Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Upgrade SDL for Mac to latest, prepare for notarization #17329

Merged
merged 7 commits into from Apr 25, 2023
Merged

Upgrade SDL for Mac to latest, prepare for notarization #17329

merged 7 commits into from Apr 25, 2023

Conversation

hrydgard
Copy link
Owner

@hrydgard hrydgard commented Apr 24, 2023
edited

This removes the option to use system SDL and enforces use of the bundled one, which simplifies things.

Simplifies the macbundle.sh script accordingly.

I tried a number of different instructions I found around the web, but this is the only way I could get it working.

If there's a better way, I'm all ears.

This is needed for #17327 , and also, will allow us to support smooth mouse scrolling properly on Mac too.

This also prepares for signing & notarization (which is done by separate scripts, not included here), and a Mac gold build

@hrydgard hrydgard added this to the v1.15.0 milestone Apr 24, 2023
@hrydgard hrydgard marked this pull request as draft April 24, 2023 13:09
@hrydgard
Copy link
Owner Author

hrydgard commented Apr 24, 2023
edited

This works when just building and running directly, but if I try to package it up, the binary is not runnable, it claims to be incomplete. It seems my macbundle.sh shenanigans are not able to change the dependency to the copy of SDL2.framework that we copy into the app directory.

I don't understand how you're supposed to do this :( but install_name_tool seems to be the key.

https://developer.apple.com/documentation/bundleresources/placing_content_in_a_bundle

https://developer.apple.com/forums/thread/128166

install_name_tool example:

https://stackoverflow.com/questions/68310342/how-to-get-cmake-to-embed-a-private-framework-into-a-macos-app-bundle

@hrydgard
Copy link
Owner Author

hrydgard commented Apr 25, 2023
edited

OK this is fun, I'm now in a situation where:

codesign -vvv --deep --strict build/PPSSPPSDL.app/Contents/MacOS/PPSSPPSDL 
--prepared:/Users/hrydg/ppsspp-buildbot/temp/mac-sdl-upgrade_macOS_BUILD/ppsspp/build/PPSSPPSDL.app/Contents/Frameworks/SDL2.framework/Versions/Current/.
--validated:/Users/hrydg/ppsspp-buildbot/temp/mac-sdl-upgrade_macOS_BUILD/ppsspp/build/PPSSPPSDL.app/Contents/Frameworks/SDL2.framework/Versions/Current/.
--prepared:/Users/hrydg/ppsspp-buildbot/temp/mac-sdl-upgrade_macOS_BUILD/ppsspp/build/PPSSPPSDL.app/Contents/Frameworks/libMoltenVK.dylib
--validated:/Users/hrydg/ppsspp-buildbot/temp/mac-sdl-upgrade_macOS_BUILD/ppsspp/build/PPSSPPSDL.app/Contents/Frameworks/libMoltenVK.dylib
build/PPSSPPSDL.app/Contents/MacOS/PPSSPPSDL: valid on disk
build/PPSSPPSDL.app/Contents/MacOS/PPSSPPSDL: satisfies its Designated Requirement

All looking good, then:

hrydg@Henriks-MacBook-Air ppsspp % xcrun notarytool submit PPSSPP_macOS.dmg --keychain-profile "notary-tool" --wait
Conducting pre-submission checks for PPSSPP_macOS.dmg and initiating connection to the Apple notary service...
Submission ID received
  id: xxx
Upload progress: 100,00 % (32,5 MB of 32,5 MB)   
Successfully uploaded file
  id: xxx
  path: /Users/hrydg/ppsspp-buildbot/temp/mac-sdl-upgrade_macOS_BUILD/ppsspp/PPSSPP_macOS.dmg
Waiting for processing to complete.
Current status: Invalid...........
Processing complete
  id: xxx
  status: Invalid
hrydg@Henriks-MacBook-Air ppsspp % xcrun notarytool log --keychain-profile "notary-tool" 8b360fee-9b8f-4a4e-962a-ee08970fe12c
{
  "logFormatVersion": 1,
  "jobId": "xxx",
  "status": "Invalid",
  "statusSummary": "Archive contains critical validation errors",
  "statusCode": 4000,
  "archiveFilename": "PPSSPP_macOS.dmg",
  "uploadDate": "2023-04-25T08:54:21.078Z",
  "sha256": "906982794596b681ad2e31006c07d0c8c6ca69f7f5615915cd97c507416e4077",
  "ticketContents": null,
  "issues": [
    {
      "severity": "error",
      "code": null,
      "path": "PPSSPP_macOS.dmg/PPSSPPSDL.app/Contents/Frameworks/SDL2.framework/SDL2",
      "message": "The signature of the binary is invalid.",
      "docUrl": "https://developer.apple.com/documentation/security/notarizing_macos_software_before_distribution/resolving_common_notarization_issues#3087735",
      "architecture": "x86_64"
    },
    {
      "severity": "error",
      "code": null,
      "path": "PPSSPP_macOS.dmg/PPSSPPSDL.app/Contents/Frameworks/SDL2.framework/SDL2",
      "message": "The signature of the binary is invalid.",
      "docUrl": "https://developer.apple.com/documentation/security/notarizing_macos_software_before_distribution/resolving_common_notarization_issues#3087735",
      "architecture": "arm64"
    },
    {
      "severity": "error",
      "code": null,
      "path": "PPSSPP_macOS.dmg/PPSSPPSDL.app/Contents/MacOS/PPSSPPSDL",
      "message": "The signature of the binary is invalid.",
      "docUrl": "https://developer.apple.com/documentation/security/notarizing_macos_software_before_distribution/resolving_common_notarization_issues#3087735",
      "architecture": "x86_64"
    },
    {
      "severity": "error",
      "code": null,
      "path": "PPSSPP_macOS.dmg/PPSSPPSDL.app/Contents/MacOS/PPSSPPSDL",
      "message": "The signature of the binary is invalid.",
      "docUrl": "https://developer.apple.com/documentation/security/notarizing_macos_software_before_distribution/resolving_common_notarization_issues#3087735",
      "architecture": "arm64"
    }
  ]
}

Like WTF, the codesign utility is happy with it, but not the notarization...

Also:

spctl -vvv --assess --type exec build/PPSSPPSDL.app
build/PPSSPPSDL.app: rejected
source=Unnotarized Developer ID
origin=Developer ID Application: Millionth Line AB

It seems "Unnotarized Developer ID" is a red herring (misformulated message) because developer IDs are not notarized.

@hrydgard
Upgrade SDL for Mac
5d028cb 
This removes the option to use system SDL, which seems like a trap.

Also simplifies the macbundle.sh script accordingly.

Buildfix

Buildfix fix

Moar buildfix
@hrydgard
Upgrade cpu_features submodule
b9267de
@hrydgard
Specify the executable in Info.plist directly (temp, should be injected)
81ef230
@hrydgard
rpath work
dc6c30a
@hrydgard
git-version hack
b125040
@hrydgard hrydgard marked this pull request as ready for review April 25, 2023 11:06
@hrydgard
Copy link
Owner Author

hrydgard commented Apr 25, 2023
edited

Alright, I've managed to fix the signing process, now everything works!

It turns out that copying Mac bundles using cp -r is a terrible idea, cp -R is needed to preserve relative symlinks.

@hrydgard hrydgard changed the title Upgrade SDL for Mac to latest Upgrade SDL for Mac to latest, prepare for notarization Apr 25, 2023
@hrydgard
Remove hardened requirement on the development code signing
108c8cd 
When we do real releases, we override this signing anyway.
@hrydgard
Copy link
Owner Author

Decided not to rename PPSSPPSDL to PPSSPP for now, too big risk of breakage for other platforms and buildbots etc.

@hrydgard hrydgard merged commit 3d8d7a3 into master Apr 25, 2023
20 checks passed
@hrydgard hrydgard deleted the mac-sdl-upgrade branch April 25, 2023 16:38
hrydgard added a commit that referenced this pull request Apr 25, 2023
@hrydgard
SDL: Enable precise (smooth touchpad) scrolling.
0f107e1 
Made possible by #17329
@hrydgard hrydgard mentioned this pull request Apr 25, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
Platform-specific (Mac OS X)
Projects
None yet
Milestone
v1.15.0
Development

Successfully merging this pull request may close these issues.

None yet
1 participant
@hrydgard