freebsd: Wire up PTY support #960
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: | |
| push: | |
| branches: | |
| - main | |
| pull_request: | |
| branches: | |
| - main | |
| env: | |
| FRIDA_CORE_OPTIONS: '--with-devkits=core --enable-tests' | |
| jobs: | |
| native: | |
| strategy: | |
| matrix: | |
| include: | |
| - { id: windows-arm64, runner: '"windows-11-arm"', sys: CLANGARM64, pkg: 'mingw-w64-clang-aarch64-clang' } | |
| - { id: windows-x86_64, runner: '"windows-latest"', sys: MINGW64, pkg: 'mingw-w64-x86_64-gcc' } | |
| - { id: windows-x86, runner: '"windows-latest"', sys: MINGW32, pkg: 'mingw-w64-i686-gcc' } | |
| - { id: macos-x86_64, runner: '"macos-latest"' } | |
| - { id: macos-arm64, runner: '"macos-latest"' } | |
| - { id: linux-x86_64, runner: '"ubuntu-latest"' } | |
| - { id: linux-x86, runner: '"ubuntu-latest"' } | |
| fail-fast: false | |
| runs-on: ${{ fromJSON(matrix.runner) }} | |
| steps: | |
| - name: Check out repo | |
| uses: actions/checkout@v4 | |
| with: | |
| submodules: recursive | |
| - name: Install MinGW toolchain for cgo support | |
| if: ${{ startsWith(matrix.id, 'windows-') }} | |
| id: msys2 | |
| uses: msys2/setup-msys2@v2 | |
| with: | |
| msystem: ${{ matrix.sys }} | |
| install: ${{ matrix.pkg }} | |
| - name: Install Go toolchain | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version-file: 'src/compiler/go.mod' | |
| cache-dependency-path: 'src/compiler/go.mod' | |
| - name: Set up Apple certificates | |
| if: ${{ startsWith(matrix.id, 'macos-') }} | |
| uses: ./.github/actions/setup-apple-certificates | |
| with: | |
| certificates-p12: ${{ secrets.APPLE_CERTIFICATES_P12 }} | |
| certificates-password: ${{ secrets.APPLE_CERTIFICATES_PASSWORD }} | |
| keychain-password: ${{ secrets.APPLE_KEYCHAIN_PASSWORD }} | |
| - name: Relax macOS security policy to avoid prompts | |
| if: ${{ startsWith(matrix.id, 'macos-') }} | |
| run: sudo security authorizationdb write system.privilege.taskport allow | |
| - name: Install gcc-multilib | |
| if: matrix.id == 'linux-x86' | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get install gcc-multilib lib32stdc++-13-dev | |
| - name: Build | |
| if: ${{ startsWith(matrix.id, 'windows-') }} | |
| run: | | |
| .\configure ` | |
| --host=${{ matrix.id }} ` | |
| --enable-compiler-backend ` | |
| ${{ env.FRIDA_CORE_OPTIONS }} | |
| .\make | |
| env: | |
| MSYS2_LOCATION: ${{ steps.msys2.outputs.msys2-location }} | |
| - name: Build | |
| if: ${{ !startsWith(matrix.id, 'windows-') && matrix.id != 'linux-x86' }} | |
| run: | | |
| ./configure \ | |
| --enable-compiler-backend \ | |
| ${{ env.FRIDA_CORE_OPTIONS }} | |
| make | |
| - name: Build | |
| if: matrix.id == 'linux-x86' | |
| run: | | |
| CC="gcc -m32" CXX="g++ -m32" STRIP="strip" \ | |
| ./configure \ | |
| --build=linux-x86 \ | |
| --host=linux-x86 \ | |
| --enable-compiler-backend \ | |
| ${{ env.FRIDA_CORE_OPTIONS }} | |
| make | |
| - name: Upload devkit | |
| if: ${{ !startsWith(matrix.id, 'linux-') }} | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: core-devkit-${{ matrix.id }} | |
| path: build/src/devkit/ | |
| - name: Test | |
