Loading...
--- dyld/dyld-551.3/dyld3/shared-cache/update_dyld_shared_cache.cpp
+++ dyld/dyld-625.13/dyld3/shared-cache/update_dyld_shared_cache.cpp
@@ -25,9 +25,9 @@
#include <sys/types.h>
#include <sys/stat.h>
#include <sys/mman.h>
-#include <sys/xattr.h>
#include <mach/mach.h>
#include <mach/mach_time.h>
+#include <mach-o/dyld.h>
#include <limits.h>
#include <stdarg.h>
#include <stdio.h>
@@ -58,10 +58,12 @@
#include <iostream>
#include <fstream>
-#include "MachOParser.h"
#include "FileUtils.h"
#include "StringUtils.h"
#include "DyldSharedCache.h"
+#include "MachOFile.h"
+#include "MachOAnalyzer.h"
+#include "ClosureFileSystemPhysical.h"
struct MappedMachOsByCategory
{
@@ -136,6 +138,7 @@
"/bin/zsh", // until <rdar://31026756> is fixed
"/System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/Metadata.framework/Versions/A/Support/mdworker", // these load third party plugins
"/usr/bin/mdimport", // these load third party plugins
+ "/System/Library/Developer/CoreSimulator/", // ignore Marzipan
};
@@ -143,94 +146,58 @@
-static bool addIfMachO(const std::string& pathPrefix, const std::string& runtimePath, const struct stat& statBuf, bool requireSIP, std::vector<MappedMachOsByCategory>& files)
+static bool addIfMachO(const dyld3::closure::FileSystem& fileSystem, const std::string& runtimePath, const struct stat& statBuf, bool requireSIP, std::vector<MappedMachOsByCategory>& files)
{
// don't precompute closure info for any debug or profile dylibs
if ( endsWith(runtimePath, "_profile.dylib") || endsWith(runtimePath, "_debug.dylib") || endsWith(runtimePath, "_profile") || endsWith(runtimePath, "_debug") )
return false;
-
- // read start of file to determine if it is mach-o or a fat file
- std::string fullPath = pathPrefix + runtimePath;
- int fd = ::open(fullPath.c_str(), O_RDONLY);
- if ( fd < 0 )
+ if ( startsWith(runtimePath, "/usr/lib/system/introspection/") )
return false;
+
+ auto warningHandler = ^(const char* msg) {
+ if ( verbose )
+ fprintf(stderr, "update_dyld_shared_cache: warning: cannot build dlopen closure for '%s' because %s\n", runtimePath.c_str(), msg);
+ };
+
bool result = false;
- const void* wholeFile = ::mmap(NULL, statBuf.st_size, PROT_READ, MAP_PRIVATE, fd, 0);
- if ( wholeFile != MAP_FAILED ) {
+ for (MappedMachOsByCategory& file : files) {
Diagnostics diag;
- bool usedWholeFile = false;
- for (MappedMachOsByCategory& file : files) {
- size_t sliceOffset;
- size_t sliceLength;
- bool fatButMissingSlice;
- const void* slice = MAP_FAILED;
- if ( dyld3::FatUtil::isFatFileWithSlice(diag, wholeFile, statBuf.st_size, file.archName, sliceOffset, sliceLength, fatButMissingSlice) ) {
- slice = ::mmap(NULL, sliceLength, PROT_READ, MAP_PRIVATE | MAP_RESILIENT_CODESIGN, fd, sliceOffset);
- if ( slice != MAP_FAILED ) {
- //fprintf(stderr, "mapped slice at %p size=0x%0lX, offset=0x%0lX for %s\n", p, len, offset, fullPath.c_str());
- if ( !dyld3::MachOParser::isValidMachO(diag, file.archName, dyld3::Platform::macOS, slice, sliceLength, fullPath.c_str(), false) ) {
- ::munmap((void*)slice, sliceLength);
- slice = MAP_FAILED;
+ dyld3::closure::LoadedFileInfo loadedFileInfo = dyld3::MachOAnalyzer::load(diag, fileSystem, runtimePath.c_str(), file.archName.c_str(), dyld3::Platform::macOS);
