search

open-obfuscator / o-mvll

:electron: O-MVLL is a LLVM-based obfuscator for native code (Android & iOS)
https://obfuscator.re/omvll
Apache License 2.0
574 stars 62 forks source link

break_control_flow: No available targets are compatible with triple "aarch64-none-linux-android27" #33

Open lry127 opened 4 months ago

lry127 commented 4 months ago

cmake can't compile a test program host: ubuntu 2204 x86_64 app.gradle:

android {
    ndkVersion "25.0.8775105"
    compileSdk 34

    defaultConfig {
        minSdk 27
        targetSdk 34

        ndk {
            abiFilters 'arm64-v8a'
        }
        externalNativeBuild {
            cmake {
                cppFlags '-fpass-plugin=/home/ubuntu/Android/Sdk/ndk/25.2.9519653/toolchains/llvm/prebuilt/linux-x86_64/lib64/omvll_ndk_r25c.so'
                cFlags   '-fpass-plugin=/home/ubuntu/Android/Sdk/ndk/25.2.9519653/toolchains/llvm/prebuilt/linux-x86_64/lib64/omvll_ndk_r25c.so'
            }
        }
    }
}

C++ compiler (assembler) output:

The output was:
1
No available targets are compatible with triple "aarch64-none-linux-android27"

Compiling the CXX compiler identification source file "CMakeCXXCompilerId.cpp" failed.
Compiler: /home/ubuntu/Android/Sdk/ndk/25.0.8775105/toolchains/llvm/prebuilt/linux-x86_64/bin/clang++ 
Build flags: -g;-DANDROID;-fdata-sections;-ffunction-sections;-funwind-tables;-fstack-protector-strong;-no-canonical-prefixes;-D_FORTIFY_SOURCE=2;-Wformat;-Werror=format-security;;-fpass-plugin=/home/ubuntu/Android/Sdk/ndk/25.2.9519653/toolchains/llvm/prebuilt/linux-x86_64/lib64/omvll_ndk_r25c.so
Id flags:  

The output was:
1
error: <inline asm>:3:11: unknown token in expression
  adr x1, #0x10;
          ^

Compiling the CXX compiler identification source file "CMakeCXXCompilerId.cpp" failed.

config file:

import omvll
from functools import lru_cache

class MyConfig(omvll.ObfuscationConfig):
    def __init__(self):
        super().__init__()

    def obfuscate_string(self, module: omvll.Module, func: omvll.Function,
                               string: bytes):

        return True

#     def anti_hooking(self, mod: omvll.Module, func: omvll.Function) -> omvll.AntiHookOpt:
#         if "nativeobfuscatetest" in func.name:
#             return True
#         return False

#     def anti_hooking(self, mod: omvll.Module, func: omvll.Function) -> omvll.AntiHookOpt:
#         return True

#     def anti_hooking(self, mod: omvll.Module, func: omvll.Function) -> omvll.AntiHookOpt:
#         return True

    def obfuscate_arithmetic(self, mod: omvll.Module,
                                   fun: omvll.Function) -> omvll.ArithmeticOpt:
        return True

    def break_control_flow(self, mod: omvll.Module, func: omvll.Function):
        return True

    def flatten_cfg(self, mod: omvll.Module, func: omvll.Function):
        return True

    def obfuscate_constants(_, __, func: omvll.Function):
        return True

    def obfuscate_struct_access(self, _: omvll.Module, __: omvll.Function,
                                      struct: omvll.Struct):
        return True

    def obfuscate_string(self, _, __, string: bytes):
        return omvll.StringEncOptStack()

@lru_cache(maxsize=1)
def omvll_get_config() -> omvll.ObfuscationConfig:
    """
    Return an instance of `ObfuscationConfig` which
    aims at describing the obfuscation scheme
    """
    return MyConfig()
antoniofrighetto commented 4 months ago

It seems the toolchain you're using (NDK clang on linux-x86_64) does not support the specified target architecture (aarch64-none-linux-android27). Could you please provide the output of the following command?

$ /home/ubuntu/Android/Sdk/ndk/25.0.8775105/toolchains/llvm/prebuilt/linux-x86_64/bin/clang++ -print-targets

Is there aarch64-linux-android27-clang++ under /home/ubuntu/Android/Sdk/ndk/25.0.8775105/toolchains/llvm/prebuilt/linux-x86_64/bin?

lry127 commented 4 months ago

thanks for your help and here is the output

$ /home/ubuntu/Android/Sdk/ndk/25.0.8775105/toolchains/llvm/prebuilt/linux-x86_64/bin/clang++ -print-targets
  Registered Targets:
    aarch64    - AArch64 (little endian)
    aarch64_32 - AArch64 (little endian ILP32)
    aarch64_be - AArch64 (big endian)
    arm        - ARM
    arm64      - ARM64 (little endian)
    arm64_32   - ARM64 (little endian ILP32)
    armeb      - ARM (big endian)
    bpf        - BPF (host endian)
    bpfeb      - BPF (big endian)
    bpfel      - BPF (little endian)
    thumb      - Thumb
    thumbeb    - Thumb (big endian)
    x86        - 32-bit X86: Pentium-Pro and above
    x86-64     - 64-bit X86: EM64T and AMD64

there is a c++ compiler on that path and in fact if i don't specify -fpass-plugin flag, code compiles without problem.

ubuntu@ubuntu:~$ ls /home/ubuntu/Android/Sdk/ndk/25.0.8775105/toolchains/llvm/prebuilt/linux-x86_64/bin | grep aarch64-linux-android27-clang++
aarch64-linux-android27-clang++

the full error logs are here: CMakeOutput.log CMakeError.log

and the ndk was downloaded from the offical sdk manager image

lry127 commented 4 months ago

here is my gradle project with all sensitive information removed. project.tar.gz my environmental varibles are:

ubuntu@ubuntu:~/AndroidStudioProjects$ echo $LD_LIBRARY_PATH 
/home/ubuntu/Android/Sdk/ndk/25.0.8775105/toolchains/llvm/prebuilt/linux-x86_64/lib64
ubuntu@ubuntu:~/AndroidStudioProjects$ echo $OMVLL_CONFIG
/home/ubuntu/AndroidStudioProjects/NativeObfuscateTest3/ollvm-cfg.py
ubuntu@ubuntu:~/AndroidStudioProjects$ echo $OMVLL_PYTHONPATH 
/home/ubuntu/AndroidStudioProjects/NativeObfuscateTest3/Python-3.10.7/Lib

I followed the documentation found here and the version of o-mvll so file was release 1.0.3. thanks for your kind help :)

antoniofrighetto commented 4 months ago

Thanks for the output. We are evaluating a few solutions, meanwhile would you disable break_control_flow in the config file for now? We tested it internally and it works correctly. We experienced other orthogonal issues in the execution though, so you may need to disable obfuscate_string too.

lry127 commented 4 months ago

Thanks for your advice. Code now compiles and executes correctly. I also found that obfuscate_string will still work provided that obfuscate_string returns omvll.StringEncOptGlobal() rather than omvll.StringEncOptStack().

lry127 commented 4 months ago

obfuscate_string works if the config file returns omvll.StringEncOptGlobal() and there's only one file contains string literals. Otherwise, errors are emitted by the linker because of duplicate symbol. For example, if two source files, say foo.cpp and bar.cpp, are compiled into one shared library and each contains one string literal, the linker will report the following error.

  ld: error: duplicate symbol: __omvll_decode
  >>> defined at foo.cpp
  >>>            CMakeFiles/nativeobfuscatetest3.dir/foo.cpp.o:(__omvll_decode)
  >>> defined at bar.cpp
  >>>            CMakeFiles/nativeobfuscatetest3.dir/bar.cpp.o:(.text.__omvll_decode+0x0)
marcobrador commented 4 months ago

Dear lry127,

Many thanks for your input. We managed to reproduce the issue but couldn't find a quick solution to it. Our focus right now is on iOS, so it might take a while until we can fix this, but eventually we will.

Best regards, Marc

lry127 commented 4 months ago

I'm trying to compile the library on my own and studying the source code, I think maybe I can help with the android part after understanding major part of the code. :-)

marcobrador commented 4 months ago

Awesome! Please let us know if you need any assistance, we'd be more than happy to help!

marcobrador commented 4 months ago

Re-opening the issue as there's a bug that we have to figure out at some point, even if it doesn't have top prio

antoniofrighetto commented 3 months ago

Closing this, as implicitly solved by bd1440f5ce8660781113d9ebb31d5852873b6e61, thanks @lry127 for the additional feedback.

marcobrador commented 3 months ago

Hi @antoniofrighetto ,

I kept this open because of the issue related to break_control_flow. So I am reopening it and changing the title to avoid future confusion.

BR, Marc