Post not yet marked as solved
Hi All,
Instead of using embedded asm ( __asm), how could I write a arm64.s file and integrate to a command line test project with c files ?
#include <stdio.h>
extern int myadd(int a, int b);
int main(int argc, const char * argv[]) {
// insert code here...
printf("Hello, World!\n");
int r = myadd( 10 , 4);
return 0;
}
And .s file
.global myadd
.p2align 2
.type myadd,%function
myadd: // Function "myadd" entry point.
.fnstart
add r0, r0, r1 // Function arguments are in R0 and R1. Add together
// and put the result in R0.
bx lr // Return by branching to the address in the link
// register.
.fnend
Error --
/Users/prokashsinha/Arm/ArmAndC/asmfunction.s:9:1: error: unknown directive
.type myadd,%function
^
/Users/prokashsinha/Arm/ArmAndC/asmfunction.s:12:1: error: unknown directive
.fnstart
^
/Users/prokashsinha/Arm/ArmAndC/asmfunction.s:13:5: error: invalid operand for instruction
add r0, r0, r1
^
/Users/prokashsinha/Arm/ArmAndC/asmfunction.s:15:1: error: unrecognized instruction mnemonic, did you mean: b, bcax, bl, br, sb, tbx?
bx lr
^
/Users/prokashsinha/Arm/ArmAndC/asmfunction.s:17:1: error: unknown directive
.fnend
^
Post not yet marked as solved
Folks I'm trying to handle a linking problem coming out of linking a command line app to a c++ based library. But if I defined those methods inline with the class definition, no problem is there ...
Problem shows --
Ld Build/Products/Debug/COMM_Srv normal x86_64
cd /Users/prokash.sinha/mysrc/C++/COMM_Srv
/Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/clang++ -target x86_64-apple-macos11.3 -isysroot /Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX11.3.sdk -L/Users/prokash.sinha/mysrc/C++/COMM_Srv/Build/Products/Debug -L/Users/prokash.sinha/mysrc/C++/COMM-BUS/Build/Products/Debug -F/Users/prokash.sinha/mysrc/C++/COMM_Srv/Build/Products/Debug -filelist /Users/prokash.sinha/mysrc/C++/COMM_Srv/Build/Intermediates.noindex/COMM_Srv.build/Debug/COMM_Srv.build/Objects-normal/x86_64/COMM_Srv.LinkFileList -Xlinker -object_path_lto -Xlinker /Users/prokash.sinha/mysrc/C++/COMM_Srv/Build/Intermediates.noindex/COMM_Srv.build/Debug/COMM_Srv.build/Objects-normal/x86_64/COMM_Srv_lto.o -Xlinker -export_dynamic -Xlinker -no_deduplicate -stdlib=libc++ -v -lCOMM-BUS -Xlinker -dependency_info -Xlinker /Users/prokash.sinha/mysrc/C++/COMM_Srv/Build/Intermediates.noindex/COMM_Srv.build/Debug/COMM_Srv.build/Objects-normal/x86_64/COMM_Srv_dependency_info.dat -o /Users/prokash.sinha/mysrc/C++/COMM_Srv/Build/Products/Debug/COMM_Srv
Apple clang version 12.0.5 (clang-1205.0.22.11)
Target: x86_64-apple-macos11.3
Thread model: posix
InstalledDir: /Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin
"/Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/ld" -demangle -lto_library /Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/lib/libLTO.dylib -dynamic -arch x86_64 -platform_version macos 11.3.0 11.3 -syslibroot /Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX11.3.sdk -o /Users/prokash.sinha/mysrc/C++/COMM_Srv/Build/Products/Debug/COMM_Srv -L/Users/prokash.sinha/mysrc/C++/COMM_Srv/Build/Products/Debug -L/Users/prokash.sinha/mysrc/C++/COMM-BUS/Build/Products/Debug -filelist /Users/prokash.sinha/mysrc/C++/COMM_Srv/Build/Intermediates.noindex/COMM_Srv.build/Debug/COMM_Srv.build/Objects-normal/x86_64/COMM_Srv.LinkFileList -object_path_lto /Users/prokash.sinha/mysrc/C++/COMM_Srv/Build/Intermediates.noindex/COMM_Srv.build/Debug/COMM_Srv.build/Objects-normal/x86_64/COMM_Srv_lto.o -export_dynamic -no_deduplicate -lCOMM-BUS -dependency_info /Users/prokash.sinha/mysrc/C++/COMM_Srv/Build/Intermediates.noindex/COMM_Srv.build/Debug/COMM_Srv.build/Objects-normal/x86_64/COMM_Srv_dependency_info.dat -lc++ -lSystem /Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/lib/clang/12.0.5/lib/darwin/libclang_rt.osx.a -F/Users/prokash.sinha/mysrc/C++/COMM_Srv/Build/Products/Debug
Undefined symbols for architecture x86_64:
"TCPStream::s_send(char*, long)", referenced from:
_main in main.o
"TCPStream::receive(char*, long)", referenced from:
_main in main.o
ld: symbol(s) not found for architecture x86_64
clang: error: linker command failed with exit code 1 (use -v to see invocation)
nm on the lib --
bash-3.2$ nm Products/Debug/libCOMM-BUS.dylib | grep TCPStream
0000000000003710 T __ZN9TCPStream6s_sendEPcl
00000000000037a0 T __ZN9TCPStream7receiveEPcl
0000000000003660 T __ZN9TCPStreamC1EiP11sockaddr_un
00000000000035a0 T __ZN9TCPStreamC2EiP11sockaddr_un
00000000000036f0 T __ZN9TCPStreamD1Ev
0000000000003690 T __ZN9TCPStreamD2Ev
Constructor and Destructor defines are fine in the cpp file. The s_send and receive methods are not like one or two liners, so was trying to put them in C++ implementation files.
