projects / apple / dyld.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
dyld-655.1.tar.gz
[apple/dyld.git] / dyld3 / shared-cache / update_dyld_shared_cache.cpp
1 /* -*- mode: C++; c-basic-offset: 4; indent-tabs-mode: nil -*-
2 *
3 * Copyright (c) 2014 Apple Inc. All rights reserved.
4 *
5 * @APPLE_LICENSE_HEADER_START@
6 *
7 * This file contains Original Code and/or Modifications of Original Code
8 * as defined in and that are subject to the Apple Public Source License
9 * Version 2.0 (the 'License'). You may not use this file except in
10 * compliance with the License. Please obtain a copy of the License at
11 * http://www.opensource.apple.com/apsl/ and read it before using this
12 * file.
13 *
14 * The Original Code and all software distributed under the License are
15 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
16 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
17 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
18 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
19 * Please see the License for the specific language governing rights and
20 * limitations under the License.
21 *
22 * @APPLE_LICENSE_HEADER_END@
23 */
24
25 #include <sys/types.h>
26 #include <sys/stat.h>
27 #include <sys/mman.h>
28 #include <mach/mach.h>
29 #include <mach/mach_time.h>
30 #include <mach-o/dyld.h>
31 #include <limits.h>
32 #include <stdarg.h>
33 #include <stdio.h>
34 #include <stdlib.h>
35 #include <math.h>
36 #include <fcntl.h>
37 #include <dlfcn.h>
38 #include <signal.h>
39 #include <errno.h>
40 #include <assert.h>
41 #include <sys/uio.h>
42 #include <unistd.h>
43 #include <sys/param.h>
44 #include <sys/sysctl.h>
45 #include <sys/resource.h>
46 #include <dirent.h>
47 #include <rootless.h>
48 #include <dscsym.h>
49 #include <dispatch/dispatch.h>
50 #include <pthread/pthread.h>
51 #include <Bom/Bom.h>
52 #include <CoreFoundation/CoreFoundation.h>
53
54 #include <algorithm>
55 #include <vector>
56 #include <unordered_set>
57 #include <unordered_set>
58 #include <iostream>
59 #include <fstream>
60
61 #include "FileUtils.h"
62 #include "StringUtils.h"
63 #include "DyldSharedCache.h"
64 #include "MachOFile.h"
65 #include "MachOAnalyzer.h"
66 #include "ClosureFileSystemPhysical.h"
67
68 struct MappedMachOsByCategory
69 {
70 std::string archName;
71 std::vector<DyldSharedCache::MappedMachO> dylibsForCache;
72 std::vector<DyldSharedCache::MappedMachO> otherDylibsAndBundles;
73 std::vector<DyldSharedCache::MappedMachO> mainExecutables;
74 };
75
76 static const char* sAllowedPrefixes[] = {
77 "/bin/",
78 "/sbin/",
79 "/usr/",
80 "/System",
81 "/Applications/App Store.app/",
82 "/Applications/Automator.app/",
83 "/Applications/Calculator.app/",
84 "/Applications/Calendar.app/",
85 "/Applications/Chess.app/",
86 "/Applications/Contacts.app/",
87 // "/Applications/DVD Player.app/",
88 "/Applications/Dashboard.app/",
89 "/Applications/Dictionary.app/",
90 "/Applications/FaceTime.app/",
91 "/Applications/Font Book.app/",
92 "/Applications/Image Capture.app/",
93 "/Applications/Launchpad.app/",
94 "/Applications/Mail.app/",
95 "/Applications/Maps.app/",
96 "/Applications/Messages.app/",
97 "/Applications/Mission Control.app/",
98 "/Applications/Notes.app/",
99 "/Applications/Photo Booth.app/",
100 // "/Applications/Photos.app/",
101 "/Applications/Preview.app/",
102 "/Applications/QuickTime Player.app/",
103 "/Applications/Reminders.app/",
104 "/Applications/Safari.app/",
105 "/Applications/Siri.app/",
106 "/Applications/Stickies.app/",
107 "/Applications/System Preferences.app/",
108 "/Applications/TextEdit.app/",
109 "/Applications/Time Machine.app/",
110 "/Applications/iBooks.app/",
111 "/Applications/iTunes.app/",
112 "/Applications/Utilities/Activity Monitor.app",
113 "/Applications/Utilities/AirPort Utility.app",
114 "/Applications/Utilities/Audio MIDI Setup.app",
115 "/Applications/Utilities/Bluetooth File Exchange.app",
116 "/Applications/Utilities/Boot Camp Assistant.app",
117 "/Applications/Utilities/ColorSync Utility.app",
118 "/Applications/Utilities/Console.app",
119 "/Applications/Utilities/Digital Color Meter.app",
120 "/Applications/Utilities/Disk Utility.app",
121 "/Applications/Utilities/Grab.app",
122 "/Applications/Utilities/Grapher.app",
123 "/Applications/Utilities/Keychain Access.app",
124 "/Applications/Utilities/Migration Assistant.app",
125 "/Applications/Utilities/Script Editor.app",
126 "/Applications/Utilities/System Information.app",
