search

jacksight / xina520_official_jailbreak

This is the official download website for xina520's jailbreak
442 stars 24 forks source link

Some libraries get a Library Validation error when running app installed via deb #23

Closed JohnCoates closed 1 year ago

JohnCoates commented 1 year ago

I'm trying to update my app to be compatible with this jailbreak, but I'm encountering this error:

Library Validation failed: Rejecting '/private/preboot/353A8CB447141F52F0C4706743462D3F393739F47E432B4487F672874BCB8A9A2061EBABB43FB12976EFA9EFA03906D5/procursus/Applications/Flex.app/Frameworks/TwitterCore.framework/TwitterCore' (Team ID: HACKERXINA, platform: no) for process 'Flex(11733)' (Team ID: HACKERXINA, platform: yes), reason: mapping process is a platform binary, but mapped file is not

Checking the entitlements shows platform-application:

iPhone151:~ root# ldid -e /private/preboot/353A8CB447141F52F0C4706743462D3F393739F47E432B4487F672874BCB8A9A2061EBABB43FB12976EFA9EFA03906D5/procursus/Applications/Flex.app/Frameworks/TwitterCore.framework/TwitterCore
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
    <key>platform-application</key>
    <true/>
    <key>Outgoing Network Connections</key>
    <true/>
    <key>com.apple.CommCenter.fine-grained</key>
    <array>
        <string>spi</string>
        <string>phone</string>
        <string>identity</string>
        <string>data-usage</string>
        <string>data-allowed</string>
        <string>data-allowed-write</string>
    </array>
    <key>com.apple.backboardd.launchapplications</key>
    <true/>
    <key>com.apple.multitasking.termination</key>
    <true/>
    <key>com.apple.private.security.container-manager</key>
    <true/>
    <key>com.apple.private.coreservices.canmaplsdatabase</key>
    <true/>
    <key>com.apple.lsapplicationworkspace.rebuildappdatabases</key>
    <true/>
    <key>com.apple.private.MobileContainerManager.allowed</key>
    <true/>
    <key>com.apple.private.MobileInstallationHelperService.InstallDaemonOpsEnabled</key>
    <true/>
    <key>com.apple.private.MobileInstallationHelperService.allowed</key>
    <true/>
    <key>com.apple.private.uninstall.deletion</key>
    <true/>
    <key>com.apple.private.memorystatus</key>
    <true/>
    <key>com.apple.security.get-task-allow</key>
    <true/>
    <key>get-task-allow</key>
    <true/>
    <key>task_for_pid-allow</key>
    <true/>
    <key>run-unsigned-code</key>
    <true/>
    <key>proc_info-allow</key>
    <true/>
    <key>com.apple.private.persona-mgmt</key>
    <true/>
    <key>com.apple.private.security.no-container</key>
    <true/>
    <key>com.apple.private.security.storage-exempt.heritable</key>
    <true/>
    <key>com.apple.private.security.storage.AppBundles</key>
    <true/>
    <key>com.apple.private.security.no-sandbox</key>
    <true/>
    <key>com.apple.springboard.CFUserNotification</key>
    <true/>
    <key>com.apple.springboard.launchapplications</key>
    <true/>
    <key>com.apple.system-task-ports.control</key>
    <true/>
    <key>com.apple.system-task-ports.token.control</key>
    <true/>
    <key>com.apple.security.exception.process-info</key>
    <true/>
    <key>com.apple.security.exception.files.absolute-path.read-write</key>
    <array>
        <string>/</string>
    </array>
    <key>com.apple.security.iokit-user-client-class</key>
    <array>
        <string>RootDomainUserClient</string>
        <string>AppleSMCClient</string>
        <string>AppleSEPUserClient</string>
        <string>AppleNVMeEANUC</string>
        <string>IOAVDeviceUserClient</string>
        <string>IODPDeviceUserClient</string>
        <string>AGXCommandQueue</string>
        <string>AGXDevice</string>
        <string>AGXDeviceUserClient</string>
        <string>AGXSharedUserClient</string>
        <string>IOAccelContext</string>
        <string>IOAccelContext2</string>
        <string>IOAccelDevice</string>
        <string>IOAccelDevice2</string>
        <string>IOAccelSharedUserClient</string>
        <string>IOAccelSharedUserClient2</string>
        <string>IOAccelSubmitter2</string>
        <string>IOSurfaceRootUserClient</string>
        <string>AGXGLContext</string>
        <string>AppleCredentialManagerUserClient</string>
        <string>AppleHPMUserClient</string>
        <string>AppleJPEGDriverUserClient</string>
        <string>AppleUSBHostDeviceUserClient</string>
        <string>AppleUSBHostInterfaceUserClient</string>
        <string>H11ANEInDirectPathClient</string>
        <string>IOAVControllerConcreteUserClient</string>
        <string>IOHIDEventServiceFastPathUserClient</string>
        <string>IOHIDLibUserClient</string>
        <string>IOMobileFramebufferUserClient</string>
        <string>IOReportUserClient</string>
        <string>IOSurfaceAcceleratorClient</string>
        <string>IOTimeSyncClockManagerUserClient</string>
        <string>IOTimeSyncDomainUserClient</string>
        <string>IOTimeSyncgPTPManagerUserClient</string>
        <string>IOUserServer</string>
        <string>AppleBasebandUserClient</string>
        <string>AppleBasebandPCIUserClient</string>
    </array>
    <key>com.apple.security.exception.mach-lookup.global-name</key>
    <array>
        <string>jailbreakd</string>
        <string>jailbreakd_safe</string>
        <string>jailbreakd_xpc</string>
    </array>
    <key>com.apple.private.domain-extension</key>
    <true/>
    <key>com.apple.private.xpc.domain-extension</key>
    <true/>
    <key>com.apple.private.xpc.domain-extension.proxy</key>
    <true/>
    <key>com.apple.private.xpc.launchd.app-state-manager</key>
    <true/>
    <key>com.apple.private.xpc.launchd.enable-disable-system-services</key>
    <true/>
    <key>com.apple.private.xpc.launchd.event-monitor</key>
    <true/>
    <key>com.apple.private.xpc.launchd.loginitem-bootstrapper</key>
    <true/>
    <key>com.apple.private.xpc.launchd.loginitem-outside-bundle</key>
    <true/>
    <key>com.apple.private.xpc.launchd.obliterator</key>
    <true/>
    <key>com.apple.private.xpc.launchd.per-user-create.mbsetupuser</key>
    <true/>
    <key>com.apple.private.xpc.launchd.per-user-lookup</key>
    <true/>
    <key>com.apple.private.xpc.launchd.reboot</key>
    <true/>
    <key>com.apple.private.xpc.launchd.service-hold</key>
    <true/>
    <key>com.apple.private.xpc.launchd.userspace-reboot</key>
    <true/>
    <key>com.apple.private.xpc.launchd.userspace-reboot-now</key>
    <true/>
    <key>com.apple.private.xpc.persona-creator</key>
    <true/>
    <key>com.apple.private.xpc.persona-manager</key>
    <true/>
</dict>
</plist>
elihwyma commented 1 year ago

What entitlement file are you using when building the app?

JohnCoates commented 1 year ago

@elihwyma These are my entitlements:

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
    <key>application-identifier</key>
    <string>[REDACTED]</string>
    <key>com.apple.developer.associated-domains</key>
    <array>
        <string>applinks:getflex.co</string>
    </array>
    <key>get-task-allow</key>
    <true/>
    <key>task_for_pid-allow</key>
    <true/>
    <key>com.apple.coremedia.allow-protected-content-playback</key>
    <true/>
    <key>com.apple.managedconfiguration.profiled-access</key>
    <true/>
    <key>com.apple.springboard.opensensitiveurl</key>
    <true/>
    <key>dynamic-codesigning</key>
    <true/>
    <key>com.apple.springboard.launchapplications</key>
    <true/>
    <key>com.apple.frontboard.debugapplications</key>
    <true/>
    <key>keychain-access-groups</key>
    <array>
        <string>com.apple.cfnetwork</string>
        <string>com.apple.identities</string>
        <string>com.apple.mobilesafari</string>
    </array>
    <key>platform-application</key>
    <true/>
    <key>com.apple.private.skip-library-validation</key>
    <true/>
    <key>com.apple.CommCenter.fine-grained</key>
    <array>
        <string>spi</string>
    </array>
    <key>com.apple.multitasking.termination</key>
    <true/>
    <key>com.apple.private.security.no-sandbox</key>
    <true/>
    <key>com.apple.diagnosticd.diagnostic</key>
    <true/>
    <key>com.apple.private.memorystatus</key>
    <true/>
    <key>com.apple.private.cs.debugger</key>
    <true/>
</dict>
</plist>
elihwyma commented 1 year ago

Problem here is Xina is very picky with its entitlements. Here's a complete list of the changes I had to make for Sileo https://github.com/Sileo/Sileo/commit/889c6038d5a951d3cfe8c684f880a67759ac2f8b#diff-f8facf94981900a8f33d447f568a23665cc7d9099511fdc90803ecf4f0ca5d63

JohnCoates commented 1 year ago

Problem here is Xina is very picky with its entitlements. Here's a complete list of the changes I had to make for Sileo Sileo/Sileo@889c603#diff-f8facf94981900a8f33d447f568a23665cc7d9099511fdc90803ecf4f0ca5d63

thanks for the reference