User Profile

Hi All, Instead of using embedded asm ( __asm), how could I write a arm64.s file and integrate to a command line test project with c files ? #include <stdio.h> extern int myadd(int a, int b); int main(int argc, const char * argv[]) { // insert code here... printf("Hello, World!\n"); int r = myadd( 10 , 4); return 0; } And .s file .global myadd .p2align 2 .type myadd,%function myadd: // Function "myadd" entry point. .fnstart add r0, r0, r1 // Function arguments are in R0 and R1. Add together // and put the result in R0. bx lr // Return by branching to the address in the link // register. .fnend Error -- /Users/prokashsinha/Arm/ArmAndC/asmfunction.s:9:1: error: unknown directive .type myadd,%function ^ /Users/prokashsinha/Arm/ArmAndC/asmfunction.s:12:1: error: unknown directive .fnstart ^ /Users/prokashsinha/Arm/ArmAndC/asmfunction.s:13:5: error: invalid operand for instruction add r0, r0, r1 ^ /Users/prokashsinha/Arm/ArmAndC/asmfunction.s:15:1: error: unrecognized instruction mnemonic, did you mean: b, bcax, bl, br, sb, tbx? bx lr ^ /Users/prokashsinha/Arm/ArmAndC/asmfunction.s:17:1: error: unknown directive .fnend ^

Folks I'm trying to handle a linking problem coming out of linking a command line app to a c++ based library. But if I defined those methods inline with the class definition, no problem is there ... Problem shows -- Ld Build/Products/Debug/COMM_Srv normal x86_64     cd /Users/prokash.sinha/mysrc/C++/COMM_Srv     /Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/clang++ -target x86_64-apple-macos11.3 -isysroot /Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX11.3.sdk -L/Users/prokash.sinha/mysrc/C++/COMM_Srv/Build/Products/Debug -L/Users/prokash.sinha/mysrc/C++/COMM-BUS/Build/Products/Debug -F/Users/prokash.sinha/mysrc/C++/COMM_Srv/Build/Products/Debug -filelist /Users/prokash.sinha/mysrc/C++/COMM_Srv/Build/Intermediates.noindex/COMM_Srv.build/Debug/COMM_Srv.build/Objects-normal/x86_64/COMM_Srv.LinkFileList -Xlinker -object_path_lto -Xlinker /Users/prokash.sinha/mysrc/C++/COMM_Srv/Build/Intermediates.noindex/COMM_Srv.build/Debug/COMM_Srv.build/Objects-normal/x86_64/COMM_Srv_lto.o -Xlinker -export_dynamic -Xlinker -no_deduplicate -stdlib=libc++ -v -lCOMM-BUS -Xlinker -dependency_info -Xlinker /Users/prokash.sinha/mysrc/C++/COMM_Srv/Build/Intermediates.noindex/COMM_Srv.build/Debug/COMM_Srv.build/Objects-normal/x86_64/COMM_Srv_dependency_info.dat -o /Users/prokash.sinha/mysrc/C++/COMM_Srv/Build/Products/Debug/COMM_Srv Apple clang version 12.0.5 (clang-1205.0.22.11) Target: x86_64-apple-macos11.3 Thread model: posix InstalledDir: /Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin  "/Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/ld" -demangle -lto_library /Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/lib/libLTO.dylib -dynamic -arch x86_64 -platform_version macos 11.3.0 11.3 -syslibroot /Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX11.3.sdk -o /Users/prokash.sinha/mysrc/C++/COMM_Srv/Build/Products/Debug/COMM_Srv -L/Users/prokash.sinha/mysrc/C++/COMM_Srv/Build/Products/Debug -L/Users/prokash.sinha/mysrc/C++/COMM-BUS/Build/Products/Debug -filelist /Users/prokash.sinha/mysrc/C++/COMM_Srv/Build/Intermediates.noindex/COMM_Srv.build/Debug/COMM_Srv.build/Objects-normal/x86_64/COMM_Srv.LinkFileList -object_path_lto /Users/prokash.sinha/mysrc/C++/COMM_Srv/Build/Intermediates.noindex/COMM_Srv.build/Debug/COMM_Srv.build/Objects-normal/x86_64/COMM_Srv_lto.o -export_dynamic -no_deduplicate -lCOMM-BUS -dependency_info /Users/prokash.sinha/mysrc/C++/COMM_Srv/Build/Intermediates.noindex/COMM_Srv.build/Debug/COMM_Srv.build/Objects-normal/x86_64/COMM_Srv_dependency_info.dat -lc++ -lSystem /Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/lib/clang/12.0.5/lib/darwin/libclang_rt.osx.a -F/Users/prokash.sinha/mysrc/C++/COMM_Srv/Build/Products/Debug Undefined symbols for architecture x86_64:   "TCPStream::s_send(char*, long)", referenced from:       _main in main.o   "TCPStream::receive(char*, long)", referenced from:       _main in main.o ld: symbol(s) not found for architecture x86_64 clang: error: linker command failed with exit code 1 (use -v to see invocation) nm on the lib -- bash-3.2$ nm Products/Debug/libCOMM-BUS.dylib | grep TCPStream 0000000000003710 T __ZN9TCPStream6s_sendEPcl 00000000000037a0 T __ZN9TCPStream7receiveEPcl 0000000000003660 T __ZN9TCPStreamC1EiP11sockaddr_un 00000000000035a0 T __ZN9TCPStreamC2EiP11sockaddr_un 00000000000036f0 T __ZN9TCPStreamD1Ev 0000000000003690 T __ZN9TCPStreamD2Ev Constructor and Destructor defines are fine in the cpp file. The s_send and receive methods are not like one or two liners, so was trying to put them in C++ implementation files. Is there something more I need in terms of linking ? TIA -P