127 "/Applications/Utilities/Terminal.app",
128 "/Applications/Utilities/VoiceOver Utility.app",
129 "/Library/CoreMediaIO/Plug-Ins/DAL/" // temp until plugins moved or closured working
130 };
131
132 static const char* sDontUsePrefixes[] = {
133 "/usr/share",
134 "/usr/local/",
135 "/System/Library/Assets",
136 "/System/Library/StagedFrameworks",
137 "/System/Library/Kernels/",
138 "/bin/zsh", // until <rdar://31026756> is fixed
139 "/System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/Metadata.framework/Versions/A/Support/mdworker", // these load third party plugins
140 "/usr/bin/mdimport", // these load third party plugins
141 "/System/Library/Developer/CoreSimulator/", // ignore Marzipan
142 };
143
144
145 static bool verbose = false;
146
147
148
149 static bool addIfMachO(const dyld3::closure::FileSystem& fileSystem, const std::string& runtimePath, const struct stat& statBuf, bool requireSIP,
150 dev_t rootFS, std::vector<MappedMachOsByCategory>& files)
151 {
152 // don't precompute closure info for any debug or profile dylibs
153 if ( endsWith(runtimePath, "_profile.dylib") || endsWith(runtimePath, "_debug.dylib") || endsWith(runtimePath, "_profile") || endsWith(runtimePath, "_debug") )
154 return false;
155 if ( startsWith(runtimePath, "/usr/lib/system/introspection/") )
156 return false;
157
158 // Only use files on the same volume as the boot volume
159 if (statBuf.st_dev != rootFS) {
160 if ( verbose )
161 fprintf(stderr, "update_dyld_shared_cache: warning: skipping overlay file '%s' which is not on the root volume\n", runtimePath.c_str());
162 return false;
163 }
164
165 auto warningHandler = ^(const char* msg) {
166 if ( verbose )
167 fprintf(stderr, "update_dyld_shared_cache: warning: cannot build dlopen closure for '%s' because %s\n", runtimePath.c_str(), msg);
168 };
169
170 bool result = false;
171 for (MappedMachOsByCategory& file : files) {
172 Diagnostics diag;
173 dyld3::closure::LoadedFileInfo loadedFileInfo = dyld3::MachOAnalyzer::load(diag, fileSystem, runtimePath.c_str(), file.archName.c_str(), dyld3::Platform::macOS);
174 const dyld3::MachOAnalyzer* ma = (const dyld3::MachOAnalyzer*)loadedFileInfo.fileContent;
175 if ( ma != nullptr ) {
176 bool sipProtected = false; // isProtectedBySIP(fd);
177 bool issetuid = false;
178 if ( ma->isDynamicExecutable() ) {
179 // When SIP enabled, only build closures for SIP protected programs
180 if ( !requireSIP || sipProtected ) {
181 //fprintf(stderr, "requireSIP=%d, sipProtected=%d, path=%s\n", requireSIP, sipProtected, fullPath.c_str());
182 issetuid = (statBuf.st_mode & (S_ISUID|S_ISGID));
183 file.mainExecutables.emplace_back(runtimePath, ma, loadedFileInfo.sliceLen, issetuid, sipProtected, loadedFileInfo.sliceOffset, statBuf.st_mtime, statBuf.st_ino);
184 }
185 }
186 else if ( ma->canBePlacedInDyldCache(runtimePath.c_str(), ^(const char* msg) {}) ) {
187 // when SIP is enabled, only dylib protected by SIP can go in cache
188 if ( !requireSIP || sipProtected )
189 file.dylibsForCache.emplace_back(runtimePath, ma, loadedFileInfo.sliceLen, issetuid, sipProtected, loadedFileInfo.sliceOffset, statBuf.st_mtime, statBuf.st_ino);
190 else if ( ma->canHavePrecomputedDlopenClosure(runtimePath.c_str(), warningHandler) )
191 file.otherDylibsAndBundles.emplace_back(runtimePath, ma, loadedFileInfo.sliceLen, issetuid, sipProtected, loadedFileInfo.sliceOffset, statBuf.st_mtime, statBuf.st_ino);
192 }
193 else {
194 if ( ma->isDylib() ) {
195 std::string installName = ma->installName();
196 if ( startsWith(installName, "@") && !contains(runtimePath, ".app/") && !contains(runtimePath, ".xpc/") ) {
197 if ( startsWith(runtimePath, "/usr/lib/") || startsWith(runtimePath, "/System/Library/") )
198 fprintf(stderr, "update_dyld_shared_cache: warning @rpath install name for system framework: %s\n", runtimePath.c_str());
199 }
200 }
201 else if ( ma->canHavePrecomputedDlopenClosure(runtimePath.c_str(), warningHandler) ) {
202 file.otherDylibsAndBundles.emplace_back(runtimePath, ma, loadedFileInfo.sliceLen, issetuid, sipProtected, loadedFileInfo.sliceOffset, statBuf.st_mtime, statBuf.st_ino);
203 }
204 }
205 result = true;
206 }
207 }
208
209 return result;
210 }
211
212 static void findAllFiles(const std::vector<std::string>& pathPrefixes, bool requireSIP, dev_t rootFS, std::vector<MappedMachOsByCategory>& files)
213 {
214 std::unordered_set<std::string> skipDirs;
