Loading...
--- dyld/dyld-519.2.2/dyld3/shared-cache/update_dyld_shared_cache.cpp
+++ dyld/dyld-750.6/dyld3/shared-cache/update_dyld_shared_cache.cpp
@@ -27,6 +27,7 @@
#include <sys/mman.h>
#include <mach/mach.h>
#include <mach/mach_time.h>
+#include <mach-o/dyld.h>
#include <limits.h>
#include <stdarg.h>
#include <stdio.h>
@@ -57,72 +58,75 @@
#include <iostream>
#include <fstream>
-#include "MachOParser.h"
#include "FileUtils.h"
#include "StringUtils.h"
#include "DyldSharedCache.h"
+#include "MachOFile.h"
+#include "MachOAnalyzer.h"
+#include "ClosureFileSystemPhysical.h"
struct MappedMachOsByCategory
{
- std::string archName;
+ const dyld3::GradedArchs& archs;
std::vector<DyldSharedCache::MappedMachO> dylibsForCache;
std::vector<DyldSharedCache::MappedMachO> otherDylibsAndBundles;
std::vector<DyldSharedCache::MappedMachO> mainExecutables;
+ std::unordered_set<std::string> badZippered;
};
static const char* sAllowedPrefixes[] = {
"/bin/",
"/sbin/",
"/usr/",
- "/System",
- "/Applications/App Store.app/",
- "/Applications/Automator.app/",
- "/Applications/Calculator.app/",
- "/Applications/Calendar.app/",
- "/Applications/Chess.app/",
- "/Applications/Contacts.app/",
-// "/Applications/DVD Player.app/",
- "/Applications/Dashboard.app/",
- "/Applications/Dictionary.app/",
- "/Applications/FaceTime.app/",
- "/Applications/Font Book.app/",
- "/Applications/Image Capture.app/",
- "/Applications/Launchpad.app/",
- "/Applications/Mail.app/",
- "/Applications/Maps.app/",
- "/Applications/Messages.app/",
- "/Applications/Mission Control.app/",
- "/Applications/Notes.app/",
- "/Applications/Photo Booth.app/",
-// "/Applications/Photos.app/",
- "/Applications/Preview.app/",
- "/Applications/QuickTime Player.app/",
- "/Applications/Reminders.app/",
+ "/System/",
+ "/Library/Apple/System/",
+ "/Library/Apple/usr/",
+ "/System/Applications/App Store.app/",
+ "/System/Applications/Automator.app/",
+ "/System/Applications/Calculator.app/",
+ "/System/Applications/Calendar.app/",
+ "/System/Applications/Chess.app/",
+ "/System/Applications/Contacts.app/",
+ "/System/Applications/Dashboard.app/",
+ "/System/Applications/Dictionary.app/",
+ "/System/Applications/FaceTime.app/",
+ "/System/Applications/Font Book.app/",
+ "/System/Applications/Image Capture.app/",
+ "/System/Applications/Launchpad.app/",
+ "/System/Applications/Mail.app/",
+ "/System/Applications/Maps.app/",
+ "/System/Applications/Messages.app/",
+ "/System/Applications/Mission Control.app/",
+ "/System/Applications/Notes.app/",
+ "/System/Applications/Photo Booth.app/",
+ "/System/Applications/Preview.app/",
+ "/System/Applications/QuickTime Player.app/",
+ "/System/Applications/Reminders.app/",
"/Applications/Safari.app/",
- "/Applications/Siri.app/",
- "/Applications/Stickies.app/",
- "/Applications/System Preferences.app/",
- "/Applications/TextEdit.app/",
- "/Applications/Time Machine.app/",
- "/Applications/iBooks.app/",
- "/Applications/iTunes.app/",
- "/Applications/Utilities/Activity Monitor.app",
- "/Applications/Utilities/AirPort Utility.app",
- "/Applications/Utilities/Audio MIDI Setup.app",
- "/Applications/Utilities/Bluetooth File Exchange.app",
- "/Applications/Utilities/Boot Camp Assistant.app",
- "/Applications/Utilities/ColorSync Utility.app",
- "/Applications/Utilities/Console.app",
- "/Applications/Utilities/Digital Color Meter.app",
- "/Applications/Utilities/Disk Utility.app",
- "/Applications/Utilities/Grab.app",
- "/Applications/Utilities/Grapher.app",
- "/Applications/Utilities/Keychain Access.app",
- "/Applications/Utilities/Migration Assistant.app",
- "/Applications/Utilities/Script Editor.app",
- "/Applications/Utilities/System Information.app",
- "/Applications/Utilities/Terminal.app",
- "/Applications/Utilities/VoiceOver Utility.app",
+ "/System/Applications/Siri.app/",
+ "/System/Applications/Stickies.app/",
+ "/System/Applications/System Preferences.app/",
+ "/System/Applications/TextEdit.app/",
+ "/System/Applications/Time Machine.app/",
+ "/System/Applications/iBooks.app/",
+ "/System/Applications/iTunes.app/",
+ "/System/Applications/Utilities/Activity Monitor.app",
+ "/System/Applications/Utilities/AirPort Utility.app",
+ "/System/Applications/Utilities/Audio MIDI Setup.app",
+ "/System/Applications/Utilities/Bluetooth File Exchange.app",
+ "/System/Applications/Utilities/Boot Camp Assistant.app",
+ "/System/Applications/Utilities/ColorSync Utility.app",
+ "/System/Applications/Utilities/Console.app",
+ "/System/Applications/Utilities/Digital Color Meter.app",
+ "/System/Applications/Utilities/Disk Utility.app",
+ "/System/Applications/Utilities/Grab.app",
+ "/System/Applications/Utilities/Grapher.app",
+ "/System/Applications/Utilities/Keychain Access.app",
+ "/System/Applications/Utilities/Migration Assistant.app",
+ "/System/Applications/Utilities/Script Editor.app",
+ "/System/Applications/Utilities/System Information.app",
+ "/System/Applications/Utilities/Terminal.app",
+ "/System/Applications/Utilities/VoiceOver Utility.app",