+ const dyld3::MachOAnalyzer* ma = (const dyld3::MachOAnalyzer*)loadedFileInfo.fileContent;
+ if ( ma != nullptr ) {
+ bool sipProtected = false; // isProtectedBySIP(fd);
+ bool issetuid = false;
+ if ( ma->isDynamicExecutable() ) {
+ // When SIP enabled, only build closures for SIP protected programs
+ if ( !requireSIP || sipProtected ) {
+ //fprintf(stderr, "requireSIP=%d, sipProtected=%d, path=%s\n", requireSIP, sipProtected, fullPath.c_str());
+ issetuid = (statBuf.st_mode & (S_ISUID|S_ISGID));
+ file.mainExecutables.emplace_back(runtimePath, ma, loadedFileInfo.sliceLen, issetuid, sipProtected, loadedFileInfo.sliceOffset, statBuf.st_mtime, statBuf.st_ino);
+ }
+ }
+ else if ( ma->canBePlacedInDyldCache(runtimePath.c_str(), ^(const char* msg) {}) ) {
+ // when SIP is enabled, only dylib protected by SIP can go in cache
+ if ( !requireSIP || sipProtected )
+ file.dylibsForCache.emplace_back(runtimePath, ma, loadedFileInfo.sliceLen, issetuid, sipProtected, loadedFileInfo.sliceOffset, statBuf.st_mtime, statBuf.st_ino);
+ else if ( ma->canHavePrecomputedDlopenClosure(runtimePath.c_str(), warningHandler) )
+ file.otherDylibsAndBundles.emplace_back(runtimePath, ma, loadedFileInfo.sliceLen, issetuid, sipProtected, loadedFileInfo.sliceOffset, statBuf.st_mtime, statBuf.st_ino);
+ }
+ else {
+ if ( ma->isDylib() ) {
+ std::string installName = ma->installName();
+ if ( startsWith(installName, "@") && !contains(runtimePath, ".app/") && !contains(runtimePath, ".xpc/") ) {
+ if ( startsWith(runtimePath, "/usr/lib/") || startsWith(runtimePath, "/System/Library/") )
+ fprintf(stderr, "update_dyld_shared_cache: warning @rpath install name for system framework: %s\n", runtimePath.c_str());
}
}
- }
- else if ( !fatButMissingSlice && dyld3::MachOParser::isValidMachO(diag, file.archName, dyld3::Platform::macOS, wholeFile, statBuf.st_size, fullPath.c_str(), false) ) {
- slice = wholeFile;
- sliceLength = statBuf.st_size;
- sliceOffset = 0;
- usedWholeFile = true;
- //fprintf(stderr, "mapped whole file at %p size=0x%0lX for %s\n", p, len, inputPath.c_str());
- }
- std::vector<std::string> nonArchWarnings;
- for (const std::string& warning : diag.warnings()) {
- if ( !contains(warning, "required architecture") && !contains(warning, "not a dylib") )
- nonArchWarnings.push_back(warning);
- }
- diag.clearWarnings();
- if ( !nonArchWarnings.empty() ) {
- fprintf(stderr, "update_dyld_shared_cache: warning: %s for %s: ", file.archName.c_str(), runtimePath.c_str());
- for (const std::string& warning : nonArchWarnings) {
- fprintf(stderr, "%s ", warning.c_str());
- }
- fprintf(stderr, "\n");
- }
- if ( slice != MAP_FAILED ) {
- const mach_header* mh = (mach_header*)slice;
- dyld3::MachOParser parser((mach_header*)slice);
- bool sipProtected = isProtectedBySIP(fd);
- bool issetuid = false;
- if ( parser.isDynamicExecutable() ) {
- // When SIP enabled, only build closures for SIP protected programs
- if ( !requireSIP || sipProtected ) {
- //fprintf(stderr, "requireSIP=%d, sipProtected=%d, path=%s\n", requireSIP, sipProtected, fullPath.c_str());
- issetuid = (statBuf.st_mode & (S_ISUID|S_ISGID));
- file.mainExecutables.emplace_back(runtimePath, mh, sliceLength, issetuid, sipProtected, sliceOffset, statBuf.st_mtime, statBuf.st_ino);
- }
- }
- else if ( parser.canBePlacedInDyldCache(runtimePath) ) {
