Generate allowlist at compile-time

This has four significant advantages: - It avoids a runtime dependency on the ICU-C library and its associated data files. - It ensures that the allowlist is independent of the version of ICU-C provided by the distribution, without having to bundle ICU-C with libqubes-pure. - Using ICU-C is expected to be much slower than a raw C switch() statement optimized by GCC or Clang. - It is possible for the generated allowlist to be inspected and audited. The generated allowlist is checked into git to avoid build-time dependencies on the correct version of ICU-C. To prevent the generated allowlist from becoming out-of-date, building for Fedora 36 checks that the allowlist produced by the generator is the same as the allowlist in the git repository. If the allowlists differ, the build fails in %check. Fedora 36 was chosen for the simple reason that it is the distribution I (Demi Marie Obenour) was using when making this commit, and therefore the distribution used to generate unicode-allowlist-table.c.
QubesOS · Mar 10, 2023 · b7de85e · b7de85e
1 parent f7e4524
commit b7de85e
Show file tree

Hide file tree

Showing 6 changed files with 521 additions and 228 deletions.
diff --git a/qrexec-lib/Makefile b/qrexec-lib/Makefile
@@ -1,8 +1,7 @@
 CC=gcc
-CFLAGS := $(CFLAGS) -I. -g3 -O2 -Wall -Wextra -Werror -pie -fPIC $(shell pkg-config --cflags icu-uc)
+CFLAGS := $(CFLAGS) -I. -g3 -O2 -Wall -Wextra -Werror -pie -fPIC
 SO_VER=2
 LDFLAGS+=-Wl,--no-undefined,--as-needed
-pure_libs := $(shell pkg-config --libs icu-uc)
 .PHONY: all clean install check
 objs := ioall.o copy-file.o crc32.o unpack.o pack.o
 
@@ -21,14 +20,30 @@ check: validator-test
 	LD_LIBRARY_PATH=. ./validator-test
 
 $(pure_lib).$(pure_sover): $(pure_objs)
-	$(CC) -shared $(LDFLAGS) -Wl,-Bsymbolic,-soname,$@ -o $@ $^ $(pure_libs)
+	$(CC) -shared $(LDFLAGS) -Wl,-Bsymbolic,-soname,$@ -o $@ $^
 $(pure_lib):
 	ln -s $(pure_lib).$(pure_sover) $(pure_lib)
-
+unicode-generator: unicode-generator.o
+	libs=$$(pkg-config --libs icu-uc) && $(CC) $(LDFLAGS) -o $@ $^ $$libs
 %.o: %.c Makefile
 	$(CC) $(CFLAGS) -MD -MP -MF $@.dep -c -o $@ $<
 
-unicode.o: unicode-class-table.c
+unicode.o: unicode-allowlist-table.c
+unicode.o: CFLAGS += $(shell pkg-config --cflags icu-uc)
+ifeq ($(NO_REBUILD_TABLE),)
+unicode-allowlist-table.c: unicode-generator
+	./unicode-generator > $@
+else ifneq ($(NO_REBUILD_TABLE),1)
+$(error NO_REBUILD_TABLE should be empty or 1)
+endif
+check-table-up-to-date: unicode-generator unicode-allowlist-table.c
+ifneq ($(NO_REBUILD_TABLE),1)
+	$(error check-table-up-to-date without NO_REBUILD_TABLE=1 makes no sense)
+endif
+	/bin/bash -euc 'set -o pipefail; ./unicode-generator | diff -u ./unicode-allowlist-table.c -'
+.PHONY: check-table-up-to-date
+
+unicode-generator.o: unicode-class-table.c
 unicode-class-table.c: gentbl.py Makefile
 	python3 -- $< > $@
 

