I'm attempting to compile libyara.a into an Intel SGX application wherein I
can run yara rules in an enclave. Its compiled in Eclipse 2018-2019. I
used the default procedure to create the libyara baseline:
./configure
make
make install
The problem is that the compile/linking produces the following errors:
11:34:02 **** Build of configuration Intel(R) SGX Simulation Debug for
project non_sgx_empty_proj ****
make SGX_DEBUG=1 SGX_MODE=SIM -f sgx/Makefile all
make -C ./sgx/enclave_yara_enclave -f sgx_u.mk all;
make[1]: Entering directory
`/home/developer/eclipse-workspace/non_sgx_empty_proj/sgx/enclave_yara_enclave'
GEN => untrusted/yara_enclave_u.c
CC <= untrusted/yara_enclave_u.c
CXX <= untrusted/sample.c
LINK => sample
make[1]: Leaving directory
`/home/developer/eclipse-workspace/non_sgx_empty_proj/sgx/enclave_yara_enclave'
make -C ./sgx/enclave_yara_enclave -f sgx_t.mk all;
make[1]: Entering directory
`/home/developer/eclipse-workspace/non_sgx_empty_proj/sgx/enclave_yara_enclave'
GEN => trusted/yara_enclave_t.c
CC <= trusted/yara_enclave_t.c
CC <= trusted/yara_enclave.c
/usr/bin/ld: /usr/local/lib/libyara.a(tests.o): relocation R_X86_64_32
against `.rodata.str1.1' can not be used when making a shared object;
recompile with -fPIC
/usr/bin/ld: /usr/local/lib/libyara.a(pe.o): relocation R_X86_64_32 against
`.rodata.str1.1' can not be used when making a shared object; recompile
with -fPIC
/usr/bin/ld: /usr/local/lib/libyara.a(elf.o): relocation R_X86_64_32
against `.rodata.str1.1' can not be used when making a shared object;
recompile with -fPIC
/usr/bin/ld: /usr/local/lib/libyara.a(math.o): relocation R_X86_64_32
against `.rodata.str1.1' can not be used when making a shared object;
recompile with -fPIC
/usr/bin/ld: /usr/local/lib/libyara.a(time.o): relocation R_X86_64_32
against `.rodata.str1.1' can not be used when making a shared object;
recompile with -fPIC
/usr/bin/ld: /usr/local/lib/libyara.a(pe_utils.o): relocation R_X86_64_32
against `.rodata.str1.1' can not be used when making a shared object;
recompile with -fPIC
/usr/bin/ld: /usr/local/lib/libyara.a(cuckoo.o): relocation R_X86_64_32
against `.rodata.str1.1' can not be used when making a shared object;
recompile with -fPIC
/usr/bin/ld: /usr/local/lib/libyara.a(magic.o): relocation R_X86_64_32S
against undefined hidden symbol `cached_mime_types' can not be used when
making a shared object
make[1]: Leaving directory
`/home/developer/eclipse-workspace/non_sgx_empty_proj/sgx/enclave_yara_enclave'
/usr/bin/ld: /usr/local/lib/libyara.a(hash.o): relocation R_X86_64_32
against `.rodata.str1.1' can not be used when making a shared object;
recompile with -fPIC
/usr/bin/ld: /usr/local/lib/libyara.a(dotnet.o): relocation R_X86_64_32
against `.rodata' can not be used when making a shared object; recompile
with -fPIC
/usr/bin/ld: /usr/local/lib/libyara.a(grammar.o): relocation R_X86_64_32S
against `.rodata' can not be used when making a shared object; recompile
with -fPIC
/usr/bin/ld: /usr/local/lib/libyara.a(ahocorasick.o): relocation
R_X86_64_32 against `.rodata.str1.8' can not be used when making a shared
object; recompile with -fPIC
/usr/bin/ld: /usr/local/lib/libyara.a(arena.o): relocation R_X86_64_32
against `.rodata' can not be used when making a shared object; recompile
with -fPIC
/usr/bin/ld: /usr/local/lib/libyara.a(atoms.o): relocation R_X86_64_32S
against `.rodata' can not be used when making a shared object; recompile
with -fPIC
/usr/bin/ld: /usr/local/lib/libyara.a(bitmask.o): relocation R_X86_64_32
against `.rodata' can not be used when making a shared object; recompile
with -fPIC
/usr/bin/ld: /usr/local/lib/libyara.a(compiler.o): relocation R_X86_64_32
against hidden symbol `yr_object_destroy' can not be used when making a
shared object
/usr/bin/ld: /usr/local/lib/libyara.a(exec.o): relocation R_X86_64_32S
against `.rodata' can not be used when making a shared object; recompile
with -fPIC
/usr/bin/ld: /usr/local/lib/libyara.a(lt1-hash.o): relocation R_X86_64_32S
against hidden symbol `byte_to_int32' can not be used when making a shared
object