215 for (const char* s : sDontUsePrefixes)
216 skipDirs.insert(s);
217
218 __block std::unordered_set<std::string> alreadyUsed;
219 bool multiplePrefixes = (pathPrefixes.size() > 1);
220 for (const std::string& prefix : pathPrefixes) {
221 // get all files from overlay for this search dir
222 dyld3::closure::FileSystemPhysical fileSystem(prefix.c_str());
223 for (const char* searchDir : sAllowedPrefixes ) {
224 iterateDirectoryTree(prefix, searchDir, ^(const std::string& dirPath) { return (skipDirs.count(dirPath) != 0); }, ^(const std::string& path, const struct stat& statBuf) {
225 // ignore files that don't have 'x' bit set (all runnable mach-o files do)
226 const bool hasXBit = ((statBuf.st_mode & S_IXOTH) == S_IXOTH);
227 if ( !hasXBit && !endsWith(path, ".dylib") )
228 return;
229
230 // ignore files too small
231 if ( statBuf.st_size < 0x3000 )
232 return;
233
234 // don't add paths already found using previous prefix
235 if ( multiplePrefixes && (alreadyUsed.count(path) != 0) )
236 return;
237
238 // if the file is mach-o, add to list
239 if ( addIfMachO(fileSystem, path, statBuf, requireSIP, rootFS, files) ) {
240 if ( multiplePrefixes )
241 alreadyUsed.insert(path);
242 }
243 });
244 }
245 }
246 }
247
248
249 static void findOSFilesViaBOMS(const std::vector<std::string>& pathPrefixes, bool requireSIP, dev_t rootFS, std::vector<MappedMachOsByCategory>& files)
250 {
251 __block std::unordered_set<std::string> runtimePathsFound;
252 for (const std::string& prefix : pathPrefixes) {
253 iterateDirectoryTree(prefix, "/System/Library/Receipts", ^(const std::string&) { return false; }, ^(const std::string& path, const struct stat& statBuf) {
254 if ( !contains(path, "com.apple.pkg.") )
255 return;
256 if ( !endsWith(path, ".bom") )
257 return;
258 std::string fullPath = prefix + path;
259 BOMBom bom = BOMBomOpenWithSys(fullPath.c_str(), false, NULL);
260 if ( bom == nullptr )
261 return;
262 BOMFSObject rootFso = BOMBomGetRootFSObject(bom);
263 if ( rootFso == nullptr ) {
264 BOMBomFree(bom);
265 return;
266 }
267 BOMBomEnumerator e = BOMBomEnumeratorNew(bom, rootFso);
268 if ( e == nullptr ) {
269 fprintf(stderr, "Can't get enumerator for BOM root FSObject\n");
270 return;
271 }
272 BOMFSObjectFree(rootFso);
273 //fprintf(stderr, "using BOM %s\n", path.c_str());
274 while (BOMFSObject fso = BOMBomEnumeratorNext(e)) {
275 if ( BOMFSObjectIsBinaryObject(fso) ) {
276 const char* runPath = BOMFSObjectPathName(fso);
277 if ( (runPath[0] == '.') && (runPath[1] == '/') )
278 ++runPath;
279 if ( runtimePathsFound.count(runPath) == 0 ) {
280 // only add files from sAllowedPrefixes and not in sDontUsePrefixes
281 bool inSearchDir = false;
282 for (const char* searchDir : sAllowedPrefixes ) {
283 if ( strncmp(searchDir, runPath, strlen(searchDir)) == 0 ) {
284 inSearchDir = true;
285 break;
286 }
287 }
288 if ( inSearchDir ) {
289 bool inSkipDir = false;
290 for (const char* skipDir : sDontUsePrefixes) {
291 if ( strncmp(skipDir, runPath, strlen(skipDir)) == 0 ) {
292 inSkipDir = true;
293 break;
294 }
295 }
296 if ( !inSkipDir ) {
297 for (const std::string& prefix2 : pathPrefixes) {
298 struct stat statBuf2;
299 std::string fullPath2 = prefix2 + runPath;
300 if ( stat(fullPath2.c_str(), &statBuf2) == 0 ) {
301 dyld3::closure::FileSystemPhysical fileSystem(prefix2.c_str());
302 if ( addIfMachO(fileSystem, runPath, statBuf2, requireSIP, rootFS, files) ) {
303 runtimePathsFound.insert(runPath);
304 break;
305 }
306 }
307 }
308 }
309 }
310 }
311 }
312 BOMFSObjectFree(fso);
313 }
314
315 BOMBomEnumeratorFree(e);
316 BOMBomFree(bom);
317 });
318 }
319 }
320
321
322 static bool dontCache(const std::string& volumePrefix, const std::string& archName,
323 const std::unordered_set<std::string>& pathsWithDuplicateInstallName,
324 const DyldSharedCache::MappedMachO& aFile, bool warn,
325 const std::unordered_set<std::string>& skipDylibs)
326 {
327 if ( skipDylibs.count(aFile.runtimePath) )
328 return true;
329 if ( startsWith(aFile.runtimePath, "/usr/lib/system/introspection/") )
330 return true;
331 if ( startsWith(aFile.runtimePath, "/System/Library/QuickTime/") )
332 return true;
333 if ( startsWith(aFile.runtimePath, "/System/Library/Tcl/") )
334 return true;
335 if ( startsWith(aFile.runtimePath, "/System/Library/Perl/") )
336 return true;
337 if ( startsWith(aFile.runtimePath, "/System/Library/MonitorPanels/") )
338 return true;