"/Library/CoreMediaIO/Plug-Ins/DAL/" // temp until plugins moved or closured working
};
@@ -131,6 +135,7 @@
"/usr/local/",
"/System/Library/Assets",
"/System/Library/StagedFrameworks",
+ "/Library/Apple/System/Library/StagedFrameworks",
"/System/Library/Kernels/",
"/bin/zsh", // until <rdar://31026756> is fixed
"/System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/Metadata.framework/Versions/A/Support/mdworker", // these load third party plugins
@@ -142,98 +147,93 @@
-static bool addIfMachO(const std::string& pathPrefix, const std::string& runtimePath, const struct stat& statBuf, bool requireSIP, std::vector<MappedMachOsByCategory>& files)
+
+static bool addIfMachO(const dyld3::closure::FileSystem& fileSystem, const std::string& runtimePath, const struct stat& statBuf,
+ bool requireSIP, dev_t rootFS, std::vector<MappedMachOsByCategory>& files)
{
// don't precompute closure info for any debug or profile dylibs
if ( endsWith(runtimePath, "_profile.dylib") || endsWith(runtimePath, "_debug.dylib") || endsWith(runtimePath, "_profile") || endsWith(runtimePath, "_debug") )
return false;
-
- // read start of file to determine if it is mach-o or a fat file
- std::string fullPath = pathPrefix + runtimePath;
- int fd = ::open(fullPath.c_str(), O_RDONLY);
- if ( fd < 0 )
+ if ( startsWith(runtimePath, "/usr/lib/system/introspection/") )
return false;
+
+#if !BUILDING_UPDATE_OTHER_DYLD_CACHE_BUILDER
+ // Only use files on the same volume as the boot volume
+ if (statBuf.st_dev != rootFS) {
+ if ( verbose )
+ fprintf(stderr, "update_dyld_shared_cache: warning: skipping overlay file '%s' which is not on the root volume\n", runtimePath.c_str());
+ return false;
+ }
+#endif
+
+ auto warningHandler = ^(const char* msg) {
+ if ( verbose )
+ fprintf(stderr, "update_dyld_shared_cache: warning: cannot build dlopen closure for '%s' because %s\n", runtimePath.c_str(), msg);
+ };
+
bool result = false;
- const void* wholeFile = ::mmap(NULL, statBuf.st_size, PROT_READ, MAP_PRIVATE, fd, 0);
- if ( wholeFile != MAP_FAILED ) {
+ for (MappedMachOsByCategory& file : files) {
Diagnostics diag;
- bool usedWholeFile = false;
- for (MappedMachOsByCategory& file : files) {
- size_t sliceOffset;
- size_t sliceLength;
- bool fatButMissingSlice;
- const void* slice = MAP_FAILED;
- if ( dyld3::FatUtil::isFatFileWithSlice(diag, wholeFile, statBuf.st_size, file.archName, sliceOffset, sliceLength, fatButMissingSlice) ) {
- slice = ::mmap(NULL, sliceLength, PROT_READ, MAP_PRIVATE | MAP_RESILIENT_CODESIGN, fd, sliceOffset);
- if ( slice != MAP_FAILED ) {
- //fprintf(stderr, "mapped slice at %p size=0x%0lX, offset=0x%0lX for %s\n", p, len, offset, fullPath.c_str());
- if ( !dyld3::MachOParser::isValidMachO(diag, file.archName, dyld3::Platform::macOS, slice, sliceLength, fullPath.c_str(), false) ) {
- ::munmap((void*)slice, sliceLength);
- slice = MAP_FAILED;
+ char realerPath[MAXPATHLEN];
+ dyld3::closure::LoadedFileInfo loadedFileInfo = dyld3::MachOAnalyzer::load(diag, fileSystem, runtimePath.c_str(), file.archs, dyld3::Platform::macOS, realerPath);
+ if (diag.hasError() ) {
+ // Try again with iOSMac
+ diag.clearError();
+ loadedFileInfo = dyld3::MachOAnalyzer::load(diag, fileSystem, runtimePath.c_str(), file.archs, dyld3::Platform::iOSMac, realerPath);
+ }
+ const dyld3::MachOAnalyzer* ma = (const dyld3::MachOAnalyzer*)loadedFileInfo.fileContent;
+ if ( ma != nullptr ) {
+ bool issetuid = false;
+ const uint64_t sliceLen = loadedFileInfo.sliceLen;
+ const bool isSipProtected = loadedFileInfo.isSipProtected;
+ if ( ma->isDynamicExecutable() ) {
+ // When SIP enabled, only build closures for SIP protected programs
+ if ( !requireSIP || isSipProtected ) {
+ //fprintf(stderr, "requireSIP=%d, sipProtected=%d, path=%s\n", requireSIP, sipProtected, fullPath.c_str());
+ issetuid = (statBuf.st_mode & (S_ISUID|S_ISGID));
+ file.mainExecutables.emplace_back(runtimePath, ma, sliceLen, issetuid, isSipProtected, loadedFileInfo.sliceOffset, statBuf.st_mtime, statBuf.st_ino);
+ }
+ }
+ else if ( ma->canBePlacedInDyldCache(runtimePath.c_str(), ^(const char* msg) {
+ if (verbose)
+ fprintf(stderr, "update_dyld_shared_cache: warning dylib located at '%s' cannot be placed in cache because: %s\n", runtimePath.c_str(), msg);
+ }) ) {
+ // when SIP is enabled, only dylib protected by SIP can go in cache
+ if ( !requireSIP || isSipProtected )
+ file.dylibsForCache.emplace_back(runtimePath, ma, sliceLen, issetuid, isSipProtected, loadedFileInfo.sliceOffset, statBuf.st_mtime, statBuf.st_ino);
+ else if ( ma->canHavePrecomputedDlopenClosure(runtimePath.c_str(), warningHandler) )
+ file.otherDylibsAndBundles.emplace_back(runtimePath, ma, sliceLen, issetuid, isSipProtected, loadedFileInfo.sliceOffset, statBuf.st_mtime, statBuf.st_ino);
+ }
+ else {
+ if ( ma->isDylib() ) {
+ std::string installName = ma->installName();
+ if ( startsWith(installName, "@") && !contains(runtimePath, ".app/") && !contains(runtimePath, ".xpc/") ) {
+ if ( dyld3::MachOFile::isSharedCacheEligiblePath(runtimePath.c_str()) )
