-
Notifications
You must be signed in to change notification settings - Fork 4.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add managed MachO signing #108992
base: main
Are you sure you want to change the base?
Add managed MachO signing #108992
Conversation
Tagging subscribers to this area: @vitek-karas, @agocke |
src/installer/managed/Microsoft.NET.HostModel/MachO/CodeSignature.cs
Outdated
Show resolved
Hide resolved
src/installer/managed/Microsoft.NET.HostModel/MachO/CodeSignature.cs
Outdated
Show resolved
Hide resolved
src/installer/managed/Microsoft.NET.HostModel/Microsoft.NET.HostModel.csproj
Outdated
Show resolved
Hide resolved
using System.Runtime.InteropServices; | ||
|
||
namespace Microsoft.NET.HostModel.MachO; | ||
|
||
[StructLayout(LayoutKind.Sequential)] |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nit: maybe remove all StructLayout
? It's default layout, there is no Pack attribute specified or no P/Invoke?
using System.Runtime.InteropServices; | |
namespace Microsoft.NET.HostModel.MachO; | |
[StructLayout(LayoutKind.Sequential)] | |
namespace Microsoft.NET.HostModel.MachO; | |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Removing the StructLayout
causes 'unused field' warnings. I think the StructLayout makes more sense rather than suppressions and makes it clear that these are representations of unmanaged data, but am fine to change it if there's a better solution.
…nto MachSigning
- Rename (header, offset) tuples - Prefix underscore on private fields - Modify load commands in-place in memory mapped file, and write the signature to the output stream since memory mapped file can't grow.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We can add these binary fixtures to https://github.com/dotnet/runtime-assets/tree/main/src, e.g. Microsoft.NET.HostModel.TestData
which can then be consumed as nuget package. Checking in binaries often get flagged later.
|
Moving #107378 to a new PR since it now has little shared history.
This signer is byte-for-byte identical to the output of
codesign
except for padding at the end of the file and the corresponding size fields in the headers.The MachObjectFile and CodeSignature store all the relevant headers and signature information to add/remove a signature from a Mach Object. Most other files are details regarding header format and reading files with different endianness.
The new signer uses a MemoryMappedViewAccessor instead of a Stream. Since memory mapped files can't be resized,
MachObjectFile.CreateAdHocSignature()
will write out the headers and load commands to the memory mapped file, but not the signature blob. The signature blob will instead be written to the destination file stream after the rest of the file is copied from the memory mapped file.