| if: ${{ matrix.id != 'windows-arm64' && !startsWith(matrix.id, 'macos-') }} | |
| run: make test | |
| cross: | |
| strategy: | |
| matrix: | |
| include: | |
| - { id: windows-x86_64-mingw, opts: '--host=x86_64-w64-mingw32 --without-prebuilds=sdk:host', pkg: g++-mingw-w64-x86-64 } | |
| - { id: windows-x86-mingw, opts: '--host=i686-w64-mingw32 --without-prebuilds=sdk:host', pkg: g++-mingw-w64-i686 } | |
| - { id: linux-mips, opts: '--host=mips-linux-gnu', pkg: g++-mips-linux-gnu } | |
| - { id: linux-mipsel, opts: '--host=mipsel-linux-gnu', pkg: g++-mipsel-linux-gnu } | |
| - { id: linux-mips64, opts: '--host=mips64-linux-gnuabi64', pkg: g++-mips64-linux-gnuabi64 } | |
| - { id: linux-mips64el, opts: '--host=mips64el-linux-gnuabi64', pkg: g++-mips64el-linux-gnuabi64 } | |
| fail-fast: false | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Check out repo | |
| uses: actions/checkout@v4 | |
| with: | |
| submodules: recursive | |
| - name: Install toolchain | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get install ${{ matrix.pkg }} | |
| - name: Install Go toolchain | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version-file: 'src/compiler/go.mod' | |
| cache-dependency-path: 'src/compiler/go.mod' | |
| - name: Build | |
| run: | | |
| ./configure \ | |
| ${{ matrix.opts }} \ | |
| ${{ !contains(matrix.id, 'mips') && '--enable-compiler-backend' || '' }} \ | |
| ${{ env.FRIDA_CORE_OPTIONS }} | |
| make | |
| - name: Upload devkit | |
| if: ${{ !startsWith(matrix.id, 'linux-') }} | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: core-devkit-${{ matrix.id }} | |
| path: build/src/devkit/ | |
| manylinux: | |
| strategy: | |
| matrix: | |
| arch: [x86, x86_64, x86_64-musl, armhf, arm64, arm64-musl, mips, mipsel, mips64, mips64el] | |
| fail-fast: false | |
| runs-on: ubuntu-latest | |
| container: ghcr.io/frida/x-tools-linux-${{ matrix.arch }}:latest | |
| steps: | |
| - name: Check out repo | |
| uses: actions/checkout@v4 | |
| with: | |
| submodules: recursive | |
| - name: Install Go toolchain | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version-file: 'src/compiler/go.mod' | |
| cache-dependency-path: 'src/compiler/go.mod' | |
| - name: Build | |
| run: | | |
| ./configure \ | |
| --host=$XTOOLS_HOST \ | |
| ${{ !startsWith(matrix.arch, 'mips') && '--enable-compiler-backend' || '' }} \ | |
| ${{ env.FRIDA_CORE_OPTIONS }} | |
| make | |
| - name: Upload devkit | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: core-devkit-linux-${{ matrix.arch }} | |
| path: build/src/devkit/ | |
| - name: Test | |
| if: matrix.arch == 'x86' || matrix.arch == 'x86_64' | |
| run: make test | |
| emulator: | |
| strategy: | |
| matrix: | |
| arch: [armbe8, arm64be] | |
| fail-fast: false | |
| runs-on: ubuntu-latest | |
| container: ghcr.io/frida/x-tools-linux-${{ matrix.arch }}:latest | |
| steps: | |
| - name: Check out repo | |
| uses: actions/checkout@v4 | |
| with: | |
| submodules: recursive | |
| - name: Build | |
| run: | | |
| ./configure --host=$XTOOLS_HOST --without-prebuilds=sdk:host --enable-tests | |
| make | |
| - name: Run custom container | |