339 if ( startsWith(aFile.runtimePath, "/System/Library/Accessibility/") )
340 return true;
341 if ( startsWith(aFile.runtimePath, "/usr/local/") )
342 return true;
343
344 // anything inside a .app bundle is specific to app, so should not be in shared cache
345 if ( aFile.runtimePath.find(".app/") != std::string::npos )
346 return true;
347
348 if ( archName == "i386" ) {
349 if ( startsWith(aFile.runtimePath, "/System/Library/CoreServices/") )
350 return true;
351 if ( startsWith(aFile.runtimePath, "/System/Library/Extensions/") )
352 return true;
353 }
354
355 if ( aFile.runtimePath.find("//") != std::string::npos ) {
356 if (warn) fprintf(stderr, "update_dyld_shared_cache: warning: %s skipping because of bad install name %s\n", archName.c_str(), aFile.runtimePath.c_str());
357 return true;
358 }
359
360 const char* installName = aFile.mh->installName();
361 if ( (pathsWithDuplicateInstallName.count(aFile.runtimePath) != 0) && (aFile.runtimePath != installName) ) {
362 // <rdar://problem/46431467> if a dylib moves and a symlink is installed into its place, bom iterator will see both and issue a warning
363 struct stat statBuf;
364 bool isSymLink = ( (lstat(aFile.runtimePath.c_str(), &statBuf) == 0) && S_ISLNK(statBuf.st_mode) );
365 if (!isSymLink && warn) fprintf(stderr, "update_dyld_shared_cache: warning: %s skipping because of duplicate install name %s\n", archName.c_str(), aFile.runtimePath.c_str());
366 return true;
367 }
368
369 if ( aFile.runtimePath != installName ) {
370 // see if install name is a symlink to actual path
371 std::string fullInstall = volumePrefix + installName;
372 char resolvedPath[PATH_MAX];
373 if ( realpath(fullInstall.c_str(), resolvedPath) != NULL ) {
374 std::string resolvedSymlink = resolvedPath;
375 if ( !volumePrefix.empty() ) {
376 resolvedSymlink = resolvedSymlink.substr(volumePrefix.size());
377 }
378 if ( aFile.runtimePath == resolvedSymlink ) {
379 return false;
380 }
381 }
382 // <rdar://problem/38000411> also if runtime path is a symlink to install name
383 std::string fullRuntime = volumePrefix + aFile.runtimePath;
384 if ( realpath(fullRuntime.c_str(), resolvedPath) != NULL ) {
385 std::string resolvedSymlink = resolvedPath;
386 if ( !volumePrefix.empty() ) {
387 resolvedSymlink = resolvedSymlink.substr(volumePrefix.size());
388 }
389 if ( resolvedSymlink == installName ) {
390 return false;
391 }
392 }
393 if (warn) fprintf(stderr, "update_dyld_shared_cache: warning: %s skipping because of bad install name %s\n", archName.c_str(), aFile.runtimePath.c_str());
394 return true;
395 }
396 return false;
397 }
398
399 static void pruneCachedDylibs(const std::string& volumePrefix, const std::unordered_set<std::string>& skipDylibs, MappedMachOsByCategory& fileSet)
400 {
401 std::unordered_set<std::string> pathsWithDuplicateInstallName;
402
403 std::unordered_map<std::string, std::string> installNameToFirstPath;
404 for (DyldSharedCache::MappedMachO& aFile : fileSet.dylibsForCache) {
405 const char* installName = aFile.mh->installName();
406 auto pos = installNameToFirstPath.find(installName);
407 if ( pos == installNameToFirstPath.end() ) {
408 installNameToFirstPath[installName] = aFile.runtimePath;
409 }
410 else {
411 pathsWithDuplicateInstallName.insert(aFile.runtimePath);
412 pathsWithDuplicateInstallName.insert(installNameToFirstPath[installName]);
413 }
414 }
415
416 for (DyldSharedCache::MappedMachO& aFile : fileSet.dylibsForCache) {
417 if ( dontCache(volumePrefix, fileSet.archName, pathsWithDuplicateInstallName, aFile, true, skipDylibs) ) {
418 // <rdar://problem/46423929> don't build dlopen closures for symlinks to something in the dyld cache
419 if ( pathsWithDuplicateInstallName.count(aFile.runtimePath) == 0 )
420 fileSet.otherDylibsAndBundles.push_back(aFile);
421 }
422 }
423 fileSet.dylibsForCache.erase(std::remove_if(fileSet.dylibsForCache.begin(), fileSet.dylibsForCache.end(),
424 [&](const DyldSharedCache::MappedMachO& aFile) { return dontCache(volumePrefix, fileSet.archName, pathsWithDuplicateInstallName, aFile, false, skipDylibs); }),
425 fileSet.dylibsForCache.end());
426 }
427
428 static void pruneOtherDylibs(const std::string& volumePrefix, MappedMachOsByCategory& fileSet)
429 {
430 // other OS dylibs should not contain dylibs that are embedded in some .app bundle
431 fileSet.otherDylibsAndBundles.erase(std::remove_if(fileSet.otherDylibsAndBundles.begin(), fileSet.otherDylibsAndBundles.end(),