- // when SIP is enabled, only dylib protected by SIP can go in cache
- if ( !requireSIP || sipProtected )
- file.dylibsForCache.emplace_back(runtimePath, mh, sliceLength, issetuid, sipProtected, sliceOffset, statBuf.st_mtime, statBuf.st_ino);
- else
- file.otherDylibsAndBundles.emplace_back(runtimePath, mh, sliceLength, issetuid, sipProtected, sliceOffset, statBuf.st_mtime, statBuf.st_ino);
- }
- else {
- if ( parser.fileType() == MH_DYLIB ) {
- std::string installName = parser.installName();
- if ( startsWith(installName, "@") && !contains(runtimePath, ".app/") ) {
- if ( startsWith(runtimePath, "/usr/lib/") || startsWith(runtimePath, "/System/Library/") )
- fprintf(stderr, "update_dyld_shared_cache: warning @rpath install name for system framework: %s\n", runtimePath.c_str());
- }
- }
- file.otherDylibsAndBundles.emplace_back(runtimePath, mh, sliceLength, issetuid, sipProtected, sliceOffset, statBuf.st_mtime, statBuf.st_ino);
- }
- result = true;
- }
- }
- if ( !usedWholeFile )
- ::munmap((void*)wholeFile, statBuf.st_size);
- }
- ::close(fd);
+ else if ( ma->canHavePrecomputedDlopenClosure(runtimePath.c_str(), warningHandler) ) {
+ file.otherDylibsAndBundles.emplace_back(runtimePath, ma, loadedFileInfo.sliceLen, issetuid, sipProtected, loadedFileInfo.sliceOffset, statBuf.st_mtime, statBuf.st_ino);
+ }
+ }
+ result = true;
+ }
+ }
+
return result;
}
@@ -244,6 +211,7 @@
bool multiplePrefixes = (pathPrefixes.size() > 1);
for (const std::string& prefix : pathPrefixes) {
// get all files from overlay for this search dir
+ dyld3::closure::FileSystemPhysical fileSystem(prefix.c_str());
for (const char* searchDir : sAllowedPrefixes ) {
iterateDirectoryTree(prefix, searchDir, ^(const std::string& dirPath) { return (skipDirs.count(dirPath) != 0); }, ^(const std::string& path, const struct stat& statBuf) {
// ignore files that don't have 'x' bit set (all runnable mach-o files do)
@@ -260,7 +228,7 @@
return;
// if the file is mach-o, add to list
- if ( addIfMachO(prefix, path, statBuf, requireSIP, files) ) {
+ if ( addIfMachO(fileSystem, path, statBuf, requireSIP, files) ) {
if ( multiplePrefixes )
alreadyUsed.insert(path);
}
@@ -322,7 +290,8 @@
struct stat statBuf2;
std::string fullPath2 = prefix2 + runPath;
if ( stat(fullPath2.c_str(), &statBuf2) == 0 ) {
- addIfMachO(prefix2, runPath, statBuf2, requireSIP, files);
+ dyld3::closure::FileSystemPhysical fileSystem(prefix2.c_str());
+ addIfMachO(fileSystem, runPath, statBuf2, requireSIP, files);
runtimePathsFound.insert(runPath);
break;
}
@@ -379,8 +348,7 @@
return true;
}
- dyld3::MachOParser parser(aFile.mh);
- const char* installName = parser.installName();
+ const char* installName = aFile.mh->installName();
if ( (pathsWithDuplicateInstallName.count(aFile.runtimePath) != 0) && (aFile.runtimePath != installName) ) {
if (warn) fprintf(stderr, "update_dyld_shared_cache: warning: %s skipping because of duplicate install name %s\n", archName.c_str(), aFile.runtimePath.c_str());
return true;
@@ -399,6 +367,17 @@
return false;
}
}
+ // <rdar://problem/38000411> also if runtime path is a symlink to install name
+ std::string fullRuntime = volumePrefix + aFile.runtimePath;
+ if ( realpath(fullRuntime.c_str(), resolvedPath) != NULL ) {
+ std::string resolvedSymlink = resolvedPath;