Folks, I've a bare bone XPC Service, built with Xcode 12.x. I can get it work under Xcode interactive debugger. But from command line I get the Illegal instruction. A similar project with XPC client don't see the problem. Any help ? Eventually it would be part of launchctl based daemon TIA -P

Uploading package to notarization service....2021-05-19 15:22:16.163 altool[2746:1769840] CFURLRequestSetHTTPCookieStorageAcceptPolicy_block_invoke: no longer implemented and should not be called 2021-05-19 15:22:17.261 altool[2746:1769831] * Error: Unable to notarize app. 2021-05-19 15:22:17.261 altool[2746:1769831] * Error: code -1011 (Failed to authenticate for session: (     "Error Domain=ITunesConnectionAuthenticationErrorDomain Code=-22938 \"Sign in with the app-specific password you generated. If you forgot the app-specific password or need to create a new one, go to appleid.apple.com\" UserInfo={NSLocalizedRecoverySuggestion=Sign in with the app-specific password you generated. If you forgot the app-specific password or need to create a new one, go to appleid.apple.com, NSLocalizedDescription=Sign in with the app-specific password you generated. If you forgot the app-specific password or need to create a new one, go to appleid.apple.com, NSLocalizedFailureReason=App Store operation failed.}" ) Unable to upload your app for notarization.) Upload failed, please review the error log printed above Not clear, what went wrong , in this process

On 11.3 and 11.4 I see some of the log entries are missing when using os_log(Default, "...."); Wondering if there is a configuration param I should use. Also does it matter, if I have my own serial and concurrent queues ( 'm not worried about the sequence of the print, just that will it print into log , so some form of $ low collect I can use) Thanks, Prokash

Folks, Is there a way to have SimpleMailPlugin.mailbundle loaded on Big Sur ? Incompatible Plug-ins Disabled Mail has disabled the following plug-ins: DataSecurityPlugin.mailbundle Contact the makers of these plug-ins for versions that are compatible with Mail 14.0.

Is csrutil broken now ? Was trying to disable it, to clean up some SystemExtensions from the file system... It went okay. But reboot does not let me login.... Its spins ... If I try to put back to enable ( Cmd + R key ) it does not get to recovery mode. So I can not get back to where I was

Folks, I've a EP Security module, its embedded inside an app for provisioning and other entitlements. The binary inside ~/Content/MacOS is launched using launchctl and *.plist. Being a root enabled ( and debug disabled ) process, How can we instrument and analyze the performance such a daemon? TIA, prokash

Folks, We had a kext, where I handled KAUTHVNODEREADATTRIBUTES using VNODE listener to capture CD/DVD activities. Context:: We used to get an unique event for KAUTHVNODEREADATTRIBUTES, when a file / doc is copied to CDROM ( and the system creates an Alias )... When I map this to ESEVENTTYPEAUTHGETATTRLIST, I get about 8 or so events in this auth type. File attributes are 1 or 0, except one more value ( it looks like pid ) How am I going to map to a single event? The action we want to take is once per file/doc. But where can we get some detail about these events ( of same event type ), so we can isolate one from other ... TAI,Pro