432 [&](const DyldSharedCache::MappedMachO& aFile) { return (aFile.runtimePath.find(".app/") != std::string::npos); }),
433 fileSet.otherDylibsAndBundles.end());
434 }
435 static void pruneExecutables(const std::string& volumePrefix, MappedMachOsByCategory& fileSet)
436 {
437 // don't build closures for xcode shims in /usr/bin (e.g. /usr/bin/clang) which re-exec themselves to a tool inside Xcode.app
438 fileSet.mainExecutables.erase(std::remove_if(fileSet.mainExecutables.begin(), fileSet.mainExecutables.end(),
439 [&](const DyldSharedCache::MappedMachO& aFile) {
440 if ( !startsWith(aFile.runtimePath, "/usr/bin/") )
441 return false;
442 __block bool isXcodeShim = false;
443 aFile.mh->forEachDependentDylib(^(const char* loadPath, bool, bool, bool, uint32_t, uint32_t, bool &stop) {
444 if ( strcmp(loadPath, "/usr/lib/libxcselect.dylib") == 0 )
445 isXcodeShim = true;
446 });
447 return isXcodeShim;
448 }), fileSet.mainExecutables.end());
449 }
450
451 static bool existingCacheUpToDate(const std::string& existingCache, const std::vector<DyldSharedCache::MappedMachO>& currentDylibs)
452 {
453 // if no existing cache, it is not up-to-date
454 int fd = ::open(existingCache.c_str(), O_RDONLY);
455 if ( fd < 0 )
456 return false;
457
458 // build map of found dylibs
459 std::unordered_map<std::string, const DyldSharedCache::MappedMachO*> currentDylibMap;
460 for (const DyldSharedCache::MappedMachO& aFile : currentDylibs) {
461 //fprintf(stderr, "0x%0llX 0x%0llX %s\n", aFile.inode, aFile.modTime, aFile.runtimePath.c_str());
462 currentDylibMap[aFile.runtimePath] = &aFile;
463 }
464
465 // make sure all dylibs in existing cache have same mtime and inode as found dylib
466 __block bool foundMismatch = false;
467 const uint64_t cacheMapLen = 0x40000000;
468 void *p = ::mmap(NULL, cacheMapLen, PROT_READ, MAP_PRIVATE, fd, 0);
469 if ( p != MAP_FAILED ) {
470 const DyldSharedCache* cache = (DyldSharedCache*)p;
471 cache->forEachImageEntry(^(const char* installName, uint64_t mTime, uint64_t inode) {
472 bool foundMatch = false;
473 auto pos = currentDylibMap.find(installName);
474 if ( pos != currentDylibMap.end() ) {
475 const DyldSharedCache::MappedMachO* foundDylib = pos->second;
476 if ( (foundDylib->inode == inode) && (foundDylib->modTime == mTime) ) {
477 foundMatch = true;
478 }
479 }
480 if ( !foundMatch ) {
481 // use slow path and look for any dylib with a matching inode and mtime
482 bool foundSlow = false;
483 for (const DyldSharedCache::MappedMachO& aFile : currentDylibs) {
484 if ( (aFile.inode == inode) && (aFile.modTime == mTime) ) {
485 foundSlow = true;
486 break;
487 }
488 }
489 if ( !foundSlow ) {
490 foundMismatch = true;
491 if ( verbose )
492 fprintf(stderr, "rebuilding dyld cache because dylib changed: %s\n", installName);
493 }
494 }
495 });
496 ::munmap(p, cacheMapLen);
497 }
498
499 ::close(fd);
500
501 return !foundMismatch;
502 }
503
504
505 inline uint32_t absolutetime_to_milliseconds(uint64_t abstime)
506 {
507 return (uint32_t)(abstime/1000/1000);
508 }
509
510 static bool runningOnHaswell()
511 {
512 // check system is capable of running x86_64h code
513 struct host_basic_info info;
514 mach_msg_type_number_t count = HOST_BASIC_INFO_COUNT;
515 mach_port_t hostPort = mach_host_self();
516 kern_return_t result = host_info(hostPort, HOST_BASIC_INFO, (host_info_t)&info, &count);
517 mach_port_deallocate(mach_task_self(), hostPort);
518
519 return ( (result == KERN_SUCCESS) && (info.cpu_subtype == CPU_SUBTYPE_X86_64_H) );
520 }
521
522
523
524 #define TERMINATE_IF_LAST_ARG( s ) \
525 do { \
526 if ( i == argc - 1 ) { \
527 fprintf(stderr, s ); \
528 return 1; \
529 } \
530 } while ( 0 )
531
532 int main(int argc, const char* argv[], const char* envp[])
533 {
534 std::string rootPath;
535 std::string overlayPath;
536 std::string dylibListFile;
537 bool universal = false;
538 bool force = false;
539 bool searchDisk = false;
540 bool dylibsRemoved = false;
541 std::string cacheDir;
542 std::unordered_set<std::string> archStrs;
543 std::unordered_set<std::string> skipDylibs;
544
545 // parse command line options
546 for (int i = 1; i < argc; ++i) {
547 const char* arg = argv[i];
548 if (strcmp(arg, "-debug") == 0) {
549 verbose = true;
550 }
551 else if (strcmp(arg, "-verbose") == 0) {
552 verbose = true;
553 }
554 else if (strcmp(arg, "-dont_map_local_symbols") == 0) {
555 //We are going to ignore this
556 }
