入口函数

MachOView 找到 init func, Section64(_DATA,__mod_init_func)

如何找到[class load]?

inline a big function in llvm pass

always inline pass

编译obfuscator with llvm12 https://holycall.tistory.com/364

PLCT实验室维护的ollvm分支

https://www.jianshu.com/p/e0637f3169a3

sudo make install-xcode-toolchain

控制流扁平化

-mllvm -fla：激活控制流扁平化 -mllvm -split：激活基本块分割。在一起使用时改善展平。 -mllvm -split_num=3：如果激活了传递，则在每个基本块上应用3次。默认值：1

指令替换

-mllvm -sub：激活指令替换 -mllvm -sub_loop=3：如果激活了传递，则在函数上应用3次。默认值：1

虚假控制流程

这个模式主要嵌套几层判断逻辑，一个简单的运算都会在外面包几层if-else，所以这个模式加上编译速度会慢很多因为要做几层假的逻辑包裹真正有用的代码。

另外说一下这个模式编译的时候要浪费相当长时间包哪几层不是闹得！

-mllvm -bcf：激活虚假控制流程 -mllvm -bcf_loop=3：如果激活了传递，则在函数上应用3次。默认值：1 -mllvm -bcf_prob=40：如果激活了传递，基本块将以40％的概率进行模糊处理。默认值：30

-mllvm -sobf：编译时候添加选项开启字符串加密 -mllvm -seed=0xdeadbeaf：指定随机数生成器种子

#cross compile for iOS on macOS

https://clang.llvm.org/docs/

–host,–target，–build

configure.ios

#!/bin/sh -x -e

case "$ARCH" in
    armv6-apple-darwin10|armv7-apple-darwin10|armv7s-apple-darwin10|arm64-apple-darwin10|i386-apple-darwin11)
        ;;
    *)
        cat <<EOF
Must set ARCH environment variable to
armv6-apple-darwin10 = All iOS devices
armv7-apple-darwin10 = All except iPhone 1st, iPhone 3G, iPod Touch 1st, iPod Touch 2nd
armv7s-apple-darwin10 = iPhone 5, iPhone 5c, iPhone 5S, iPad 4th, iPad Air, iPad Mini 2nd
arm64-apple-darwin10 = iPhone 5s, iPad Air, iPad Mini 2nd
i386-apple-darwin11 = iPhone Simulator
See <http://en.wikipedia.org/wiki/List_of_iOS_devices#Features> and search for the architecture name for a comprehensive list.
EOF
        exit 2
        ;;
esac

clang="/Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/clang"
clangxx="${clang}++"
optflags=${OPTFLAGS:--Os}

case $ARCH in
    i386-apple-darwin11)
        sdk="/Applications/Xcode.app/Contents/Developer/Platforms/iPhoneSimulator.platform/Developer/SDKs/iPhoneSimulator7.0.sdk"
        ;;
    *)
        sdk="/Applications/Xcode.app/Contents/Developer/Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS14.4.sdk"
        ;;
esac

IPHONEOS_DEPLOYMENT_TARGET=${IPHONEOS_DEPLOYMENT_TARGET:-7.0}
export IPHONEOS_DEPLOYMENT_TARGET

CC="$clang"
CPP="$clang -E"
export CC CPP

CXX="$clangxx"
CXXCPP="$clangxx -E"
export CXX CXXCPP

CFLAGS="-target $ARCH --sysroot=$sdk $optflags -mios-version-min=$IPHONEOS_DEPLOYMENT_TARGET"
CPPFLAGS="$CFLAGS"
CXXFLAGS="$CFLAGS -stdlib=libc++"
LDFLAGS="$CFLAGS -dead_strip"
export CFLAGS CPPFLAGS CXXFLAGS LDFLAGS

case $ARCH in
    arm64-apple-darwin10)
        host=aarch64-apple-darwin10
        ;;
    *)
        host=$ARCH
        ;;
esac

${CONFIGURE:-./configure} --host="$host" --disable-shared --disable-dependency-tracking "$@"

#剔除符号

strip

#Mac系统下lipo, ar, nm等工具的使用简介