+ if ( !volumePrefix.empty() ) {
+ resolvedSymlink = resolvedSymlink.substr(volumePrefix.size());
+ }
+ if ( resolvedSymlink == installName ) {
+ return false;
+ }
+ }
if (warn) fprintf(stderr, "update_dyld_shared_cache: warning: %s skipping because of bad install name %s\n", archName.c_str(), aFile.runtimePath.c_str());
return true;
}
@@ -411,8 +390,7 @@
std::unordered_map<std::string, std::string> installNameToFirstPath;
for (DyldSharedCache::MappedMachO& aFile : fileSet.dylibsForCache) {
- dyld3::MachOParser parser(aFile.mh);
- const char* installName = parser.installName();
+ const char* installName = aFile.mh->installName();
auto pos = installNameToFirstPath.find(installName);
if ( pos == installNameToFirstPath.end() ) {
installNameToFirstPath[installName] = aFile.runtimePath;
@@ -436,11 +414,9 @@
{
// other OS dylibs should not contain dylibs that are embedded in some .app bundle
fileSet.otherDylibsAndBundles.erase(std::remove_if(fileSet.otherDylibsAndBundles.begin(), fileSet.otherDylibsAndBundles.end(),
- [&](const DyldSharedCache::MappedMachO& aFile) { return (aFile.runtimePath.find(".app/") != std::string::npos); }),
- fileSet.otherDylibsAndBundles.end());
-}
-
-
+ [&](const DyldSharedCache::MappedMachO& aFile) { return (aFile.runtimePath.find(".app/") != std::string::npos); }),
+ fileSet.otherDylibsAndBundles.end());
+}
static void pruneExecutables(const std::string& volumePrefix, MappedMachOsByCategory& fileSet)
{
// don't build closures for xcode shims in /usr/bin (e.g. /usr/bin/clang) which re-exec themselves to a tool inside Xcode.app
@@ -448,9 +424,8 @@
[&](const DyldSharedCache::MappedMachO& aFile) {
if ( !startsWith(aFile.runtimePath, "/usr/bin/") )
return false;
- dyld3::MachOParser parser(aFile.mh);
__block bool isXcodeShim = false;
- parser.forEachDependentDylib(^(const char* loadPath, bool, bool, bool, uint32_t, uint32_t, bool &stop) {
+ aFile.mh->forEachDependentDylib(^(const char* loadPath, bool, bool, bool, uint32_t, uint32_t, bool &stop) {
if ( strcmp(loadPath, "/usr/lib/libxcselect.dylib") == 0 )
isXcodeShim = true;
});
@@ -539,7 +514,7 @@
} \
} while ( 0 )
-int main(int argc, const char* argv[])
+int main(int argc, const char* argv[], const char* envp[])
{
std::string rootPath;
std::string overlayPath;
@@ -632,6 +607,31 @@
overlayPath = resolvedPath;
}
}
+
+ // <rdar://problem/36362221> update_dyld_shared_cache should re-exec() itself to a newer version
+ std::string newTool;
+ if ( !rootPath.empty() )
+ newTool = rootPath + "/usr/bin/update_dyld_shared_cache";
+ else if ( !overlayPath.empty() )
+ newTool = overlayPath + "/usr/bin/update_dyld_shared_cache";
+ if ( !newTool.empty() ) {
+ struct stat newToolStatBuf;
+ if ( stat(newTool.c_str(), &newToolStatBuf) == 0 ) {
+ char curToolPath[PATH_MAX];
+ uint32_t curToolPathsize = PATH_MAX;
+ int result = _NSGetExecutablePath(curToolPath, &curToolPathsize);
+ if ( result == 0 ) {
+ char resolvedCurToolPath[PATH_MAX];
+ if ( realpath(curToolPath, resolvedCurToolPath) != NULL ) {
+ // don't re-exec if we are already running that tool
+ if ( newTool != resolvedCurToolPath ) {
+ execve(newTool.c_str(), (char**)argv, (char**)envp);
+ }
+ }
+ }
+ }
+ }
+
//
// pathPrefixes for three modes:
// 1) no options: { "" } // search only boot volume
