Skip to content

Merge release/6.2 into main #684

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 4 commits into from
Jul 30, 2025
Merged

Merge release/6.2 into main #684

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
9b8690f
Fix hang in ServiceConsoleTests.serviceShutdown
jakepetroules Jul 15, 2025
3a6915e
Drop support for Focal in GitHub Actions CI
jakepetroules Jul 15, 2025
c6273fa
Fix incorrect error code propagation in CodeSignatureInfo.load
jakepetroules Jul 15, 2025
b233171
Add compiler build settings for Enhanced Security
devincoughlin Jul 25, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions .github/workflows/pull_request.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,9 +13,9 @@ jobs:
name: Test
uses: swiftlang/github-workflows/.github/workflows/swift_package_test.yml@main
with:
linux_os_versions: '["noble", "jammy", "focal", "rhel-ubi9"]'
linux_os_versions: '["noble", "jammy", "rhel-ubi9"]'
linux_pre_build_command: |
if command -v apt-get >/dev/null 2>&1 ; then # bookworm, noble, jammy, focal
if command -v apt-get >/dev/null 2>&1 ; then # bookworm, noble, jammy
apt-get update -y

# Build dependencies
Expand Down
27 changes: 27 additions & 0 deletions Sources/SWBCore/Specs/CoreBuildSystem.xcspec
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3535,6 +3535,33 @@ For more information on mergeable libraries, see [Configuring your project to us
Category = BuildOptions;
Description = "Enables building with code coverage instrumentation. This is only used when the build has code coverage enabled, which is typically done via the Xcode scheme or test plan settings.";
},
{ Name = ENABLE_ENHANCED_SECURITY;
Type = Boolean;
DefaultValue = NO;
Category = SecurityPolicy;
},
{ Name = ENABLE_POINTER_AUTHENTICATION;
Type = Boolean;
DefaultValue = "$(ENABLE_ENHANCED_SECURITY)";
Category = SecurityPolicy;
},
{ Name = ENABLE_SECURITY_COMPILER_WARNINGS;
Type = Boolean;
DefaultValue = "$(ENABLE_ENHANCED_SECURITY)";
Category = SecurityPolicy;
},
{
Name = "ENABLE_C_BOUNDS_SAFETY";
Type = Boolean;
DefaultValue = NO;
Category = Security;
},
{
Name = "ENABLE_CPLUSPLUS_BOUNDS_SAFE_BUFFERS";
Type = Boolean;
DefaultValue = NO;
Category = Security;
},
{ Name = ENABLE_TESTABILITY;
Type = Boolean;
DefaultValue = NO;
Expand Down
29 changes: 29 additions & 0 deletions Sources/SWBCore/Specs/en.lproj/CoreBuildSystem.strings
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -669,6 +669,35 @@ Typically this path is not set per target, but is provided as an option on the c
"[MODULE_STOP]-name" = "Module Stop Routine";
"[MODULE_STOP]-description" = "This defines the name of the kernel module stop routine. This is only used when building kernel extensions.";

// Security Settings

"[SecurityPolicy]-category" = "Security";

"[ENABLE_ENHANCED_SECURITY]-name" = "Enable Enhanced Security";
"[ENABLE_ENHANCED_SECURITY]-description" = "Enables a set of security build settings, including pointer authentication, typed allocator support, hardened C++ standard library, and security-related compiler warnings. These settings can be disabled individually.";
"[ENABLE_ENHANCED_SECURITY]-value-[YES]" = "Yes";
"[ENABLE_ENHANCED_SECURITY]-value-[NO]" = "No";

"[ENABLE_POINTER_AUTHENTICATION]-name" = "Enable Pointer Authentication";
"[ENABLE_POINTER_AUTHENTICATION]-description" = "Builds the target with pointer authentication enabled. Adds an additional architectural slice (arm64e) with pointer authentication instructions.";
"[ENABLE_POINTER_AUTHENTICATION]-value-[YES]" = "Yes";
"[ENABLE_POINTER_AUTHENTICATION]-value-[NO]" = "No";

"[ENABLE_SECURITY_COMPILER_WARNINGS]-name" = "Enable Security-Relevant Compiler Warnings";
"[ENABLE_SECURITY_COMPILER_WARNINGS]-description" = "Enables a set of security-relevant compiler warnings that check for common bounds-safety and lifetime-safety issues.";
"[ENABLE_SECURITY_COMPILER_WARNINGS]-value-[YES]" = "Yes";
"[ENABLE_SECURITY_COMPILER_WARNINGS]-value-[NO]" = "No";

