From 83ec0d80cd1aabef0e983ef04725d20240a6c140 Mon Sep 17 00:00:00 2001 From: slipher Date: Mon, 13 Oct 2025 01:38:37 -0500 Subject: [PATCH 1/5] Don't use --sysroot flag by default For Linux toolchains (except x86-64 where I previously commented it out), there were hard-coded sysroot flags referring to the paths of Chromium's bundled dependencies. Get rid of this. On my machine the cross toolchains work fine without it. But I added a a 'sysroot' command line argument, so if anyone needs it they can pass sysroot=... on the scons command line to configure a --sysroot flag. --- SConstruct | 23 ++++++++++------------- 1 file changed, 10 insertions(+), 13 deletions(-) diff --git a/SConstruct b/SConstruct index df061ce..01c6ffd 100755 --- a/SConstruct +++ b/SConstruct @@ -203,6 +203,7 @@ ACCEPTABLE_ARGUMENTS = set([ # FEATURE_VERSION file. This is used for PNaCl ABI compatibility # testing. 'toolchain_feature_version', + 'sysroot', ]) @@ -495,6 +496,9 @@ if breakpad_tools_dir is not None: pre_base_env['BREAKPAD_TOOLS_DIR'] = pre_base_env.Dir( os.path.abspath(breakpad_tools_dir)) +sysroot_flags = [] +if ARGUMENTS.get('sysroot') is not None: + sysroot_flags.append('--sysroot=' + os.path.abspath(ARGUMENTS.get('sysroot'))) # CLANG DeclareBit('clang', 'Use clang to build trusted code') @@ -2488,16 +2492,13 @@ def SetUpLinuxEnvArm(env): env.Replace(CC='true', CXX='true', LD='true', AR='true', RANLIB='true', INSTALL=FakeInstall) else: - sysroot=os.path.join( - '${SOURCE_ROOT}/build/linux/debian_bullseye_arm-sysroot') - env.Prepend(CCFLAGS=['--sysroot='+sysroot], + env.Prepend(CCFLAGS=sysroot_flags, ASFLAGS=[], # The -rpath-link argument is needed on Ubuntu/Precise to # avoid linker warnings about missing ld.linux.so.3. # TODO(sbc): remove this once we stop supporting Precise # as a build environment. - LINKFLAGS=['-fuse-ld=lld', - '--sysroot='+sysroot] + LINKFLAGS=['-fuse-ld=lld'] + sysroot_flags ) # Note we let the compiler choose whether it's -marm or -mthumb by # default. The hope is this will have the best chance of testing @@ -2699,18 +2700,14 @@ def MakeGenericLinuxEnv(platform=None): ) if linux_env.Bit('build_x86_32'): - sysroot=os.path.join( - '${SOURCE_ROOT}/build/linux/debian_bullseye_i386-sysroot') linux_env.Prepend( - CCFLAGS = ['-m32', '--sysroot='+sysroot], - LINKFLAGS = ['-m32', '--sysroot='+sysroot], + CCFLAGS = ['-m32'] + sysroot_flags, + LINKFLAGS = ['-m32'] + sysroot_flags, ) elif linux_env.Bit('build_x86_64'): - sysroot=os.path.join( - '${SOURCE_ROOT}/build/linux/debian_bullseye_amd64-sysroot') linux_env.Prepend( - CCFLAGS = ['-m64'],#, '--sysroot='+sysroot], - LINKFLAGS = ['-m64']#, '--sysroot='+sysroot], + CCFLAGS = ['-m64'] + sysroot_flags, + LINKFLAGS = ['-m64'] + sysroot_flags, ) elif linux_env.Bit('build_arm'): SetUpLinuxEnvArm(linux_env) From 0eb0ca4dba0c990d3897668bbb5b5aaafd6ce167 Mon Sep 17 00:00:00 2001 From: slipher Date: Tue, 14 Oct 2025 16:38:01 -0500 Subject: [PATCH 2/5] test_lib Python 3 str/bytes workaround This one only seems to be triggered when a test fails. --- tools/test_lib.py | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/tools/test_lib.py b/tools/test_lib.py index 16a0031..2373936 100755 --- a/tools/test_lib.py +++ b/tools/test_lib.py @@ -237,8 +237,9 @@ def RunTestWithInputOutput(cmd, input_data, capture_stderr=True, timeout=None): cpu_time_consumed = 0 else: cpu_time_consumed = timer.ElapsedCpuTime(p) - stdout = stdout.decode('utf-8', 'backslashreplace') - stderr = stderr.decode('utf-8', 'backslashreplace') + if not isinstance(stdout, str): + stdout = stdout.decode('utf-8', 'backslashreplace') + stderr = stderr.decode('utf-8', 'backslashreplace') return (cpu_time_consumed, retcode, failed, stdout, stderr) From 1397b4c9df551186d031ef5db76fc26a99ec1df0 Mon Sep 17 00:00:00 2001 From: slipher Date: Thu, 16 Oct 2025 21:33:36 -0500 Subject: [PATCH 3/5] Make ARM tests runnable with QEMU Use system qemu-armhf for the emulator for tests. The command here basically matches what the run_under_qemu_arm script (which can be seen at tools/trusted_cross_toolchains/qemu_tool_arm.sh) was