| uses: addnab/docker-run-action@v3 | |
| with: | |
| image: docker:stable | |
| options: -v ${{ github.workspace }}:/workspace:delegated | |
| run: | | |
| cat <<EOF > /workspace/initscript | |
| #!/bin/sh | |
| dmesg -n1 | |
| mount -t proc none /proc | |
| mount -t sysfs none /sys | |
| mount -t tmpfs none /tmp | |
| mount -t devtmpfs none /dev | |
| mount -t 9p -o rw,sync,dirsync,relatime,trans=virtio,msize=131072,version=9p2000.L host0 /workspace | |
| ip link set lo up | |
| ip addr add 192.168.76.20/24 dev eth0 | |
| ip link set eth0 up | |
| ip route add default via 192.168.76.2 dev eth0 | |
| export LD_LIBRARY_PATH=/lib:/lib64:/libilp32 | |
| /sbin/entropy | |
| cat /etc/motd | |
| export PS1='\u@frida:\w\$ ' | |
| /root/frida-tests | |
| status=\$? | |
| echo "exit status: \$status" | |
| if [ \$status -eq 0 ]; then | |
| echo EXIT_OK | |
| elif [ \$status -gt 128 ]; then | |
| signal=\$((\$status - 128)) | |
| echo "EXIT_FAIL (terminated by signal \$signal)" | |
| else | |
| echo "EXIT_FAIL (exit code \$status)" | |
| fi | |
| EOF | |
| cat <<EOF > /workspace/launch.sh | |
| #!/bin/sh | |
| LOGFILE=/workspace/qemu.log | |
| : > "\$LOGFILE" | |
| timeout 120 qemu-system-aarch64 \ | |
| -M virt \ | |
| -machine virtualization=true \ | |
| -machine type=virt \ | |
| -cpu cortex-a72 \ | |
| -smp 4 \ | |
| -kernel /root/Image.gz \ | |
| -initrd /root/initramfs.img \ | |
| -append 'earlyprintk=serial,ttyAMA0 console=ttyAMA0 coredump_filter=0x3f' \ | |
| -m 4096M \ | |
| -net nic,id=eth \ | |
| -net user,id=mynet,net=192.168.76.0/24 \ | |
| -virtfs local,path=/workspace/,mount_tag=host0,security_model=passthrough,id=host0 \ | |
| -nographic \ | |
| -no-reboot \ | |
| >> "\$LOGFILE" 2>&1 & | |
| QEMU_PID=\$! | |
| echo "QEMU started with PID \$QEMU_PID" | |
| tail -n 0 -f "\$LOGFILE" | while read line; do | |
| echo "\$line" | |
| echo "\$line" | grep "EXIT_OK" >/dev/null 2>&1 | |
| if [ \$? -eq 0 ]; then | |
| echo "Success signal received from guest. Killing QEMU..." | |
| kill -9 "\$QEMU_PID" | |
| cat -n "\$LOGFILE" | |
| exit 0 | |
| fi | |
| echo "\$line" | grep "EXIT_FAIL" >/dev/null 2>&1 | |
| if [ \$? -eq 0 ]; then | |
| echo "Failure signal received from guest. Killing QEMU..." | |
| kill -9 "\$QEMU_PID" | |
| cat -n "\$LOGFILE" | |
| exit 1 | |
| fi | |
| if ! kill -0 "\$QEMU_PID" 2>/dev/null; then | |
| echo "QEMU process has exited." | |
| cat -n "\$LOGFILE" | |
| exit 1 | |
| fi | |
| done | |
| EOF | |
| cat <<EOF > /workspace/Dockerfile.ci | |
| FROM ghcr.io/frida/x-tools-linux-be-target:latest | |
| ENV DEBIAN_FRONTEND=noninteractive | |
| RUN apt-get update && \ | |
| apt-get install -y \ | |
| cpio | |
| RUN mkdir /tmp/initramfs | |
| WORKDIR /tmp/initramfs | |
| RUN cpio --extract < /root/initramfs.img | |
| RUN mkdir /tmp/initramfs/workspace | |
| COPY initscript /tmp/initramfs/init | |
| RUN chmod +x /tmp/initramfs/init | |
| COPY build/tests /tmp/initramfs/root/ | |
| RUN find . | cpio -o --format=newc -R root:root > /root/initramfs.img | |
| COPY launch.sh /root/launch.sh | |
| RUN chmod +x /root/launch.sh | |
| ENTRYPOINT ["/root/launch.sh"] | |
| EOF | |