"[ENABLE_C_BOUNDS_SAFETY]-name" = "Enable Language Extension for Bounds Safety in C";
"[ENABLE_C_BOUNDS_SAFETY]-description" = "Enables the -fbounds-safety language extension, which guarantees bounds safety for C";
"[ENABLE_C_BOUNDS_SAFETY]-value-[NO]" = "No";
"[ENABLE_C_BOUNDS_SAFETY]-value-[YES]" = "Yes";

"[ENABLE_CPLUSPLUS_BOUNDS_SAFE_BUFFERS]-name" = "Enforce Bounds-Safe Buffer Usage in C++";
"[ENABLE_CPLUSPLUS_BOUNDS_SAFE_BUFFERS]-description" = "Enables a strict programming model that guarantees bounds safety in C++ by rejecting raw pointer arithmetic (enabling the -Wunsafe-buffer-usage warning as an error) and requiring the use of hardened C++ Standard Library APIs for buffer manipulation.";
"[ENABLE_CPLUSPLUS_BOUNDS_SAFE_BUFFERS]-value-[NO]" = "No";
"[ENABLE_CPLUSPLUS_BOUNDS_SAFE_BUFFERS]-value-[YES]" = "Yes";

// Compiler Version

"[GCC_VERSION]-name" = "Compiler for C/C++/Objective-C";
Expand Down
164 changes: 154 additions & 10 deletions Sources/SWBUniversalPlatform/Specs/Clang.xcspec
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -536,7 +536,7 @@
FileTypes = (
"sourcecode.c.c",
);
DefaultValue = NO;
DefaultValue = "$(ENABLE_C_BOUNDS_SAFETY)";
CommandLineArgs = {
YES = ( "-fbounds-safety" );
NO = ();
Expand Down Expand Up @@ -640,14 +640,74 @@
Category = LanguageCXX;
},
{
Name = __LIBRARY_HARDENING_DEFAULT_VALUE_0;
Name = __ENHANCED_SECURITY_OR_BOUNDS_SAFE_BUFFERS_YES_YES;
Type = String;
DefaultValue = "YES";
},
{
Name = __ENHANCED_SECURITY_OR_BOUNDS_SAFE_BUFFERS_YES_NO;
Type = String;
DefaultValue = "YES";
},
{
Name = __ENHANCED_SECURITY_OR_BOUNDS_SAFE_BUFFERS_NO_YES;
Type = String;
DefaultValue = "YES";
},
{
Name = __ENHANCED_SECURITY_OR_BOUNDS_SAFE_BUFFERS_NO_NO;
Type = String;
DefaultValue = "NO";
},
{
Name = __ENHANCED_SECURITY_OR_BOUNDS_SAFE_BUFFERS;
Type = String;
DefaultValue = "$(__ENHANCED_SECURITY_OR_BOUNDS_SAFE_BUFFERS_$(ENABLE_ENHANCED_SECURITY)_$(ENABLE_CPLUSPLUS_BOUNDS_SAFE_BUFFERS))";
},
{
Name = __LIBRARY_HARDENING_DEFAULT_VALUE_OPT_LEVEL_0_ENHANCED_SECURITY_OR_BOUNDS_SAFE_BUFFERS_YES;
Type = String;
DefaultValue = "debug";
},
{
Name = __LIBRARY_HARDENING_DEFAULT_VALUE_OPT_LEVEL_0_ENHANCED_SECURITY_OR_BOUNDS_SAFE_BUFFERS_NO;
Type = String;
DefaultValue = "debug";
},
{
Name = __LIBRARY_HARDENING_DEFAULT_VALUE_OPT_LEVEL_1_ENHANCED_SECURITY_OR_BOUNDS_SAFE_BUFFERS_YES;
Type = String;
DefaultValue = "fast";
},
{
Name = __LIBRARY_HARDENING_DEFAULT_VALUE_OPT_LEVEL_2_ENHANCED_SECURITY_OR_BOUNDS_SAFE_BUFFERS_YES;
Type = String;
DefaultValue = "fast";
},
{
Name = __LIBRARY_HARDENING_DEFAULT_VALUE_OPT_LEVEL_3_ENHANCED_SECURITY_OR_BOUNDS_SAFE_BUFFERS_YES;
Type = String;
DefaultValue = "fast";
},
{
Name = __LIBRARY_HARDENING_DEFAULT_VALUE_OPT_LEVEL_s_ENHANCED_SECURITY_OR_BOUNDS_SAFE_BUFFERS_YES;
Type = String;