@@ -645,6 +645,12 @@
if ( cacheDir.empty() ) {
+ // if -cache_dir is not specified, then write() will eventually fail if we are not running as root
+ if ( geteuid() != 0 ) {
+ fprintf(stderr, "update_dyld_shared_cache: must be run as root (sudo)\n");
+ return 1;
+ }
+
// write cache file into -root or -overlay directory, if used
if ( rootPath != "/" )
cacheDir = rootPath + MACOSX_DYLD_SHARED_CACHE_DIR;
@@ -652,11 +658,11 @@
cacheDir = overlayPath + MACOSX_DYLD_SHARED_CACHE_DIR;
else
cacheDir = MACOSX_DYLD_SHARED_CACHE_DIR;
- }
+ }
int err = mkpath_np(cacheDir.c_str(), S_IRWXU | S_IRGRP|S_IXGRP | S_IROTH|S_IXOTH);
if ( (err != 0) && (err != EEXIST) ) {
- fprintf(stderr, "mkpath_np fail: %d", err);
+ fprintf(stderr, "update_dyld_shared_cache: could not access cache dir: mkpath_np(%s) failed errno=%d\n", cacheDir.c_str(), err);
return 1;
}
@@ -732,11 +738,33 @@
std::string fullPath = prefix + runtimePath;
struct stat statBuf;
if ( stat(fullPath.c_str(), &statBuf) == 0 ) {
+ dyld3::closure::FileSystemPhysical fileSystem(prefix.c_str());
+ char resolvedPath[PATH_MAX];
+ if ( realpath(fullPath.c_str(), resolvedPath) != NULL ) {
+ std::string resolvedSymlink = resolvedPath;
+ if ( !rootPath.empty() ) {
+ resolvedSymlink = resolvedSymlink.substr(rootPath.size());
+ }
+ if ( (runtimePath != resolvedSymlink) && !contains(runtimePath, "InputContext") ) { //HACK remove InputContext when fixed
+ // path requested is a symlink path, check if real path already loaded
+ for (const DyldSharedCache::MappedMachO& aDylibMapping : fileSet.dylibsForCache) {
+ if ( aDylibMapping.runtimePath == resolvedSymlink ) {
+ if ( verbose )
+ fprintf(stderr, "verifySelfContained, redirect %s to %s\n", runtimePath.c_str(), aDylibMapping.runtimePath.c_str());
+ return aDylibMapping;
+ }
+ }
+ }
+ }
+
std::vector<MappedMachOsByCategory> mappedFiles;
mappedFiles.push_back({fileSet.archName});
- if ( addIfMachO(prefix, runtimePath, statBuf, requireDylibsBeRootlessProtected, mappedFiles) ) {
- if ( !mappedFiles.back().dylibsForCache.empty() )
+ if ( addIfMachO(fileSystem, runtimePath, statBuf, requireDylibsBeRootlessProtected, mappedFiles) ) {
+ if ( !mappedFiles.back().dylibsForCache.empty() ) {
+ if ( verbose )
+ fprintf(stderr, "verifySelfContained, add %s\n", mappedFiles.back().dylibsForCache.back().runtimePath.c_str());
return mappedFiles.back().dylibsForCache.back();
+ }
}
}
}
@@ -768,19 +796,17 @@
}
// add any extra dylibs needed which were not in .bom
- fprintf(stderr, "update_dyld_shared_cache: %s incorporating %lu OS dylibs, tracking %lu others, building closures for %lu executables\n", fileSet.archName.c_str(), fileSet.dylibsForCache.size(), fileSet.otherDylibsAndBundles.size(), fileSet.mainExecutables.size());
- //for (const DyldSharedCache::MappedMachO& aFile : fileSet.dylibsForCache) {
+ fprintf(stderr, "update_dyld_shared_cache: %s incorporating %lu OS dylibs, tracking %lu others, building closures for %lu executables\n",
+ fileSet.archName.c_str(), fileSet.dylibsForCache.size(), fileSet.otherDylibsAndBundles.size(), fileSet.mainExecutables.size());
+ //for (const DyldSharedCache::MappedMachO& aFile : fileSet.otherDylibsAndBundles) {
// fprintf(stderr, " %s\n", aFile.runtimePath.c_str());
//}
- // Clear the UUID xattr for the existing cache.
