serialization: obfuscate the serialized search paths

We noticed some Swift clients rely on the serialized search paths in the module to
find dependencies and droping these paths altogether can lead to build failures like
rdar://85840921.

This change teaches the serialization to obfuscate the search paths and the deserialization
to recover them. This allows clients to keep accessing these paths without exposing
them when shipping the module to other users.

Author: nkcsgexi

include/swift/AST/FileUnit.h

@@ -405,6 +405,8 @@ class LoadedFile : public FileUnit {
   virtual void collectBasicSourceFileInfo(
       llvm::function_ref<void(const BasicSourceFileInfo &)> callback) const {}
 
+  virtual void collectSerializedSearchPath(
+      llvm::function_ref<void(StringRef)> callback) const {}
   static bool classof(const FileUnit *file) {
     return file->getKind() == FileUnitKind::SerializedAST ||
            file->getKind() == FileUnitKind::ClangModule ||

include/swift/AST/Module.h

@@ -833,6 +833,8 @@ class ModuleDecl
   void collectBasicSourceFileInfo(
       llvm::function_ref<void(const BasicSourceFileInfo &)> callback) const;
 
+  void collectSerializedSearchPath(
+      llvm::function_ref<void(StringRef)> callback) const;
   /// Retrieve a fingerprint value that summarizes the contents of this module.
   ///
   /// This interface hash a of a module is guaranteed to change if the interface

include/swift/AST/SearchPathOptions.h

@@ -103,6 +103,10 @@ class SearchPathOptions {
   /// specified in LLDB from the target.source-map entries.
   PathRemapper SearchPathRemapper;
 
+  /// Recover the search paths deserialized from .swiftmodule files to their
+  /// original form.
+  PathObfuscator DeserializedPathRecoverer;
+
 private:
   static StringRef
   pathStringFromFrameworkSearchPath(const FrameworkSearchPath &next) {

include/swift/Basic/PathRemapper.h

@@ -58,6 +58,21 @@ class PathRemapper {
   }
 };
 
+class PathObfuscator {
+  PathRemapper obfuscator, recoverer;
+public:
+  void addMapping(StringRef FromPrefix, StringRef ToPrefix) {
+    obfuscator.addMapping(FromPrefix, ToPrefix);
+    recoverer.addMapping(ToPrefix, FromPrefix);
+  }
+  std::string obfuscate(StringRef Path) const {
+    return obfuscator.remapPath(Path);
+  }
+  std::string recover(StringRef Path) const {
+    return recoverer.remapPath(Path);
+  }
+};
+
 } // end namespace swift
 
 #endif // SWIFT_BASIC_PATHREMAPPER_H

include/swift/Frontend/FrontendOptions.h

@@ -15,6 +15,7 @@
 
 #include "swift/Basic/FileTypes.h"
 #include "swift/Basic/Version.h"
+#include "swift/Basic/PathRemapper.h"
 #include "swift/Frontend/FrontendInputsAndOutputs.h"
 #include "swift/Frontend/InputFile.h"
 #include "llvm/ADT/Hashing.h"
@@ -437,6 +438,10 @@ class FrontendOptions {
   /// Whether to include symbols with SPI information in the symbol graph.
   bool IncludeSPISymbolsInSymbolGraph = false;
 
+  /// This is used to obfuscate the serialized search paths so we don't have
+  /// to encode the actual paths into the .swiftmodule file.
+  PathObfuscator serializedPathObfuscator;
+
 private:
   static bool canActionEmitDependencies(ActionType);
   static bool canActionEmitReferenceDependencies(ActionType);

include/swift/Option/FrontendOptions.td

@@ -165,6 +165,10 @@ def print_clang_stats : Flag<["-"], "print-clang-stats">,
 
 def serialize_debugging_options : Flag<["-"], "serialize-debugging-options">,
   HelpText<"Always serialize options for debugging (default: only for apps)">;
+
+def serialized_path_obfuscate : Separate<["-"], "serialized-path-obfuscate">,
+    HelpText<"Remap source paths in debug info">, MetaVarName<"<prefix=replacement>">;
+
 def no_serialize_debugging_options :
   Flag<["-"], "no-serialize-debugging-options">,
   HelpText<"Never serialize options for debugging (default: only for apps)">;

include/swift/Serialization/SerializationOptions.h

@@ -45,6 +45,10 @@ namespace swift {
     /// Path prefixes that should be rewritten in debug info.
     PathRemapper DebuggingOptionsPrefixMap;
 
+    /// Obfuscate the serialized paths so we don't have the actual paths encoded
+    /// in the .swiftmodule file.
+    PathObfuscator PathObfuscator;
+
     /// Describes a single-file dependency for this module, along with the
     /// appropriate strategy for how to verify if it's up-to-date.
     class FileDependency {

include/swift/Serialization/SerializedModuleLoader.h

@@ -465,6 +465,9 @@ class SerializedASTFile final : public LoadedFile {
   virtual void collectBasicSourceFileInfo(
       llvm::function_ref<void(const BasicSourceFileInfo &)>) const override;
 
+  virtual void collectSerializedSearchPath(
+      llvm::function_ref<void(StringRef)> callback) const override;
+
   static bool classof(const FileUnit *file) {
     return file->getKind() == FileUnitKind::SerializedAST;
   }

include/swift/Serialization/Validation.h

@@ -104,7 +104,7 @@ struct ValidationInfo {
 /// \sa validateSerializedAST()
 class ExtendedValidationInfo {
   SmallVector<StringRef, 4> ExtraClangImporterOpts;
-  StringRef SDKPath;
+  std::string SDKPath;
   StringRef ModuleABIName;
   struct {
     unsigned ArePrivateImportsEnabled : 1;
@@ -121,7 +121,7 @@ class ExtendedValidationInfo {
   ExtendedValidationInfo() : Bits() {}
 
   StringRef getSDKPath() const { return SDKPath; }
-  void setSDKPath(StringRef path) {
+  void setSDKPath(std::string path) {
     assert(SDKPath.empty());
     SDKPath = path;
   }

lib/AST/Module.cpp

@@ -1808,6 +1808,15 @@ void ModuleDecl::collectBasicSourceFileInfo(
   }
 }
 
+void ModuleDecl::collectSerializedSearchPath(
+    llvm::function_ref<void(StringRef)> callback) const {
+  for (const FileUnit *fileUnit : getFiles()) {
+    if (auto *serialized = dyn_cast<LoadedFile>(fileUnit)) {
+      serialized->collectSerializedSearchPath(callback);
+    }
+  }
+}
+
 Fingerprint ModuleDecl::getFingerprint() const {
   StableHasher hasher = StableHasher::defaultHasher();
   SmallVector<Fingerprint, 16> FPs;