557 else if (strcmp(arg, "-dylib_list") == 0) {
558 TERMINATE_IF_LAST_ARG("-dylib_list missing argument");
559 dylibListFile = argv[++i];
560 }
561 else if ((strcmp(arg, "-root") == 0) || (strcmp(arg, "--root") == 0)) {
562 TERMINATE_IF_LAST_ARG("-root missing path argument\n");
563 rootPath = argv[++i];
564 }
565 else if (strcmp(arg, "-overlay") == 0) {
566 TERMINATE_IF_LAST_ARG("-overlay missing path argument\n");
567 overlayPath = argv[++i];
568 }
569 else if (strcmp(arg, "-cache_dir") == 0) {
570 TERMINATE_IF_LAST_ARG("-cache_dir missing path argument\n");
571 cacheDir = argv[++i];
572 }
573 else if (strcmp(arg, "-arch") == 0) {
574 TERMINATE_IF_LAST_ARG("-arch missing argument\n");
575 archStrs.insert(argv[++i]);
576 }
577 else if (strcmp(arg, "-search_disk") == 0) {
578 searchDisk = true;
579 }
580 else if (strcmp(arg, "-dylibs_removed_in_mastering") == 0) {
581 dylibsRemoved = true;
582 }
583 else if (strcmp(arg, "-force") == 0) {
584 force = true;
585 }
586 else if (strcmp(arg, "-sort_by_name") == 0) {
587 //No-op, we always do this now
588 }
589 else if (strcmp(arg, "-universal_boot") == 0) {
590 universal = true;
591 }
592 else if (strcmp(arg, "-skip") == 0) {
593 TERMINATE_IF_LAST_ARG("-skip missing argument\n");
594 skipDylibs.insert(argv[++i]);
595 }
596 else {
597 //usage();
598 fprintf(stderr, "update_dyld_shared_cache: unknown option: %s\n", arg);
599 return 1;
600 }
601 }
602
603 if ( !rootPath.empty() & !overlayPath.empty() ) {
604 fprintf(stderr, "-root and -overlay cannot be used together\n");
605 return 1;
606 }
607 // canonicalize rootPath
608 if ( !rootPath.empty() ) {
609 char resolvedPath[PATH_MAX];
610 if ( realpath(rootPath.c_str(), resolvedPath) != NULL ) {
611 rootPath = resolvedPath;
612 }
613 // <rdar://problem/33223984> when building closures for boot volume, pathPrefixes should be empty
614 if ( rootPath == "/" ) {
615 rootPath = "";
616 }
617 }
618 // canonicalize overlayPath
619 if ( !overlayPath.empty() ) {
620 char resolvedPath[PATH_MAX];
621 if ( realpath(overlayPath.c_str(), resolvedPath) != NULL ) {
622 overlayPath = resolvedPath;
623 }
624 }
625
626 // <rdar://problem/36362221> update_dyld_shared_cache should re-exec() itself to a newer version
627 std::string newTool;
628 if ( !rootPath.empty() )
629 newTool = rootPath + "/usr/bin/update_dyld_shared_cache";
630 else if ( !overlayPath.empty() )
631 newTool = overlayPath + "/usr/bin/update_dyld_shared_cache";
632 if ( !newTool.empty() ) {
633 struct stat newToolStatBuf;
634 if ( stat(newTool.c_str(), &newToolStatBuf) == 0 ) {
635 char curToolPath[PATH_MAX];
636 uint32_t curToolPathsize = PATH_MAX;
637 int result = _NSGetExecutablePath(curToolPath, &curToolPathsize);
638 if ( result == 0 ) {
639 char resolvedCurToolPath[PATH_MAX];
640 if ( realpath(curToolPath, resolvedCurToolPath) != NULL ) {
641 // don't re-exec if we are already running that tool
642 if ( newTool != resolvedCurToolPath ) {
643 execve(newTool.c_str(), (char**)argv, (char**)envp);
644 }
645 }
646 }
647 }
648 }
649
650 // Find the boot volume so that we can ensure all overlays are on the same volume
651 struct stat rootStatBuf;
652 if ( stat(rootPath == "" ? "/" : rootPath.c_str(), &rootStatBuf) != 0 ) {
653 fprintf(stderr, "update_dyld_shared_cache: error: could not stat root file system because '%s'\n", strerror(errno));
654 return 1;
655 }
656
657 dev_t rootFS = rootStatBuf.st_dev;
658
659 //
660 // pathPrefixes for three modes:
661 // 1) no options: { "" } // search only boot volume
662 // 2) -overlay: { overlay, "" } // search overlay, then boot volume
663 // 3) -root: { root } // search only -root volume
664 //
665 std::vector<std::string> pathPrefixes;
666 if ( !overlayPath.empty() ) {
667 // Only add the overlay path if it exists, and is the same volume as the root
668 struct stat overlayStatBuf;
669 if ( stat(overlayPath.c_str(), &overlayStatBuf) != 0 ) {
670 fprintf(stderr, "update_dyld_shared_cache: warning: ignoring overlay dir '%s' because '%s'\n", overlayPath.c_str(), strerror(errno));
671 overlayPath.clear();
672 } else if (overlayStatBuf.st_dev != rootFS) {
673 fprintf(stderr, "update_dyld_shared_cache: warning: ignoring overlay dir '%s' because it is not the boot volume\n", overlayPath.c_str());
674 overlayPath.clear();
675 } else {
676 pathPrefixes.push_back(overlayPath);
677 }
678 }
679 pathPrefixes.push_back(rootPath);
680
681 if ( cacheDir.empty() ) {
