Greg Clayton | ba9d60d | 2012-11-05 18:23:25 +0000 | [diff] [blame] | 1 | On MacOSX lldb needs to be code signed. The Debug, DebugClang and Release |
| 2 | builds are set to code sign using a code signing certificate named |
Greg Clayton | 61509d1 | 2013-03-29 17:53:55 +0000 | [diff] [blame] | 3 | "lldb_codesign". |
Chris Lattner | 24943d2 | 2010-06-08 16:52:24 +0000 | [diff] [blame] | 4 | |
Greg Clayton | ba9d60d | 2012-11-05 18:23:25 +0000 | [diff] [blame] | 5 | If you have re-installed a new OS, please delete all old lldb_codesign items |
| 6 | from your keychain. There will be 3: a code signing certification and a public |
| 7 | and private key. Reboot after deleting them. You will also need to delete and |
| 8 | build folders that contained old signed items. The darwin kernel will cache |
| 9 | code sigining using the executable's file system node, so you will need to |
| 10 | delete the file so the kernel clears its cache. |
| 11 | |
Chris Lattner | 24943d2 | 2010-06-08 16:52:24 +0000 | [diff] [blame] | 12 | If you don't have one yet you will need to: |
| 13 | - Launch /Applications/Utilities/Keychain Access.app |
| 14 | |
| 15 | - In Keychain Access select the "login" keychain in the "Keychains" |
| 16 | list in the upper left hand corner of the window. |
| 17 | |
| 18 | - Select the following menu item: |
| 19 | |
| 20 | Keychain Access->Certificate Assistant->Create a Certificate... |
| 21 | |
| 22 | - Set the following settings |
| 23 | |
| 24 | Name = lldb_codesign |
| 25 | Identity Type = Self Signed Root |
| 26 | Certificate Type = Code Signing |
| 27 | |
Johnny Chen | 79f1106 | 2011-07-20 19:29:08 +0000 | [diff] [blame] | 28 | - Click Create |
Chris Lattner | 24943d2 | 2010-06-08 16:52:24 +0000 | [diff] [blame] | 29 | - Click Continue |
| 30 | - Click Done |
| 31 | - Click on the "My Certificates" |
| 32 | - Double click on your new lldb_codesign certificate |
Greg Clayton | 61509d1 | 2013-03-29 17:53:55 +0000 | [diff] [blame] | 33 | - Turn down the "Trust" disclosure triangle, scroll to the "Code Signing" trust |
| 34 | pulldown menu and select "Always Trust" and authenticate as needed using your |
| 35 | username and password. |
| 36 | - Drag the new "lldb_codesign" code signing certificate (not the public or private |
| 37 | keys of the same name) from the "login" keychain to the "System" keychain in the |
| 38 | Keychains pane on the left hand side of the main Keychain Access window. This will |
| 39 | move this certificate to the "System" keychain. You'll have to authorize a few |
| 40 | more times, set it to be "Always trusted" when asked. |
| 41 | - Remove "~/Desktop/lldb_codesign.cer" file on your desktop if there is one. |
| 42 | - In the Keychain Access GUI, click and drag "lldb_codesign" in the "System" keychain |
| 43 | onto the desktop. The drag will create a "~/Desktop/lldb_codesign.cer" file used in |
| 44 | the next step. |
Chris Lattner | 24943d2 | 2010-06-08 16:52:24 +0000 | [diff] [blame] | 45 | - Switch to Terminal, and run the following: |
| 46 | |
| 47 | sudo security add-trust -d -r trustRoot -p basic -p codeSign -k /Library/Keychains/System.keychain ~/Desktop/lldb_codesign.cer |
Filipe Cabecinhas | 2c5ccde | 2012-11-05 18:41:33 +0000 | [diff] [blame] | 48 | rm -f ~/Desktop/lldb_codesign.cer |
Chris Lattner | 24943d2 | 2010-06-08 16:52:24 +0000 | [diff] [blame] | 49 | |
Greg Clayton | 61509d1 | 2013-03-29 17:53:55 +0000 | [diff] [blame] | 50 | - Drag the "lldb_codesign" certificate from the "System" keychain back into the |
| 51 | "login" keychain |
| 52 | - Quit Keychain Access |
Greg Clayton | 26923fe | 2010-12-14 23:19:04 +0000 | [diff] [blame] | 53 | - Reboot |
Daniel Malea | 7a87d52 | 2013-02-12 20:01:49 +0000 | [diff] [blame] | 54 | - Clean by removing all previously creating code signed binaries and rebuild |
Greg Clayton | ba9d60d | 2012-11-05 18:23:25 +0000 | [diff] [blame] | 55 | lldb and you should be able to debug. |
Greg Clayton | 26923fe | 2010-12-14 23:19:04 +0000 | [diff] [blame] | 56 | |
Greg Clayton | 61509d1 | 2013-03-29 17:53:55 +0000 | [diff] [blame] | 57 | When you build your LLDB for the first time, the Xcode GUI will prompt you for permission |
| 58 | to use the "lldb_codesign" keychain. Be sure to click "Always Allow" on your first |
| 59 | build. From here on out, the "lldb_codesign" will be trusted and you can build from the |
| 60 | command line without having to authorize. Also the first time you debug using a LLDB that |
| 61 | was built with this code signing certificate, you will need to authenticate once. |