Add an entitlement to debugserver

On macOS 10.14, debugserver needs to have an entitlement do be
allowed to debug processes. Adding this to both the Xcode and
cmake build system. This shouldn't have any impact on previous
OSs.

llvm-svn: 334772

diff --git a/lldb/lldb.xcodeproj/project.pbxproj b/lldb/lldb.xcodeproj/project.pbxproj
index 0d7d079..4ff550f 100644 (file)
--- a/lldb/lldb.xcodeproj/project.pbxproj
+++ b/lldb/lldb.xcodeproj/project.pbxproj
@@ -7335,7 +7335,7 @@
                        );
                        runOnlyForDeploymentPostprocessing = 0;
                        shellPath = /bin/sh;
-                       shellScript = "if [ \"${CONFIGURATION}\" != BuildAndIntegration ]\nthen\n    if [ \"${DEBUGSERVER_USE_FROM_SYSTEM}\" == \"\" ]\n    then\n        if [ \"${DEBUGSERVER_DISABLE_CODESIGN}\" == \"\" ]\n        then\n            codesign -f -s lldb_codesign \"${TARGET_BUILD_DIR}/${TARGET_NAME}\"\n        fi\n    fi\nfi\n";
+                       shellScript = "if [ \"${CONFIGURATION}\" != BuildAndIntegration ]\nthen\n    if [ \"${DEBUGSERVER_USE_FROM_SYSTEM}\" == \"\" ]\n    then\n        if [ \"${DEBUGSERVER_DISABLE_CODESIGN}\" == \"\" ]\n        then\n            codesign -f -s lldb_codesign --entitlements ${SRCROOT}/resources/debugserver-macosx-entitlements.plist \"${TARGET_BUILD_DIR}/${TARGET_NAME}\"\n        fi\n    fi\nfi\n";
                };
                940B04E21A89871F0045D5F7 /* ShellScript */ = {
                        isa = PBXShellScriptBuildPhase;

diff --git a/lldb/resources/debugserver-macosx-entitlements.plist b/lldb/resources/debugserver-macosx-entitlements.plist
new file mode 100644 (file)
index 0000000..3d60e8b
--- /dev/null
+++ b/lldb/resources/debugserver-macosx-entitlements.plist
@@ -0,0 +1,8 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<dict>
+    <key>com.apple.security.cs.debugger</key>
+    <true/>
+</dict>
+</plist>

diff --git a/lldb/tools/debugserver/debugserver.xcodeproj/project.pbxproj b/lldb/tools/debugserver/debugserver.xcodeproj/project.pbxproj
index 55e2eb9..810aa84 100644 (file)
--- a/lldb/tools/debugserver/debugserver.xcodeproj/project.pbxproj
+++ b/lldb/tools/debugserver/debugserver.xcodeproj/project.pbxproj
@@ -570,7 +570,7 @@
                        );
                        runOnlyForDeploymentPostprocessing = 0;
                        shellPath = "/bin/sh -x";
-                       shellScript = "if [ \"${CONFIGURATION}\" != BuildAndIntegration ]\nthen\n    if [ -n \"${DEBUGSERVER_USE_FROM_SYSTEM}\" ]\n    then\n\t\tditto \"${DEVELOPER_DIR}/../SharedFrameworks/LLDB.framework/Resources/debugserver\" \"${TARGET_BUILD_DIR}/${TARGET_NAME}\"\n    elif [ \"${DEBUGSERVER_DISABLE_CODESIGN}\" == \"\" ]\n    then\n        codesign -f -s lldb_codesign \"${TARGET_BUILD_DIR}/${TARGET_NAME}\"\n    fi\nfi\n";
+                       shellScript = "if [ \"${CONFIGURATION}\" != BuildAndIntegration ]\nthen\n    if [ -n \"${DEBUGSERVER_USE_FROM_SYSTEM}\" ]\n    then\n\t\tditto \"${DEVELOPER_DIR}/../SharedFrameworks/LLDB.framework/Resources/debugserver\" \"${TARGET_BUILD_DIR}/${TARGET_NAME}\"\n    elif [ \"${DEBUGSERVER_DISABLE_CODESIGN}\" == \"\" ]\n    then\n        codesign -f -s lldb_codesign --entitlements ${SRCROOT}/../../resources/debugserver-macosx-entitlements.plist \"${TARGET_BUILD_DIR}/${TARGET_NAME}\"\n    fi\nfi\n";
                };
 /* End PBXShellScriptBuildPhase section */
 

diff --git a/lldb/tools/debugserver/source/CMakeLists.txt b/lldb/tools/debugserver/source/CMakeLists.txt
index dd5895a..b763c7c 100644 (file)
--- a/lldb/tools/debugserver/source/CMakeLists.txt
+++ b/lldb/tools/debugserver/source/CMakeLists.txt
@@ -209,12 +209,11 @@ endif()
 set(entitlements_xml ${CMAKE_CURRENT_SOURCE_DIR}/debugserver-macosx-entitlements.plist)
 if(IOS)
   set(entitlements_xml ${CMAKE_CURRENT_SOURCE_DIR}/debugserver-entitlements.plist)
+else()
+  set(entitlements_xml ${CMAKE_CURRENT_SOURCE_DIR}/../../../resources/debugserver-macosx-entitlements.plist)
 endif()
 
 set(LLDB_USE_ENTITLEMENTS_Default On)
-if("${LLDB_CODESIGN_IDENTITY}" STREQUAL "lldb_codesign")
-  set(LLDB_USE_ENTITLEMENTS_Default Off)
-endif()
 option(LLDB_USE_ENTITLEMENTS "Use entitlements when codesigning (Defaults Off when using lldb_codesign identity, otherwise On)" ${LLDB_USE_ENTITLEMENTS_Default})
 
 if (SKIP_DEBUGSERVER)