682 // if -cache_dir is not specified, then write() will eventually fail if we are not running as root
683 if ( geteuid() != 0 ) {
684 fprintf(stderr, "update_dyld_shared_cache: must be run as root (sudo)\n");
685 return 1;
686 }
687
688 // write cache file into -root or -overlay directory, if used
689 if ( rootPath != "/" )
690 cacheDir = rootPath + MACOSX_DYLD_SHARED_CACHE_DIR;
691 else if ( !overlayPath.empty() )
692 cacheDir = overlayPath + MACOSX_DYLD_SHARED_CACHE_DIR;
693 else
694 cacheDir = MACOSX_DYLD_SHARED_CACHE_DIR;
695 }
696
697 int err = mkpath_np(cacheDir.c_str(), S_IRWXU | S_IRGRP|S_IXGRP | S_IROTH|S_IXOTH);
698 if ( (err != 0) && (err != EEXIST) ) {
699 fprintf(stderr, "update_dyld_shared_cache: could not access cache dir: mkpath_np(%s) failed errno=%d\n", cacheDir.c_str(), err);
700 return 1;
701 }
702
703 if ( archStrs.empty() ) {
704 if ( universal ) {
705 // <rdar://problem/26182089> -universal_boot should make all possible dyld caches
706 archStrs.insert("i386");
707 archStrs.insert("x86_64");
708 archStrs.insert("x86_64h");
709 }
710 else {
711 // just make caches for this machine
712 archStrs.insert("i386");
713 archStrs.insert(runningOnHaswell() ? "x86_64h" : "x86_64");
714 }
715 }
716
717 uint64_t t1 = mach_absolute_time();
718
719 // find all mach-o files for requested architectures
720 bool requireDylibsBeRootlessProtected = isProtectedBySIP(cacheDir);
721 __block std::vector<MappedMachOsByCategory> allFileSets;
722 if ( archStrs.count("x86_64") )
723 allFileSets.push_back({"x86_64"});
724 if ( archStrs.count("x86_64h") )
725 allFileSets.push_back({"x86_64h"});
726 if ( archStrs.count("i386") )
727 allFileSets.push_back({"i386"});
728 if ( searchDisk )
729 findAllFiles(pathPrefixes, requireDylibsBeRootlessProtected, rootFS, allFileSets);
730 else {
731 std::unordered_set<std::string> runtimePathsFound;
732 findOSFilesViaBOMS(pathPrefixes, requireDylibsBeRootlessProtected, rootFS, allFileSets);
733 }
734
735 // nothing in OS uses i386 dylibs, so only dylibs used by third party apps need to be in cache
736 for (MappedMachOsByCategory& fileSet : allFileSets) {
737 pruneCachedDylibs(rootPath, skipDylibs, fileSet);
738 pruneOtherDylibs(rootPath, fileSet);
739 pruneExecutables(rootPath, fileSet);
740 }
741
742 uint64_t t2 = mach_absolute_time();
743 if ( verbose ) {
744 if ( searchDisk )
745 fprintf(stderr, "time to scan file system and construct lists of mach-o files: %ums\n", absolutetime_to_milliseconds(t2-t1));
746 else
747 fprintf(stderr, "time to read BOM and construct lists of mach-o files: %ums\n", absolutetime_to_milliseconds(t2-t1));
748 }
749
750 // build caches in parallel on machines with at leat 4GB of RAM
751 uint64_t memSize = 0;
752 size_t sz = sizeof(memSize);;
753 bool buildInParallel = false;
754 if ( sysctlbyname("hw.memsize", &memSize, &sz, NULL, 0) == 0 ) {
755 if ( memSize >= 0x100000000ULL )
756 buildInParallel = true;
757 }
758 dispatch_queue_t dqueue = buildInParallel ? dispatch_get_global_queue(DISPATCH_QUEUE_PRIORITY_DEFAULT, 0)
759 : dispatch_queue_create("serial-queue", DISPATCH_QUEUE_SERIAL);
760
761 // build all caches
762 __block bool cacheBuildFailure = false;
763 __block bool wroteSomeCacheFile = false;
764 dispatch_apply(allFileSets.size(), dqueue, ^(size_t index) {
765 MappedMachOsByCategory& fileSet = allFileSets[index];
766 const std::string outFile = cacheDir + "/dyld_shared_cache_" + fileSet.archName;
767
768 DyldSharedCache::MappedMachO (^loader)(const std::string&) = ^DyldSharedCache::MappedMachO(const std::string& runtimePath) {
769 if ( skipDylibs.count(runtimePath) )
770 return DyldSharedCache::MappedMachO();
771 for (const std::string& prefix : pathPrefixes) {
772 std::string fullPath = prefix + runtimePath;
773 struct stat statBuf;
774 if ( stat(fullPath.c_str(), &statBuf) == 0 ) {
775 dyld3::closure::FileSystemPhysical fileSystem(prefix.c_str());
776 char resolvedPath[PATH_MAX];
777 if ( realpath(fullPath.c_str(), resolvedPath) != NULL ) {
778 std::string resolvedSymlink = resolvedPath;
779 if ( !rootPath.empty() ) {
780 resolvedSymlink = resolvedSymlink.substr(rootPath.size());
781 }
782 if ( (runtimePath != resolvedSymlink) && !contains(runtimePath, "InputContext") ) { //HACK remove InputContext when fixed
783 // path requested is a symlink path, check if real path already loaded
784 for (const DyldSharedCache::MappedMachO& aDylibMapping : fileSet.dylibsForCache) {
785 if ( aDylibMapping.runtimePath == resolvedSymlink ) {
