Apple notarization break vm_protect

Questions and Answers about all things *OS (macOS, iOS, tvOS, watchOS)

Apple notarization break vm_protect

Postby adam81 » Tue Jun 04, 2019 7:27 am


For using Apple dyld API NSCreateObjectFileImageFromMemory that allows on-demand code section loader, I need to prepare memory with valid permissions (write and execute).

However, after sending my macho file to Apple notarization service, I get the following error:

Code: Select all
 kernel: CODE SIGNING: 568[myapp] vm_map_protect can't have both write and exec at the same time

Denote, that if the product is signed but not notarized, this error doesn't happening.

my code looks basically this way :

Code: Select all
start = getsectiondata(&_mh_execute_header, "__TEXT", "__mysection", &size);

if (vm_protect(mach_task_self(), (vm_address_t)start, (vm_size_t)size, 0, VM_PROT_WRITE) != KERN_SUCCESS)
    // bad

Any idea How can I overcome this issue (maybe it's optional to set permission to write only although it's in __TEXT area) ?

thanks !
Posts: 28
Joined: Mon Jan 25, 2016 9:26 am

Re: Apple notarization break vm_protect

Postby morpheus » Wed Jul 10, 2019 4:27 am

Is your app signed 20500? If so, did you entitle yourself with or the debugger entitlement?
Site Admin
Posts: 738
Joined: Thu Apr 11, 2013 6:24 pm

Return to Questions and Answers

Who is online

Users browsing this forum: No registered users and 2 guests