[PATCH] D48797: [CMake] Teach the build system to codesign built products
Justin Bogner via Phabricator via llvm-commits
llvm-commits at lists.llvm.org
Mon Jul 9 14:35:41 PDT 2018
bogner updated this revision to Diff 154697.
bogner edited the summary of this revision.
bogner added a comment.
Update to set path to codesign_allocate correctly and set the extra tool paths in platforms/iOS.cmake.
https://reviews.llvm.org/D48797
Files:
CMakeLists.txt
cmake/modules/AddLLVM.cmake
cmake/platforms/iOS.cmake
Index: cmake/platforms/iOS.cmake
===================================================================
--- cmake/platforms/iOS.cmake
+++ cmake/platforms/iOS.cmake
@@ -80,3 +80,23 @@
SET(CMAKE_LIBTOOL ${CMAKE_LIBTOOL_val} CACHE FILEPATH "Libtool")
message(STATUS "Using libtool ${CMAKE_LIBTOOL}")
ENDIF()
+
+IF(NOT CMAKE_CODESIGN)
+ execute_process(COMMAND xcrun -sdk ${CMAKE_OSX_SYSROOT} -find codesign
+ OUTPUT_VARIABLE CMAKE_CODESIGN_val
+ ERROR_QUIET
+ OUTPUT_STRIP_TRAILING_WHITESPACE)
+ SET(CMAKE_CODESIGN ${CMAKE_CODESIGN_val} CACHE FILEPATH "Codesign")
+ message(STATUS "Using codesign ${CMAKE_CODESIGN}")
+ENDIF()
+
+IF(NOT CMAKE_CODESIGN_ALLOCATE)
+ execute_process(
+ COMMAND xcrun -sdk ${CMAKE_OSX_SYSROOT} -find codesign_allocate
+ OUTPUT_VARIABLE CMAKE_CODESIGN_ALLOCATE_val
+ ERROR_QUIET
+ OUTPUT_STRIP_TRAILING_WHITESPACE)
+ SET(CMAKE_CODESIGN_ALLOCATE ${CMAKE_CODESIGN_ALLOCATE_val} CACHE
+ FILEPATH "Codesign_Allocate")
+ message(STATUS "Using codesign_allocate ${CMAKE_CODESIGN_ALLOCATE}")
+ENDIF()
Index: cmake/modules/AddLLVM.cmake
===================================================================
--- cmake/modules/AddLLVM.cmake
+++ cmake/modules/AddLLVM.cmake
@@ -580,6 +580,7 @@
if(ARG_SHARED OR ARG_MODULE)
llvm_externalize_debuginfo(${name})
+ llvm_codesign(${name})
endif()
endfunction()
@@ -784,6 +785,8 @@
# API for all shared libaries loaded by this executable.
target_link_libraries(${name} PRIVATE ${LLVM_PTHREAD_LIB})
endif()
+
+ llvm_codesign(${name})
endmacro(add_llvm_executable name)
function(export_executable_symbols target)
@@ -1590,6 +1593,32 @@
endif()
endfunction()
+function(llvm_codesign name)
+ if(NOT LLVM_CODESIGNING_IDENTITY)
+ return()
+ endif()
+
+ if(APPLE)
+ if(NOT CMAKE_CODESIGN)
+ set(CMAKE_CODESIGN xcrun codesign)
+ endif()
+ if(NOT CMAKE_CODESIGN_ALLOCATE)
+ execute_process(
+ COMMAND xcrun -f codesign_allocate
+ OUTPUT_STRIP_TRAILING_WHITESPACE
+ OUTPUT_VARIABLE CMAKE_CODESIGN_ALLOCATE
+ )
+ endif()
+ add_custom_command(
+ TARGET ${name} POST_BUILD
+ COMMAND ${CMAKE_COMMAND} -E
+ env CODESIGN_ALLOCATE=${CMAKE_CODESIGN_ALLOCATE}
+ ${CMAKE_CODESIGN} -s ${LLVM_CODESIGNING_IDENTITY}
+ $<TARGET_FILE:${name}>
+ )
+ endif()
+endfunction()
+
function(llvm_setup_rpath name)
if(CMAKE_INSTALL_RPATH)
return()
Index: CMakeLists.txt
===================================================================
--- CMakeLists.txt
+++ CMakeLists.txt
@@ -429,6 +429,9 @@
option(LLVM_EXTERNALIZE_DEBUGINFO
"Generate dSYM files and strip executables and libraries (Darwin Only)" OFF)
+option(LLVM_CODESIGNING_IDENTITY
+ "Sign executables and dylibs with the given identity (Darwin Only)" OFF)
+
# If enabled, verify we are on a platform that supports oprofile.
if( LLVM_USE_OPROFILE )
if( NOT CMAKE_SYSTEM_NAME MATCHES "Linux" )
-------------- next part --------------
A non-text attachment was scrubbed...
Name: D48797.154697.patch
Type: text/x-patch
Size: 2980 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20180709/d2a371ca/attachment.bin>
More information about the llvm-commits
mailing list