Opened 3 years ago

Closed 3 years ago

#20235 closed defect (fixed)

Configure misidentifies clock_gettime and getentropy on macOS Sierra/XCode8 when compiling for iOS 8

Reported by: rainwolf Owned by:
Priority: Medium Milestone: Tor: 0.2.9.x-final
Component: Core Tor/Tor Version: Tor: 0.2.8.8
Severity: Normal Keywords: Sierra, XCode 8, clock_gettime, getentropy, libSystem.dylib 028-backport osx
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

libSystem.dylib provides clock_gettime and getentropy from iOS 10 onward but not below but the configure script does not detect that. Even with the -Wl,-no_weak_imports

linker flag. The only way I managed to compile for iOS8 and iOS9 on macOS Sierra with XCode8 was to patch out detection of clock_gettime and getentropy from the configure script. This is less-than-ideal but the only fix I know. I attached the patch that I used on configure.

Child Tickets

Attachments (1)

tor-configure.diff (420 bytes) - added by rainwolf 3 years ago.
configure patch

Download all attachments as: .zip

Change History (10)

Changed 3 years ago by rainwolf

Attachment: tor-configure.diff added

configure patch

comment:1 Changed 3 years ago by nickm

Keywords: 028-backport added
Milestone: Tor: 0.2.9.x-final

(#20241 is related to this, but not the same.)

Does Apple provide a general way to target a specific version of their APIs, other than downgrading your developer tools?

comment:2 Changed 3 years ago by nickm

Component: Core TorCore Tor/Tor
Keywords: osx added

comment:3 in reply to:  1 Changed 3 years ago by rainwolf

Replying to nickm:

They mention here that the new linker flag -Wl,-no_weak_imports should fail to link if the link would be a leak link. (This happens when you use the Apple-supplied headers and they indicate the symbol was added after your current deployment target.)

This should cause the tests for clock_gettime and getentropy to fail correctly if you were to target an OS version that doesn't supply them.

(#20241 is related to this, but not the same.)

Does Apple provide a general way to target a specific version of their APIs, other than downgrading your developer tools?

comment:4 Changed 3 years ago by nickm

Oh! Hm.

I tried making an example program as small as possible to still use getentropy():

#include <sys/types.h>
#include <sys/random.h>
#include <stdio.h>

int main(int argc, char **argv)
{
  unsigned x;
  if (getentropy(&x, sizeof(x)) < 0)
    perror("getentropy");
  else
    printf("%u\n", x);
  return 0;
}

I tried compiling it in lots of different ways, but I couldn't find a way to tell gcc to ignore the presence of getentropy()....

% gcc -Wall -Wl,-no_weak_imports getentropy_test.c -o get
% gcc -Wall -mmacosx-version-min=10.10 -Wl,-no_weak_imports getentropy_test.c -o get
% ( export MACOSX_DEPLOYMENT_TARGET=10.10 ; gcc -Wall -mmacosx-version-min=10.10 -Wl,-no_weak_imports getentropy_test.c -o get )

I wonder if Apple messed up somehow and forgot to tag these APIs as 10.12 only? Or maybe I'm doing something wrong with the above.

comment:5 Changed 3 years ago by arma

This is broken on Tor 0.2.8.9 too, right? So it's not a regression?

It seems smart to get Tor building on this new esoteric platform with its new bugs, so we will have a Tor stable that builds on it. But also it seems smart to not let this ticket hold up the 0.2.9 stable if it's the only ticket remaining and we haven't solved it by then.

comment:6 in reply to:  4 Changed 3 years ago by teor

Replying to nickm:

Oh! Hm.

I tried making an example program as small as possible to still use getentropy():

#include <sys/types.h>
#include <sys/random.h>
#include <stdio.h>

int main(int argc, char **argv)
{
  unsigned x;
  if (getentropy(&x, sizeof(x)) < 0)
    perror("getentropy");
  else
    printf("%u\n", x);
  return 0;
}

I tried compiling it in lots of different ways, but I couldn't find a way to tell gcc to ignore the presence of getentropy()....

% gcc -Wall -Wl,-no_weak_imports getentropy_test.c -o get
% gcc -Wall -mmacosx-version-min=10.10 -Wl,-no_weak_imports getentropy_test.c -o get
% ( export MACOSX_DEPLOYMENT_TARGET=10.10 ; gcc -Wall -mmacosx-version-min=10.10 -Wl,-no_weak_imports getentropy_test.c -o get )

I wonder if Apple messed up somehow and forgot to tag these APIs as 10.12 only? Or maybe I'm doing something wrong with the above.

Yes, Apple messed up and forgot to tag the APIs.
So any tor built on Sierra won't run on older OS X.

So it's a platform bug, not a tor version bug.
Let's fix it if we can, probably by testing MACOSX_DEPLOYMENT_TARGET ourselves (ugh).

comment:7 Changed 3 years ago by nickm

Status: newneeds_review

Possible fix in branch sierra_fix_028 in my public repository. I haven't tested it on OSX yet though.

comment:8 Changed 3 years ago by teor

For the record, my github branch weak_link_getentropy is an alternative solution.

But I think it's much more complex in the clock_gettime case, and in general, it has more failure modes, so I would prefer nickm's solution.

I have reviewed nickm's branch and it looks good, but I have no OS X 10.11 or earlier to test it on.

(To test, we need to compile on macOS 10.12 with export MACOSX_DEPLOYMENT_TARGET=10.11, then try to run the binary on an earlier OS X version.)

comment:9 Changed 3 years ago by nickm

Resolution: fixed
Status: needs_reviewclosed

Merged to maint-0.2.8 and forward.

Note: See TracTickets for help on using tickets.