/usr/bin/ld: /usr/local/lib/libyara.a(hex_grammar.o): relocation
R_X86_64_32S against `.rodata' can not be used when making a shared object;
recompile with -fPIC
/usr/bin/ld: /usr/local/lib/libyara.a(hex_lexer.o): relocation R_X86_64_32
against undefined hidden symbol `yr_recovery_state_key' can not be used
when making a shared object
/usr/bin/ld: /usr/local/lib/libyara.a(lexer.o): relocation R_X86_64_32
against `.rodata.str1.8' can not be used when making a shared object;
recompile with -fPIC
/usr/bin/ld: /usr/local/lib/libyara.a(libyara.o): relocation R_X86_64_32S
against undefined hidden symbol `yr_altercase' can not be used when making
a shared object
/usr/bin/ld: /usr/local/lib/libyara.a(modules.o): relocation R_X86_64_32
against hidden symbol `yr_modules_table' can not be used when making a
shared object
/usr/bin/ld: /usr/local/lib/libyara.a(object.o): relocation R_X86_64_32S
against `.rodata' can not be used when making a shared object; recompile
with -fPIC
/usr/bin/ld: /usr/local/lib/libyara.a(parser.o): relocation R_X86_64_32
against `.rodata' can not be used when making a shared object; recompile
with -fPIC
/usr/bin/ld: /usr/local/lib/libyara.a(proc.o): relocation R_X86_64_32S
against symbol `yr_process_get_first_memory_block' can not be used when
making a shared object; recompile with -fPIC
/usr/bin/ld: /usr/local/lib/libyara.a(re.o): relocation R_X86_64_32S
against `.rodata' can not be used when making a shared object; recompile
with -fPIC
/usr/bin/ld: /usr/local/lib/libyara.a(re_grammar.o): relocation
R_X86_64_32S against `.rodata' can not be used when making a shared object;
recompile with -fPIC
/usr/bin/ld: /usr/local/lib/libyara.a(re_lexer.o): relocation R_X86_64_32
against `.rodata.str1.8' can not be used when making a shared object;
recompile with -fPIC
/usr/bin/ld: /usr/local/lib/libyara.a(rules.o): relocation R_X86_64_32S
against `.text' can not be used when making a shared object; recompile with
-fPIC
/usr/bin/ld: /usr/local/lib/libyara.a(scan.o): relocation R_X86_64_32
against `.rodata' can not be used when making a shared object; recompile
with -fPIC
/usr/bin/ld: /usr/local/lib/libyara.a(scanner.o): relocation R_X86_64_32S
against undefined hidden symbol `exc_jmp_buf' can not be used when making a
shared object
/usr/bin/ld: /usr/local/lib/libyara.a(linux.o): relocation R_X86_64_32
against `.rodata.str1.1' can not be used when making a shared object;
recompile with -fPIC
/usr/bin/ld: final link failed: Nonrepresentable section on output
collect2: error: ld returned 1 exit status
make[1]: *** [yara_enclave.so] Error 1
make: *** [all] Error 2
11:34:02 Build Failed. 36 errors, 0 warnings. (took 369ms)
I started reading more about Position Independent Code and looked at the
yara Makefile to insert -fPIC in the flags area, but I probably did that
incorrectly. Do these errors mean I need to recompile yara to generate
position independent code? If so, what should I modify in the
makefile/build process to produce a position independent version?
The auto-generated SGX makefile which produced the errors is below. Note
that all I've done is attach yara references at the end of
"Yara_enclave_Link_Flags" with:
-L/usr/local/lib \
-Wl,--whole-archive -lyara
***********************************************************************************************************************************************************************************
######## Intel(R) SGX SDK Settings ########
SGX_SDK ?= /opt/intel/sgxsdk
SGX_MODE ?= SIM
SGX_ARCH ?= x64
ifeq ($(shell getconf LONG_BIT), 32)
SGX_ARCH := x86
else ifeq ($(findstring -m32, $(CXXFLAGS)), -m32)
SGX_ARCH := x86
endif
ifeq ($(SGX_ARCH), x86)
SGX_COMMON_CFLAGS := -m32
SGX_LIBRARY_PATH := $(SGX_SDK)/lib
SGX_ENCLAVE_SIGNER := $(SGX_SDK)/bin/x86/sgx_sign
SGX_EDGER8R := $(SGX_SDK)/bin/x86/sgx_edger8r
else
SGX_COMMON_CFLAGS := -m64
SGX_LIBRARY_PATH := $(SGX_SDK)/lib64
SGX_ENCLAVE_SIGNER := $(SGX_SDK)/bin/x64/sgx_sign
SGX_EDGER8R := $(SGX_SDK)/bin/x64/sgx_edger8r
endif
ifeq ($(SGX_DEBUG), 1)
ifeq ($(SGX_PRERELEASE), 1)
$(error Cannot set SGX_DEBUG and SGX_PRERELEASE at the same time!!)