| docker build -t ci-image -f /workspace/Dockerfile.ci /workspace | |
| docker run --rm -v /workspace:/workspace ci-image | |
| mobile: | |
| strategy: | |
| matrix: | |
| id: | |
| - ios-arm64 | |
| - android-x86 | |
| - android-x86_64 | |
| - android-arm | |
| - android-arm64 | |
| fail-fast: false | |
| runs-on: ${{ startsWith(matrix.id, 'ios-') && 'macos-latest' || 'ubuntu-latest' }} | |
| steps: | |
| - name: Check out repo | |
| uses: actions/checkout@v4 | |
| with: | |
| submodules: recursive | |
| - name: Install Go toolchain | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version-file: 'src/compiler/go.mod' | |
| cache-dependency-path: 'src/compiler/go.mod' | |
| - name: Set up Apple certificates | |
| if: startsWith(matrix.id, 'ios-') | |
| uses: ./.github/actions/setup-apple-certificates | |
| with: | |
| certificates-p12: ${{ secrets.APPLE_CERTIFICATES_P12 }} | |
| certificates-password: ${{ secrets.APPLE_CERTIFICATES_PASSWORD }} | |
| keychain-password: ${{ secrets.APPLE_KEYCHAIN_PASSWORD }} | |
| - uses: nttld/setup-ndk@v1 | |
| if: startsWith(matrix.id, 'android-') | |
| id: setup-ndk | |
| with: | |
| ndk-version: r25c | |
| - name: Add NDK to env | |
| if: startsWith(matrix.id, 'android-') | |
| run: echo ANDROID_NDK_ROOT=${{ steps.setup-ndk.outputs.ndk-path }} >> $GITHUB_ENV | |
| - name: Build | |
| run: | | |
| ./configure \ | |
| --host=${{ matrix.id }} \ | |
| --enable-compiler-backend \ | |
| ${{ env.FRIDA_CORE_OPTIONS }} | |
| make | |
| - name: Upload devkit | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: core-devkit-${{ matrix.id }} | |
| path: build/src/devkit/ | |
| - name: Package tests | |
| run: | | |
| mkdir -p /tmp/pkg | |
| cd build | |
| case ${{ matrix.id }} in | |
| ios-*) | |
| shlibext=.dylib | |
| ;; | |
| android-*) | |
| shlibext=.so | |
| ;; | |
| esac | |
| cp -a tests/frida-tests tests/labrats lib/agent/frida-agent$shlibext /tmp/pkg/ | |
| case ${{ matrix.id }} in | |
| ios-*) | |
| cp -a lib/gadget/frida-gadget.dylib ../tests/test-gadget-standalone.js /tmp/pkg/ | |
| ;; | |
| esac | |
| tar -C /tmp/pkg -czf /tmp/runner.tar.gz . | |
| - name: Test on Corellium iOS device | |
| if: matrix.id == 'ios-arm64' | |
| continue-on-error: true | |
| uses: frida/corellium-action@v4 | |
| with: | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| gateway: corellium.frida.re | |
| device: ios-12.5.7-arm64 | |
| upload: /tmp/runner.tar.gz | |
| run: | | |
| cd /usr/local | |
| rm -rf opt/frida | |
| mkdir -p opt/frida | |
| cd opt/frida | |
| tar xf $ASSET_PATH | |
| ./frida-tests | |
| - name: Test on Corellium Android device | |
| if: matrix.id == 'android-arm64' | |
| continue-on-error: true | |
| uses: frida/corellium-action@v4 | |
| with: | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| gateway: corellium.frida.re | |
| device: android-8.1.0-arm64 | |
| upload: /tmp/runner.tar.gz | |
| run: | | |
| cd /data/local/tmp | |
| tar xf $ASSET_PATH | |
| TMPDIR=/data/local/tmp ./frida-tests | |
| qnx-armeabi: | |
| runs-on: ubuntu-latest | |
| container: ghcr.io/frida/qnx-tools:latest | |
| steps: | |
| - name: Check out repo | |
