[llvm] [ObjCopy] Respect requirements of LC_ENCRYPTION_INFO commands (PR #120995)
Daniel RodrÃguez Troitiño via llvm-commits
llvm-commits at lists.llvm.org
Fri Jan 24 09:56:34 PST 2025
drodriguez wrote:
@glandium is the binary signed before `llvm-strip -S` is performed? `llvm-objcopy` does not do any codesigning (as far as I know) (it also doesn't modify the contents of `LC_ENCRYPT_INFO/_64` as pointed out by https://github.com/llvm/llvm-project/blob/c025b96ef9bb364c79f73fc3afb45c851c2efb17/llvm/lib/ObjCopy/MachO/MachOLayoutBuilder.cpp#L419-L424 which might create invalid binaries).
I am also suprised that you write "after this change". Were things working before this change? Because I think any change to a signed binary would had invalidated the signature.
For what it is worth, our process is creating the binary with `-Wl,-encryptable`, but not signing it (yet), do the stripping (but probably not debug info, because I am talking about release binaries), and then sign. Before these changes, a small binary will be left invalid because the `LC_ENCRYPT_INFO/_64` command was left pointing to incorrect offsets. That's all that this change tries to fix.
If you don't mind, I will not download any binary, but if you find a simple source code + build script to reproduce the problem I can have a better look at it.
https://github.com/llvm/llvm-project/pull/120995
More information about the llvm-commits
mailing list