+ fprintf(stderr, "update_dyld_shared_cache: warning @rpath install name for system framework: %s\n", runtimePath.c_str());
}
}
- }
- else if ( !fatButMissingSlice && dyld3::MachOParser::isValidMachO(diag, file.archName, dyld3::Platform::macOS, wholeFile, statBuf.st_size, fullPath.c_str(), false) ) {
- slice = wholeFile;
- sliceLength = statBuf.st_size;
- sliceOffset = 0;
- usedWholeFile = true;
- //fprintf(stderr, "mapped whole file at %p size=0x%0lX for %s\n", p, len, inputPath.c_str());
- }
- std::vector<std::string> nonArchWarnings;
- for (const std::string& warning : diag.warnings()) {
- if ( !contains(warning, "required architecture") && !contains(warning, "not a dylib") )
- nonArchWarnings.push_back(warning);
- }
- diag.clearWarnings();
- if ( !nonArchWarnings.empty() ) {
- fprintf(stderr, "update_dyld_shared_cache: warning: %s for %s: ", file.archName.c_str(), runtimePath.c_str());
- for (const std::string& warning : nonArchWarnings) {
- fprintf(stderr, "%s ", warning.c_str());
- }
- fprintf(stderr, "\n");
- }
- if ( slice != MAP_FAILED ) {
- const mach_header* mh = (mach_header*)slice;
- dyld3::MachOParser parser((mach_header*)slice);
- bool sipProtected = isProtectedBySIP(fd);
- bool issetuid = false;
- if ( parser.isDynamicExecutable() ) {
- // When SIP enabled, only build closures for SIP protected programs
- if ( !requireSIP || sipProtected ) {
- //fprintf(stderr, "requireSIP=%d, sipProtected=%d, path=%s\n", requireSIP, sipProtected, fullPath.c_str());
- issetuid = (statBuf.st_mode & (S_ISUID|S_ISGID));
- file.mainExecutables.emplace_back(runtimePath, mh, sliceLength, issetuid, sipProtected, sliceOffset, statBuf.st_mtime, statBuf.st_ino);
+ if ( ma->canHavePrecomputedDlopenClosure(runtimePath.c_str(), warningHandler) ) {
+ // Only add a dlopen closure for objc trampolines. The rest should have been shared cache eligible.
+ bool addClosure = false;
+ if ( ma->isDylib() ) {
+ std::string installName = ma->installName();
+ addClosure = installName == "/usr/lib/libobjc-trampolines.dylib";
+ } else {
+ addClosure = true;
}
- }
- else if ( parser.canBePlacedInDyldCache(runtimePath) ) {
- // when SIP is enabled, only dylib protected by SIP can go in cache
- if ( !requireSIP || sipProtected )
- file.dylibsForCache.emplace_back(runtimePath, mh, sliceLength, issetuid, sipProtected, sliceOffset, statBuf.st_mtime, statBuf.st_ino);
- else
- file.otherDylibsAndBundles.emplace_back(runtimePath, mh, sliceLength, issetuid, sipProtected, sliceOffset, statBuf.st_mtime, statBuf.st_ino);
- }
- else {
- if ( parser.fileType() == MH_DYLIB ) {
- std::string installName = parser.installName();
- if ( startsWith(installName, "@") && !contains(runtimePath, ".app/") ) {
- if ( startsWith(runtimePath, "/usr/lib/") || startsWith(runtimePath, "/System/Library/") )
- fprintf(stderr, "update_dyld_shared_cache: warning @rpath install name for system framework: %s\n", runtimePath.c_str());
- }
- }
- file.otherDylibsAndBundles.emplace_back(runtimePath, mh, sliceLength, issetuid, sipProtected, sliceOffset, statBuf.st_mtime, statBuf.st_ino);
- }
- result = true;
- }
- }
- if ( !usedWholeFile )
- ::munmap((void*)wholeFile, statBuf.st_size);
- }
- ::close(fd);
+ if (addClosure)
+ file.otherDylibsAndBundles.emplace_back(runtimePath, ma, sliceLen, issetuid, isSipProtected, loadedFileInfo.sliceOffset, statBuf.st_mtime, statBuf.st_ino);
+ }
+ }
+ result = true;
+ }
+ }
+
return result;
}
-static void findAllFiles(const std::vector<std::string>& pathPrefixes, bool requireSIP, std::vector<MappedMachOsByCategory>& files)
+static void findAllFiles(const dyld3::closure::FileSystem& fileSystem, const std::vector<std::string>& pathPrefixes,
+ bool requireSIP, dev_t rootFS, std::vector<MappedMachOsByCategory>& files)
{
std::unordered_set<std::string> skipDirs;
for (const char* s : sDontUsePrefixes)
@@ -259,7 +259,7 @@
return;
// if the file is mach-o, add to list
- if ( addIfMachO(prefix, path, statBuf, requireSIP, files) ) {
+ if ( addIfMachO(fileSystem, path, statBuf, requireSIP, rootFS, files) ) {
if ( multiplePrefixes )
alreadyUsed.insert(path);
}
@@ -268,80 +268,97 @@
}
}
-
-static void findOSFilesViaBOMS(const std::vector<std::string>& pathPrefixes, bool requireSIP, std::vector<MappedMachOsByCategory>& files)
+static const char* sReceiptLocations[] = {
+ "/System/Library/Receipts",
+ "/Library/Apple/System/Library/Receipts"
+};
+
+static void findOSFilesViaBOMS(const dyld3::closure::FileSystem& fileSystem, const std::vector<std::string>& pathPrefixes,
+ bool requireSIP, dev_t rootFS, std::vector<MappedMachOsByCategory>& files)
{
__block std::unordered_set<std::string> runtimePathsFound;
+ __block bool foundUsableBom = false;
for (const std::string& prefix : pathPrefixes) {
- iterateDirectoryTree(prefix, "/System/Library/Receipts", ^(const std::string&) { return false; }, ^(const std::string& path, const struct stat& statBuf) {
- if ( !contains(path, "com.apple.pkg.") )
- return;
- if ( !endsWith(path, ".bom") )
- return;
- std::string fullPath = prefix + path;
- BOMBom bom = BOMBomOpenWithSys(fullPath.c_str(), false, NULL);
- if ( bom == nullptr )
