From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: by yocto-www.yoctoproject.org (Postfix, from userid 118) id E928AE006EA; Sat, 14 Jan 2017 11:49:55 -0800 (PST) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on yocto-www.yoctoproject.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=5.0 tests=BAYES_00,HTML_MESSAGE, RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 X-Spam-HAM-Report: * -5.0 RCVD_IN_DNSWL_HI RBL: Sender listed at http://www.dnswl.org/, high * trust * [134.134.136.65 listed in list.dnswl.org] * -1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1% * [score: 0.0000] * 0.0 HTML_MESSAGE BODY: HTML included in message Received: from mga03.intel.com (mga03.intel.com [134.134.136.65]) by yocto-www.yoctoproject.org (Postfix) with ESMTP id 16EDFE004E5 for ; Sat, 14 Jan 2017 11:49:54 -0800 (PST) Received: from orsmga005.jf.intel.com ([10.7.209.41]) by orsmga103.jf.intel.com with ESMTP; 14 Jan 2017 11:49:54 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.33,229,1477983600"; d="scan'208,217";a="53058968" Received: from oamoraso-mobl.amr.corp.intel.com ([10.254.1.5]) by orsmga005.jf.intel.com with ESMTP; 14 Jan 2017 11:49:53 -0800 From: Tim Orling Message-Id: <6694C76C-B48D-48A1-AEFB-A3B458279EC6@linux.intel.com> Mime-Version: 1.0 (Mac OS X Mail 10.2 \(3259\)) Date: Sat, 14 Jan 2017 11:49:55 -0800 In-Reply-To: <656A5471-015B-4BE2-BEDA-7B9C98423EB8@sentientblue.com> To: Roger Smith References: <990F24BD-1C6F-4985-8E33-0C8E5B59E84A@linux.intel.com> <448FE605-0D5E-4057-BF49-9EFFBC5CB8DD@sentientblue.com> <23A9A636-C738-4FF6-962F-DCDC107A7AA8@bmw-carit.de> <656A5471-015B-4BE2-BEDA-7B9C98423EB8@sentientblue.com> X-Mailer: Apple Mail (2.3259) Cc: "yocto@yoctoproject.org" Subject: Re: Building on MacOS X X-BeenThere: yocto@yoctoproject.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: Discussion of all things Yocto Project List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 14 Jan 2017 19:49:56 -0000 Content-Type: multipart/alternative; boundary="Apple-Mail=_81776E31-6926-4FF8-851C-B9BC80B26162" --Apple-Mail=_81776E31-6926-4FF8-851C-B9BC80B26162 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=utf-8 > On Jan 14, 2017, at 11:45 AM, Roger Smith = wrote: >=20 >>=20 >> On Jan 13, 2017, at 12:50 AM, Clemens Lang = wrote: >>=20 >> Hi, >>=20 >>=20 >>> On 12 Jan 2017, at 23:59, Mark Hatle = wrote: >>>=20 >>> As far as I know pseudo and the security introduced in 10.11 that = affect >>> preloading is likely the biggest technical problem... everything = else is just >>> "it's not Linux=E2=80=9D. >>=20 >> With System Integrity Protection disabled, pseudo should still work = as it did before, if that=E2=80=99s an acceptable step for you. >>=20 >> If it isn=E2=80=99t, Apple=E2=80=99s new limitations can also be = worked around in pseudo by hooking the exec(2) and posix_spawn(2) = syscalls, checking if the binary to be executed is under system = integrity protection, making a copy without the SIP-bit if it is and = transparently running that copy instead. That code would need to be = written, though (Let me know if you want to do that, I have the code for = a different project.). It=E2=80=99s probably only a matter of time until = Apple prevents that from working, too, though, e.g. by making some = standard system tools signed binaries that no longer load preloaded = libraries. >>=20 >>=20 >=20 >=20 > This topic could have been clarified better, since there are multiple = ways to =E2=80=9Cbuild=E2=80=9D Yocto Project in MacOS X, >=20 > Is Building Yocto project on a POSIX system, a desire for the Yocto = project? It would allow support on all bsd UNIX=E2=80=99s including = macOS >=20 Many of us use Mac laptops for development, so I think the answer is = yes. As Mark mentioned, it has been an issue of time and resources. We = would welcome patches :) >=20 > There are many teams inside Apple that use Linux systems for one = reason or another. They would appreciate building open source tools out = the door without some other additional overhead..=20 >=20 > Replacing a platforms POSIX version of tools with gnu versions = because your build environment didn=E2=80=99t like it, seems like a step = backwards for these types of initiatives.=20 >=20 > Curious to know about long term support for POSIX systems.=20 >=20 > Apple spent alot of time and effor years ago to vertify OS X as POSIX = compliant. >=20 > Roger >=20 > --=20 > _______________________________________________ > yocto mailing list > yocto@yoctoproject.org > https://lists.yoctoproject.org/listinfo/yocto = --Apple-Mail=_81776E31-6926-4FF8-851C-B9BC80B26162 Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=utf-8
On Jan 14, 2017, at 11:45 AM, Roger Smith <roger@sentientblue.com> wrote:


On Jan 13, 2017, at 12:50 AM, = Clemens Lang <Clemens.Lang@bmw-carit.de> wrote:

Hi,


On 12 Jan 2017, at 23:59, Mark Hatle <mark.hatle@windriver.com> wrote:

As far as I know pseudo and the security introduced in 10.11 = that affect
preloading is likely the biggest technical = problem... everything else is just
"it's not Linux=E2=80=9D.=

With System Integrity = Protection disabled, pseudo should still work as it did before, if = that=E2=80=99s an acceptable step for you.

If= it isn=E2=80=99t, Apple=E2=80=99s new limitations can also be worked = around in pseudo by hooking the exec(2) and posix_spawn(2) syscalls, = checking if the binary to be executed is under system integrity = protection, making a copy without the SIP-bit if it is and transparently = running that copy instead. That code would need to be written, though = (Let me know if you want to do that, I have the code for a different = project.). It=E2=80=99s probably only a matter of time until Apple = prevents that from working, too, though, e.g. by making some standard = system tools signed binaries that no longer load preloaded libraries.




This topic could have been clarified = better, since there are multiple ways to =E2=80=9Cbuild=E2=80=9D Yocto = Project in  MacOS X,

Is Building Yocto project on a POSIX system, a = desire for the Yocto project? It would allow support on all bsd UNIX=E2=80= =99s including macOS


Many of us use = Mac laptops for development, so I think the answer is yes. As Mark = mentioned, it has been an issue of time and resources. We would welcome = patches :)


There are many teams inside Apple that = use Linux systems for one reason or another. They would appreciate =  building open source tools out the door without some other = additional overhead.. 

Replacing a platforms POSIX version of = tools with gnu versions  because your build environment didn=E2=80=99= t like it, seems like a step backwards for these types of = initiatives. 

Curious to know about long term support = for POSIX systems. 

Apple spent alot of time and effor years = ago to vertify OS X as POSIX compliant.

Roger

-- 
_______________________________________________
yocto mailing = list
yocto@yoctoproject.org
https://lists.yoctoproject.org/listinfo/yocto

= --Apple-Mail=_81776E31-6926-4FF8-851C-B9BC80B26162--