Is there something more I need in terms of linking ?
TIA
-P
Post not yet marked as solved
Folks,
I've a bare bone XPC Service, built with Xcode 12.x.
I can get it work under Xcode interactive debugger. But from command line I get the Illegal instruction.
A similar project with XPC client don't see the problem.
Any help ?
Eventually it would be part of launchctl based daemon
TIA
-P
Post not yet marked as solved
Uploading package to notarization service....2021-05-19 15:22:16.163 altool[2746:1769840] CFURLRequestSetHTTPCookieStorageAcceptPolicy_block_invoke: no longer implemented and should not be called
2021-05-19 15:22:17.261 altool[2746:1769831] * Error: Unable to notarize app.
2021-05-19 15:22:17.261 altool[2746:1769831] * Error: code -1011 (Failed to authenticate for session: (
"Error Domain=ITunesConnectionAuthenticationErrorDomain Code=-22938 \"Sign in with the app-specific password you generated. If you forgot the app-specific password or need to create a new one, go to appleid.apple.com\" UserInfo={NSLocalizedRecoverySuggestion=Sign in with the app-specific password you generated. If you forgot the app-specific password or need to create a new one, go to appleid.apple.com, NSLocalizedDescription=Sign in with the app-specific password you generated. If you forgot the app-specific password or need to create a new one, go to appleid.apple.com, NSLocalizedFailureReason=App Store operation failed.}"
) Unable to upload your app for notarization.)
Upload failed, please review the error log printed above
Not clear, what went wrong , in this process
Post not yet marked as solved
On 11.3 and 11.4 I see some of the log entries are missing when using os_log(Default, "....");
Wondering if there is a configuration param I should use.
Also does it matter, if I have my own serial and concurrent queues ( 'm not worried about the sequence of the print, just that will it print into log , so some form of $ low collect I can use)
Thanks,
Prokash
Post not yet marked as solved
Folks,
Is there a way to have SimpleMailPlugin.mailbundle loaded on Big Sur ?
Incompatible Plug-ins Disabled
Mail has disabled the following plug-ins:
DataSecurityPlugin.mailbundle
Contact the makers of these plug-ins for versions that are compatible with Mail 14.0.
Post not yet marked as solved
Is csrutil broken now ?
Was trying to disable it, to clean up some SystemExtensions from the file system... It went okay. But reboot does not let me login....
Its spins ...
If I try to put back to enable ( Cmd + R key ) it does not get to recovery mode. So I can not get back to where I was
Post not yet marked as solved
Folks,
I've a EP Security module, its embedded inside an app for provisioning and other entitlements.
The binary inside ~/Content/MacOS is launched using launchctl and *.plist.
Being a root enabled ( and debug disabled ) process, How can we instrument and analyze the performance such a daemon?
TIA,
prokash
Post not yet marked as solved
Folks,
We had a kext, where I handled KAUTHVNODEREADATTRIBUTES using VNODE listener to capture CD/DVD activities.
Context:: We used to get an unique event for KAUTHVNODEREADATTRIBUTES, when a file / doc is copied to CDROM ( and the system creates an Alias )...
When I map this to ESEVENTTYPEAUTHGETATTRLIST, I get about 8 or so events in this auth type. File attributes are 1 or 0, except one more value ( it looks like pid )
How am I going to map to a single event?
The action we want to take is once per file/doc. But where can we get some detail about these events ( of same event type ), so we can isolate one from other ...
TAI,Pro
Post not yet marked as solved
Hi,
I've an Application Bundled and signed from the Xcode signature options ( runtime hardening is disabled ). The Application has a provisioning profile with Apple.
We do have dylibs on different workspace/projet that we include in the Framework, library dependencies on link modules.
