[llvm] r362169 - Support codesigning bundles and forcing

Chris Bieneman via llvm-commits llvm-commits at lists.llvm.org
Thu May 30 15:25:48 PDT 2019 

Author: cbieneman
Date: Thu May 30 15:25:48 2019
New Revision: 362169

URL: http://llvm.org/viewvc/llvm-project?rev=362169&view=rev
Log:
Support codesigning bundles and forcing

Summary:
Clangd's framework is assembled by copying binaries from the lib and bin directories into a bundle shape. This results in an invalid bundle code signature because the signature only applies to the binaries not the resources.

This patch adds two new options to `llvm_codesign` to enable re-signing the library and XPC service as bundles.

The `BUNDLE_PATH` option allow specifying an explicit path to codesign, which enables signing bundles which aren't generated using CMake's `FRAMEWORK` or `BUNDLE` target properties.

The `FORCE` option allows re-signing binaries that have already been signed. This is required for how clangd exposes the clangd library and tools as both XPC and non-XPC services using the same binary.

Reviewers: jkorous, bogner

Reviewed By: bogner

Subscribers: mgorny, ilya-biryukov, dexonsmith, arphaman, kadircet, cfe-commits, llvm-commits

Tags: #clang, #llvm

Differential Revision: https://reviews.llvm.org/D62693

Modified:
    llvm/trunk/cmake/modules/AddLLVM.cmake

Modified: llvm/trunk/cmake/modules/AddLLVM.cmake
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/cmake/modules/AddLLVM.cmake?rev=362169&r1=362168&r2=362169&view=diff
==============================================================================
--- llvm/trunk/cmake/modules/AddLLVM.cmake (original)
+++ llvm/trunk/cmake/modules/AddLLVM.cmake Thu May 30 15:25:48 2019
@@ -1659,9 +1659,9 @@ function(llvm_externalize_debuginfo name
   endif()
 endfunction()
 
-# Usage: llvm_codesign(name [ENTITLEMENTS file])
+# Usage: llvm_codesign(name [FORCE] [ENTITLEMENTS file] [BUNDLE_PATH path])
 function(llvm_codesign name)
-  cmake_parse_arguments(ARG "" "ENTITLEMENTS" "" ${ARGN})
+  cmake_parse_arguments(ARG "FORCE" "ENTITLEMENTS;BUNDLE_PATH" "" ${ARGN})
 
   if(NOT LLVM_CODESIGNING_IDENTITY)
     return()
@@ -1691,12 +1691,20 @@ function(llvm_codesign name)
       set(pass_entitlements --entitlements ${ARG_ENTITLEMENTS})
     endif()
 
+    if (NOT ARG_BUNDLE_PATH)
+      set(ARG_BUNDLE_PATH $<TARGET_FILE:${name}>)
+    endif()
+
+    if(ARG_FORCE)
+      set(force_flag "-f")
+    endif()
+
     add_custom_command(
       TARGET ${name} POST_BUILD
       COMMAND ${CMAKE_COMMAND} -E
               env CODESIGN_ALLOCATE=${CMAKE_CODESIGN_ALLOCATE}
               ${CMAKE_CODESIGN} -s ${LLVM_CODESIGNING_IDENTITY}
-              ${pass_entitlements} $<TARGET_FILE:${name}>
+              ${pass_entitlements} ${force_flag} ${ARG_BUNDLE_PATH}
     )
   endif()
 endfunction()

More information about the llvm-commits mailing list