| uses: actions/checkout@v4 | |
| with: | |
| submodules: recursive | |
| - name: Build | |
| run: | | |
| CFLAGS="--sysroot=$QNX_TARGET/armle-v7" \ | |
| ./configure --host=arm-unknown-nto-qnx6.5.0eabi ${{ env.FRIDA_CORE_OPTIONS }} | |
| make | |
| - name: Upload devkit | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: core-devkit-qnx-armeabi | |
| path: build/src/devkit/ | |
| - name: Test | |
| run: | | |
| mkdir -p /tmp/pkg | |
| cd build | |
| cp -a tests/frida-tests tests/labrats lib/agent/frida-agent.so /tmp/pkg/ | |
| tar -C /tmp/pkg -cf /tmp/runner.tar . | |
| /opt/sabrelite/run.sh /tmp/runner.tar /opt/frida/frida-tests | |
| # This job is used to check that the Linux helpers are built correctly for all | |
| # supported architectures. We do this because the binary artifacts are checked | |
| # in, and we want to ensure that they are up-to-date with respect to the source | |
| # for all architectures. | |
| check-linux-helpers: | |
| strategy: | |
| matrix: | |
| arch: [x86, x86_64, arm, armbe8, arm64, arm64be, arm64beilp32, mips, mipsel, mips64, mips64el] | |
| fail-fast: false | |
| runs-on: ubuntu-latest | |
| container: ghcr.io/frida/core-linux-helpers-${{ matrix.arch }}:latest | |
| steps: | |
| - name: Check out repo | |
| uses: actions/checkout@v4 | |
| with: | |
| submodules: recursive | |
| - name: Build | |
| run: | | |
| ./src/linux/helpers/rebuild.sh ${{ matrix.arch }} | |
| - name: Check for unexpected changes | |
| run: | | |
| git config --global --add safe.directory "$(realpath .)" | |
| status_output=$(git status --porcelain tests/labrats/{resident-agent,simple-agent}-linux-${{ matrix.arch }}.so tests/labrats/{forker,sleeper,spawner}-linux-${{ matrix.arch }}) | |
| if [ -n "$status_output" ]; then | |
| echo "Unexpected changes detected:" | |
| echo "$status_output" | |
| echo "Diff:" | |
| git diff | |
| exit 1 | |
| else | |
| echo "No unexpected changes detected." | |
| fi | |
| # This job is used to check that the Linux labrats are built correctly for all | |
| # supported architectures. We do this because the binary artifacts are checked | |
| # in, and we want to ensure that they are up-to-date with respect to the source | |
| # for all architectures. | |
| check-labrats: | |
| strategy: | |
| matrix: | |
| arch: [x86, x86_64, arm, armbe8, arm64, arm64be, arm64beilp32, mips, mipsel, mips64, mips64el] | |
| fail-fast: false | |
| runs-on: ubuntu-latest | |
| container: ghcr.io/frida/core-linux-helpers-${{ matrix.arch }}:latest | |
| steps: | |
| - name: Check out repo | |
| uses: actions/checkout@v4 | |
| with: | |
| submodules: recursive | |
| - name: Build | |
| run: | | |
| ./tests/labrats/rebuild.sh ${{ matrix.arch }} | |
| - name: Check for unexpected changes | |
| run: | | |
| git config --global --add safe.directory "$(realpath .)" | |
| status_output=$(git status --porcelain src/linux/helpers/{bootstrapper,loader}-${{ matrix.arch }}.bin) | |
| if [ -n "$status_output" ]; then | |
| echo "Unexpected changes detected:" | |
| echo "$status_output" | |
| echo "Diff:" | |
| git diff | |
| exit 1 | |
| else | |
| echo "No unexpected changes detected." | |
| fi |