diff options
| author | luwenpeng <[email protected]> | 2021-10-19 11:31:44 +0300 |
|---|---|---|
| committer | luwenpeng <[email protected]> | 2021-10-28 15:44:26 +0300 |
| commit | 02535d246767c0efedce5f99ce36d8fb1b18537c (patch) | |
| tree | aa241b14375484af606f710dfab7f4c740d576c3 | |
| parent | c86d0fda0f73a704a5b5308940361c55f22b4d25 (diff) | |
TSG-8063 build-env基础镜像中增加对可执行程序/动态库加壳的功能
| -rw-r--r-- | Dockerfile | 23 | ||||
| -rw-r--r-- | GEEDGE.hvc | 1 | ||||
| -rwxr-xr-x | Sentinel-LDK-8.0.1.tar.gz | bin | 0 -> 236497362 bytes | |||
| -rw-r--r-- | aksusbd-8.23-1.x86_64.rpm | bin | 0 -> 8839644 bytes | |||
| -rw-r--r-- | rebuildrpm_and_envelope.sh | 35 |
5 files changed, 56 insertions, 3 deletions
@@ -6,6 +6,10 @@ COPY CentOS-Base.repo /tmp/CentOS-Base.repo COPY CentOS-SCLo-scl.repo /tmp/CentOS-SCLo-scl.repo COPY netrc.conf /root/.netrc COPY cmake /tmp/build_cmake +COPY Sentinel-LDK-8.0.1.tar.gz /tmp/Sentinel-LDK-8.0.1.tar.gz +COPY GEEDGE.hvc /tmp/GEEDGE.hvc +COPY rebuildrpm_and_envelope.sh /root/rebuildrpm_and_envelope.sh +COPY aksusbd-8.23-1.x86_64.rpm /tmp/aksusbd-8.23-1.x86_64.rpm RUN rm -rf /etc/yum.repos.d/* && \ cp /tmp/*.repo /etc/yum.repos.d/ && \ @@ -13,14 +17,27 @@ RUN rm -rf /etc/yum.repos.d/* && \ wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo && \ cd /tmp/build_cmake && \ tar xf cmake-3.12.4-Linux-x86_64.tar.gz && \ - cp -r cmake-3.12.4-Linux-x86_64/* /usr/local/ && \ - cp /usr/local/bin/cmake /usr/local/bin/cmake3 && \ + cp -r cmake-3.12.4-Linux-x86_64/* /usr/local/ && \ + cp /usr/local/bin/cmake /usr/local/bin/cmake3 && \ yum install -y python3-pip && \ pip3 install -i https://pypi.tuna.tsinghua.edu.cn/simple httpie && \ - curl -sL https://sentry.io/get-cli/ |sed 's#downloads\.sentry-cdn\.com#npm\.taobao\.org\/mirrors#g'|bash && \ + curl -sL https://sentry.io/get-cli/ |sed 's#downloads\.sentry-cdn\.com#npm\.taobao\.org\/mirrors#g'|bash && \ yum install -y devtoolset-7 devtoolset-7-libasan-devel && \ yum install -y libasan libasan4 && \ + yum install -y rpmrebuild && \ + mkdir -p /opt/VendorCodes/ && \ + mv /tmp/GEEDGE.hvc /opt/VendorCodes/GEEDGE.hvc && \ + mkdir -p /opt/Sentinel/ && \ + tar xf /tmp/Sentinel-LDK-8.0.1.tar.gz -C /opt/Sentinel/ && \ + yum localinstall -y /tmp/aksusbd-8.23-1.x86_64.rpm && \ + chmod o+x /opt/Sentinel/Linux/VendorTools/Envelope/linuxenv && \ + chmod o+x /root/rebuildrpm_and_envelope.sh && \ yum clean all && \ rm -rf /var/cache/yum + # 为二进制程序加壳示例 + # in: 设置开发商文件 + # in: 设置 feature_id + # /opt/Sentinel/Linux/VendorTools/Envelope/linuxenv -v:/opt/VendorCodes/GEEDGE.hvc -f:100 --msg-out:4 --debug --memdump --randomize:1 /opt/MESA/bin/minidump-2-core /opt/MESA/bin/minidump-2-core_protected + CMD [ "/bin/bash" ] diff --git a/GEEDGE.hvc b/GEEDGE.hvc new file mode 100644 index 0000000..0967977 --- /dev/null +++ b/GEEDGE.hvc @@ -0,0 +1 @@ +r2LBW6gbZPJWitRjL9om2fSlXP5TohlpU2NaI8Dmmzp/HMZ3RcqUiD6IV4EcdvTyiX2H8n1lfuTUzF/d5egHTVt38iSZ+tHkzyqJ2UOMPcJImshcOH2htvG1YwdjFWmUYg1hRTTr+7fiBhD4luQ53o33zzSEL513IPaF3U/yf2zScJruyyrQP2QOvQ1XhgIl5hF/1rEwjGgzNM8SQGlgqseM+Gh1ODFWlW7Squ8wj0qpxlEJYLVmFNtncLTg5ICpVUMhBnWRLP6cb7bzDLpRGQk3jPOco5pcfnG6SGsZO1GWhAhTti+uHIWQdxDjJj1l6t3LvR0mnZkKy7qcTyTL59/GfNRMyGV/6EYZrHpb0E+hmsbzItQf1aDOBd4mmUGpV+vn8Kg0KDpidGhSM2Xs12TiNcRU/y90UdJ/v6hpuoWsSR7jmh7NxEr3dpuK65SJZKVwtC8oz/yGlfAcFa9u0Uyl3csHglNFROuSnbMCVPquG5Eg1nvSorxAa86gPBvCiJp2ZeAZ95AKm/K994ei4XKpeDdWF1Uwjfv2xMwuPKAPIcAYTJFHdqSG2i98VKTtlPzT/q05ZHMH+mRLYN28VFXMo2xKSYJavUIOxUTy7GJvLTmYX9of3NyOVMHwI7AtoafRf9iVzHrf6fH91QmCADFFq0wqmH0DE4A5kSr9mKUUa0ddZheFgr/sHL003XmPvfeK+JLD9v+fFxhSqZBH7wc7UzjcDeHqngmLogCOe2NsJEZq7IGUT1WQEJpMoonMQY7e8YDU6V1m1zMbV8KEpPLt8q54KBXEP4OpJ7DMmaHNBZEB5EY/zD587iKsJNXm64d0vShQGDaoq0En1Ts36znjfMVqLkZX6jKSDZyF3EmZ3aUULwEG7gqwAH2OUV/3XCo5UUboxAtlxBLWI7TNnjzqQO31ON6ZORuVMECJSSZNkiCvb2TDOU0Bs92Mzel+NDmC0GhcGWzs7DAyznJA3Q==
\ No newline at end of file diff --git a/Sentinel-LDK-8.0.1.tar.gz b/Sentinel-LDK-8.0.1.tar.gz Binary files differnew file mode 100755 index 0000000..087ca9d --- /dev/null +++ b/Sentinel-LDK-8.0.1.tar.gz diff --git a/aksusbd-8.23-1.x86_64.rpm b/aksusbd-8.23-1.x86_64.rpm Binary files differnew file mode 100644 index 0000000..392efec --- /dev/null +++ b/aksusbd-8.23-1.x86_64.rpm diff --git a/rebuildrpm_and_envelope.sh b/rebuildrpm_and_envelope.sh new file mode 100644 index 0000000..9004670 --- /dev/null +++ b/rebuildrpm_and_envelope.sh @@ -0,0 +1,35 @@ +#!/bin/bash + +RPM_FULL_PATH=$1 +BIN_TO_PROTECT=$2 +FEATURE_ID=$3 + +RPM_DIR=`dirname $RPM_FULL_PATH` +RPM_FILE=`basename $RPM_FULL_PATH` +echo "RPM_FULL_PATH : $RPM_FULL_PATH" +echo "RPM_FILE : $RPM_FILE" +echo "RPM_DIR : $RPM_DIR" +echo "BIN_TO_PROTECT : $BIN_TO_PROTECT" +echo "FEATURE_ID : $FEATURE_ID" + +RPM_TYPE=`ls ${RPM_FILE} | awk -F '.rpm' '{print $1}'` +REBUILD_DIR="/root/rpmbuild/" +REBUILD_ROOT="${REBUILD_DIR}BUILDROOT/${RPM_TYPE}" +REBUILD_SPECS="${REBUILD_DIR}SPECS/app.spec" +REBUILD_UNPROTECT_BIN="${REBUILD_ROOT}${BIN_TO_PROTECT}" +REBUILD_PROTECT_BIN="${REBUILD_UNPROTECT_BIN}_protected" + +rm -rf ${REBUILD_DIR} +mkdir -p ${REBUILD_DIR}SPECS/ +mkdir -p ${REBUILD_ROOT} +rpmrebuild -s ${REBUILD_SPECS} -p $RPM_FULL_PATH +cd ${REBUILD_ROOT} +rpm2cpio ${RPM_FULL_PATH} | cpio -dium + +/opt/Sentinel/Linux/VendorTools/Envelope/linuxenv -v:/opt/VendorCodes/GEEDGE.hvc -f:$FEATURE_ID --msg-out:4 --debug --memdump --randomize:1 ${REBUILD_UNPROTECT_BIN} ${REBUILD_PROTECT_BIN} +echo "Envelope Bin: `md5sum ${REBUILD_PROTECT_BIN}`" +mv ${REBUILD_PROTECT_BIN} ${REBUILD_UNPROTECT_BIN} +rpmbuild -bb ${REBUILD_SPECS} + +mv ${REBUILD_DIR}RPMS/x86_64/${RPM_FILE} ${RPM_DIR}/envelope-${RPM_FILE} +echo "Envelope RPM: ${RPM_DIR}/envelope-${RPM_FILE}" |