Yosemite: SMJobBless code signing issue when updating privileged helpers

Originator:IngmarStein
Number:rdar://20446733 Date Originated:
Status:Closed Resolved:07/14/2015
Product:OS X Product Version:10.10.3
Classification: Reproducible:always
 
Summary:
SMJobBless exits with status code 2 (kSMErrorInternalFailure) when it tries to replace an existing privileged helper with a (properly signed) new version.

Console output:
07.04.15 10:51:11,000 kernel[0]: CODE SIGNING: cs_invalid_page(0x1061f4000): p=15793[smd] final status 0x3004a00, denying page sending SIGKILL
07.04.15 10:51:11,000 kernel[0]: CODE SIGNING: process 15793[smd]: rejecting invalid page at address 0x1061f4000 from offset 0x0 in file "/Library/PrivilegedHelperTools/com.example.apple-samplecode.EBAS.HelperTool" (cs_mtime:1428396106.0 != mtime:1428396199.0) (signed:1 validated:1 tainted:1 wpmapped:0 slid:0)
07.04.15 10:51:11,894 com.apple.xpc.launchd[1]: (com.apple.xpc.smd[15793]) Binary is improperly signed.

smd crashlog:
Process:               smd [15793]
Path:                  /usr/libexec/smd
Identifier:            smd
Version:               2.0.0 (559.20.9)
Code Type:             X86-64 (Native)
Parent Process:        launchd [1]
Responsible:           smd [15793]
User ID:               0

Date/Time:             2015-04-07 10:51:11.636 +0200
OS Version:            Mac OS X 10.10.3 (14D130a)
Report Version:        11
Anonymous UUID:        471B9EAF-50D8-64D0-0B35-A315979B200F

Sleep/Wake UUID:       5C534C08-F298-4BCB-A7E5-39ED629C5704

Time Awake Since Boot: 15000 seconds
Time Since Wake:       4600 seconds

Crashed Thread:        2  Dispatch queue: com.apple.xpc.smd.bless-queue

Exception Type:        EXC_BAD_ACCESS (Code Signature Invalid)
Exception Codes:       0x0000000000000032, 0x00000001061f4000

kernel messages:
-0 sec           	CODE SIGNING: cs_invalid_page(0x1061f4000): p=15793[smd] final status 0x3004a00, denying page sending SIGKILL
-0 sec           	CODE SIGNING: process 15793[smd]: rejecting invalid page at address 0x1061f4000 from offset 0x0 in file "/Library/PrivilegedHelperTools/com.example.apple-samplecode.EBAS.HelperTool" (cs_mtime:1428396106.0 != mtime:1428396199.0) (signed:1 validated:1 tainted:1 wpmapped:0 slid:0)
-27 sec          	CODE SIGNING: cs_invalid_page(0x1117f9000): p=15738[smd] final status 0x3004a00, denying page sending SIGKILL
-27 sec          	CODE SIGNING: process 15738[smd]: rejecting invalid page at address 0x1117f9000 from offset 0x0 in file "/Library/PrivilegedHelperTools/com.example.apple-samplecode.EBAS.HelperTool" (cs_mtime:1428396106.0 != mtime:1428396199.0) (signed:1 validated:1 tainted:1 wpmapped:0 slid:0)

Steps to Reproduce:
1. Download EvenBetterAuthorizationSample example code (https://developer.apple.com/library/mac/samplecode/EvenBetterAuthorizationSample/Introduction/Intro.html#//apple_ref/doc/uid/DTS40013768-Intro-DontLinkElementID_2)
2. Adjust signing identity, if necessary
3. Run the non-sandboxed app, install privileged helper.
4. Increate helper version from 1.0 to 1.1
5. Run the app again, install helper -> succeeds
6. Run the app again, install helper -> error code 2

Expected Results:
I expect SMJobBless to return successfully.

Actual Results:
SMJobBless returns error code 2.

Version:
10.10.3 / 14D130a

Notes:


Configuration:


Attachments:

Comments

Indeed it had been fixed in 10.11:

We believe this issue has been addressed in the latest pre-release seed of OS X El Capitan 10.11 update. Please verify this issue and update the bug report with your results.

OS X 10.11 beta 3 (Build: 15A216g) https://developer.apple.com/osx/download/

By IngmarStein at May 2, 2016, 8:13 a.m. (reply...)

The status of this is Closed, and there is a Resolved date of 07/14/2015. Does this mean Apple fixed it, and if so, in which version of OS X?

FWIW, I don't see this problem happening on El Capitan (10.11.3), but do see it on Yosemite (10.10.5).

By kristopherdjohnson at April 8, 2016, 1:51 p.m. (reply...)

Thank you Ingmar!

By cam at May 5, 2015, 4:05 a.m. (reply...)

Sometimes, it takes multiple tries (version bumps) to get smd into the state where it refuses SMJobBless calls. The only fix I've found so far is to delete the old helper from /Library/PrivilegedHelperTools.

By IngmarStein at April 27, 2015, 10:29 a.m. (reply...)

Please note: Reports posted here will not necessarily be seen by Apple. All problems should be submitted at bugreport.apple.com before they are posted here. Please only post information for Radars that you have filed yourself, and please do not include Apple confidential information in your posts. Thank you!