786 if ( verbose )
787 fprintf(stderr, "verifySelfContained, redirect %s to %s\n", runtimePath.c_str(), aDylibMapping.runtimePath.c_str());
788 return aDylibMapping;
789 }
790 }
791 }
792 }
793
794 std::vector<MappedMachOsByCategory> mappedFiles;
795 mappedFiles.push_back({fileSet.archName});
796 if ( addIfMachO(fileSystem, runtimePath, statBuf, requireDylibsBeRootlessProtected, rootFS, mappedFiles) ) {
797 if ( !mappedFiles.back().dylibsForCache.empty() ) {
798 if ( verbose )
799 fprintf(stderr, "verifySelfContained, add %s\n", mappedFiles.back().dylibsForCache.back().runtimePath.c_str());
800 return mappedFiles.back().dylibsForCache.back();
801 }
802 }
803 }
804 }
805 return DyldSharedCache::MappedMachO();
806 };
807 size_t startCount = fileSet.dylibsForCache.size();
808 std::vector<std::pair<DyldSharedCache::MappedMachO, std::set<std::string>>> excludes;
809 DyldSharedCache::verifySelfContained(fileSet.dylibsForCache, loader, excludes);
810 for (size_t i=startCount; i < fileSet.dylibsForCache.size(); ++i) {
811 fprintf(stderr, "update_dyld_shared_cache: warning: %s not in .bom, but adding required dylib %s\n", fileSet.archName.c_str(), fileSet.dylibsForCache[i].runtimePath.c_str());
812 }
813 for (auto& exclude : excludes) {
814 std::string reasons = "(\"";
815 for (auto i = exclude.second.begin(); i != exclude.second.end(); ++i) {
816 reasons += *i;
817 if (i != --exclude.second.end()) {
818 reasons += "\", \"";
819 }
820 }
821 reasons += "\")";
822 fprintf(stderr, "update_dyld_shared_cache: warning: %s rejected from cached dylibs: %s (%s)\n", fileSet.archName.c_str(), exclude.first.runtimePath.c_str(), reasons.c_str());
823 fileSet.otherDylibsAndBundles.push_back(exclude.first);
824 }
825
826 // check if cache is already up to date
827 if ( !force ) {
828 if ( existingCacheUpToDate(outFile, fileSet.dylibsForCache) )
829 return;
830 }
831
832 // add any extra dylibs needed which were not in .bom
833 fprintf(stderr, "update_dyld_shared_cache: %s incorporating %lu OS dylibs, tracking %lu others, building closures for %lu executables\n",
834 fileSet.archName.c_str(), fileSet.dylibsForCache.size(), fileSet.otherDylibsAndBundles.size(), fileSet.mainExecutables.size());
835 //for (const DyldSharedCache::MappedMachO& aFile : fileSet.otherDylibsAndBundles) {
836 // fprintf(stderr, " %s\n", aFile.runtimePath.c_str());
837 //}
838
839
840 // build cache new cache file
841 DyldSharedCache::CreateOptions options;
842 options.outputFilePath = outFile;
843 options.outputMapFilePath = cacheDir + "/dyld_shared_cache_" + fileSet.archName + ".map";
844 options.archName = fileSet.archName;
845 options.platform = dyld3::Platform::macOS;
846 options.excludeLocalSymbols = false;
847 options.optimizeStubs = false;
848 options.optimizeObjC = true;
849 options.codeSigningDigestMode = DyldSharedCache::SHA256only;
850 options.dylibsRemovedDuringMastering = dylibsRemoved;
851 options.inodesAreSameAsRuntime = true;
852 options.cacheSupportsASLR = (fileSet.archName != "i386");
853 options.forSimulator = false;
854 options.isLocallyBuiltCache = true;
855 options.verbose = verbose;
856 options.evictLeafDylibsOnOverflow = true;
857 options.pathPrefixes = pathPrefixes;
858 DyldSharedCache::CreateResults results = DyldSharedCache::create(options, fileSet.dylibsForCache, fileSet.otherDylibsAndBundles, fileSet.mainExecutables);
859
860 // print any warnings
861 for (const std::string& warn : results.warnings) {
862 fprintf(stderr, "update_dyld_shared_cache: warning: %s %s\n", fileSet.archName.c_str(), warn.c_str());
863 }
864 if ( results.errorMessage.empty() ) {
865 wroteSomeCacheFile = true;
866 }
867 else {
868 fprintf(stderr, "update_dyld_shared_cache: %s\n", results.errorMessage.c_str());
869 cacheBuildFailure = true;
870 }
871 });
872
873
874 // Save off spintrace data
875 if ( wroteSomeCacheFile ) {
876 void* h = dlopen("/usr/lib/libdscsym.dylib", 0);
877 if ( h != nullptr ) {
878 typedef int (*dscym_func)(const char*);
879 dscym_func func = (dscym_func)dlsym(h, "dscsym_save_dscsyms_for_current_caches");
880 std::string nuggetRoot = rootPath;
881 if ( nuggetRoot.empty() )
882 nuggetRoot = overlayPath;
883 if ( nuggetRoot.empty() )
884 nuggetRoot = "/";
885 (*func)(nuggetRoot.c_str());
886 }
887 }
888
889
890 // we could unmap all input files, but tool is about to quit
891
892 return (cacheBuildFailure ? 1 : 0);
893 }
894
mirror of dyld