env/corellium: add scripts for setting up Corellium builders The Corellium builders run off device snapshots that took forever to prepare. These scripts represents a recording of my redoing the Android and iOS device setups. The scripts are raw, but they're one step closer to converting the Corelliums from pets to cattle. Change-Id: Ic7c3d936d4b79e9590053b09b2e28125bbd34e1f Reviewed-on: https://go-review.googlesource.com/c/build/+/207277 Run-TryBot: Elias Naur <mail@eliasnaur.com> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>

commit: 125bcb747f9b244cc724671d4e617dcc9b44ee5a [log] [tgz]
author: Elias Naur <mail@eliasnaur.com> Wed Nov 13 18:29:31 2019 +0100
committer: Elias Naur <mail@eliasnaur.com> Thu Nov 14 18:01:19 2019 +0000
tree: 1a8144b042745939045c5db79af8ba972e5ef617
parent: 4f37bcfff2994e52ca6a9b1985b2ecc2c7a4b833 [diff]
diff --git a/env/corellium/android/files/builder.sh b/env/corellium/android/files/builder.sh
new file mode 100644
index 0000000..7d50235
--- /dev/null
+++ b/env/corellium/android/files/builder.sh

@@ -0,0 +1,13 @@
+export CC=$HOME/clangwrap
+export GO_BUILDER_ENV=host-android-arm64-corellium-android
+(
+	flock -n 9 || exit 0
+	while true; do
+		go get golang.org/x/build/cmd/buildlet
+		# unset LD_PRELOAD libtermux-exec for 32-bit binaries
+		(unset LD_PRELOAD && 
+			$HOME/go/bin/buildlet -reverse-type host-android-arm64-corellium-android -coordinator farmer.golang.org)
+		sleep 1
+		#/system/bin/reboot
+	done
+) 9>$PREFIX/tmp/builder.lock

diff --git a/env/corellium/android/files/clangwrap.go b/env/corellium/android/files/clangwrap.go
new file mode 100644
index 0000000..7e00be8
--- /dev/null
+++ b/env/corellium/android/files/clangwrap.go

@@ -0,0 +1,29 @@
+// Copyright 2019 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package main
+
+import (
+	"os"
+	"os/exec"
+)
+
+func main() {
+	args := os.Args[1:]
+	cmd := exec.Command("clang")
+	if os.Getenv("GOARCH") == "arm" {
+		pref := os.Getenv("PREFIX")
+		cmd.Args = append(cmd.Args, "-target", "armv7a-linux-androideabi", "-Qunused-arguments", "-L"+pref+"/../home/arm-linux-androideabi/lib", "-B"+pref+"/../home/arm-linux-androideabi/lib")
+	}
+	cmd.Args = append(cmd.Args, args...)
+	cmd.Stdout = os.Stdout
+	cmd.Stderr = os.Stderr
+	if err := cmd.Run(); err != nil {
+		if err, ok := err.(*exec.ExitError); ok {
+			os.Exit(err.ExitCode())
+		}
+		os.Exit(1)
+	}
+	os.Exit(0)
+}

diff --git a/env/corellium/android/files/exec.sh b/env/corellium/android/files/exec.sh
new file mode 100644
index 0000000..e4c873b
--- /dev/null
+++ b/env/corellium/android/files/exec.sh

@@ -0,0 +1,13 @@
+#!/system/bin/sh
+
+# Executes command with the Termux environment.
+
+export PREFIX='/data/data/com.termux/files/usr'
+export HOME='/data/data/com.termux/files/home'
+export LD_LIBRARY_PATH='/data/data/com.termux/files/usr/lib'
+export PATH="/data/data/com.termux/files/usr/bin:/data/data/com.termux/files/usr/bin/applets:$PATH"
+export TMPDIR=$HOME/tmpdir
+
+cd $HOME
+
+exec "$@"

diff --git a/env/corellium/android/files/profile b/env/corellium/android/files/profile
new file mode 100644
index 0000000..4dfe0e6
--- /dev/null
+++ b/env/corellium/android/files/profile

