Implementation as a plugin

[NewDwarf]

How do you think whether it is possible to implement the obfuscator as a LLVM plugin? It would be very flexible solution for using with different toolchains. As an example, following project can be taken. https://polarply.medium.com/build-your-first-llvm-obfuscator-80d16583392b https://github.com/tsarpaul/llvm-string-obfuscator

The idea is clear and simple. First, we generate the bitcode then process the bitcode with our plugin and after that translate it to the native code.

clang -emit-llvm hello.c -c -o hello.bc
opt -load-pass-plugin=./build/StringObfuscator/libLLVMStringObfuscator.so -passes="string-obfuscator-pass" < hello.bc -o out.bc
llc out.bc -o out.s
clang -static out.s -o out

[Deniskore]

Yes, it is possible, but this approach does not work for all platforms, in the past one of my main tasks was to support Windows.

[NewDwarf]

What kind of the issues on running on the Windows platform? And, by the way, can we replace the platform dependent piece of code (__rdtsc())

XorShift() {
    s[0] = __rdtsc();
    s[1] = (uint64_t)__rdtsc() * rotl(s[0], 5);
    jump();
  }

on the platform independent c++ implementation https://en.cppreference.com/w/cpp/numeric/random

[NewDwarf]

@Deniskore Any update?

[Deniskore]

What kind of the issues on running on the Windows platform? And, by the way, can we replace the platform dependent piece of code (__rdtsc())

XorShift() {
    s[0] = __rdtsc();
    s[1] = (uint64_t)__rdtsc() * rotl(s[0], 5);
    jump();
  }

on the platform independent c++ implementation https://en.cppreference.com/w/cpp/numeric/random

C++ random is very slow. If you notice, this random function is called very often. I will add support(https://github.com/Deniskore/llvm/issues/1) for other platforms and support for LLVM 14 when I have time.

[NewDwarf]

I meant "implement it as a plugin" as it is more natural design to implement passes as pluggable module rather than modifying the LLVM's source code. I guess fixing of #1 is pretty straightforward. I would try to port it by myself but it requires understanding of the obfuscator design in great details.

[Deniskore]

@NewDwarf Sorry for the delay, I will make a separate version of the obfuscator as a plugin. Also in the not so distant future, I will release a new version based on LLVM 15.

[NewDwarf]

@Deniskore That would be nice! Thanks.