From 406a1686f5c19fe952125c2df23ea75fa0471bca Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Deniz=20T=C3=BCrkoglu?= Date: Sun, 16 Jun 2024 18:39:18 +1000 Subject: Improve and simplify macOS builds (#1276) * Add missing macOS requirement for 'make package' We need packages for the last build step on macOS, update docs to reflect the requirement. * Add build instructions using homebrew On macOS, we can use a package manager to easily install dependencies. This simplifies onboarding and building Veracrypt. * Add flag to use homebrew packages When building, we can use prebuilt wxwidgets from homebrew to simplify and speed up local building. We also put the package behind a flag as it's optional during development. * Skip signing for local builds When building with homebrew, skip signing. This can be put behind a flag to enable, if needed. * Use system yasm on macOS if available The binary in the repo is not universal (x86_64) and therefore building fails on arm architecture if Rosetta is not installed. Use local yasm if available. * Build local arch only in development When building via homebrew and locally, build only the local arch which skips ASM for arm(Mx) for MacOS. This removes the need to have rosetta installed for building. * Fix compilation issue when COMPILE_ASM is undefined Use a conditional check for COMPILE_ASM not being false instead of true. This avoids passing the variable to other parts of the build script. * Set SDK 12 as the minimum requirement and target Align the requirement to SDK 12 in both the makefile and script, and update the comment to remove confusion. I chose to leave this on 12 to be on the side of err and support as many building platforms as possible, when we can support. The local script now also sets the target using the local sdk version. This should improve the local development experience. * Fix wrong architecture for macOS in x86 builds We now build only the current arch for local development builds in macOS. This change also fixes the x86 builds failing. * Add instructions brew backed macOS local builds Flags to build a local build using homebrew packages are not default and require parameter -b to build. We also don't build packages directly, which requires -p. * Fix wxwidgets not linking in local x86 macOS development builds * Clarify build location in the document --- README.md | 21 +++++++++++++--- src/Build/build_veracrypt_macosx.sh | 35 ++++++++++++++++++++++++++- src/Main/Main.make | 2 ++ src/Makefile | 48 ++++++++++++++++++++++++++++--------- src/Volume/Volume.make | 6 ++++- 5 files changed, 96 insertions(+), 16 deletions(-) diff --git a/README.md b/README.md index 15779331..672226ca 100644 --- a/README.md +++ b/README.md @@ -151,9 +151,24 @@ of the SDK (i.e. 10.15), you can export the environment variable VC_OSX_TARGET: $ export VC_OSX_TARGET=10.15 +For development dependencies management, you can use [homebrew](https://brew.sh). -Before building under MacOSX, pkg-config must be installed if not yet available. -Get it from https://pkgconfig.freedesktop.org/releases/pkg-config-0.28.tar.gz and + $ brew install pkg-config yasm wxwidgets + +You also need system dependencies + + $ brew install --cask macfuse packages + +After installating dependencies via brew, you can build a local development build + + $ ./src/Build/build_veracrypt_macosx.sh -b + +If you want to build the package, you also need to pass `-p` to the build script above. The built +executable will be in `.src/Main` + +If you prefer to build from sources, or without homebrew, pkg-config and packages must be installed. + +Get pkg-config from https://pkgconfig.freedesktop.org/releases/pkg-config-0.28.tar.gz and compile using the following commands : $ ./configure --with-internal-glib @@ -178,7 +193,7 @@ Because of incompatibility issues with OSXFUSE, the SDK 10.9 generates a VeraCrypt binary that has issues communicating with the OSXFUSE kernel extension. Thus, we recommend using a different OSX SDK version for building VeraCrypt. - +To build the installation package, you will need [packages](http://s.sudre.free.fr/Software/Packages/about.html) III. FreeBSD ============================ diff --git a/src/Build/build_veracrypt_macosx.sh b/src/Build/build_veracrypt_macosx.sh index 12899620..74fe5d93 100755 --- a/src/Build/build_veracrypt_macosx.sh +++ b/src/Build/build_veracrypt_macosx.sh @@ -1,3 +1,5 @@ +#!/usr/bin/env bash + # # Copyright (c) 2013-2019 IDRIX # Governed by the Apache License 2.0 the full text of which is contained @@ -12,6 +14,37 @@ SOURCEPATH=$(cd "$(dirname "$SCRIPTPATH/../.")"; pwd) # directory where the VeraCrypt project has been checked out PARENTDIR=$(cd "$(dirname "$SCRIPTPATH/../../../.")"; pwd) +while getopts bpr flag +do + case "${flag}" in + b) brew=true;; + p) package=true;; + esac +done + +if [ -n "$brew" ]; then + export VC_OSX_SDK=$(xcrun --show-sdk-version) #use the latest version installed, this might fail + export VC_OSX_TARGET=${VC_OSX_SDK} + echo "Using MacOSX SDK $VC_OSX_SDK with target set to $VC_OSX_TARGET" + cd $SOURCEPATH + + echo "Building VeraCrypt with precompiled homebrew packages" + cellar=$(brew --cellar "wxwidgets") + version=$(brew list --versions "wxwidgets" | head -1 | awk '{print $2}') + export WX_BUILD_DIR="$cellar/$version/bin" + # skip signing and build only for local arch + export LOCAL_DEVELOPMENT_BUILD=true + # set the correct CPU arch for Makefile + export CPU_ARCH=$(uname -m) + export AS=$(which yasm) + export COMPILE_ASM=$( if [[ "$CPU_ARCH" != "arm64" ]]; then echo true; else echo false; fi ) + make clean && make + if [ -n "$package" ]; then + make package + fi + exit 0 +fi + # the sources of wxWidgets 3.1.2 must be extracted to the parent directory (for night mode) export WX_ROOT=$PARENTDIR/wxWidgets-3.2.2.1 echo "Using wxWidgets sources in $WX_ROOT" @@ -19,7 +52,7 @@ echo "Using wxWidgets sources in $WX_ROOT" # this will be the temporary wxWidgets directory export WX_BUILD_DIR=$PARENTDIR/wxBuild-3.2.2.1 -# define the SDK version to use and OSX minimum target. We target 10.9 by default +# define the SDK version to use and OSX minimum target. We target 12 by default export VC_OSX_TARGET=12 export VC_OSX_SDK=13 echo "Using MacOSX SDK $VC_OSX_SDK with target set to $VC_OSX_TARGET" diff --git a/src/Main/Main.make b/src/Main/Main.make index dd85f842..aa5e0972 100755 --- a/src/Main/Main.make +++ b/src/Main/Main.make @@ -210,7 +210,9 @@ else sed -e 's/_VERSION_/$(patsubst %a,%.1,$(patsubst %b,%.2,$(TC_VERSION)))/' ../Build/Resources/MacOSX/Info.plist.xml >$(APPNAME).app/Contents/Info.plist endif chmod -R go-w $(APPNAME).app +ifneq ($(LOCAL_DEVELOPMENT_BUILD),"true") codesign -s "Developer ID Application: IDRIX (Z933746L2S)" --timestamp $(APPNAME).app +endif install: prepare cp -R $(APPNAME).app /Applications/. diff --git a/src/Makefile b/src/Makefile index a2c6f834..81926eba 100644 --- a/src/Makefile +++ b/src/Makefile @@ -295,7 +295,7 @@ ifeq "$(shell uname -s)" "Darwin" PLATFORM := MacOSX APPNAME := VeraCrypt - export VC_OSX_TARGET ?