diff --git a/qrexec-lib/unicode-allowlist-table.c b/qrexec-lib/unicode-allowlist-table.c
@@ -0,0 +1,207 @@
+    case 0x000020 ... 0x00007e:
+    case 0x0000a1:
+    case 0x0000a7:
+    case 0x0000aa ... 0x0000ab:
+    case 0x0000b2 ... 0x0000b3:
+    case 0x0000b5 ... 0x0000b7:
+    case 0x0000b9 ... 0x0000d6:
+    case 0x0000d8 ... 0x0000f6:
+    case 0x0000f8 ... 0x0002c1:
+    case 0x0002c6 ... 0x0002d1:
+    case 0x0002e0 ... 0x0002e4:
+    case 0x0002ec:
+    case 0x0002ee:
+    case 0x000370 ... 0x000374:
+    case 0x000376 ... 0x000377:
+    case 0x00037a ... 0x00037f:
+    case 0x000386 ... 0x00038a:
+    case 0x00038c:
+    case 0x00038e ... 0x0003a1:
+    case 0x0003a3 ... 0x0003e1:
+    case 0x0003f0 ... 0x0003f5:
+    case 0x0003f7 ... 0x000481:
+    case 0x00048a ... 0x00052f:
+    case 0x00060c:
+    case 0x000964 ... 0x000965:
+    case 0x0010fb:
+    case 0x001100 ... 0x0011ff:
+    case 0x0016eb ... 0x0016ed:
+    case 0x001735 ... 0x001736:
+    case 0x001802 ... 0x001803:
+    case 0x001805:
+    case 0x001c80 ... 0x001c88:
+    case 0x001cd3:
+    case 0x001ce1:
+    case 0x001ce9 ... 0x001cec:
+    case 0x001cee ... 0x001cf3:
+    case 0x001cf5 ... 0x001cf7:
+    case 0x001cfa:
+    case 0x001d00 ... 0x001dbf:
+    case 0x001e00 ... 0x001f15:
+    case 0x001f18 ... 0x001f1d:
+    case 0x001f20 ... 0x001f45:
+    case 0x001f48 ... 0x001f4d:
+    case 0x001f50 ... 0x001f57:
+    case 0x001f59:
+    case 0x001f5b:
+    case 0x001f5d:
+    case 0x001f5f ... 0x001f7d:
+    case 0x001f80 ... 0x001fb4:
+    case 0x001fb6 ... 0x001fbc:
+    case 0x001fbe:
+    case 0x001fc2 ... 0x001fc4:
+    case 0x001fc6 ... 0x001fcc:
+    case 0x001fd0 ... 0x001fd3:
+    case 0x001fd6 ... 0x001fdb:
+    case 0x001fe0 ... 0x001fec:
+    case 0x001ff2 ... 0x001ff4:
+    case 0x001ff6 ... 0x001ffc:
+    case 0x002010 ... 0x002027:
+    case 0x002030 ... 0x002043:
+    case 0x002045 ... 0x002051:
+    case 0x002053 ... 0x00205e:
+    case 0x002070 ... 0x002071:
+    case 0x002074 ... 0x002079:
+    case 0x00207d ... 0x002089:
+    case 0x00208d ... 0x00208e:
+    case 0x002090 ... 0x00209c:
+    case 0x002102:
+    case 0x002107:
+    case 0x00210a ... 0x002113:
+    case 0x002115:
+    case 0x002119 ... 0x00211d:
+    case 0x002124:
+    case 0x002126:
+    case 0x002128:
+    case 0x00212a ... 0x00212d:
+    case 0x00212f ... 0x002139:
+    case 0x00213c ... 0x00213f:
+    case 0x002145 ... 0x002149:
+    case 0x00214e:
+    case 0x002150 ... 0x002189:
+    case 0x002308 ... 0x00230b:
+    case 0x002329 ... 0x00232a:
+    case 0x002460 ... 0x00249b:
+    case 0x0024ea ... 0x0024ff:
+    case 0x002768 ... 0x002793:
+    case 0x0027c5 ... 0x0027c6:
+    case 0x0027e6 ... 0x0027ef:
+    case 0x002983 ... 0x002998:
+    case 0x0029d8 ... 0x0029db:
+    case 0x0029fc ... 0x0029fd:
+    case 0x002c60 ... 0x002c7f:
+    case 0x002e00 ... 0x002e4f:
+    case 0x002e52:
+    case 0x003001 ... 0x003003:
+    case 0x003005 ... 0x003011:
+    case 0x003014 ... 0x00301f:
+    case 0x003021 ... 0x003029:
+    case 0x00302e ... 0x003035:
+    case 0x003038 ... 0x00303d:
+    case 0x003041 ... 0x003096:
+    case 0x00309d ... 0x0030ff:
+    case 0x003105 ... 0x00312f:
+    case 0x003131 ... 0x00318e:
+    case 0x003192 ... 0x003195:
+    case 0x0031a0 ... 0x0031bf:
+    case 0x0031f0 ... 0x0031ff:
+    case 0x003220 ... 0x003229:
+    case 0x003248 ... 0x00324f:
+    case 0x003251 ... 0x00325f:
+    case 0x003280 ... 0x003289:
+    case 0x0032b1 ... 0x0032bf:
+    case 0x003400 ... 0x004dbf:
+    case 0x004e00 ... 0x009ffc:
+    case 0x00a640 ... 0x00a66e:
+    case 0x00a673:
+    case 0x00a67e ... 0x00a69d:
+    case 0x00a717 ... 0x00a71f:
+    case 0x00a722 ... 0x00a788:
+    case 0x00a78b ... 0x00a7bf:
+    case 0x00a7c2 ... 0x00a7ca:
+    case 0x00a7f5 ... 0x00a7ff:
+    case 0x00a830 ... 0x00a835:
+    case 0x00a92e:
+    case 0x00a960 ... 0x00a97c:
+    case 0x00a9cf:
+    case 0x00ab30 ... 0x00ab5a:
+    case 0x00ab5c ... 0x00ab69:
+    case 0x00ac00 ... 0x00d7a3:
+    case 0x00d7b0 ... 0x00d7c6:
+    case 0x00d7cb ... 0x00d7fb:
+    case 0x00f900 ... 0x00fa6d:
+    case 0x00fa70 ... 0x00fad9:
+    case 0x00fb00 ... 0x00fb06:
+    case 0x00fd3e ... 0x00fd3f:
+    case 0x00fe10 ... 0x00fe19:
+    case 0x00fe30 ... 0x00fe52:
+    case 0x00fe54 ... 0x00fe61:
+    case 0x00fe63:
+    case 0x00fe68:
+    case 0x00fe6a ... 0x00fe6b:
+    case 0x00ff01 ... 0x00ff03:
+    case 0x00ff05 ... 0x00ff0a:
+    case 0x00ff0c ... 0x00ff1b:
+    case 0x00ff1f ... 0x00ff3d:
+    case 0x00ff3f:
+    case 0x00ff41 ... 0x00ff5b:
+    case 0x00ff5d:
+    case 0x00ff5f ... 0x00ffbe:
+    case 0x00ffc2 ... 0x00ffc7:
+    case 0x00ffca ... 0x00ffcf:
+    case 0x00ffd2 ... 0x00ffd7:
+    case 0x00ffda ... 0x00ffdc:
+    case 0x010100 ... 0x010102:
+    case 0x010107 ... 0x010133:
+    case 0x010140 ... 0x010178:
+    case 0x01018a ... 0x01018b:
+    case 0x0102e1 ... 0x0102fb:
+    case 0x016fe2 ... 0x016fe3:
+    case 0x016ff0 ... 0x016ff1:
+    case 0x01b000 ... 0x01b11e:
+    case 0x01b150 ... 0x01b152:
+    case 0x01b164 ... 0x01b167:
+    case 0x01d165 ... 0x01d166:
+    case 0x01d16d ... 0x01d172:
+    case 0x01d2e0 ... 0x01d2f3:
+    case 0x01d360 ... 0x01d378:
+    case 0x01d400 ... 0x01d454:
+    case 0x01d456 ... 0x01d49c:
+    case 0x01d49e ... 0x01d49f:
+    case 0x01d4a2:
+    case 0x01d4a5 ... 0x01d4a6:
+    case 0x01d4a9 ... 0x01d4ac:
+    case 0x01d4ae ... 0x01d4b9:
+    case 0x01d4bb:
+    case 0x01d4bd ... 0x01d4c3:
+    case 0x01d4c5 ... 0x01d505:
+    case 0x01d507 ... 0x01d50a:
+    case 0x01d50d ... 0x01d514:
+    case 0x01d516 ... 0x01d51c:
+    case 0x01d51e ... 0x01d539:
+    case 0x01d53b ... 0x01d53e:
+    case 0x01d540 ... 0x01d544:
+    case 0x01d546:
+    case 0x01d54a ... 0x01d550:
+    case 0x01d552 ... 0x01d6a5:
+    case 0x01d6a8 ... 0x01d6c0:
+    case 0x01d6c2 ... 0x01d6da:
+    case 0x01d6dc ... 0x01d6fa:
+    case 0x01d6fc ... 0x01d714:
+    case 0x01d716 ... 0x01d734:
+    case 0x01d736 ... 0x01d74e:
+    case 0x01d750 ... 0x01d76e:
+    case 0x01d770 ... 0x01d788:
+    case 0x01d78a ... 0x01d7a8:
+    case 0x01d7aa ... 0x01d7c2:
+    case 0x01d7c4 ... 0x01d7cb:
+    case 0x01d7ce ... 0x01d7ff:
+    case 0x01f100 ... 0x01f10c:
+    case 0x01fbf0 ... 0x01fbf9:
+    case 0x020000 ... 0x02a6dd:
+    case 0x02a700 ... 0x02b734:
+    case 0x02b740 ... 0x02b81d:
+    case 0x02b820 ... 0x02cea1:
+    case 0x02ceb0 ... 0x02ebe0:
+    case 0x02f800 ... 0x02fa1d:
+    case 0x030000 ... 0x03134a: