From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gdb-patches-return-148548-listarch-gdb-patches=sources.redhat.com@sourceware.org>
Received: (qmail 32501 invoked by alias); 28 Jun 2018 16:37:59 -0000
Mailing-List: contact gdb-patches-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <gdb-patches.sourceware.org>
List-Subscribe: <mailto:gdb-patches-subscribe@sourceware.org>
List-Archive: <http://sourceware.org/ml/gdb-patches/>
List-Post: <mailto:gdb-patches@sourceware.org>
List-Help: <mailto:gdb-patches-help@sourceware.org>, <http://sourceware.org/ml/#faqs>
Sender: gdb-patches-owner@sourceware.org
Received: (qmail 32491 invoked by uid 89); 28 Jun 2018 16:37:58 -0000
Authentication-Results: sourceware.org; auth=none
X-Spam-SWARE-Status: No, score=-26.9 required=5.0 tests=BAYES_00,GIT_PATCH_0,GIT_PATCH_1,GIT_PATCH_2,GIT_PATCH_3,RCVD_IN_DNSWL_NONE,SPF_HELO_PASS,TIME_LIMIT_EXCEEDED autolearn=unavailable version=3.3.2 spammy=signing, cert
X-HELO: gateway36.websitewelcome.com
Received: from gateway36.websitewelcome.com (HELO gateway36.websitewelcome.com) (192.185.187.5) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Thu, 28 Jun 2018 16:37:48 +0000
Received: from cm17.websitewelcome.com (cm17.websitewelcome.com [100.42.49.20])	by gateway36.websitewelcome.com (Postfix) with ESMTP id 16A3140ABE794	for <gdb-patches@sourceware.org>; Thu, 28 Jun 2018 10:38:13 -0500 (CDT)
Received: from box5379.bluehost.com ([162.241.216.53])	by cmsmtp with SMTP	id YZvXfCGgxPvAdYZvXfL8Md; Thu, 28 Jun 2018 11:37:47 -0500
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=tromey.com;	 s=default; h=Message-Id:Date:Subject:Cc:To:From:Sender:Reply-To:MIME-Version	:Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description:	Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:	In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:	List-Post:List-Owner:List-Archive;	bh=paAvn9inTAsi0qAoNOgCVLwlGa0OY13n3lV+H2cmJ8c=; b=OXJ/Q5CeLY4N8UHXEQ/kT362Lw	bZ1t5RFTHravVSdG8pXD4GCsThGh9Vxdj+LD7MJSaduzWXq+rmxd5IlTpeAuW+59o3PxfzcLFy09K	ZUhwrS+BYPb/MhEKzt+Y+17AK;
Received: from 75-166-79-120.hlrn.qwest.net ([75.166.79.120]:57610 helo=pokyo.Home)	by box5379.bluehost.com with esmtpsa (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256)	(Exim 4.91)	(envelope-from <tom@tromey.com>)	id 1fYZvX-003VPd-2o; Thu, 28 Jun 2018 11:37:47 -0500
From: Tom Tromey <tom@tromey.com>
To: gdb-patches@sourceware.org
Cc: Tom Tromey <tom@tromey.com>
Subject: [RFA] Add --enable-codesign to gdb's configure
Date: Thu, 28 Jun 2018 16:37:00 -0000
Message-Id: <20180628163745.12716-1-tom@tromey.com>
X-SW-Source: 2018-06/txt/msg00691.txt.bz2

macOS requires that the gdb executable be signed in order to be able
to successfully use ptrace.  This must be done after each link.

This patch adds a new --enable-codesign configure option so that this
step can be automated.

gdb/ChangeLog
2018-06-28  Tom Tromey  <tom@tromey.com>

	* NEWS: Mention --enable-codesign.
	* silent-rules.mk (ECHO_SIGN): New variable.
	* configure.ac: Add --enable-codesign.
	* configure: Rebuild.
	* Makefile.in (CODESIGN, CODESIGN_CERT): New variables.
	(gdb$(EXEEXT)): Optionally invoke codesign.
---
 gdb/ChangeLog       |  9 +++++++++
 gdb/Makefile.in     |  7 +++++++
 gdb/NEWS            |  7 +++++++
 gdb/configure       | 11 +++++++++++
 gdb/configure.ac    |  7 +++++++
 gdb/silent-rules.mk |  1 +
 6 files changed, 42 insertions(+)

diff --git a/gdb/ChangeLog b/gdb/ChangeLog
index a125b72e420..08271641370 100644
--- a/gdb/ChangeLog
+++ b/gdb/ChangeLog
@@ -1,3 +1,12 @@
+2018-06-28  Tom Tromey  <tom@tromey.com>
+
+	* NEWS: Mention --enable-codesign.
+	* silent-rules.mk (ECHO_SIGN): New variable.
+	* configure.ac: Add --enable-codesign.
+	* configure: Rebuild.
+	* Makefile.in (CODESIGN, CODESIGN_CERT): New variables.
+	(gdb$(EXEEXT)): Optionally invoke codesign.
+
 2018-06-27  Tom Tromey  <tom@tromey.com>
 
 	* machoread.c (macho_symfile_read): Define "symbol_table" earlier.
diff --git a/gdb/Makefile.in b/gdb/Makefile.in
index 5934cd6a23e..13627e07e0a 100644
--- a/gdb/Makefile.in
+++ b/gdb/Makefile.in
@@ -222,6 +222,10 @@ LIBICONV = @LIBICONV@
 # Did the user give us a --with-gdb-datadir option?
 GDB_DATADIR = @GDB_DATADIR@
 
+# Code signing.
+CODESIGN = codesign
+CODESIGN_CERT = @CODESIGN_CERT@
+
 # Flags to pass to gdb when invoked with "make run".
 GDBFLAGS =
 
@@ -1916,6 +1920,9 @@ gdb$(EXEEXT): gdb.o $(LIBGDB_OBS) $(ADD_DEPS) $(CDEPS) $(TDEPLIBS)
 	$(ECHO_CXXLD) $(CC_LD) $(INTERNAL_LDFLAGS) $(WIN32LDAPP) \
 		-o gdb$(EXEEXT) gdb.o $(LIBGDB_OBS) \
 		$(TDEPLIBS) $(TUI_LIBRARY) $(CLIBS) $(LOADLIBES)
+ifneq ($(CODESIGN_CERT),)
+	$(ECHO_SIGN) $(CODESIGN) -s $(CODESIGN_CERT) gdb$(EXEEXT)
+endif
 
 # Convenience rule to handle recursion.
 $(LIBGNU) $(GNULIB_H): all-lib
diff --git a/gdb/NEWS b/gdb/NEWS
index 13da2f1d4e9..d72b2961530 100644
--- a/gdb/NEWS
+++ b/gdb/NEWS
@@ -84,6 +84,13 @@ SH-5/SH64 running OpenBSD 	SH-5/SH64 support in sh*-*-openbsd*
   the tradeoff that there is a possibility of false hits being
   reported.
 
+* New configure options
+
+--enable-codesign=CERT
+  This can be used to invoke "codesign -s CERT" after building gdb.
+  This option is useful on macOS, where code signing is required for
+  gdb to work properly.
+
 *** Changes in GDB 8.1
 
 * GDB now supports dynamically creating arbitrary register groups specified
diff --git a/gdb/configure b/gdb/configure
index d3a3bbe44c9..28756ed9826 100755
--- a/gdb/configure
+++ b/gdb/configure
@@ -745,6 +745,7 @@ AWK
 REPORT_BUGS_TEXI
 REPORT_BUGS_TO
 PKGVERSION
+CODESIGN_CERT
 HAVE_NATIVE_GCORE_TARGET
 TARGET_OBS
 subdirs
@@ -861,6 +862,7 @@ enable_gdbtk
 with_libunwind_ia64
 with_curses
 enable_profiling
+enable_codesign
 with_pkgversion
 with_bugurl
 with_system_zlib
@@ -1550,6 +1552,7 @@ Optional Features:
   --enable-tui            enable full-screen terminal user interface (TUI)
   --enable-gdbtk          enable gdbtk graphical user interface (GUI)
   --enable-profiling      enable profiling of GDB
+  --enable-codesign=CERT  sign gdb with 'codesign -s CERT'
   --disable-rpath         do not hardcode runtime library paths
   --enable-libmcheck      Try linking with -lmcheck if available
   --enable-werror         treat compile warnings as errors
@@ -7050,6 +7053,14 @@ $as_echo "$ac_cv_cc_supports_pg" >&6; }
   CFLAGS="$OLD_CFLAGS"
 fi
 
+CODESIGN_CERT=
+# Check whether --enable-codesign was given.
+if test "${enable_codesign+set}" = set; then :
+  enableval=$enable_codesign; CODESIGN_CERT=$enableval
+fi
+
+
+
 
 
 # Check whether --with-pkgversion was given.
diff --git a/gdb/configure.ac b/gdb/configure.ac
index 44b6c62d709..4c20ea5178d 100644
--- a/gdb/configure.ac
+++ b/gdb/configure.ac
@@ -471,6 +471,13 @@ if test "$enable_profiling" = yes ; then
   CFLAGS="$OLD_CFLAGS"
 fi
 
+CODESIGN_CERT=
+AC_ARG_ENABLE([codesign],
+  AS_HELP_STRING([--enable-codesign=CERT],
+                 [sign gdb with 'codesign -s CERT']),
+  [CODESIGN_CERT=$enableval])
+AC_SUBST([CODESIGN_CERT])
+
 ACX_PKGVERSION([GDB])
 ACX_BUGURL([http://www.gnu.org/software/gdb/bugs/])
 AC_DEFINE_UNQUOTED([PKGVERSION], ["$PKGVERSION"], [Additional package description])
diff --git a/gdb/silent-rules.mk b/gdb/silent-rules.mk
index 803dbda546a..ade77ad1c51 100644
--- a/gdb/silent-rules.mk
+++ b/gdb/silent-rules.mk
@@ -10,5 +10,6 @@ ECHO_GEN_XML_BUILTIN = \
 ECHO_GEN_XML_BUILTIN_GENERATED = \
               @echo "  GEN    xml-builtin-generated.c";
 ECHO_INIT_C =  echo "  GEN    init.c" ||
+ECHO_SIGN =   @echo "  SIGN   gdb";
 SILENCE = @
 endif
-- 
2.17.1