doing. Also change the emulator in run.py. --- SConstruct | 2 +- run.py | 5 ++--- 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/SConstruct b/SConstruct index 01c6ffd..6dc544d 100755 --- a/SConstruct +++ b/SConstruct @@ -2484,7 +2484,7 @@ def SetUpLinuxEnvArm(env): jail = env.GetToolchainDir(toolchain_name='arm_trusted') if not platform.machine().startswith('arm'): # Allow emulation on non-ARM hosts. - env.Replace(EMULATOR=jail + '/run_under_qemu_arm') + env.Replace(EMULATOR='qemu-armhf -L /usr/arm-linux-gnueabihf/ -cpu cortex-a9') if env.Bit('built_elsewhere'): def FakeInstall(dest, source, env): print('Not installing', dest) diff --git a/run.py b/run.py index c6ebee8..5266060 100755 --- a/run.py +++ b/run.py @@ -35,8 +35,7 @@ def SetupEnvironment(): env.pnacl_base = os.path.join(env.toolchain_base, 'pnacl_newlib') # QEMU - env.arm_root = os.path.join(env.toolchain_base, 'arm_trusted') - env.qemu_arm = os.path.join(env.arm_root, 'run_under_qemu_arm') + env.qemu_arm_args = ['qemu-armhf', '-L', '/usr/arm-linux-gnueabihf/'] env.mips32_root = os.path.join(env.toolchain_base, 'mips_trusted') env.qemu_mips32 = os.path.join(env.mips32_root, 'run_under_qemu_mips32') @@ -262,7 +261,7 @@ def RunSelLdr(args, quiet_args=[], collate=False, stdin_string=None): bootstrap_loader_args = [] arch = pynacl.platform.GetArch3264() if arch != pynacl.platform.ARCH3264_ARM and env.arch == 'arm': - prefix = [ env.qemu_arm, '-cpu', 'cortex-a9'] + prefix = env.qemu_arm_args + ['-cpu', 'cortex-a9'] if env.trace: prefix += ['-d', 'in_asm,op,exec,cpu'] args = ['-Q'] + args From ecfe14d8c5ca8777c73b2c48c77df9a367ee5f04 Mon Sep 17 00:00:00 2001 From: slipher Date: Thu, 16 Oct 2025 21:37:02 -0500 Subject: [PATCH 4/5] ARM: fix NaClSysTestInfoLeak misaligned load This fixes a NaCl syscall that only exists for a test. Fixes the run_infoleak_test test target on ARM. --- src/trusted/service_runtime/nacl_syscall_common.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/trusted/service_runtime/nacl_syscall_common.c b/src/trusted/service_runtime/nacl_syscall_common.c index c53f123..80d9747 100644 --- a/src/trusted/service_runtime/nacl_syscall_common.c +++ b/src/trusted/service_runtime/nacl_syscall_common.c @@ -881,7 +881,7 @@ int32_t NaClSysTestInfoLeak(struct NaClAppThread *natp) { * Put some interesting bits into the VFP registers. */ - static const char manybytes[64] = + __attribute__((aligned(4))) static const char manybytes[64] = "Sensitive information must not be leaked to untrusted code!!!!\n"; __asm__ volatile("vldm %0, {d0-d7}" :: "r" (manybytes) : From 2621bc122ec6bf8baad79957fd3ad69469bf2eb6 Mon Sep 17 00:00:00 2001 From: slipher Date: Thu, 16 Oct 2025 21:38:32 -0500 Subject: [PATCH 5/5] Fix REGS_SAVER_FUNC test util on ARM REGS_SAVER_FUNC is meant to work even if the stack pointer is misaligned, but the multi-register PUSH instructions crash if the stack is misaligned, as per the ARM documentation. I guess the old(?) bundled QEMU used by upstream doesn't implement this faithfully. Fix it by using a series of single-register pushes instead. Fixes the run_register_set_test test target on ARM. --- tests/common/register_set.h | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/tests/common/register_set.h b/tests/common/register_set.h index 4164ada..01197ac 100644 --- a/tests/common/register_set.h +++ b/tests/common/register_set.h @@ -400,12 +400,23 @@ extern const uint8_t kX86FlagBits[5]; "push {r14}\n" \ /* Save r0-r12 and sp; adjust sp for the pushes above */ \ "add r14, sp, #0xc\n" \ - "push {r10-r12, r14}\n" \ + "push {r14}\n" \ + "push {r12}\n" \ + "push {r11}\n" \ + "push {r10}\n" \ /* Push a dummy value for r9, which the tests need not compare */ \ "mov r10, #0\n" \ "push {r10}\n" \ /* Save the rest of struct NaClSignalContext */ \ - "push {r0-r8}\n" \ + "push {r8}\n" \ + "push {r7}\n" \ + "push {r6}\n" \ + "push {r5}\n" \ + "push {r4}\n" \ + "push {r3}\n" \ + "push {r2}\n" \ + "push {r1}\n" \ + "push {r0}\n" \ /* Now save a correct prog_ctr value */ \ "adr r0, " #def_func "\n" \ "str r0, [sp, #0x3c]\n" \