one mapping to their original names, but they cannot be obfuscated
without breaking too many Go packages out in the wild. There is also some amount
of overhead in `internal/abi` due to this, but we aim to make the overhead insignificant.

Go code can retrieve and use field and method names via the `reflect` package.
For that reason, historically we did not obfuscate names of fields and methods
underneath types that we detected as used for reflection, via e.g. `reflect.TypeOf`.

However, that caused a number of issues. Since we obfuscate and build one package
at a time, we could only detect when types were used for reflection in their own package
or in upstream packages. Use of reflection in downstream packages would be detected
too late, causing one package to obfuscate the names and the other not to, leading to a build failure.

A different approach is implemented here. All names are obfuscated now, but we collect
those types used for reflection, and at the end of a build in `package main`,
we inject a function into the runtime's `internal/abi` package to reverse the obfuscation
for those names which can be used for reflection.

This does mean that the obfuscation for these names is very weak, as the binary
contains a one-to-one mapping to their original names, but they cannot be obfuscated
without breaking too many Go packages out in the wild. There is also some amount
of overhead in `internal/abi` due to this, but we aim to make the overhead insignificant.

Fixes #884, #799, #817, #881, #858, #843, #842

Closes #406
@lu4p lu4p merged commit 926f3de into master Nov 27, 2024
4 checks passed
@lu4p lu4p deleted the obfuscateAll branch November 27, 2024 21:38
@phuclh
Copy link

phuclh commented Dec 18, 2024

@lu4p This PR was merged 3 weeks ago, but a new version hasn't been tagged yet. Do you know when it will be tagged?

@mvdan
Copy link
Member

mvdan commented Dec 20, 2024

@phuclh you can use go install mvdan.cc/garble@master today.

@phuclh
Copy link

phuclh commented Dec 20, 2024

@phuclh you can use go install mvdan.cc/garble@master today.

Thank you. I am on this version

garble version
mvdan.cc/garble v0.13.1-0.20241206121107-7678613fd007

Build settings:
      -buildmode exe
       -compiler gc
     CGO_ENABLED 1
          GOARCH arm64
            GOOS darwin
         GOARM64 v8.0

However, when I remove var _ = reflect.TypeOf(...{}), I still get the error with GORM structs. I don't know if the latest fix resolves the GORM issue.

2024/12/20 09:11:36 ??:1
[error] invalid field found for struct main.U6JzmZ's field T4hQuysXH: define a valid foreign key for relations or implement the Valuer/Scanner interface

2024/12/20 09:11:36 ??:1
[error] failed to parse value &main.U6JzmZ{I0TQCoxvOWE:0x0, JIEt8y4dX:0x0, D7rZuj5MsaaB:"", Nr0a0vX:"", CZzSdVfV:"", JaGgmdRy:0, IrEdAXYZg:(*uint)(nil), KTfiCNJ:(*float64)(nil), N0XJ8B:"", KTFbd5iv:0x0, Utt_JJe4Ga:0x0, LyvsvMGZpS:0x0, JiCm3_Ktd8i9:0x0, ZTPoLQOG:0x0, OIMEVbY1k:0x0, RpOSS4o0D:0x0, PPJY9CcoH:0x0, JqQCcKt:time.Date(1, time.January, 1, 0, 0, 0, 0, time.UTC), T4hQuysXH:(*main.KeywordMetric)(nil), UPFDxEnYamN_:[]main.KeywordSearchVolumeHistory(nil), QBfxYI:0x0, WaTZdP1kpSa:(*uint)(nil), FjhE9lSSSXYS:(*float64)(nil)}, got error invalid field found for struct main.U6JzmZ's field T4hQuysXH: define a valid foreign key for relations or implement the Valuer/Scanner interface

2024/12/20 09:11:36 ??:1
[error] invalid field found for struct main.U6JzmZ's field T4hQuysXH: define a valid foreign key for relations or implement the Valuer/Scanner interface

2024/12/20 09:11:36 ??:1
[error] invalid field found for struct main.U6JzmZ's field T4hQuysXH: define a valid foreign key for relations or implement the Valuer/Scanner interface

2024/12/20 09:11:36 ??:1
[error] failed to parse value &main.U6JzmZ{I0TQCoxvOWE:0x0, JIEt8y4dX:0x0, D7rZuj5MsaaB:"", Nr0a0vX:"", CZzSdVfV:"", JaGgmdRy:0, IrEdAXYZg:(*uint)(nil), KTfiCNJ:(*float64)(nil), N0XJ8B:"", KTFbd5iv:0x0, Utt_JJe4Ga:0x0, LyvsvMGZpS:0x0, JiCm3_Ktd8i9:0x0, ZTPoLQOG:0x0, OIMEVbY1k:0x0, RpOSS4o0D:0x0, PPJY9CcoH:0x0, JqQCcKt:time.Date(1, time.January, 1, 0, 0, 0, 0, time.UTC), T4hQuysXH:(*main.KeywordMetric)(nil), UPFDxEnYamN_:[]main.KeywordSearchVolumeHistory(nil), QBfxYI:0x0, WaTZdP1kpSa:(*uint)(nil), FjhE9lSSSXYS:(*float64)(nil)}, got error invalid field found for struct main.U6JzmZ's field T4hQuysXH: define a valid foreign key for relations or implement the Valuer/Scanner interface

2024/12/20 09:11:36 ??:1
[error] invalid field found for struct main.U6JzmZ's field T4hQuysXH: define a valid foreign key for relations or implement the Valuer/Scanner interface
2024/12/20 09:11:36 invalid field found for struct main.U6JzmZ's field T4hQuysXH: define a valid foreign key for relations or implement the Valuer/Scanner interface

@mvdan
Copy link
Member

mvdan commented Dec 20, 2024

File a new issue following the bug template, and provide steps to reproduce the error.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Development

Successfully merging this pull request may close these issues.

3 participants