endif
endif
ifeq ($(SGX_DEBUG), 1)
SGX_COMMON_CFLAGS += -O0 -g
else
SGX_COMMON_CFLAGS += -O2
endif
ifneq ($(SGX_MODE), HW)
Trts_Library_Name := sgx_trts_sim
Service_Library_Name := sgx_tservice_sim
else
Trts_Library_Name := sgx_trts
Service_Library_Name := sgx_tservice
endif
Crypto_Library_Name := sgx_tcrypto
Yara_enclave_C_Files := trusted/yara_enclave.c
Yara_enclave_Include_Paths := -IInclude -Itrusted -I$(SGX_SDK)/include
-I$(SGX_SDK)/include/tlibc -I$(SGX_SDK)/include/libcxx -I/usr/local/include
Flags_Just_For_C := -Wno-implicit-function-declaration -std=c11
Common_C_Cpp_Flags := $(SGX_COMMON_CFLAGS) -nostdinc -fvisibility=hidden
-fpie -fstack-protector $(Yara_enclave_Include_Paths) -fno-builtin-printf
-I.
Yara_enclave_C_Flags := $(Flags_Just_For_C) $(Common_C_Cpp_Flags)
Yara_enclave_Link_Flags := $(SGX_COMMON_CFLAGS) -Wl,--no-undefined
-nostdlib -nodefaultlibs -nostartfiles -L$(SGX_LIBRARY_PATH) \
-Wl,--whole-archive -l$(Trts_Library_Name) -Wl,--no-whole-archive \
-Wl,--start-group -lsgx_tstdc -lsgx_tcxx -l$(Crypto_Library_Name)
-l$(Service_Library_Name) -Wl,--end-group \
-Wl,-Bstatic -Wl,-Bsymbolic -Wl,--no-undefined \
-Wl,-pie,-eenclave_entry -Wl,--export-dynamic \
-Wl,--defsym,__ImageBase=0 \
-Wl,--version-script=trusted/yara_enclave.lds \
-L/usr/local/lib \
-Wl,--whole-archive -lyara
Yara_enclave_C_Objects := $(Yara_enclave_C_Files:.c=.o)
ifeq ($(SGX_MODE), HW)
ifneq ($(SGX_DEBUG), 1)
ifneq ($(SGX_PRERELEASE), 1)
Build_Mode = HW_RELEASE
endif
endif
endif
.PHONY: all run
ifeq ($(Build_Mode), HW_RELEASE)
all: yara_enclave.so
@echo "Build enclave yara_enclave.so [$(Build_Mode)|$(SGX_ARCH)]
success!"
@echo
@echo
"*********************************************************************************************************************************************************"
@echo "PLEASE NOTE: In this mode, please sign the yara_enclave.so first
using Two Step Sign mechanism before you run the app to launch and access
the enclave."
@echo
"*********************************************************************************************************************************************************"
@echo
else
all: yara_enclave.signed.so
endif
run: all
ifneq ($(Build_Mode), HW_RELEASE)
@$(CURDIR)/app
@echo "RUN => app [$(SGX_MODE)|$(SGX_ARCH), OK]"
endif
######## yara_enclave Objects ########
trusted/yara_enclave_t.c: $(SGX_EDGER8R) ./trusted/yara_enclave.edl
@cd ./trusted && $(SGX_EDGER8R) --trusted ../trusted/yara_enclave.edl
--search-path ../trusted --search-path $(SGX_SDK)/include
@echo "GEN => $@"
trusted/yara_enclave_t.o: ./trusted/yara_enclave_t.c
@$(CC) $(Yara_enclave_C_Flags) -c $< -o $@
@echo "CC <= $<"
trusted/%.o: trusted/%.c
@$(CC) $(Yara_enclave_C_Flags) -c $< -o $@
@echo "CC <= $<"
yara_enclave.so: trusted/yara_enclave_t.o $(Yara_enclave_C_Objects)
@$(CXX) $^ -o $@ $(Yara_enclave_Link_Flags)
@echo "LINK => $@"
yara_enclave.signed.so: yara_enclave.so
@$(SGX_ENCLAVE_SIGNER) sign -key trusted/yara_enclave_private.pem
-enclave yara_enclave.so -out $@ -config trusted/yara_enclave.config.xml
@echo "SIGN => $@"
clean:
@rm -f yara_enclave.* trusted/yara_enclave_t.*
$(Yara_enclave_C_Objects)
***********************************************************************************************************************************************************************************
--
You received this message because you are subscribed to the Google Groups
"YARA" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
