Opened 4 years ago
Last modified 8 months ago
#60818 reopened enhancement
darwintrace cannot inject into binaries of a different architecture (missing arm64e)
| Reported by: | saagarjha (Saagar Jha) | Owned by: | |
|---|---|---|---|
| Priority: | Normal | Milestone: | |
| Component: | base | Version: | |
| Keywords: | tracemode | Cc: | |
| Port: |
Description
darwintrace injects code into every process during installation, and these processes can have different architectures. If darwintrace does not have a slice that matches the process, it will fail to load; it might be worth compiling it as universal (including arm64e–note this requires undocumented ptrauth ABI) regardless of configure flags.
Change History (5)
comment:1 Changed 4 years ago by ryandesign (Ryan Carsten Schmidt)
| Type: | defect → enhancement |
|---|
comment:2 Changed 2 years ago by neverpanic (Clemens Lang)
| Resolution: | → fixed |
|---|---|
| Status: | new → closed |
Ever since [de1977a709f86b2e663ffc1f43ae70b075fc4e9a/macports-base], trace mode is compiled with CFLAGS += $(UNIVERSAL_ARCHFLAGS). [6eaa8d5ee9e8f05ece837bcecdc5abda882e584b/macports-base] changed that to include arm64, so this should now be solved.
Please re-open if this still occurs.
comment:3 Changed 2 years ago by saagarjha (Saagar Jha)
Not sure if this need to be reopened, for users with SIP disabled trace mode will attempt to inject into system tooling as well (which it did so successfully on x86_64). On Apple silicon these tools are compiled as "arm64e" and this will fail, so I was wondering if we should also include this slice.
comment:4 Changed 2 years ago by miriam-rittenberg (Miriam Rittenberg)
| Resolution: | fixed |
|---|---|
| Status: | closed → reopened |
Yes, darwintrace does not work for me with SIP disabled on an arm mac, though it works fine with SIP enabled:
Executing: cd "/opt/local/var/macports/build/_Users_mrittenb_programming_macports-ports_net_ldapvi/ldapvi/work/ldapvi-1.7" && /usr/bin/make -w install prefix=/opt/local/var/macports/build/_Users_mrittenb_programming_macports-ports_net_ldapvi/ldapvi/work/destroot/opt/local dyld[52238]: terminating because inserted dylib '/opt/local/libexec/macports/lib/darwintrace1.0/darwintrace.dylib' could not be loaded: tried: '/opt/local/libexec/macports/lib/darwintrace1.0/darwintrace.dylib' (fat file, but missing compatible architecture (have 'x86_64,arm64', need 'arm64e')), '/usr/local/lib/darwintrace.dylib' (no such file), '/usr/lib/darwintrace.dylib' (no such file)
comment:5 Changed 16 months ago by raimue (Rainer Müller)
| Summary: | darwintrace cannot inject into binaries of a different architecture → darwintrace cannot inject into binaries of a different architecture (missing arm64e) |
|---|
The missing part is arm64e, which is a new ABI to support Pointer Authentication as specified with ARMv8.3.
However, Apple does not consider this ABI as stable. The use of arm64e seems to be limited to binaries signed by Apple. As I have read, it is actually used in binaries in /usr/bin but I cannot confirm this. I assume (!) this limitation also applies to libraries and therefore we cannot just build darwintrace.dylib for arm64e and inject it into the process.
Maybe a possible workaround would be to force use of arm64 for such binaries with something like arch -arm64 /usr/bin/...? This could be done in the SIP workaround that we have to use anyway.
We already do compile darwintrace universal for this reason, though it would not surprise me if arm64 is not among the architectures it uses for that yet, since arm64 Macs were only just announced.