We tried to disable library-validation using the Xcode option switch. But it always fails with CODESIGNING, Code 0x2
Following is the code signature of the Bundled App -
Identifier=com.forcepoint.ep.ESDaemonBundle
Format=app bundle with Mach-O thin (x8664)
CodeDirectory v=20200 size=1312 flags=0x0(none) hashes=33+5 location=embedded
VersionPlatform=1
VersionMin=659200
VersionSDK=659204
Hash type=sha256 size=32
CandidateCDHash sha256=6036f59a3467b84e3195fb59424a08fd0c738716
CandidateCDHashFull sha256=6036f59a3467b84e3195fb59424a08fd0c738716b6414171f908486a4e33446b
Hash choices=sha256
CMSDigest=6036f59a3467b84e3195fb59424a08fd0c738716b6414171f908486a4e33446b
CMSDigestType=2
Page size=4096
CDHash=6036f59a3467b84e3195fb59424a08fd0c738716
Signature size=4657
Authority=Developer ID Application: WEBSENSE, INC. (C489D5E8E8)
Authority=Developer ID Certification Authority
Authority=Apple Root CA
Signed Time=Aug 18, 2020 at 11:18:30 AM
Info.plist entries=19
TeamIdentifier=C489D5E8E8
Sealed Resources version=2 rules=13 files=1
Internal requirements count=1 size=224
Following is the library signature --
Executable=/Users/mani/GITS/epm-f1e/build/libMsgCom.dylib
Identifier=libMsgCom
Format=Mach-O thin (x8664)
CodeDirectory v=20200 size=553 flags=0x0(none) hashes=13+2 location=embedded
Hash type=sha256 size=32
CandidateCDHash sha256=db2c196b6d8bdf469968679e7f94a85a5750bea1
CandidateCDHashFull sha256=db2c196b6d8bdf469968679e7f94a85a5750bea1f550b6acedbb1c3d26865545
Hash choices=sha256
CMSDigest=db2c196b6d8bdf469968679e7f94a85a5750bea1f550b6acedbb1c3d26865545
CMSDigestType=2
CDHash=db2c196b6d8bdf469968679e7f94a85a5750bea1
Signature size=4657
Authority=Developer ID Application: WEBSENSE, INC. (C489D5E8E8)
Authority=Developer ID Certification Authority
Authority=Apple Root CA
Signed Time=Aug 18, 2020 at 10:21:51 AM
Info.plist=not bound
TeamIdentifier=C489D5E8E8
Sealed Resources=none
Internal requirements count=1 size=204.
Any help would be much appreciated.
Any links or books that explains all of these would be great too !
Thanks much,
Prokash
Post not yet marked as solved
I'm trying to integrate some basic Ep sec functionality to see what is/are available ...By now we all know there is no template to create such extension using Xcode.So I was trying to get command line EP sec code that works when ( csr disabled, and run from root ). Otherwise it would not work - as we stand today.Now if I try to execute this from Simple Firewall App that launches the system extension, it fails on root permission ( even if I launch the App from command line root permission ) the reason being the lldb debug server launches it when I attached a debugger and wait for its instantiation.SO, when can we expect that those restrictions ( CSR, and root permission going to be lifted out ) ??Thanks,Prokash
Seeing the followng on CONSOLE when the extension is repeatedly crashing ( when system tries to load )com.forcepoint.SimpleFirewallExtension: Unsatisfied entitlements: com.apple.developer.endpoint-security.clientOf course, the Firewall extension is based on (network server side) network extension. Since I need an EP sec extension, looks like some conflict that it can not be an extension client ( while it is already an extension serverf ) ... NOT SURE though.What is the right way to CRUFT an EP sec module ???Thanksprokash
Post not yet marked as solved
After I updated to the latest OS 10.15.3 (19D76) and Xcode Version 11.3 (11C29) I see few problems ---Before this update ( and now) I'm using SimpleFirewall workspace from Apple WWDC source.Before I was debugging the System Extension using attach from Xcode. But now I can not. Attach just waiting waiting waiting ...But the system extension process started running. The way I was running is thru the SimpleFirewallApp, and when I click Start, the extension becomes alive ( launched ).After updating to latest os ( including Xcode), I notice quite a bit of changes in behaviors ...1) We did not have a main.swift in Application, now it needs it2) System Extension now need an entry inside info.plist about Principal Class or some key.3) Even after I kill Extension process, it comes back and running ( this particular, is all good, but if I replace /Library/SystemExtensions/<SomeHashedDirName>/<OurExtension>. I hope it picks up this. __The pain point is that if no application is actively referring to it ( i.e. Client side - SimpleFirewall), a kill should kill and stop relaunching. May be this is because I'm trying to add the EP sec example ( command line obj-c code from Okram ).Q1:I'm sure there is some cache somewhere so how could I stop the extension being launched again, when there is no refrence ?Q2:How to find out ( or resolve ) the debug issue -- why can't I attach, then start the App that would eventually launch the System Extension ??On a running Extension ( using pid ) I can attach, but it does not hit any break points. Pausing in this case give some sort of system scheduler threads ( no other threads ) ---TIAThanks,Prokash
Post not yet marked as solved
Context::When I was trying to test out the EP security using the only command line example from Omar ( not apple provided code ), I see that code needs network.client entitilement. Also I noticed that it in true sense a client trying to get information fro EP Sec system extension ( insdie Apple's code).My question is, in real product environment, can this client code be in another System Extension ? Or it has to be as client side to EP Sec Extension ?If I have to guess, I think it should not matter !!!Thanks,Prokash
Post not yet marked as solved
Can we use both client and server for the entitlement(s) of a System Extension ?