@@ -0,0 +1,3 @@
+export GOROOT_BOOTSTRAP=$HOME/go-android-arm64-bootstrap
+export PATH=$HOME/go/bin:$PATH
+export TMPDIR=$HOME/tmpdir

diff --git a/env/corellium/android/files/run-builder-at-boot b/env/corellium/android/files/run-builder-at-boot
new file mode 100644
index 0000000..5017886
--- /dev/null
+++ b/env/corellium/android/files/run-builder-at-boot

@@ -0,0 +1,3 @@
+termux-wake-lock
+sshd
+tmux new-session -d /data/data/com.termux/files/home/builder.sh

diff --git a/env/corellium/android/install.sh b/env/corellium/android/install.sh
new file mode 100755
index 0000000..aafb80f
--- /dev/null
+++ b/env/corellium/android/install.sh

@@ -0,0 +1,52 @@
+#!/bin/bash
+
+# install.sh sets up newly installed Android Corellium device.
+# Connect to the device with "adb connect <ip>:5001" where
+# <ip> is the device adb address.
+#
+# place a valid builder key in the `buildkey` file.
+
+curl -o com.termux.apk "https://f-droid.org/repo/com.termux_77.apk"
+curl -o com.termux.boot.apk "https://f-droid.org/repo/com.termux.boot_7.apk"
+
+adb install com.termux.apk
+adb install com.termux.boot.apk
+
+# Run boot app once to enable run-on-boot.
+adb shell monkey -p com.termux.boot -c android.intent.category.LAUNCHER 1
+
+# Run Termux to set up filesystem.
+adb shell monkey -p com.termux -c android.intent.category.LAUNCHER 1
+
+# Wait for the Termux filesystem.
+sleep 5
+
+adb root
+adb push buildkey /data/data/com.termux/files/home/.gobuildkey-host-android-arm64-corellium-android
+adb push files/exec.sh /data/data/com.termux
+adb push files/clangwrap.go /data/data/com.termux/files/home
+adb push files/builder.sh /data/data/com.termux/files/home
+adb push files/profile /data/data/com.termux/files/home/.profile
+adb shell chmod +x /data/data/com.termux/exec.sh
+adb shell chmod +x /data/data/com.termux/files/home/builder.sh
+# Get Termux username.
+USER=$(adb shell stat -c "%U" /data/data/com.termux)
+
+termux() {
+	adb shell su "$USER" /data/data/com.termux/exec.sh "$@"
+}
+
+termux mkdir -p /data/data/com.termux/files/home/tmpdir
+# Run builder at boot.
+termux mkdir -p /data/data/com.termux/files/home/.termux/boot
+adb push files/run-builder-at-boot /data/data/com.termux/files/home/.termux/boot
+termux pkg install -y openssh tmux ndk-multilib clang git golang
+termux go build clangwrap.go
+
+# Move the arm 32-bit sysroot so 32-bit arm binaries use the Android
+# system libraries at runtime, not those in the build sysroot. If
+# we don't, runtime linking fails.
+termux mv /data/data/com.termux/files/usr/arm-linux-androideabi /data/data/com.termux/files/home/arm-linux-androideabi
+
+termux /system/bin/reboot
+

diff --git a/env/corellium/ios/files/arwrap.go b/env/corellium/ios/files/arwrap.go
new file mode 100755
index 0000000..0c1f573
--- /dev/null
+++ b/env/corellium/ios/files/arwrap.go

@@ -0,0 +1,42 @@
+// Copyright 2019 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// +build ignore
+
+// The arhost binary is a wrapper for llvm-ar, designed to be called by
+// cmd/link. The -extar flag is not enough because llvm-ar and ar don't
+// use the same flags.
+//
+// It is useful when the standard ar is broken, such as on self-hosted
+// iOS.
+package main
+
+import (
+	"os"
+	"os/exec"
+)
+
+func main() {
+	args := os.Args[1:]
+	// cmd/link invokes ar with -q -c -s. Replace with
+	// just q.
+	for i := len(args) - 1; i >= 0; i-- {
+		switch args[i] {
+		case "-q":
+			args[i] = "q"
+		case "-c", "-s":
+			args = append(args[:i], args[i+1:]...)
+		}
+	}
+	cmd := exec.Command("llvm-ar", args...)
+	cmd.Stdout = os.Stdout
+	cmd.Stderr = os.Stderr
+	if err := cmd.Run(); err != nil {
+		if err, ok := err.(*exec.ExitError); ok {
+			os.Exit(err.ExitCode())
+		}
+		os.Exit(1)
+	}
+	os.Exit(0)
+}

diff --git a/env/corellium/ios/files/builder.sh b/env/corellium/ios/files/builder.sh
new file mode 100755
index 0000000..0ac9393
--- /dev/null
+++ b/env/corellium/ios/files/builder.sh

