search

xsscx / srd

Welcome to Hoyt's SRD Repo for the Apple Security Research Device. Contribute Code or Open an Issue or Discussion.
Other
63 stars 12 forks source link

SUMMARY: Workaround: Makefile for SRD ./example-cryptex/ won't Build toybox unstripped #36

Closed xsscx closed 2 years ago

xsscx commented 2 years ago

~Recent Changes to Toybox~ The Apple-provided Makefile as of 1 JUN 2022 won't Build toybox unstripped build for iOS.

Note: toybox unstripped builds fine on X86_64 and arm64e (macOS), but unstripped fails to build for iOS.

Additional research in progress... this issue happened in the last 48-96 hours, so a roll-back to Last Known Good Revision for Toybox may be necessary to continue building the SRD Universal Cryptex which contains toybox unstripped by default.

This issue is specific to iOS | SRD.

xsscx commented 2 years ago

Last SRD Universal DMG built with toybox unstripped on 28 MAY 2022. May roll back to that binary and remove toybox from Build Pipeline.

xsscx commented 2 years ago

Errors on Install

cryptexctl: mach-o is not signed: /private/var/folders/pj/39ntzx3s2zg1gpwh_t6kg9gw0000gn/T/com.apple.security.cryptexctl.g8zUQQ/mnt.qujBJM/usr/bin/toybox

Workaround

#!/bin/sh
rm -rf srd-universal-cryptex.dmg
echo "June 1 2022 Daily Fixup for Building SRD UNIVERSAL DMG and Install Cryptex to SRD......."
codesign --force -s -  com.example.cryptex.dstroot/usr/bin/toybox
codesign --force -s - --entitlements src/toybox/entitlements.plist com.example.cryptex.dstroot/usr/bin/toybox 
hdiutil create -fs hfs+ -srcfolder com.example.cryptex.dstroot srd-universal-cryptex.dmg
cryptexctl ${CRYPTEXCTL_FLAGS}  create --research --replace ${CRYPTEXCTL_CREATE_FLAGS} --identifier=com.example.cryptex --version=1.3.3.7 --variant=research srd-universal-cryptex.dmg
cryptexctl ${CRYPTEXCTL_PERSONALIZE_FLAGS} personalize --replace  --variant=research com.example.cryptex.cxbd
cryptexctl uninstall com.example.cryptex
cryptexctl install --variant=research --persist com.example.cryptex.cxbd.signed
cryptexctl list
xsscx commented 2 years ago

Just got a good build for toybox unstripped on X86_64

nm -a toybox-src/generated/unstripped/toybox | wc -l 896

date Wed Jun 1 11:39:45 EDT 2022

The Apple-provided Makefile apparently has a Rule Error preventing a proper Build. Changing Logging to Verbose and Reviewing.

xsscx commented 2 years ago

The issue is the Apple Makefile has errors that prevent toybox unstripped from being built... This is the ugly hack Workaround to make the SRD Exmaple DMG get Built and Published.

cd ./example-cryptex/ make all cd src/toybox make clean make cd ../../ make install

xsscx commented 2 years ago

See also https://github.com/xsscx/srd/issues/37 with reference to potential difference in the arm64e & X86_64 Build Pipeline

xsscx commented 2 years ago

FIX: https://github.com/apple/security-research-device/pull/67