- return;
- BOMFSObject rootFso = BOMBomGetRootFSObject(bom);
- if ( rootFso == nullptr ) {
- BOMBomFree(bom);
- return;
- }
- BOMBomEnumerator e = BOMBomEnumeratorNew(bom, rootFso);
- if ( e == nullptr ) {
- fprintf(stderr, "Can't get enumerator for BOM root FSObject\n");
- return;
- }
- BOMFSObjectFree(rootFso);
- //fprintf(stderr, "using BOM %s\n", path.c_str());
- while (BOMFSObject fso = BOMBomEnumeratorNext(e)) {
- if ( BOMFSObjectIsBinaryObject(fso) ) {
- const char* runPath = BOMFSObjectPathName(fso);
- if ( (runPath[0] == '.') && (runPath[1] == '/') )
- ++runPath;
- if ( runtimePathsFound.count(runPath) == 0 ) {
- // only add files from sAllowedPrefixes and not in sDontUsePrefixes
- bool inSearchDir = false;
- for (const char* searchDir : sAllowedPrefixes ) {
- if ( strncmp(searchDir, runPath, strlen(searchDir)) == 0 ) {
- inSearchDir = true;
- break;
- }
- }
- if ( inSearchDir ) {
- bool inSkipDir = false;
- for (const char* skipDir : sDontUsePrefixes) {
- if ( strncmp(skipDir, runPath, strlen(skipDir)) == 0 ) {
- inSkipDir = true;
+ for (const char* dirToIterate : sReceiptLocations ) {
+ iterateDirectoryTree(prefix, dirToIterate, ^(const std::string&) { return false; }, ^(const std::string& path, const struct stat& statBuf) {
+ if ( !contains(path, "com.apple.pkg.") )
+ return;
+ if ( !endsWith(path, ".bom") )
+ return;
+ std::string fullPath = prefix + path;
+ BOMBom bom = BOMBomOpenWithSys(fullPath.c_str(), false, NULL);
+ if ( bom == nullptr )
+ return;
+ BOMFSObject rootFso = BOMBomGetRootFSObject(bom);
+ if ( rootFso == nullptr ) {
+ BOMBomFree(bom);
+ return;
+ }
+ BOMBomEnumerator e = BOMBomEnumeratorNew(bom, rootFso);
+ if ( e == nullptr ) {
+ fprintf(stderr, "Can't get enumerator for BOM root FSObject\n");
+ return;
+ }
+ BOMFSObjectFree(rootFso);
+ //fprintf(stderr, "using BOM %s\n", path.c_str());
+ foundUsableBom = true;
+ while (BOMFSObject fso = BOMBomEnumeratorNext(e)) {
+ if ( BOMFSObjectIsBinaryObject(fso) ) {
+ const char* runPath = BOMFSObjectPathName(fso);
+ if ( (runPath[0] == '.') && (runPath[1] == '/') )
+ ++runPath;
+ // <rdar://problem/48748330> update_dyld_shared_cache needs to fold away /S/L/Templates/Data
+ if (strncmp(runPath, "/System/Library/Templates/Data/", 31) == 0 )
+ runPath = &runPath[30];
+ if ( runtimePathsFound.count(runPath) == 0 ) {
+ // only add files from sAllowedPrefixes and not in sDontUsePrefixes
+ bool inSearchDir = false;
+ for (const char* searchDir : sAllowedPrefixes ) {
+ if ( strncmp(searchDir, runPath, strlen(searchDir)) == 0 ) {
+ inSearchDir = true;
break;
}
}
- if ( !inSkipDir ) {
- for (const std::string& prefix2 : pathPrefixes) {
- struct stat statBuf2;
- std::string fullPath2 = prefix2 + runPath;
- if ( stat(fullPath2.c_str(), &statBuf2) == 0 ) {
- addIfMachO(prefix2, runPath, statBuf2, requireSIP, files);
- runtimePathsFound.insert(runPath);
+ if ( inSearchDir ) {
+ bool inSkipDir = false;
+ for (const char* skipDir : sDontUsePrefixes) {
+ if ( strncmp(skipDir, runPath, strlen(skipDir)) == 0 ) {
+ inSkipDir = true;
break;
+ }
+ }
+ if ( !inSkipDir ) {
+ for (const std::string& prefix2 : pathPrefixes) {
+ struct stat statBuf2;
+ std::string fullPath2 = prefix2 + runPath;
+ if ( stat(fullPath2.c_str(), &statBuf2) == 0 ) {
+ if ( addIfMachO(fileSystem, runPath, statBuf2, requireSIP, rootFS, files) ) {
+ runtimePathsFound.insert(runPath);
+ break;
+ }
+ }
}
}
}
}
}
- }
- BOMFSObjectFree(fso);
- }
-
- BOMBomEnumeratorFree(e);
- BOMBomFree(bom);
- });
- }
+ BOMFSObjectFree(fso);
+ }
+
+ BOMBomEnumeratorFree(e);
+ BOMBomFree(bom);
+ });
+ }
+ }
+
+ if (!foundUsableBom)
+ fprintf(stderr, "update_dyld_shared_cache: warning: No usable BOM files were found in '/System/Library/Receipts'\n");
}
static bool dontCache(const std::string& volumePrefix, const std::string& archName,
const std::unordered_set<std::string>& pathsWithDuplicateInstallName,
+ const std::unordered_set<std::string>& badZippered,
const DyldSharedCache::MappedMachO& aFile, bool warn,
const std::unordered_set<std::string>& skipDylibs)
{
@@ -378,10 +395,16 @@
return true;
}
- dyld3::MachOParser parser(aFile.mh);
- const char* installName = parser.installName();
+ const char* installName = aFile.mh->installName();
if ( (pathsWithDuplicateInstallName.count(aFile.runtimePath) != 0) && (aFile.runtimePath != installName) ) {
- if (warn) fprintf(stderr, "update_dyld_shared_cache: warning: %s skipping because of duplicate install name %s\n", archName.c_str(), aFile.runtimePath.c_str());
+ // <rdar://problem/46431467> if a dylib moves and a symlink is installed into its place, bom iterator will see both and issue a warning
+ struct stat statBuf;
+ bool isSymLink = ( (lstat(aFile.runtimePath.c_str(), &statBuf) == 0) && S_ISLNK(statBuf.st_mode) );
+ if (!isSymLink && warn) fprintf(stderr, "update_dyld_shared_cache: warning: %s skipping because of duplicate install name %s\n", archName.c_str(), aFile.runtimePath.c_str());
+ return true;
+ }
+
+ if (badZippered.count(aFile.runtimePath)) {
return true;
}
@@ -398,20 +421,31 @@
return false;
}
}
+ // <rdar://problem/38000411> also if runtime path is a symlink to install name
+ std::string fullRuntime = volumePrefix + aFile.runtimePath;
+ if ( realpath(fullRuntime.c_str(), resolvedPath) != NULL ) {
+ std::string resolvedSymlink = resolvedPath;
+ if ( !volumePrefix.empty() ) {
+ resolvedSymlink = resolvedSymlink.substr(volumePrefix.size());
+ }
+ if ( resolvedSymlink == installName ) {
+ return false;
+ }
+ }
if (warn) fprintf(stderr, "update_dyld_shared_cache: warning: %s skipping because of bad install name %s\n", archName.c_str(), aFile.runtimePath.c_str());
return true;
}
return false;
}
-static void pruneCachedDylibs(const std::string& volumePrefix, const std::unordered_set<std::string>& skipDylibs, MappedMachOsByCategory& fileSet)
+static void pruneCachedDylibs(const std::string& volumePrefix, const std::unordered_set<std::string>& skipDylibs,
+ MappedMachOsByCategory& fileSet, bool warn)
{
std::unordered_set<std::string> pathsWithDuplicateInstallName;
std::unordered_map<std::string, std::string> installNameToFirstPath;
for (DyldSharedCache::MappedMachO& aFile : fileSet.dylibsForCache) {
- dyld3::MachOParser parser(aFile.mh);
- const char* installName = parser.installName();
+ const char* installName = aFile.mh->installName();
auto pos = installNameToFirstPath.find(installName);
if ( pos == installNameToFirstPath.end() ) {
installNameToFirstPath[installName] = aFile.runtimePath;
@@ -422,12 +456,40 @@
}
}
+ std::unordered_map<std::string, std::string> macOSPathToTwinPath;
+ for (const auto& entry : installNameToFirstPath) {
+ if ( startsWith(entry.first, "/System/iOSSupport/") ) {
+ std::string tail = entry.first.substr(18);
+ if ( installNameToFirstPath.count(tail) != 0 ) {
+ macOSPathToTwinPath.insert({ tail, entry.first });
+ }
+ }
+ }
+
for (DyldSharedCache::MappedMachO& aFile : fileSet.dylibsForCache) {
- if ( dontCache(volumePrefix, fileSet.archName, pathsWithDuplicateInstallName, aFile, true, skipDylibs) )
- fileSet.otherDylibsAndBundles.push_back(aFile);
+ if ( aFile.mh->isZippered() ) {
+ aFile.mh->forEachDependentDylib(^(const char* loadPath, bool isWeak, bool isReExport, bool isUpward, uint32_t compatVersion, uint32_t curVersion, bool& stop) {
+ auto macOSAndTwinPath = macOSPathToTwinPath.find(loadPath);
+ if ( macOSAndTwinPath != macOSPathToTwinPath.end() ) {
+ if ( warn ) {
+ fprintf(stderr, "update_dyld_shared_cache: warning: evicting UIKitForMac binary: %s as it is linked by zippered binary %s\n",
+ macOSAndTwinPath->second.c_str(), aFile.runtimePath.c_str());
+ }
+ fileSet.badZippered.insert(macOSAndTwinPath->second);
+ }
+ });
+ }
+ }
+
+ for (DyldSharedCache::MappedMachO& aFile : fileSet.dylibsForCache) {
+ if ( dontCache(volumePrefix, fileSet.archs.name(), pathsWithDuplicateInstallName, fileSet.badZippered, aFile, true, skipDylibs) ){
+ // <rdar://problem/46423929> don't build dlopen closures for symlinks to something in the dyld cache
+ if ( pathsWithDuplicateInstallName.count(aFile.runtimePath) == 0 )
+ fileSet.otherDylibsAndBundles.push_back(aFile);
+ }
}
fileSet.dylibsForCache.erase(std::remove_if(fileSet.dylibsForCache.begin(), fileSet.dylibsForCache.end(),
- [&](const DyldSharedCache::MappedMachO& aFile) { return dontCache(volumePrefix, fileSet.archName, pathsWithDuplicateInstallName, aFile, false, skipDylibs); }),
+ [&](const DyldSharedCache::MappedMachO& aFile) { return dontCache(volumePrefix, fileSet.archs.name(), pathsWithDuplicateInstallName, fileSet.badZippered, aFile, false, skipDylibs); }),
fileSet.dylibsForCache.end());
}
@@ -435,11 +497,9 @@
{
// other OS dylibs should not contain dylibs that are embedded in some .app bundle
fileSet.otherDylibsAndBundles.erase(std::remove_if(fileSet.otherDylibsAndBundles.begin(), fileSet.otherDylibsAndBundles.end(),
- [&](const DyldSharedCache::MappedMachO& aFile) { return (aFile.runtimePath.find(".app/") != std::string::npos); }),
- fileSet.otherDylibsAndBundles.end());
-}
-
-
+ [&](const DyldSharedCache::MappedMachO& aFile) { return (aFile.runtimePath.find(".app/") != std::string::npos); }),
+ fileSet.otherDylibsAndBundles.end());
+}
static void pruneExecutables(const std::string& volumePrefix, MappedMachOsByCategory& fileSet)
{
// don't build closures for xcode shims in /usr/bin (e.g. /usr/bin/clang) which re-exec themselves to a tool inside Xcode.app
@@ -447,9 +507,8 @@
[&](const DyldSharedCache::MappedMachO& aFile) {
if ( !startsWith(aFile.runtimePath, "/usr/bin/") )
return false;
- dyld3::MachOParser parser(aFile.mh);
__block bool isXcodeShim = false;
- parser.forEachDependentDylib(^(const char* loadPath, bool, bool, bool, uint32_t, uint32_t, bool &stop) {
+ aFile.mh->forEachDependentDylib(^(const char* loadPath, bool, bool, bool, uint32_t, uint32_t, bool &stop) {
if ( strcmp(loadPath, "/usr/lib/libxcselect.dylib") == 0 )
isXcodeShim = true;
});
@@ -463,6 +522,11 @@
int fd = ::open(existingCache.c_str(), O_RDONLY);
if ( fd < 0 )
return false;
+ struct stat statbuf;
+ if ( ::fstat(fd, &statbuf) == -1 ) {
+ ::close(fd);
+ return false;
+ }
// build map of found dylibs
std::unordered_map<std::string, const DyldSharedCache::MappedMachO*> currentDylibMap;
@@ -473,7 +537,7 @@
// make sure all dylibs in existing cache have same mtime and inode as found dylib
__block bool foundMismatch = false;
- const uint64_t cacheMapLen = 0x40000000;
+ const uint64_t cacheMapLen = statbuf.st_size;
void *p = ::mmap(NULL, cacheMapLen, PROT_READ, MAP_PRIVATE, fd, 0);
if ( p != MAP_FAILED ) {
const DyldSharedCache* cache = (DyldSharedCache*)p;
@@ -528,7 +592,22 @@
return ( (result == KERN_SUCCESS) && (info.cpu_subtype == CPU_SUBTYPE_X86_64_H) );
}
-
+#if !BUILDING_UPDATE_OTHER_DYLD_CACHE_BUILDER
+static std::string currentToolRealPath()
+{
+ char curToolPath[PATH_MAX];
+ uint32_t curToolPathsize = PATH_MAX;
+ int result = _NSGetExecutablePath(curToolPath, &curToolPathsize);
+ if ( result == 0 ) {
+ char resolvedCurToolPath[PATH_MAX];
+ if ( realpath(curToolPath, resolvedCurToolPath) != NULL )
+ return resolvedCurToolPath;
+ else
+ return curToolPath;
+ }
+ return "/usr/bin/update_dyld_shared_cache";
+}
+#endif
#define TERMINATE_IF_LAST_ARG( s ) \
do { \
@@ -538,7 +617,7 @@
} \
} while ( 0 )
-int main(int argc, const char* argv[])
+int main(int argc, const char* argv[], const char* envp[])
{
std::string rootPath;
std::string overlayPath;
@@ -631,6 +710,55 @@
overlayPath = resolvedPath;
}
}
+
+#if !BUILDING_UPDATE_OTHER_DYLD_CACHE_BUILDER
+ // <rdar://problem/36362221> update_dyld_shared_cache -root should re-exec() itself to a newer version
+ std::string newTool;
+ if ( !rootPath.empty() )
+ newTool = rootPath + "/usr/bin/update_dyld_shared_cache_root_mode";
+ else if ( !overlayPath.empty() )
+ newTool = overlayPath + "/usr/bin/update_dyld_shared_cache";
+ if ( !newTool.empty() ) {
+ struct stat newToolStatBuf;
+ if ( stat(newTool.c_str(), &newToolStatBuf) == 0 ) {
+ // don't re-exec if we are already running that tool
+ if ( newTool != currentToolRealPath() ) {
+ argv[0] = newTool.c_str();
+ execve(newTool.c_str(), (char**)argv, (char**)envp);
+ fprintf(stderr, "update_dyld_shared_cache: error: could not find '%s/usr/bin/update_dyld_shared_cache_root_mode' in target volume\n", rootPath.c_str());
+ return 1;
+ }
+ }
+ if ( !rootPath.empty() ) {
+ // could be old macOS dmg, try old tool name
+ newTool = rootPath + "/usr/bin/update_dyld_shared_cache";
+ if ( stat(newTool.c_str(), &newToolStatBuf) == 0 ) {
+ // don't re-exec if we are already running that tool
+ if ( newTool != currentToolRealPath() ) {
+ argv[0] = newTool.c_str();
+ execve(newTool.c_str(), (char**)argv, (char**)envp);
+ }
+ }
+ fprintf(stderr, "update_dyld_shared_cache: error: could not find '%s/usr/bin/update_dyld_shared_cache_root_mode' in target volume\n", rootPath.c_str());
+ return 1;
+ }
+ }
+#else
+ if ( rootPath.empty() ) {
+ fprintf(stderr, "update_dyld_shared_cache_root_mode: error: -root option missing\n");
+ return 1;
+ }
+#endif
+
+ // Find the boot volume so that we can ensure all overlays are on the same volume
+ struct stat rootStatBuf;
+ if ( stat(rootPath == "" ? "/" : rootPath.c_str(), &rootStatBuf) != 0 ) {
+ fprintf(stderr, "update_dyld_shared_cache: error: could not stat root file system because '%s'\n", strerror(errno));
+ return 1;
+ }
+ dev_t rootFS = rootStatBuf.st_dev;
+
+
//
// pathPrefixes for three modes:
// 1) no options: { "" } // search only boot volume
@@ -638,12 +766,41 @@
// 3) -root: { root } // search only -root volume
//
std::vector<std::string> pathPrefixes;
- if ( !overlayPath.empty() )
- pathPrefixes.push_back(overlayPath);
+ if ( !overlayPath.empty() ) {
+ // Only add the overlay path if it exists, and is the same volume as the root
+ struct stat overlayStatBuf;
+ if ( stat(overlayPath.c_str(), &overlayStatBuf) != 0 ) {
+ fprintf(stderr, "update_dyld_shared_cache: warning: ignoring overlay dir '%s' because '%s'\n", overlayPath.c_str(), strerror(errno));
+ overlayPath.clear();
+ }
+ else {
+ char resolvedOverlayPath[PATH_MAX];
+ if ( realpath(overlayPath.c_str(), resolvedOverlayPath) != NULL ) {
+ overlayPath = resolvedOverlayPath;
+ }
+ else {
+ fprintf(stderr, "update_dyld_shared_cache: warning: ignoring overlay dir '%s' because realpath() failed\n", overlayPath.c_str());
+ overlayPath.clear();
+ }
+ }
+ if ( !overlayPath.empty() )
+ pathPrefixes.push_back(overlayPath);
+ }
pathPrefixes.push_back(rootPath);
-
+ // build FileSystem object
+ const char* fsRoot = rootPath.empty() ? nullptr : rootPath.c_str();
+ const char* fsOverlay = overlayPath.empty() ? nullptr : overlayPath.c_str();
+ dyld3::closure::FileSystemPhysical fileSystem(fsRoot, fsOverlay);
+
+ // normalize output directory
if ( cacheDir.empty() ) {
+ // if -cache_dir is not specified, then write() will eventually fail if we are not running as root
+ if ( geteuid() != 0 ) {
+ fprintf(stderr, "update_dyld_shared_cache: must be run as root (sudo)\n");
+ return 1;
+ }
+
// write cache file into -root or -overlay directory, if used
if ( rootPath != "/" )
cacheDir = rootPath + MACOSX_DYLD_SHARED_CACHE_DIR;
@@ -652,23 +809,49 @@
else
cacheDir = MACOSX_DYLD_SHARED_CACHE_DIR;
}
-
int err = mkpath_np(cacheDir.c_str(), S_IRWXU | S_IRGRP|S_IXGRP | S_IROTH|S_IXOTH);
if ( (err != 0) && (err != EEXIST) ) {
- fprintf(stderr, "mkpath_np fail: %d", err);
+ fprintf(stderr, "update_dyld_shared_cache: could not access cache dir: mkpath_np(%s) failed errno=%d\n", cacheDir.c_str(), err);
return 1;
}
+ // make sure cacheDir is always a real path, so it can be checked later to see if it changed
+ char resolvedCachePath[PATH_MAX];
+ ::realpath(cacheDir.c_str(), resolvedCachePath);
+ cacheDir = resolvedCachePath;
+
+#if BUILDING_UPDATE_OTHER_DYLD_CACHE_BUILDER
+ bool requireDylibsBeRootlessProtected = false;
+#else
+ bool requireDylibsBeRootlessProtected = isProtectedBySIPExceptDyld(cacheDir);
+ if ( requireDylibsBeRootlessProtected && !overlayPath.empty() && !isProtectedBySIP(overlayPath.c_str()) ) {
+ fprintf(stderr, "update_dyld_shared_cache: warning: ignoring overlay dir '%s' because it is not SIP protected\n", overlayPath.c_str());
+ overlayPath.clear();
+ pathPrefixes.clear();
+ pathPrefixes.push_back(rootPath);
+ }
+#endif
if ( archStrs.empty() ) {
+ // <rdar://44190126> check if OS has enough i386 to make a shared cache
+ char realerPath[MAXPATHLEN];
+ Diagnostics testDiag;
+ const char* foundationPath = "/System/Library/Frameworks/Foundation.framework/Versions/C/Foundation";
+ dyld3::closure::LoadedFileInfo foundationInfo = dyld3::MachOAnalyzer::load(testDiag, fileSystem, foundationPath, dyld3::GradedArchs::i386, dyld3::Platform::macOS, realerPath);
+ bool foundationHas32bit = (foundationInfo.fileContent != NULL);
+ if ( foundationHas32bit )
+ fileSystem.unloadFile(foundationInfo);
+
if ( universal ) {
// <rdar://problem/26182089> -universal_boot should make all possible dyld caches
- archStrs.insert("i386");
+ if ( foundationHas32bit )
+ archStrs.insert("i386");
archStrs.insert("x86_64");
archStrs.insert("x86_64h");
}
else {
// just make caches for this machine
- archStrs.insert("i386");
+ if ( foundationHas32bit )
+ archStrs.insert("i386");
archStrs.insert(runningOnHaswell() ? "x86_64h" : "x86_64");
}
}
@@ -676,24 +859,23 @@
uint64_t t1 = mach_absolute_time();
// find all mach-o files for requested architectures
- bool requireDylibsBeRootlessProtected = isProtectedBySIP(cacheDir);
__block std::vector<MappedMachOsByCategory> allFileSets;
if ( archStrs.count("x86_64") )
- allFileSets.push_back({"x86_64"});
+ allFileSets.push_back({dyld3::GradedArchs::x86_64});
if ( archStrs.count("x86_64h") )
- allFileSets.push_back({"x86_64h"});
+ allFileSets.push_back({dyld3::GradedArchs::x86_64h});
if ( archStrs.count("i386") )
- allFileSets.push_back({"i386"});
+ allFileSets.push_back({dyld3::GradedArchs::i386});
if ( searchDisk )
- findAllFiles(pathPrefixes, requireDylibsBeRootlessProtected, allFileSets);
+ findAllFiles(fileSystem, pathPrefixes, requireDylibsBeRootlessProtected, rootFS, allFileSets);
else {
std::unordered_set<std::string> runtimePathsFound;
- findOSFilesViaBOMS(pathPrefixes, requireDylibsBeRootlessProtected, allFileSets);
+ findOSFilesViaBOMS(fileSystem, pathPrefixes, requireDylibsBeRootlessProtected, rootFS, allFileSets);
}
// nothing in OS uses i386 dylibs, so only dylibs used by third party apps need to be in cache
for (MappedMachOsByCategory& fileSet : allFileSets) {
- pruneCachedDylibs(rootPath, skipDylibs, fileSet);
+ pruneCachedDylibs(rootPath, skipDylibs, fileSet, verbose);
pruneOtherDylibs(rootPath, fileSet);
pruneExecutables(rootPath, fileSet);
}
@@ -722,20 +904,44 @@
__block bool wroteSomeCacheFile = false;
dispatch_apply(allFileSets.size(), dqueue, ^(size_t index) {
MappedMachOsByCategory& fileSet = allFileSets[index];
- const std::string outFile = cacheDir + "/dyld_shared_cache_" + fileSet.archName;
+ const std::string outFile = cacheDir + "/dyld_shared_cache_" + fileSet.archs.name();
DyldSharedCache::MappedMachO (^loader)(const std::string&) = ^DyldSharedCache::MappedMachO(const std::string& runtimePath) {
if ( skipDylibs.count(runtimePath) )
return DyldSharedCache::MappedMachO();
+ if (fileSet.badZippered.count(runtimePath)) {
+ return DyldSharedCache::MappedMachO();
+ }
for (const std::string& prefix : pathPrefixes) {
std::string fullPath = prefix + runtimePath;
struct stat statBuf;
if ( stat(fullPath.c_str(), &statBuf) == 0 ) {
+ char resolvedPath[PATH_MAX];
+ if ( realpath(fullPath.c_str(), resolvedPath) != NULL ) {
+ std::string resolvedSymlink = resolvedPath;
+ if ( !rootPath.empty() ) {
+ resolvedSymlink = resolvedSymlink.substr(rootPath.size());
+ }
+ if ( (runtimePath != resolvedSymlink) && !contains(runtimePath, "InputContext") ) { //HACK remove InputContext when fixed
+ // path requested is a symlink path, check if real path already loaded
+ for (const DyldSharedCache::MappedMachO& aDylibMapping : fileSet.dylibsForCache) {
+ if ( aDylibMapping.runtimePath == resolvedSymlink ) {
+ if ( verbose )
+ fprintf(stderr, "verifySelfContained, redirect %s to %s\n", runtimePath.c_str(), aDylibMapping.runtimePath.c_str());
+ return aDylibMapping;
+ }
+ }
+ }
+ }
+
std::vector<MappedMachOsByCategory> mappedFiles;
- mappedFiles.push_back({fileSet.archName});
- if ( addIfMachO(prefix, runtimePath, statBuf, requireDylibsBeRootlessProtected, mappedFiles) ) {
- if ( !mappedFiles.back().dylibsForCache.empty() )
+ mappedFiles.push_back({fileSet.archs});
+ if ( addIfMachO(fileSystem, runtimePath, statBuf, requireDylibsBeRootlessProtected, rootFS, mappedFiles) ) {
+ if ( !mappedFiles.back().dylibsForCache.empty() ) {
+ if ( verbose )
+ fprintf(stderr, "verifySelfContained, add %s\n", mappedFiles.back().dylibsForCache.back().runtimePath.c_str());
return mappedFiles.back().dylibsForCache.back();
+ }
}
}
}
@@ -743,9 +949,9 @@
};
size_t startCount = fileSet.dylibsForCache.size();
std::vector<std::pair<DyldSharedCache::MappedMachO, std::set<std::string>>> excludes;
- DyldSharedCache::verifySelfContained(fileSet.dylibsForCache, loader, excludes);
+ DyldSharedCache::verifySelfContained(fileSet.dylibsForCache, fileSet.badZippered, loader, excludes);
for (size_t i=startCount; i < fileSet.dylibsForCache.size(); ++i) {
- fprintf(stderr, "update_dyld_shared_cache: warning: %s not in .bom, but adding required dylib %s\n", fileSet.archName.c_str(), fileSet.dylibsForCache[i].runtimePath.c_str());
+ fprintf(stderr, "update_dyld_shared_cache: warning: %s not in .bom, but adding required dylib %s\n", fileSet.archs.name(), fileSet.dylibsForCache[i].runtimePath.c_str());
}
for (auto& exclude : excludes) {
std::string reasons = "(\"";
@@ -756,7 +962,7 @@
}
}
reasons += "\")";
- fprintf(stderr, "update_dyld_shared_cache: warning: %s rejected from cached dylibs: %s (%s)\n", fileSet.archName.c_str(), exclude.first.runtimePath.c_str(), reasons.c_str());
+ fprintf(stderr, "update_dyld_shared_cache: warning: %s rejected from cached dylibs: %s (%s)\n", fileSet.archs.name(), exclude.first.runtimePath.c_str(), reasons.c_str());
fileSet.otherDylibsAndBundles.push_back(exclude.first);
}
@@ -767,15 +973,18 @@
}
// add any extra dylibs needed which were not in .bom
- fprintf(stderr, "update_dyld_shared_cache: %s incorporating %lu OS dylibs, tracking %lu others, building closures for %lu executables\n", fileSet.archName.c_str(), fileSet.dylibsForCache.size(), fileSet.otherDylibsAndBundles.size(), fileSet.mainExecutables.size());
- //for (const DyldSharedCache::MappedMachO& aFile : fileSet.dylibsForCache) {
+ fprintf(stderr, "update_dyld_shared_cache: %s incorporating %lu OS dylibs, tracking %lu others, building closures for %lu executables\n",
+ fileSet.archs.name(), fileSet.dylibsForCache.size(), fileSet.otherDylibsAndBundles.size(), fileSet.mainExecutables.size());
+ //for (const DyldSharedCache::MappedMachO& aFile : fileSet.otherDylibsAndBundles) {
// fprintf(stderr, " %s\n", aFile.runtimePath.c_str());
//}
// build cache new cache file
DyldSharedCache::CreateOptions options;
- options.archName = fileSet.archName;
+ options.outputFilePath = outFile;
+ options.outputMapFilePath = cacheDir + "/dyld_shared_cache_" + fileSet.archs.name() + ".map";
+ options.archs = &fileSet.archs;
options.platform = dyld3::Platform::macOS;
options.excludeLocalSymbols = false;
options.optimizeStubs = false;
@@ -783,35 +992,23 @@
options.codeSigningDigestMode = DyldSharedCache::SHA256only;
options.dylibsRemovedDuringMastering = dylibsRemoved;
options.inodesAreSameAsRuntime = true;
- options.cacheSupportsASLR = (fileSet.archName != "i386");
+ options.cacheSupportsASLR = (&fileSet.archs != &dyld3::GradedArchs::i386);
options.forSimulator = false;
+ options.isLocallyBuiltCache = true;
options.verbose = verbose;
options.evictLeafDylibsOnOverflow = true;
- options.pathPrefixes = pathPrefixes;
- DyldSharedCache::CreateResults results = DyldSharedCache::create(options, fileSet.dylibsForCache, fileSet.otherDylibsAndBundles, fileSet.mainExecutables);
+ DyldSharedCache::CreateResults results = DyldSharedCache::create(options, fileSystem, fileSet.dylibsForCache, fileSet.otherDylibsAndBundles, fileSet.mainExecutables);
// print any warnings
for (const std::string& warn : results.warnings) {
- fprintf(stderr, "update_dyld_shared_cache: warning: %s %s\n", fileSet.archName.c_str(), warn.c_str());
- }
- if ( !results.errorMessage.empty() ) {
- // print error (if one)
+ fprintf(stderr, "update_dyld_shared_cache: warning: %s %s\n", fileSet.archs.name(), warn.c_str());
+ }
+ if ( results.errorMessage.empty() ) {
+ wroteSomeCacheFile = true;
+ }
+ else {
fprintf(stderr, "update_dyld_shared_cache: %s\n", results.errorMessage.c_str());
cacheBuildFailure = true;
- }
- else {
- // save new cache file to disk and write new .map file
- assert(results.cacheContent != nullptr);
- if ( !safeSave(results.cacheContent, results.cacheLength, outFile) )
- cacheBuildFailure = true;
- if ( !cacheBuildFailure ) {
- std::string mapStr = results.cacheContent->mapFile();
- std::string outFileMap = cacheDir + "/dyld_shared_cache_" + fileSet.archName + ".map";
- safeSave(mapStr.c_str(), mapStr.size(), outFileMap);
- wroteSomeCacheFile = true;
- }
- // free created cache buffer
- vm_deallocate(mach_task_self(), (vm_address_t)results.cacheContent, results.cacheLength);
}
});