sgraenitz created this revision.
sgraenitz added reviewers: jingham, davide, JDevlieghere, teemperor.
Herald added a subscriber: mgorny.
Herald added a project: LLDB.
sgraenitz edited the summary of this revision.
Explicitly code-sign the LLDB.framework copy of debugserver in the build-tree.
This is necessary, because the Xcode-specific logic in `llvm_codesign` [1] has
the side-effect that Xcode code-signs after post-build steps (here: after
copying debugserver over into the framework). The special case for Xcode was
necessary to avoid double-signing errors in the past (see D55116
<https://reviews.llvm.org/D55116> and D55816 <https://reviews.llvm.org/D55816>).
[1]
https://github.com/llvm/llvm-project/blob/36fb93982f0e/llvm/cmake/modules/AddLLVM.cmake#L1676
Repository:
rG LLVM Github Monorepo
https://reviews.llvm.org/D65566
Files:
lldb/tools/debugserver/source/CMakeLists.txt
Index: lldb/tools/debugserver/source/CMakeLists.txt
===================================================================
--- lldb/tools/debugserver/source/CMakeLists.txt
+++ lldb/tools/debugserver/source/CMakeLists.txt
@@ -208,6 +208,34 @@
ENTITLEMENTS ${entitlements}
)
+# Workaround for Xcode-specific code-signing behavior:
+# The XCODE_ATTRIBUTE_CODE_SIGN_IDENTITY option causes debugserver to be copied
+# into the framework first and code-signed afterwards. Sign the copy manually.
+if (debugserver_codesign_identity AND LLDB_BUILD_FRAMEWORK AND
+ CMAKE_GENERATOR STREQUAL "Xcode")
+ if(NOT CMAKE_CODESIGN_ALLOCATE)
+ execute_process(
+ COMMAND xcrun -f codesign_allocate
+ OUTPUT_STRIP_TRAILING_WHITESPACE
+ OUTPUT_VARIABLE CMAKE_CODESIGN_ALLOCATE
+ )
+ endif()
+ if(entitlements)
+ set(pass_entitlements --entitlements ${entitlements})
+ endif()
+
+ get_target_property(framework_build_dir liblldb LIBRARY_OUTPUT_DIRECTORY)
+ set(copy_location
${framework_build_dir}/LLDB.framework/Versions/${LLDB_FRAMEWORK_VERSION}/Resources/debugserver)
+
+ add_custom_command(TARGET debugserver POST_BUILD
+ COMMAND ${CMAKE_COMMAND} -E
+ env CODESIGN_ALLOCATE=${CMAKE_CODESIGN_ALLOCATE}
+ xcrun codesign -f -s ${debugserver_codesign_identity}
+ ${pass_entitlements} ${copy_location}
+ COMMENT "Code-sign debugserver copy in the build-tree framework:
${copy_location}"
+ )
+endif()
+
set_target_properties(debugserver PROPERTIES FOLDER "lldb
libraries/debugserver")
if(IOS)
Index: lldb/tools/debugserver/source/CMakeLists.txt
===================================================================
--- lldb/tools/debugserver/source/CMakeLists.txt
+++ lldb/tools/debugserver/source/CMakeLists.txt
@@ -208,6 +208,34 @@
ENTITLEMENTS ${entitlements}
)
+# Workaround for Xcode-specific code-signing behavior:
+# The XCODE_ATTRIBUTE_CODE_SIGN_IDENTITY option causes debugserver to be copied
+# into the framework first and code-signed afterwards. Sign the copy manually.
+if (debugserver_codesign_identity AND LLDB_BUILD_FRAMEWORK AND
+ CMAKE_GENERATOR STREQUAL "Xcode")
+ if(NOT CMAKE_CODESIGN_ALLOCATE)
+ execute_process(
+ COMMAND xcrun -f codesign_allocate
+ OUTPUT_STRIP_TRAILING_WHITESPACE
+ OUTPUT_VARIABLE CMAKE_CODESIGN_ALLOCATE
+ )
+ endif()
+ if(entitlements)
+ set(pass_entitlements --entitlements ${entitlements})
+ endif()
+
+ get_target_property(framework_build_dir liblldb LIBRARY_OUTPUT_DIRECTORY)
+ set(copy_location ${framework_build_dir}/LLDB.framework/Versions/${LLDB_FRAMEWORK_VERSION}/Resources/debugserver)
+
+ add_custom_command(TARGET debugserver POST_BUILD
+ COMMAND ${CMAKE_COMMAND} -E
+ env CODESIGN_ALLOCATE=${CMAKE_CODESIGN_ALLOCATE}
+ xcrun codesign -f -s ${debugserver_codesign_identity}
+ ${pass_entitlements} ${copy_location}
+ COMMENT "Code-sign debugserver copy in the build-tree framework: ${copy_location}"
+ )
+endif()
+
set_target_properties(debugserver PROPERTIES FOLDER "lldb libraries/debugserver")
if(IOS)
_______________________________________________
lldb-commits mailing list
lldb-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/lldb-commits
