Add patch to make codesign_allocate compatible with Apple's #20644
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
sipa
force-pushed
the
202012_codesign_allocate_segalign
branch
2 times, most recently
from
6e9f0fa
to
e4eb1ac
Compare
sipa
force-pushed
the
202012_codesign_allocate_segalign
branch
from
e4eb1ac
to
a4118c6
Compare
|
Tried this with a self signed certificate. Apparently my gitian is doing something incorrectly. Running the apply locally works as expected and the correct binary is produced. |
|
Tested ACK a4118c6 - removed the osx cache, built commit a4118c6 for osx in gitian (dependency where built, patch was applied), signed on my signing mac (detach-sig-create), ran gitian osx signer with the produces signature and the a4118c6 build (detach-sig-apply), signature then was successful verified on my Mac (codesign -v /Volumes/Bitcoin-Core/Bitcoin-Qt.app) |
|
While this patch looks simple, it feels like black magic (at least without the PR description), so I currently prefer #20638. Also given this is patching |
|
Concept ACK a4118c6 |
|
Updated PR description. @fanquake It's easy to trace which functions in cctools call get_segalign_from_flag (the only function that accesses the modified field): it's |
maflcko
pushed a commit
to maflcko/bitcoin-core
that referenced
this pull request
Dec 17, 2020
Github-Pull: bitcoin#20644 Rebased-From: a4118c6
sidhujag
pushed a commit
to syscoin/syscoin
that referenced
this pull request
Dec 17, 2020
…ith Apple's a4118c6 Add patch to make codesign_allocate compatible with Apple's (Pieter Wuille) Pull request description: This is an alternative to bitcoin#20638. The problem is that Apple's codesign(_allocate) apparently rounds the "vmsize" attribute on the __LINKEDIT section to a multiple of 0x2000 on x86_64 rather than 0x1000 (as their published source code does). This divergence means that the binary signed by codesign is slightly different from the one recreated by our reattach-sig-to-gitian-output process, and the signature being invalid. This fixes it by patching our codesign_allocate source code to also use 0x2000. In tests, this appears to result in matching binaries. ACKs for top commit: jonasschnelli: Tested ACK a4118c6 - removed the osx cache, built commit a4118c6 for osx in gitian (dependency where built, patch was applied), signed on my signing mac (detach-sig-create), ran gitian osx signer with the produces signature and the a4118c6 build (detach-sig-apply), signature then was successful verified on my Mac (codesign -v /Volumes/Bitcoin-Core/Bitcoin-Qt.app) MarcoFalke: Concept ACK a4118c6 Tree-SHA512: 07b8cdf8216249ddfe4bd38b39f2b48b2e190d4002b84d8981e62197bbbc9f25ac5c137bcc32057b23fbf38cbb2889ef95101ce008edfbf608cd170b88b3acbc
|
Being backported to 0.21 in #20669. |
maflcko
pushed a commit
to maflcko/bitcoin-core
that referenced
this pull request
Dec 21, 2020
Github-Pull: bitcoin#20644 Rebased-From: a4118c6
maflcko
pushed a commit
to maflcko/bitcoin-core
that referenced
this pull request
Dec 21, 2020
Github-Pull: bitcoin#20644 Rebased-From: a4118c6
fanquake
added a commit
to fanquake/bitcoin
that referenced
this pull request
Dec 22, 2020
Github-Pull: bitcoin#20644 Rebased-From: a4118c6 Co-authored-by: Pieter Wuille <pieter@wuille.net>
fanquake
added a commit
to fanquake/bitcoin
that referenced
this pull request
Dec 22, 2020
Github-Pull: bitcoin#20644 Rebased-From: a4118c6 Co-authored-by: Pieter Wuille <pieter@wuille.net>
maflcko
pushed a commit
to maflcko/bitcoin-core
that referenced
this pull request
Dec 22, 2020
Github-Pull: bitcoin#20644 Rebased-From: a4118c6
fanquake
added a commit
to fanquake/bitcoin
that referenced
this pull request
Dec 22, 2020
Github-Pull: bitcoin#20644 Rebased-From: a4118c6 Co-authored-by: Pieter Wuille <pieter@wuille.net>
fanquake
added a commit
to fanquake/bitcoin
that referenced
this pull request
Dec 22, 2020
Github-Pull: bitcoin#20644 Rebased-From: a4118c6 Co-authored-by: Pieter Wuille <pieter@wuille.net>
maflcko
pushed a commit
to maflcko/bitcoin-core
that referenced
this pull request
Jan 5, 2021
…atible with Apple's" a0eb4c5 Revert "Add patch to make codesign_allocate compatible with Apple's" (Pieter Wuille) Pull request description: This reverts bitcoin#20644. It appears that Apple has recently changed their `codesign_allocate` tool back to using 4k alignment on x86_64, at least in some cases, so this patch isn't causing our cctools-based version to be exactly compatible. Furthermore, if codesigning were to change to use https://github.com/achow101/signapple instead, there is no need anymore to try to mimick Apple. ACKs for top commit: laanwj: ACK a0eb4c5 MarcoFalke: checked-clean-revert ACK a0eb4c5 jonasschnelli: ACK a0eb4c5 Tree-SHA512: 529719a76811006122406689233d1e80995107fe1ac1fc862a4ac53ca21685748ed76cac7ca648dd70f0ea43dd8dcf2e29d559beeab10e1d30dc5542ac95fd97
sidhujag
pushed a commit
to syscoin/syscoin
that referenced
this pull request
Jan 5, 2021
…atible with Apple's" a0eb4c5 Revert "Add patch to make codesign_allocate compatible with Apple's" (Pieter Wuille) Pull request description: This reverts bitcoin#20644. It appears that Apple has recently changed their `codesign_allocate` tool back to using 4k alignment on x86_64, at least in some cases, so this patch isn't causing our cctools-based version to be exactly compatible. Furthermore, if codesigning were to change to use https://github.com/achow101/signapple instead, there is no need anymore to try to mimick Apple. ACKs for top commit: laanwj: ACK a0eb4c5 MarcoFalke: checked-clean-revert ACK a0eb4c5 jonasschnelli: ACK a0eb4c5 Tree-SHA512: 529719a76811006122406689233d1e80995107fe1ac1fc862a4ac53ca21685748ed76cac7ca648dd70f0ea43dd8dcf2e29d559beeab10e1d30dc5542ac95fd97
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This is an alternative to #20638.
The problem is that Apple's codesign(_allocate) apparently rounds the "vmsize" attribute on the __LINKEDIT section to a multiple of 0x2000 on x86_64 rather than 0x1000 (as their published source code does). This divergence means that the binary signed by codesign is slightly different from the one recreated by our reattach-sig-to-gitian-output process, and the signature being invalid.
This fixes it by patching our codesign_allocate source code to also use 0x2000. In tests, this appears to result in matching binaries.