This repository contains a fork of the LLVM project with support for Automatic Bill of Materials, or ABOM. ABOM is a system for automatically generating a novel form of bills of materials for software projects. The ABOM system is described in the following paper: Automatic Bill of Materials.
Consult the Getting Started with LLVM page for information on building and running LLVM from the source contained in this repository.
To generate an ABOM when compiling using clang, use the -fabom flag, e.g.:
clang -fabom -o hello hello.cNote that you must also use a linker that supports ABOM, such as lld within this project.
If lld is not the default linker on your system, you can specify it using the -fuse-ld flag:
clang -fabom -fuse-ld=lld -o hello hello.cABOM hashes are simply SHAKE128(36) hashes of source code files.
For conveinence, ABOM hashes can be generated using the llvm-abom-hash tool:
llvm-abom-hash hello.cThis will output the hash as a hex string, e.g.:
d43f65e61
To query a binary for an ABOM hash, use the llvm-abom-check tool:
llvm-abom-check hello d43f65e61This will output whether the binary contains the specified ABOM hash:
Present: hello contains d43f65e61
To examine an ABOM contained within a binary, leverage the llvm-readobj tool:
llvm-readobj --abom helloThis will output information about the ABOM header:
File: hello
Format: elf64-x86-64
Arch: x86_64
AddressSize: 64bit
LoadName: <Not found>
ABOM version: 1
ABOM num filters: 0
ABOM model: 0
ABOM blob size: 1
Thank you to:
- The LLVM Project for providing the base compiler, linker, and toolchain.
- Ed Warnicke and Bharathi Seshadri for the understanding of LLVM internals provided by llvm-omnibor.
- Tongda Xu, et al. for the Arithmetic Coding implementation provided by YAECL.
If you use this software in your research, please cite the following paper:
@misc{boucher2023automatic,
title={Automatic Bill of Materials},
author={Nicholas Boucher and Ross Anderson},
year={2023},
eprint={2310.09742},
archivePrefix={arXiv},
primaryClass={cs.CR}
}