SUMMARY: CoreTrust | AMFI Research | 15.4_19E5209h_Restore.ipsw | Load Trust Cache | unsuitable CT policy | iPhone 11 | iPhone 12 | AppleMobileFileIntegrity_research

[xsscx]

SUMMARY

Subject to Minor Revision. This issue appears infrequently when Unit Testing Pull Request https://github.com/apple/security-research-device/pull/42. It has been found that when using 15.4_19E5209h_Restore.ipsw for personalizing a cryptex, iPhone 11 or iPhone 12, with address sanitizer dylibs including libgmalloc.dylib, and possibly debugserver, when using Apple Feedback Makefile https://github.com/xsscx/srd/blob/main/SecurityResearchTools_21C39/example-cryptex/src/hello/Makefile that __AppleMobileFileIntegrity_research__ will occasionally Write to the Console Log:

unsuitable CT policy 0 for this platform/device, rejecting signature.

UX

Launchd fails to load the cryptex

Reproduction with example-cryptex

Source Makefile https://github.com/xsscx/srd/blob/main/SecurityResearchTools_21C39/example-cryptex/src/hello/Makefile

make install

Comment

The ASAN & UBSAN Installation successfully completes approximately 80% of attempted installations from macOS 12.2 or macOS 12.3 Beta. The HTTP Responses contain only a few bits of delta, likely causing the Error:

kernel: (AppleMobileFileIntegrity_research) static IOReturn AppleMobileFileIntegrityUserClient::isCdhashInTrustCache(OSObject *, void *, IOExternalMethodArguments *): Process 29 is checking if a cdhash is in the trust cache
kernel: (AppleMobileFileIntegrity_research) static IOReturn AppleMobileFileIntegrityUserClient::isCdhashInTrustCache(OSObject *, void *, IOExternalMethodArguments *): Returning IOReturn 0x0 to process 29
cryptexd: [com.apple.libcryptex:codex] <private>: openat: [2: No such file or directory]
kernel: (AppleMobileFileIntegrity_research) Invalid denylist

It is thought that __AppleMobileFileIntegrity_research__ possibly contains the functionality.

Version Info

iOS IPSW

15.4_19E5209h_Restore.ipsw

Darwin Image4 Validator Version 4.2.0: Sun Jan 16 21:08:12 PST 2022; root:AppleImage4-158.100.11~1565/AppleImage4/RELEASE_ARM64E

Host X86_64

Mon Feb  7 16:27:40 EST 2022
kern.version: Darwin Kernel Version 21.3.0: Wed Jan  5 21:37:58 PST 2022; root:xnu-8019.80.24~20/RELEASE_X86_64
kern.osversion: 21D49
kern.iossupportversion: 15.3
kern.osproductversion: 12.2
kern.osproductversioncompat: 10.16
udid                           name       build      BORD       CHIP       ECID
00008101-001418DA3CC0013A      SRD0009      19E5209h   0xc        0x8101     0x1418da3cc0013a
00008030-001538D03C40012E      SRD0037      19E5209h   0x4        0x8030     0x1538d03c40012e
Apple clang version 13.1.6 (clang-1316.0.19.2)
Target: x86_64-apple-darwin21.3.0
InstalledDir: /Applications/Xcode-beta.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin
/Applications/Xcode-beta.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk
Darwin Cryptex Management Interface Version 2.0.0: Sun Dec 19 22:28:12 PST 2021; root:libcryptex_executables-169.80.2~9/cryptexctl/WEN_ETA_X86_64
machdep.cpu.brand: 0
machdep.cpu.brand_string: Intel(R) Core(TM) i7-8700B CPU @ 3.20GHz
System Integrity Protection status: disabled.

HOST T8101

Mon Feb  7 16:33:40 EST 2022
kern.version: Darwin Kernel Version 21.4.0: Tue Jan 18 13:02:08 PST 2022; root:xnu-8020.100.406.0.1~18/RELEASE_ARM64_T8101
kern.osversion: 21E5196i
kern.iossupportversion: 15.4
kern.osproductversioncompat: 10.16
kern.osproductversion: 12.3
kern.osproductversioncompat: 10.16
/Applications/Xcode-beta.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk
udid                           name       build      BORD       CHIP       ECID
00008101-001418DA3CC0013A      SRD0009      19E5209h   0xc        0x8101     0x1418da3cc0013a
00008030-001538D03C40012E      SRD0037      19E5209h   0x4        0x8030     0x1538d03c40012e
Apple clang version 13.1.6 (clang-1316.0.19.2)
Target: arm64-apple-darwin21.4.0
InstalledDir: /Applications/Xcode-beta.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin
Darwin Cryptex Management Interface Version 2.0.0: Tue Jan 25 23:53:01 PST 2022; root:libcryptex_executables-170.100.20~29/cryptexctl/WEN_ETA_ARM64E
machdep.cpu.brand_string: Apple M1
System Integrity Protection status: disabled.

Problem Statement for unsuitable CT policy 0 for this platform/device, rejecting signature

When loading a Trust Cache that contains *SAN Dylibs, and occasionally debugserver, __AppleMobileFileIntegrity_research__ throws to Console Log:

unsuitable CT policy 0 for this platform/device, rejecting signature

Console Log for unsuitable CT policy 0 for this platform/device, rejecting signature

2022-02-04 13:45:18.882885-0500 0x127e     Default     0x0                  202    0    cryptexd: (libcryptex_core.dylib) [com.apple.libcryptex:scrivener] [anonymous]: tss request = <private>
2022-02-04 13:45:18.923219-0500 0x127e     Default     0x0                  0      0    kernel: (AppleMobileFileIntegrity_research) static IOReturn AppleMobileFileIntegrityUserClient::loadTrustCache(OSObject *, void *, IOExternalMethodArguments *): PID 202 is requesting a trust cache load
2022-02-04 13:45:18.924095-0500 0x127e     Default     0x0                  0      0    kernel: (AppleMobileFileIntegrity_research) AMFI: Successfully loaded a new image4 v1 trust cache with 40 entries.
2022-02-04 13:45:18.925129-0500 0x127e     Error       0x0                  202    0    cryptexd: [com.apple.libcryptex:quire] missing label
2022-02-04 13:45:18.925136-0500 0x127e     Error       0x0                  202    0    cryptexd: [com.apple.libcryptex:quire] failed to frob plist: <xpc object>: [22: Invalid argument]
2022-02-04 13:45:18.925138-0500 0x127e     Error       0x0                  202    0    cryptexd: [com.apple.libcryptex:quire] <private>: failed to bootstrap service: <private>: [22: Invalid argument]
2022-02-04 13:45:25.207182-0500 0x131a     Default     0x0                  0      0    kernel: (AppleMobileFileIntegrity_research) Invalid denylist
2022-02-04 14:34:02.486497-0500 0x65       Default     0x0                  0      0    kernel: (AppleImage4) Darwin Image4 Validator Version 4.2.0: Sun Jan 16 21:08:12 PST 2022; root:AppleImage4-158.100.11~1565/AppleImage4/RELEASE_ARM64E
2022-02-04 14:34:02.487129-0500 0x65       Default     0x0                  0      0    kernel: (AppleImage4) AppleImage4:
2022-02-04 14:34:02.487178-0500 0x65       Default     0x0                  0      0    kernel: (AppleImage4) failed to read nvram property: oblit-inprogress: 2
2022-02-04 14:34:02.487345-0500 0x65       Default     0x0                  0      0    kernel: (AppleImage4)
2022-02-04 14:34:02.488401-0500 0x65       Default     0x0                  0      0    kernel: (AppleMobileFileIntegrity_research) AMFI is running in RESEARCH mode!
2022-02-04 14:34:02.488609-0500 0x65       Default     0x0                  0      0    kernel: (AppleMobileFileIntegrity_research) AMFI: UDID enforcement enabled
2022-02-04 14:34:09.384409-0500 0x62d      Default     0x0                  0      0    kernel: (AppleMobileFileIntegrity_research) static IOReturn AppleMobileFileIntegrityUserClient::isCdhashInTrustCache(OSObject *, void *, IOExternalMethodArguments *): Process 29 is checking if a cdhash is in the trust cache
2022-02-04 14:34:09.385801-0500 0x62d      Default     0x0                  0      0    kernel: (AppleMobileFileIntegrity_research) static IOReturn AppleMobileFileIntegrityUserClient::isCdhashInTrustCache(OSObject *, void *, IOExternalMethodArguments *): Returning IOReturn 0x0 to process 29
2022-02-04 14:34:05.550904-0500 0xace      Error       0x0                  202    0    cryptexd: [com.apple.libcryptex:codex] <private>: openat: [2: No such file or directory]
2022-02-04 14:36:26.754496-0500 0x13b5     Default     0x0                  0      0    kernel: (AppleMobileFileIntegrity_research) Invalid denylist
2022-02-04 14:39:24.550382-0500 0x1688     Default     0x0                  202    0    cryptexd: [com.apple.libcryptex:authinstall] <private>
...
2022-02-04 14:39:24.551076-0500 0x1688     Default     0x0                  202    0    cryptexd: [com.apple.libcryptex:authinstall] <private>
2022-02-04 14:39:24.551094-0500 0x1688     Default     0x0                  202    0    cryptexd: (libcryptex_core.dylib) [com.apple.libcryptex:scrivener] [anonymous]: tss request = <private>
2022-02-04 14:39:24.616109-0500 0x1688     Default     0x0                  0      0    kernel: (AppleMobileFileIntegrity_research) static IOReturn AppleMobileFileIntegrityUserClient::loadTrustCache(OSObject *, void *, IOExternalMethodArguments *): PID 202 is requesting a trust cache load
2022-02-04 14:39:24.617122-0500 0x1688     Default     0x0                  0      0    kernel: (AppleMobileFileIntegrity_research) AMFI: Successfully loaded a new image4 v1 trust cache with 52 entries.
2022-02-04 14:39:24.622526-0500 0x1688     Error       0x0                  202    0    cryptexd: [com.apple.libcryptex:quire] missing label
2022-02-04 14:39:24.622534-0500 0x1688     Error       0x0                  202    0    cryptexd: [com.apple.libcryptex:quire] failed to frob plist: <xpc object>: [22: Invalid argument]
2022-02-04 14:39:24.622538-0500 0x1688     Error       0x0                  202    0    cryptexd: [com.apple.libcryptex:quire] <private>: failed to bootstrap service: <private>: [22: Invalid argument]
2022-02-04 14:39:24.817914-0500 0x169b     Default     0x0                  0      0    kernel: (AppleMobileFileIntegrity_research) AMFI: '/private/var/run/com.apple.security.cryptexd/mnt/com.example.cryptex.Of92Dh/usr/bin/cryptex-run' is adhoc signed.
2022-02-04 14:39:24.817932-0500 0x169b     Default     0x0                  0      0    kernel: (AppleMobileFileIntegrity_research) AMFI: '/private/var/run/com.apple.security.cryptexd/mnt/com.example.cryptex.Of92Dh/usr/bin/cryptex-run': unsuitable CT policy 0 for this platform/device, rejecting signature.
2022-02-04 14:39:24.817936-0500 0x169b     Default     0x0                  0      0    kernel: (AppleMobileFileIntegrity_research) AMFI: code signature validation failed.
2022-02-04 14:39:34.833073-0500 0x171f     Default     0x0                  0      0    kernel: (AppleMobileFileIntegrity_research) AMFI: '/private/var/run/com.apple.security.cryptexd/mnt/com.example.cryptex.Of92Dh/usr/bin/cryptex-run' is adhoc signed.
2022-02-04 14:39:34.833105-0500 0x171f     Default     0x0                  0      0    kernel: (AppleMobileFileIntegrity_research) AMFI: '/private/var/run/com.apple.security.cryptexd/mnt/com.example.cryptex.Of92Dh/usr/bin/cryptex-run': unsuitable CT policy 0 for this platform/device, rejecting signature.
2022-02-04 14:39:34.833112-0500 0x171f     Default     0x0                  0      0    kernel: (AppleMobileFileIntegrity_research) AMFI: code signature validation failed.
2022-02-04 14:39:44.844462-0500 0x1761     Default     0x0                  0      0    kernel: (AppleMobileFileIntegrity_research) AMFI: '/private/var/run/com.apple.security.cryptexd/mnt/com.example.cryptex.Of92Dh/usr/bin/cryptex-run' is adhoc signed.
2022-02-04 14:39:44.844489-0500 0x1761     Default     0x0                  0      0    kernel: (AppleMobileFileIntegrity_research) AMFI: '/private/var/run/com.apple.security.cryptexd/mnt/com.example.cryptex.Of92Dh/usr/bin/cryptex-run': unsuitable CT policy 0 for this platform/device, rejecting signature.
2022-02-04 14:39:44.844495-0500 0x1761     Default     0x0                  0      0    kernel: (AppleMobileFileIntegrity_research) AMFI: code signature validation failed.
2022-02-04 14:39:54.860344-0500 0x17ad     Default     0x0                  0      0    kernel: (AppleMobileFileIntegrity_research) AMFI: '/private/var/run/com.apple.security.cryptexd/mnt/com.example.cryptex.Of92Dh/usr/bin/cryptex-run' is adhoc signed.
2022-02-04 14:39:54.860375-0500 0x17ad     Default     0x0                  0      0    kernel: (AppleMobileFileIntegrity_research) AMFI: '/private/var/run/com.apple.security.cryptexd/mnt/com.example.cryptex.Of92Dh/usr/bin/cryptex-run': unsuitable CT policy 0 for this platform/device, rejecting signature.
2022-02-04 14:39:54.860382-0500 0x17ad     Default     0x0                  0      0    kernel: (AppleMobileFileIntegrity_research) AMFI: code signature validation failed.
2022-02-04 14:40:04.874073-0500 0x18a6     Default     0x0                  0      0    kernel: (AppleMobileFileIntegrity_research) AMFI: '/private/var/run/com.apple.security.cryptexd/mnt/com.example.cryptex.Of92Dh/usr/bin/cryptex-run' is adhoc signed.
2022-02-04 14:40:04.874095-0500 0x18a6     Default     0x0                  0      0    kernel: (AppleMobileFileIntegrity_research) AMFI: '/private/var/run/com.apple.security.cryptexd/mnt/com.example.cryptex.Of92Dh/usr/bin/cryptex-run': unsuitable CT policy 0 for this platform/device, rejecting signature.
2022-02-04 14:40:04.874098-0500 0x18a6     Default     0x0                  0      0    kernel: (AppleMobileFileIntegrity_research) AMFI: code signature validation failed.
2022-02-04 14:40:09.382576-0500 0x17c9     Default     0x0                  202    0    cryptexd: (libcryptex_core.dylib) [com.apple.libcryptex:authinstall] <private>
2022

cryptexctl -v9 -d9 -ldt install --variant=research --persist --print-info ./com.example.cryptex.cxbd.signed

2022-02-07 14:38:26.144023-0500 cryptexctl.research[70656:2902489] [install]   ptr_munge =>
cryptexctl.research:   main_stack =>
2022-02-07 14:38:26.144227-0500 cryptexctl.research[70656:2902489] [install]   main_stack =>
cryptexctl.research:   executable_file => 0x1c01000005,0x774973
2022-02-07 14:38:26.144239-0500 cryptexctl.research[70656:2902489] [install]   executable_file => 0x1c01000005,0x774973
cryptexctl.research:   dyld_file => 0x1c01000005,0xfffffff000e3cb5
2022-02-07 14:38:26.144268-0500 cryptexctl.research[70656:2902489] [install]   dyld_file => 0x1c01000005,0xfffffff000e3cb5
cryptexctl.research:   executable_cdhash => 50da1fdfbd3511624b146f0dbf201e7e305a74ae
2022-02-07 14:38:26.144276-0500 cryptexctl.research[70656:2902489] [install]   executable_cdhash => 50da1fdfbd3511624b146f0dbf201e7e305a74ae
cryptexctl.research:   executable_boothash => a203fd8a1362a0de49d1dc334725b5df1a19a5cf
2022-02-07 14:38:26.144286-0500 cryptexctl.research[70656:2902489] [install]   executable_boothash => a203fd8a1362a0de49d1dc334725b5df1a19a5cf
cryptexctl.research:   th_port =>
2022-02-07 14:38:26.144315-0500 cryptexctl.research[70656:2902489] [install]   th_port =>
will persist cryptex
2022-02-07 14:38:26.144329-0500 cryptexctl.research[70656:2902489] [install] will persist cryptex
2022-02-07 14:38:26.150802-0500 cryptexctl.research[70656:2902489] [library] USBMuxConnectByPort:584 Connecting to port 32498 (f2, 7e)
2022-02-07 14:38:26.154525-0500 cryptexctl.research[70656:2902489] [library] USBMuxConnectByPort:584 Connecting to port 32498 (f2, 7e)
2022-02-07 14:38:26.201995-0500 cryptexctl.research[70656:2902489] [device] SRD0009: connected to device: AMDevice 0x600001420000 {UDID = 00008101-001418DA3CC0013A, device ID = 28, location ID = 0x14100000, product ID = 0x12a8}
2022-02-07 14:38:26.202050-0500 cryptexctl.research[70656:2902489] [utility] read 1106 bytes
2022-02-07 14:38:26.202113-0500 cryptexctl.research[70656:2902489] [utility] read 311 bytes
2022-02-07 14:38:26.202133-0500 cryptexctl.research[70656:2902489] [utility] read 3012 bytes
2022-02-07 14:38:26.202325-0500 cryptexctl.research[70656:2902489] AMDeviceMountImage (thread 0x110638600): Preparing to mount image at /Users/xss/example-cryptex/com.example.cryptex.cxbd.signed/Restore/Cryptex/research/cpxd.
2022-02-07 14:38:26.202409-0500 cryptexctl.research[70656:2902489] [library] USBMuxConnectByPort:584 Connecting to port 32498 (f2, 7e)
2022-02-07 14:38:26.205714-0500 cryptexctl.research[70656:2902489] [library] USBMuxConnectByPort:584 Connecting to port 32498 (f2, 7e)
2022-02-07 14:38:26.207125-0500 cryptexctl.research[70656:2902489] [library] USBMuxConnectByPort:584 Connecting to port 32498 (f2, 7e)
2022-02-07 14:38:26.240729-0500 cryptexctl.research[70656:2902489] [library] USBMuxConnectByPort:584 Connecting to port 23489 (c1, 5b)
2022-02-07 14:38:26.241902-0500 cryptexctl.research[70656:2902489] _UsbMuxSecureStartService (thread 0x110638600): SSL requested for service com.apple.mobile.mobile_image_mounter with device 00008101-001418DA3CC0013A
2022-02-07 14:38:26.243712-0500 cryptexctl.research[70656:2902489] [library] USBMuxConnectByPort:584 Connecting to port 32498 (f2, 7e)
2022-02-07 14:38:26.247433-0500 cryptexctl.research[70656:2902489] [library] USBMuxConnectByPort:584 Connecting to port 32498 (f2, 7e)
2022-02-07 14:38:26.277265-0500 cryptexctl.research[70656:2902489] _UsbMuxSecureStartService (thread 0x110638600): returned 0 starting service com.apple.mobile.mobile_image_mounter on device 00008101-001418DA3CC0013A at port 49499, out fd = -1.
2022-02-07 14:38:26.279212-0500 cryptexctl.research[70656:2902489] AMDeviceStopSession (thread 0x110638600): returned 0x0 for device 28
2022-02-07 14:38:26.279442-0500 cryptexctl.research[70656:2902489] fire_callback (thread 0x110638600): Invalid input.
2022-02-07 14:38:26.279605-0500 cryptexctl.research[70656:2902489] [library] USBMuxConnectByPort:584 Connecting to port 32498 (f2, 7e)
2022-02-07 14:38:26.282702-0500 cryptexctl.research[70656:2902489] [library] USBMuxConnectByPort:584 Connecting to port 32498 (f2, 7e)
2022-02-07 14:38:26.294559-0500 cryptexctl.research[70656:2902489] [library] USBMuxConnectByPort:584 Connecting to port 32498 (f2, 7e)
2022-02-07 14:38:26.296897-0500 cryptexctl.research[70656:2902489] [library] USBMuxConnectByPort:584 Connecting to port 32498 (f2, 7e)
2022-02-07 14:38:26.299170-0500 cryptexctl.research[70656:2902489] fire_callback (thread 0x110638600): Invalid input.
2022-02-07 14:38:26.300768-0500 cryptexctl.research[70656:2902489] stream_image (thread 0x110638600): ACK'd (ReceiveBytesAck), proceeding with transfer...
2022-02-07 14:38:26.942376-0500 cryptexctl.research[70656:2902489] stream_image (thread 0x110638600): transfer complete (Complete).
2022-02-07 14:38:26.942440-0500 cryptexctl.research[70656:2902489] fire_callback (thread 0x110638600): Invalid input.
2022-02-07 14:38:27.087997-0500 cryptexctl.research[70656:2902489] AMDeviceMountImage (thread 0x110638600): The image (/Users/xss/example-cryptex/com.example.cryptex.cxbd.signed/Restore/Cryptex/research/cpxd) has been mounted.

Quick Repro Instructions

make install
[ CHECK Console Log for unsuitable CT policy ]
...
rm -rf com.example.cryptex.cxbd com.example.cryptex.cxbd.signed
cryptexctl ${CRYPTEXCTL_FLAGS} create --research --replace ${CRYPTEXCTL_CREATE_FLAGS} --identifier=com.example.cryptex --version=1.3.3.7 --variant=research com.example.cryptex.dmg
cryptexctl ${CRYPTEXCTL_PERSONALIZE_FLAGS} personalize --replace  --variant=research com.example.cryptex.cxbd
cryptexctl uninstall com.example.cryptex
cryptexctl install --variant=research --persist com.example.cryptex.cxbd.signed
cryptexctl list
[ WATCH SRD Console Log for unsuitable CT policy ]
[ ELSE SRD *SAN Cryptex Install Success ]

View the logs from the archive

sudo -E cryptexctl log collect
cryptexctl log show -- --archive ./system_logs.logarchive

Console Log for Good Cryptex Installation for *SAN Dylibs

default 15:16:33.313380-0500    cryptexd    [anonymous]: tss request = <private>
default 15:16:33.354851-0500    kernel  hfs: mounted com.example.cryptex.dstroot on device disk2s1
error   15:16:33.357615-0500    cryptexd    missing label
error   15:16:33.357652-0500    cryptexd    failed to frob plist: <xpc object>: [22: Invalid argument]
error   15:16:33.357681-0500    cryptexd    <private>: failed to bootstrap service: <private>: [22: Invalid argument]
default 15:16:33.362209-0500    MobileStorageMounter    cryptex mount point = <private>
default 15:16:33.363030-0500    MobileStorageMounter    Posting notification: com.apple.mobile.cryptex_mounted
default 15:16:33.363780-0500    installd    0x16d097000 main_block_invoke_2: event: <OS_xpc_dictionary: <dictionary: 0x133f0c350> { count = 4, transaction: 0, voucher = 0x133f0ed90, contents =
    "UserInfo" => <dictionary: 0x133f0f650> { count = 2, transaction: 0, voucher = 0x0, contents =
        "DiskImageType" => <string: 0x133f0d110> { length = 7, contents = "Cryptex" }
        "DiskImageMountPath" => <string: 0x133f05440> { length = 75, contents = "/private/var/run/com.apple.security.cryptexd/mnt/com.example.cryptex.o2Ya1h" }
    }
    "Name" => <string: 0x133f0bc90> { length = 35, contents = "com.apple.mobile.disk_image_mounted" }
    "Object" => <string: 0x133f10930> { length = 20, contents = "MobileStorageMounter" }
    "XPCEventName" => <string: 0x133f048e0> { length = 35, contents = "com.apple.mobile.disk_image_mounted" }
}>
default 15:16:33.377556-0500    installd    0x16d097000 -[MIDeveloperDiskImageTracker imageMounted:]: received notification: file:///private/var/run/com.apple.security.cryptexd/mnt/com.example.cryptex.o2Ya1h/Applications/
default 15:16:33.377759-0500    installd    0x16d097000 -[MIDeveloperDiskImageTracker checkMountPoint:]_block_invoke: /private/var/run/com.apple.security.cryptexd/mnt/com.example.cryptex.o2Ya1h/Applications is not present now or before
error   15:16:33.437371-0500    kernel  1 duplicate report for Sandbox: MobileStorageMou(303) deny(1) file-read-metadata /private/var/run/com.apple.security.cryptexd/codex.system/live/com.example.cryptex/cpxd
error   15:16:33.437403-0500    kernel  Sandbox: mobile_storage_p(302) deny(1) file-read-metadata /private/var/run/com.apple.security.cryptexd/codex.system/live/com.example.cryptex/cpxd
error   15:16:33.549983-0500    simple-server   Hello! I'm simple-server from the example cryptex!
error   15:16:33.550098-0500    simple-server   I'm about to bind to 0.0.0.0:7777
error   15:16:33.550152-0500    simple-server   I'm about to listen on fd: 3
error   15:16:33.550302-0500    simple-server   Waiting for a client to connect...
error   15:16:33.569217-0500    simple-shell    I'm about to listen on fd: 3
error   15:16:33.571396-0500    dropbear    send failed: Invalid argument

Sysdiagnose

srd009-srd0037-github_issue_47-sysdiagnose_2022.02.07_15-37-14-0500_iPhone-OS_iPhone_19E5209h.zip uploaded to app.box.com on MON 7 FEB 2022 1543 EST

Request

Help is be appreciated isolating the Entitlements that are likely the cause(s) of the Console log message to increase to Successful Installation Rates for PR42 https://github.com/apple/security-research-device/pull/42.

Knowledgebase

• https://github.com/apple/security-research-device/issues/46
• https://github.com/apple/security-research-device/pull/42

  Workaround

• make clean
• make install

  Reported: https://github.com/apple/security-research-device/issues/47

[xsscx]

Prior Fix

• https://github.com/apple/security-research-device/pull/48

  Knowledgebase

• https://github.com/apple/security-research-device/issues/27
• https://github.com/apple/security-research-device/issues/43
• https://github.com/apple/security-research-device/issues/44
• https://github.com/apple/security-research-device/issues/46
• https://github.com/apple/security-research-device/issues/47