@@ -0,0 +1,12 @@
+#!/bin/sh
+
+export HOME=/var/root
+export CC=$HOME/bin/clangwrap
+export GO_BUILDER_ENV=host-darwin-arm64-corellium-ios
+export GOROOT_BOOTSTRAP=$HOME/go-darwin-arm64-bootstrap
+export PATH=$HOME/bin:$PATH
+while true; do
+	$GOROOT_BOOTSTRAP/bin/go get golang.org/x/build/cmd/buildlet
+	$HOME/go/bin/buildlet -reverse-type host-darwin-arm64-corellium-ios -coordinator farmer.golang.org
+	sleep 1
+done

diff --git a/env/corellium/ios/files/clangwrap.go b/env/corellium/ios/files/clangwrap.go
new file mode 100755
index 0000000..c2c9499
--- /dev/null
+++ b/env/corellium/ios/files/clangwrap.go

@@ -0,0 +1,38 @@
+// Copyright 2019 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// +build ignore
+
+// The clanghost binary is like clangwrap.sh but for self-hosted iOS.
+//
+// Use -ldflags="-X main.sdkpath=<path to iPhoneOS.sdk>" when building
+// the wrapper.
+package main
+
+import (
+	"fmt"
+	"os"
+	"os/exec"
+)
+
+var sdkpath = ""
+
+func main() {
+	if sdkpath == "" {
+		fmt.Fprintf(os.Stderr, "no SDK is set; use -ldflags=\"-X main.sdkpath=<sdk path>\" when building this wrapper.\n")
+		os.Exit(1)
+	}
+	args := os.Args[1:]
+	cmd := exec.Command("clang", "-isysroot", sdkpath, "-mios-version-min=6.0")
+	cmd.Args = append(cmd.Args, args...)
+	cmd.Stdout = os.Stdout
+	cmd.Stderr = os.Stderr
+	if err := cmd.Run(); err != nil {
+		if err, ok := err.(*exec.ExitError); ok {
+			os.Exit(err.ExitCode())
+		}
+		os.Exit(1)
+	}
+	os.Exit(0)
+}

diff --git a/env/corellium/ios/files/org.golang.builder.plist b/env/corellium/ios/files/org.golang.builder.plist
new file mode 100644
index 0000000..b96b956
--- /dev/null
+++ b/env/corellium/ios/files/org.golang.builder.plist

@@ -0,0 +1,29 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+    <dict>
+        <key>Label</key>
+        <string>org.golang.builder</string>
+        <key>Program</key>
+	<string>/usr/bin/tmux</string>
+	<key>ProgramArguments</key>
+	<array>
+		<string>/usr/bin/tmux</string>
+		<string>-C</string>
+		<string>new-session</string>
+		<string>/var/root/builder.sh</string>
+	</array>
+	<key>StandardErrorPath</key>
+	<string>/private/var/mobile/stderr-builder</string>
+	<key>StandardOutPath</key>
+	<string>/private/var/mobile/stdout-builder</string>
+        <key>RunAtLoad</key>
+        <true/>
+	<!--<key>KeepAlive</key>
+	<true/>-->
+	<key>UserName</key>
+	<string>root</string>
+	<key>GroupName</key>
+	<string>wheel</string>
+    </dict>
+</plist>

diff --git a/env/corellium/ios/files/profile b/env/corellium/ios/files/profile
new file mode 100644
index 0000000..ede168b
--- /dev/null
+++ b/env/corellium/ios/files/profile