Hi, I've an Application Bundled and signed from the Xcode signature options ( runtime hardening is disabled ). The Application has a provisioning profile with Apple. We do have dylibs on different workspace/projet that we include in the Framework, library dependencies on link modules. We tried to disable library-validation using the Xcode option switch. But it always fails with CODESIGNING, Code 0x2 Following is the code signature of the Bundled App - Identifier=com.forcepoint.ep.ESDaemonBundle Format=app bundle with Mach-O thin (x8664) CodeDirectory v=20200 size=1312 flags=0x0(none) hashes=33+5 location=embedded VersionPlatform=1 VersionMin=659200 VersionSDK=659204 Hash type=sha256 size=32 CandidateCDHash sha256=6036f59a3467b84e3195fb59424a08fd0c738716 CandidateCDHashFull sha256=6036f59a3467b84e3195fb59424a08fd0c738716b6414171f908486a4e33446b Hash choices=sha256 CMSDigest=6036f59a3467b84e3195fb59424a08fd0c738716b6414171f908486a4e33446b CMSDigestType=2 Page size=4096 CDHash=6036f59a3467b84e3195fb59424a08fd0c738716 Signature size=4657 Authority=Developer ID Application: WEBSENSE, INC. (C489D5E8E8) Authority=Developer ID Certification Authority Authority=Apple Root CA Signed Time=Aug 18, 2020 at 11:18:30 AM Info.plist entries=19 TeamIdentifier=C489D5E8E8 Sealed Resources version=2 rules=13 files=1 Internal requirements count=1 size=224 Following is the library signature -- Executable=/Users/mani/GITS/epm-f1e/build/libMsgCom.dylib Identifier=libMsgCom Format=Mach-O thin (x8664) CodeDirectory v=20200 size=553 flags=0x0(none) hashes=13+2 location=embedded Hash type=sha256 size=32 CandidateCDHash sha256=db2c196b6d8bdf469968679e7f94a85a5750bea1 CandidateCDHashFull sha256=db2c196b6d8bdf469968679e7f94a85a5750bea1f550b6acedbb1c3d26865545 Hash choices=sha256 CMSDigest=db2c196b6d8bdf469968679e7f94a85a5750bea1f550b6acedbb1c3d26865545 CMSDigestType=2 CDHash=db2c196b6d8bdf469968679e7f94a85a5750bea1 Signature size=4657 Authority=Developer ID Application: WEBSENSE, INC. (C489D5E8E8) Authority=Developer ID Certification Authority Authority=Apple Root CA Signed Time=Aug 18, 2020 at 10:21:51 AM Info.plist=not bound TeamIdentifier=C489D5E8E8 Sealed Resources=none Internal requirements count=1 size=204. Any help would be much appreciated. Any links or books that explains all of these would be great too ! Thanks much, Prokash

I'm trying to integrate some basic Ep sec functionality to see what is/are available ...By now we all know there is no template to create such extension using Xcode.So I was trying to get command line EP sec code that works when ( csr disabled, and run from root ). Otherwise it would not work - as we stand today.Now if I try to execute this from Simple Firewall App that launches the system extension, it fails on root permission ( even if I launch the App from command line root permission ) the reason being the lldb debug server launches it when I attached a debugger and wait for its instantiation.SO, when can we expect that those restrictions ( CSR, and root permission going to be lifted out ) ??Thanks,Prokash

After I updated to the latest OS 10.15.3 (19D76) and Xcode Version 11.3 (11C29) I see few problems ---Before this update ( and now) I'm using SimpleFirewall workspace from Apple WWDC source.Before I was debugging the System Extension using attach from Xcode. But now I can not. Attach just waiting waiting waiting ...But the system extension process started running. The way I was running is thru the SimpleFirewallApp, and when I click Start, the extension becomes alive ( launched ).After updating to latest os ( including Xcode), I notice quite a bit of changes in behaviors ...1) We did not have a main.swift in Application, now it needs it2) System Extension now need an entry inside info.plist about Principal Class or some key.3) Even after I kill Extension process, it comes back and running ( this particular, is all good, but if I replace /Library/SystemExtensions/<SomeHashedDirName>/<OurExtension>. I hope it picks up this. __The pain point is that if no application is actively referring to it ( i.e. Client side - SimpleFirewall), a kill should kill and stop relaunching. May be this is because I'm trying to add the EP sec example ( command line obj-c code from Okram ).Q1:I'm sure there is some cache somewhere so how could I stop the extension being launched again, when there is no refrence ?Q2:How to find out ( or resolve ) the debug issue -- why can't I attach, then start the App that would eventually launch the System Extension ??On a running Extension ( using pid ) I can attach, but it does not hit any break points. Pausing in this case give some sort of system scheduler threads ( no other threads ) ---TIAThanks,Prokash

Context::When I was trying to test out the EP security using the only command line example from Omar ( not apple provided code ), I see that code needs network.client entitilement. Also I noticed that it in true sense a client trying to get information fro EP Sec system extension ( insdie Apple's code).My question is, in real product environment, can this client code be in another System Extension ? Or it has to be as client side to EP Sec Extension ?If I have to guess, I think it should not matter !!!Thanks,Prokash

Can we use both client and server for the entitlement(s) of a System Extension ?