- // This prevents the existing cache from being used by dyld3 as roots are probably involved
- if (removexattr(outFile.c_str(), "cacheUUID", 0) != 0) {
- fprintf(stderr, "update_dyld_shared_cache: warning: failure to remove UUID xattr on shared cache file %s with error %s\n", outFile.c_str(), strerror(errno));
- }
// build cache new cache file
DyldSharedCache::CreateOptions options;
+ options.outputFilePath = outFile;
+ options.outputMapFilePath = cacheDir + "/dyld_shared_cache_" + fileSet.archName + ".map";
options.archName = fileSet.archName;
options.platform = dyld3::Platform::macOS;
options.excludeLocalSymbols = false;
@@ -791,6 +817,7 @@
options.inodesAreSameAsRuntime = true;
options.cacheSupportsASLR = (fileSet.archName != "i386");
options.forSimulator = false;
+ options.isLocallyBuiltCache = true;
options.verbose = verbose;
options.evictLeafDylibsOnOverflow = true;
options.pathPrefixes = pathPrefixes;
@@ -800,31 +827,12 @@
for (const std::string& warn : results.warnings) {
fprintf(stderr, "update_dyld_shared_cache: warning: %s %s\n", fileSet.archName.c_str(), warn.c_str());
}
- if ( !results.errorMessage.empty() ) {
- // print error (if one)
+ if ( results.errorMessage.empty() ) {
+ wroteSomeCacheFile = true;
+ }
+ else {
fprintf(stderr, "update_dyld_shared_cache: %s\n", results.errorMessage.c_str());
cacheBuildFailure = true;
- }
- else {
- // save new cache file to disk and write new .map file
- assert(results.cacheContent != nullptr);
- if ( !safeSave(results.cacheContent, results.cacheLength, outFile) ) {
- fprintf(stderr, "update_dyld_shared_cache: could not write dyld cache file %s\n", outFile.c_str());
- cacheBuildFailure = true;
- }
- if ( !cacheBuildFailure ) {
- uuid_t cacheUUID;
- results.cacheContent->getUUID(cacheUUID);
- if (setxattr(outFile.c_str(), "cacheUUID", (const void*)&cacheUUID, sizeof(cacheUUID), 0, XATTR_CREATE) != 0) {
- fprintf(stderr, "update_dyld_shared_cache: warning: failure to set UUID xattr on shared cache file %s with error %s\n", outFile.c_str(), strerror(errno));
- }
- std::string mapStr = results.cacheContent->mapFile();
- std::string outFileMap = cacheDir + "/dyld_shared_cache_" + fileSet.archName + ".map";
- safeSave(mapStr.c_str(), mapStr.size(), outFileMap);
- wroteSomeCacheFile = true;
- }
- // free created cache buffer
- vm_deallocate(mach_task_self(), (vm_address_t)results.cacheContent, results.cacheLength);
}
});