= 10.7 + export VC_OSX_TARGET ?= 12 export VC_OSX_SDK ?= $(VC_OSX_TARGET) #check to see if XCode 3 path exists.Otherwise, use XCode 4 path @@ -323,11 +323,13 @@ ifeq "$(shell uname -s)" "Darwin" endif ifeq "$(CPU_ARCH)" "arm64" - CPU_ARCH = x86 + CPU_ARCH = arm64 endif - CFLAGS += -msse2 - CXXFLAGS += -msse2 + ifneq "$(CPU_ARCH)" "arm64" + CFLAGS += -msse2 + CXXFLAGS += -msse2 + endif ifeq "$(origin SSSE3)" "command line" CFLAGS += -mssse3 @@ -339,7 +341,7 @@ ifeq "$(shell uname -s)" "Darwin" CXXFLAGS += -mssse3 -msse4.1 endif - AS := $(BASE_DIR)/Build/Tools/MacOSX/yasm + AS ?= $(BASE_DIR)/Build/Tools/MacOSX/yasm export ASFLAGS32 := -D __GNUC__ -D __YASM__ -D __BITS__=32 --prefix=_ -f macho32 export ASFLAGS64 := -D __GNUC__ -D __YASM__ -D __BITS__=64 --prefix=_ -f macho64 @@ -350,8 +352,20 @@ ifeq "$(shell uname -s)" "Darwin" S := $(C_CXX_FLAGS) C_CXX_FLAGS = $(subst -MMD,,$(S)) - C_CXX_FLAGS += -gfull -arch x86_64 - LFLAGS += -Wl,-dead_strip -arch x86_64 + # only build local arch in development builds + ifeq "$(LOCAL_DEVELOPMENT_BUILD)" "true" + ifeq "$(CPU_ARCH)" "arm64" + C_CXX_FLAGS += -gfull -arch $(CPU_ARCH) + LFLAGS += -Wl,-dead_strip -arch $(CPU_ARCH) + else + C_CXX_FLAGS += -gfull -arch x86_64 + LFLAGS += -Wl,-dead_strip -arch x86_64 + endif + else + # leave previous logic as is + C_CXX_FLAGS += -gfull -arch x86_64 + LFLAGS += -Wl,-dead_strip -arch x86_64 + endif WX_CONFIGURE_FLAGS += --without-libpng --disable-gif --disable-pcx --disable-tga --disable-iff --disable-gif --disable-svg @@ -361,10 +375,22 @@ ifeq "$(shell uname -s)" "Darwin" LFLAGS += -arch i386 WX_CONFIGURE_FLAGS += --enable-universal_binary=i386,x86_64 else - CXXFLAGS += -std=c++11 - C_CXX_FLAGS += -arch arm64 - LFLAGS += -arch arm64 - WX_CONFIGURE_FLAGS += --enable-universal_binary=arm64,x86_64 + CXXFLAGS += -std=c++11 + ifeq "$(LOCAL_DEVELOPMENT_BUILD)" "true" + ifeq "$(CPU_ARCH)" "arm64" + C_CXX_FLAGS += -arch arm64 + LFLAGS += -arch arm64 + else + C_CXX_FLAGS += -arch x86_64 + LFLAGS += -arch x86_64 + endif + WX_CONFIGURE_FLAGS += --disable-universal_binary + else + # leave previous logic as is + C_CXX_FLAGS += -arch arm64 + LFLAGS += -arch arm64 + WX_CONFIGURE_FLAGS += --enable-universal_binary=arm64,x86_64 + endif endif WXCONFIG_CFLAGS += -gfull diff --git a/src/Volume/Volume.make b/src/Volume/Volume.make index b6d9e99e..c02bbdf1 100644 --- a/src/Volume/Volume.make +++ b/src/Volume/Volume.make @@ -37,6 +37,7 @@ endif ifeq "$(ENABLE_WOLFCRYPT)" "0" ifeq "$(PLATFORM)" "MacOSX" +ifneq "$(COMPILE_ASM)" "false" OBJSEX += ../Crypto/Aes_asm.oo OBJS += ../Crypto/Aes_hw_cpu.o OBJS += ../Crypto/Aescrypt.o @@ -76,6 +77,7 @@ else ifeq "$(CPU_ARCH)" "x64" else OBJS += ../Crypto/Aescrypt.o endif +endif ifeq "$(GCC_GTEQ_430)" "1" OBJSSSE41 += ../Crypto/blake2s_SSE41.osse41 @@ -129,6 +131,7 @@ VolumeLibrary: Volume.a ifeq "$(ENABLE_WOLFCRYPT)" "0" ifeq "$(PLATFORM)" "MacOSX" +ifneq "$(COMPILE_ASM)" "false" ../Crypto/Aes_asm.oo: ../Crypto/Aes_x86.asm ../Crypto/Aes_x64.asm @echo Assembling $(