Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add managed MachO signing #108992

Open
wants to merge 4 commits into
base: main
Choose a base branch
from
Open

Add managed MachO signing #108992

wants to merge 4 commits into from
+1,651 −85

Conversation

jtschuster
Copy link
Member

@jtschuster jtschuster commented Oct 17, 2024
edited
Loading

Moving #107378 to a new PR since it now has little shared history.

This signer is byte-for-byte identical to the output of codesign except for padding at the end of the file and the corresponding size fields in the headers.

The MachObjectFile and CodeSignature store all the relevant headers and signature information to add/remove a signature from a Mach Object. Most other files are details regarding header format and reading files with different endianness.

The new signer uses a MemoryMappedViewAccessor instead of a Stream. Since memory mapped files can't be resized, MachObjectFile.CreateAdHocSignature() will write out the headers and load commands to the memory mapped file, but not the signature blob. The signature blob will instead be written to the destination file stream after the rest of the file is copied from the memory mapped file.

@dotnet-issue-labeler dotnet-issue-labeler bot added the area-HostModel Microsoft.NET.HostModel issues label Oct 17, 2024
@jtschuster jtschuster mentioned this pull request Oct 17, 2024
Closed
@dotnet-policy-service Dotnet Policy Service
Copy link
Contributor

Tagging subscribers to this area: @vitek-karas, @agocke
See info in area-owners.md if you want to be subscribed.

@build-analysis build-analysis bot mentioned this pull request Oct 17, 2024
Open
3 tasks
am11
am11 reviewed Oct 17, 2024
View reviewed changes
src/installer/managed/Microsoft.NET.HostModel/MachO/EmbeddedSignatureHeader.cs
Comment on lines +4 to +8
using System.Runtime.InteropServices;

namespace Microsoft.NET.HostModel.MachO;

[StructLayout(LayoutKind.Sequential)]
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: maybe remove all StructLayout? It's default layout, there is no Pack attribute specified or no P/Invoke?

Suggested change
using System.Runtime.InteropServices;
namespace Microsoft.NET.HostModel.MachO;
[StructLayout(LayoutKind.Sequential)]
namespace Microsoft.NET.HostModel.MachO;

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Removing the StructLayout causes 'unused field' warnings. I think the StructLayout makes more sense rather than suppressions and makes it clear that these are representations of unmanaged data, but am fine to change it if there's a better solution.

@jtschuster
Merge branch 'MachSigning' of https://github.com/jtschuster/runtime i…
f2f8402 
…nto MachSigning
@jtschuster
PR feedback, use different memory map file workaround
65a5a46 
- Rename (header, offset) tuples
- Prefix underscore on private fields
- Modify load commands in-place in memory mapped file, and write the
  signature to the output stream since memory mapped file can't grow.
am11
am11 reviewed Oct 18, 2024
View reviewed changes
src/installer/tests/Microsoft.NET.HostModel.Tests/MachObjectSigning/Data/a.out
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We can add these binary fixtures to https://github.com/dotnet/runtime-assets/tree/main/src, e.g. Microsoft.NET.HostModel.TestData which can then be consumed as nuget package. Checking in binaries often get flagged later.

@am11
Copy link
Member

am11 commented Oct 18, 2024

HostActivation.Tests.SelfContainedAppLaunch.RelativeEmbeddedPath is failing on osx-x64:

System.ComponentModel.Win32Exception : An error occurred trying to start process '/Users/runner/work/1/s/artifacts/tests/host/osx.x64.Release/ha/4ishikta.mrd/HelloWorld/sub/HelloWorld' with working directory '/Users/runner/work/1/s/artifacts/bin/HostActivation.Tests/Release/net9.0'. Exec format error

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@am11 am11 am11 left review comments

@agocke agocke Awaiting requested review from agocke

@elinor-fung elinor-fung Awaiting requested review from elinor-fung

At least 1 approving review is required to merge this pull request.

Assignees

@jtschuster jtschuster

Labels
area-HostModel Microsoft.NET.HostModel issues
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@jtschuster @am11