@@ -0,0 +1,2 @@
+export PATH=$HOME/bin:$HOME/go/bin:$PATH
+export GOROOT_BOOTSTRAP=$HOME/go-darwin-arm64-bootstrap

diff --git a/env/corellium/ios/files/sources.list b/env/corellium/ios/files/sources.list
new file mode 100644
index 0000000..735534c
--- /dev/null
+++ b/env/corellium/ios/files/sources.list

@@ -0,0 +1,6 @@
+deb https://apt.bingner.com/ ios/1570.15 main
+deb http://apt.thebigboss.org/repofiles/cydia/ stable main
+deb http://cydia.zodttd.com/repo/cydia/ stable main
+deb http://apt.modmyi.com/ stable main
+deb https://repo.chariz.io/ ./
+deb https://repo.dynastic.co/ ./

diff --git a/env/corellium/ios/install.sh b/env/corellium/ios/install.sh
new file mode 100755
index 0000000..b5d811a
--- /dev/null
+++ b/env/corellium/ios/install.sh

@@ -0,0 +1,50 @@
+#!/bin/sh
+
+# install.sh sets up a newly created Corellium iPhone device.
+# Set HOST to root@<ip> where <ip> is the device ssh
+# address.
+#
+# Put a builder key in `buildkey`.
+#
+# Use `bootstrap.bash` from the Go standard distribution to build a
+# darwin/arm64 bootstrap toolchain and put it in
+# `go-darwin-arm64-bootstrap.tbz`.
+#
+# Finally, install.sh assumes an iPhone SDK in `iPhoneOS.sdk`.
+
+ios() {
+	ssh "$HOST" "$@"
+}
+
+# Replace the builtin packages sources with a list of sources
+# that contain aworking toolchain.
+scp files/sources.list $HOST:/etc/apt/sources.list.d/sources.list
+ios rm /etc/apt/sources.list.d/electra.list
+ios apt-get update
+ios apt install -y --allow-unauthenticated git tmux rsync org.coolstar.iostoolchain ld64 com.linusyang.localeutf8
+
+# Run builder at boot.
+scp files/org.golang.builder.plist $HOST:/Library/LaunchDaemons/
+ios launchctl load -w /Library/LaunchDaemons/org.golang.builder.plist
+scp files/builder.sh $HOST:/var/root
+
+scp go-darwin-arm64-bootstrap.tbz $HOST:/var/root
+ios tar xjf go-darwin-arm64-bootstrap.tbz
+scp buildkey $HOST:/var/root/.gobuildkey-host-darwin-arm64-corellium-ios
+scp files/profile $HOST:/var/root/.profile
+rsync -va iPhoneOS.sdk $HOST:/var/root/
+
+# Dummy sign Go bootstrap toolchain.
+ios find go-darwin-arm64-bootstrap -executable -type f| ios xargs -n1 ldid -S
+
+ios mkdir -p /var/root/bin
+
+# Build wrappers on the host.
+CGO_ENABLED=1 GOOS=darwin CC=$(go env GOROOT)/misc/ios/clangwrap.sh GOARCH=arm64 go build -o clangwrap -ldflags="-X main.sdkpath=/var/root/iPhoneOS.sdk" files/clangwrap.go
+CGO_ENABLED=1 GOOS=darwin CC=$(go env GOROOT)/misc/ios/clangwrap.sh GOARCH=arm64 go build -o arwrap files/arwrap.go
+scp arwrap $HOST:/var/root/bin/ar
+scp clangwrap $HOST:/var/root/bin/clangwrap
+# Dummy sign them.
+ios ldid -S /var/root/bin/clangwrap
+ios ldid -S /var/root/bin/ar
+ios reboot
commit	125bcb747f9b244cc724671d4e617dcc9b44ee5a	[log] [tgz]
author	Elias Naur <mail@eliasnaur.com>	Wed Nov 13 18:29:31 2019 +0100
committer	Elias Naur <mail@eliasnaur.com>	Thu Nov 14 18:01:19 2019 +0000
tree	1a8144b042745939045c5db79af8ba972e5ef617
parent	4f37bcfff2994e52ca6a9b1985b2ecc2c7a4b833 [diff]