Yosemite: SMJobBless code signing issue when updating privileged helpers
| Originator: | IngmarStein | ||
| Number: | rdar://20446733 | Date Originated: | |
| Status: | Closed | Resolved: | 07/14/2015 |
| Product: | OS X | Product Version: | 10.10.3 |
| Classification: | Reproducible: | always |
Summary: SMJobBless exits with status code 2 (kSMErrorInternalFailure) when it tries to replace an existing privileged helper with a (properly signed) new version. Console output: 07.04.15 10:51:11,000 kernel[0]: CODE SIGNING: cs_invalid_page(0x1061f4000): p=15793[smd] final status 0x3004a00, denying page sending SIGKILL 07.04.15 10:51:11,000 kernel[0]: CODE SIGNING: process 15793[smd]: rejecting invalid page at address 0x1061f4000 from offset 0x0 in file "/Library/PrivilegedHelperTools/com.example.apple-samplecode.EBAS.HelperTool" (cs_mtime:1428396106.0 != mtime:1428396199.0) (signed:1 validated:1 tainted:1 wpmapped:0 slid:0) 07.04.15 10:51:11,894 com.apple.xpc.launchd[1]: (com.apple.xpc.smd[15793]) Binary is improperly signed. smd crashlog: Process: smd [15793] Path: /usr/libexec/smd Identifier: smd Version: 2.0.0 (559.20.9) Code Type: X86-64 (Native) Parent Process: launchd [1] Responsible: smd [15793] User ID: 0 Date/Time: 2015-04-07 10:51:11.636 +0200 OS Version: Mac OS X 10.10.3 (14D130a) Report Version: 11 Anonymous UUID: 471B9EAF-50D8-64D0-0B35-A315979B200F Sleep/Wake UUID: 5C534C08-F298-4BCB-A7E5-39ED629C5704 Time Awake Since Boot: 15000 seconds Time Since Wake: 4600 seconds Crashed Thread: 2 Dispatch queue: com.apple.xpc.smd.bless-queue Exception Type: EXC_BAD_ACCESS (Code Signature Invalid) Exception Codes: 0x0000000000000032, 0x00000001061f4000 kernel messages: -0 sec CODE SIGNING: cs_invalid_page(0x1061f4000): p=15793[smd] final status 0x3004a00, denying page sending SIGKILL -0 sec CODE SIGNING: process 15793[smd]: rejecting invalid page at address 0x1061f4000 from offset 0x0 in file "/Library/PrivilegedHelperTools/com.example.apple-samplecode.EBAS.HelperTool" (cs_mtime:1428396106.0 != mtime:1428396199.0) (signed:1 validated:1 tainted:1 wpmapped:0 slid:0) -27 sec CODE SIGNING: cs_invalid_page(0x1117f9000): p=15738[smd] final status 0x3004a00, denying page sending SIGKILL -27 sec CODE SIGNING: process 15738[smd]: rejecting invalid page at address 0x1117f9000 from offset 0x0 in file "/Library/PrivilegedHelperTools/com.example.apple-samplecode.EBAS.HelperTool" (cs_mtime:1428396106.0 != mtime:1428396199.0) (signed:1 validated:1 tainted:1 wpmapped:0 slid:0) Steps to Reproduce: 1. Download EvenBetterAuthorizationSample example code (https://developer.apple.com/library/mac/samplecode/EvenBetterAuthorizationSample/Introduction/Intro.html#//apple_ref/doc/uid/DTS40013768-Intro-DontLinkElementID_2) 2. Adjust signing identity, if necessary 3. Run the non-sandboxed app, install privileged helper. 4. Increate helper version from 1.0 to 1.1 5. Run the app again, install helper -> succeeds 6. Run the app again, install helper -> error code 2 Expected Results: I expect SMJobBless to return successfully. Actual Results: SMJobBless returns error code 2. Version: 10.10.3 / 14D130a Notes: Configuration: Attachments:
Comments
Please note: Reports posted here will not necessarily be seen by Apple. All problems should be submitted at bugreport.apple.com before they are posted here. Please only post information for Radars that you have filed yourself, and please do not include Apple confidential information in your posts. Thank you!
Indeed it had been fixed in 10.11:
We believe this issue has been addressed in the latest pre-release seed of OS X El Capitan 10.11 update. Please verify this issue and update the bug report with your results.
OS X 10.11 beta 3 (Build: 15A216g) https://developer.apple.com/osx/download/
The status of this is Closed, and there is a Resolved date of 07/14/2015. Does this mean Apple fixed it, and if so, in which version of OS X?
FWIW, I don't see this problem happening on El Capitan (10.11.3), but do see it on Yosemite (10.10.5).
Thank you Ingmar!
Sometimes, it takes multiple tries (version bumps) to get smd into the state where it refuses SMJobBless calls. The only fix I've found so far is to delete the old helper from /Library/PrivilegedHelperTools.