DefaultValue = "fast";
},
{
Name = __LIBRARY_HARDENING_DEFAULT_VALUE_OPT_LEVEL_fast_ENHANCED_SECURITY_OR_BOUNDS_SAFE_BUFFERS_YES;
Type = String;
DefaultValue = "fast";
},
{
Name = __LIBRARY_HARDENING_DEFAULT_VALUE_OPT_LEVEL_z_ENHANCED_SECURITY_OR_BOUNDS_SAFE_BUFFERS_YES;
Type = String;
DefaultValue = "fast";
},
{
Name = __LIBRARY_HARDENING_DEFAULT_VALUE;
Type = String;
DefaultValue = "$(__LIBRARY_HARDENING_DEFAULT_VALUE_$(GCC_OPTIMIZATION_LEVEL))";
DefaultValue = "$(__LIBRARY_HARDENING_DEFAULT_VALUE_OPT_LEVEL_$(GCC_OPTIMIZATION_LEVEL)_ENHANCED_SECURITY_OR_BOUNDS_SAFE_BUFFERS_$(__ENHANCED_SECURITY_OR_BOUNDS_SAFE_BUFFERS))";
},
{
Name = "CLANG_CXX_STANDARD_LIBRARY_HARDENING";
Expand Down Expand Up @@ -736,11 +796,26 @@
);
Category = LanguageCXX;
},
{
Name = "_UNSAFE_BUFFER_USAGE_DEFAULT_ENABLE_SAFE_BUFFERS_NO";
Type = String;
DefaultValue = "DEFAULT";
},
{
Name = "_UNSAFE_BUFFER_USAGE_DEFAULT_ENABLE_SAFE_BUFFERS_YES";
Type = String;
DefaultValue = "YES_ERROR";
},
{
Name = "_UNSAFE_BUFFER_USAGE_DEFAULT";
Type = String;
DefaultValue = "$(_UNSAFE_BUFFER_USAGE_DEFAULT_ENABLE_SAFE_BUFFERS_$(ENABLE_CPLUSPLUS_BOUNDS_SAFE_BUFFERS))";
},
{
Name = "CLANG_WARN_UNSAFE_BUFFER_USAGE";
Type = Enumeration;
Values = ( DEFAULT, YES, YES_ERROR, NO );
DefaultValue = DEFAULT;
DefaultValue = "$(_UNSAFE_BUFFER_USAGE_DEFAULT)";
CommandLineArgs = {
DEFAULT = ();
NO = ( "-Wno-unsafe-buffer-usage" );
Expand Down Expand Up @@ -801,7 +876,7 @@
{
Name = "GCC_OPTIMIZATION_LEVEL";
Type = Enumeration;
// NOTE: Updating these values requires updating LLVM_OPTIMIZATION_LEVEL_VAL_X.
// NOTE: Updating these values requires updating LLVM_OPTIMIZATION_LEVEL_VAL_X and CLANG_CXX_STANDARD_LIBRARY_HARDENING.
Values = (
0,
1,
Expand Down Expand Up @@ -945,6 +1020,22 @@
};
Category = WarningsPolicy;
},
{ Name = CLANG_ENABLE_SECURITY_COMPILER_WARNINGS;
Type = Boolean;
DefaultValue = "$(ENABLE_SECURITY_COMPILER_WARNINGS)";
CommandLineArgs = {
YES = ("-Wbuiltin-memcpy-chk-size",
"-Wformat-nonliteral",
"-Warray-bounds",
"-Warray-bounds-pointer-arithmetic",
"-Wsuspicious-memaccess",
"-Wsizeof-array-div",
"-Wsizeof-pointer-div",
"-Wreturn-stack-address");
NO = ();
};
// Hidden.
},
{
Name = "GCC_TREAT_IMPLICIT_FUNCTION_DECLARATIONS_AS_ERRORS";
Type = Boolean;
Expand Down Expand Up @@ -1381,7 +1472,7 @@
{
Name = "CLANG_WARN_EMPTY_BODY";
Type = Boolean;
DefaultValue = NO;
DefaultValue = "$(CLANG_ENABLE_SECURITY_COMPILER_WARNINGS)";
CommandLineArgs = {
YES = ( "-Wempty-body" );
NO = ( "-Wno-empty-body" );
Expand Down Expand Up @@ -1447,7 +1538,7 @@
{
Name = "GCC_WARN_SHADOW";
Type = Boolean;
DefaultValue = NO;
DefaultValue = "$(CLANG_ENABLE_SECURITY_COMPILER_WARNINGS)";
CommandLineArgs = {
YES = (
"-Wshadow",
Expand Down Expand Up @@ -1800,6 +1891,27 @@
};
Category = Warnings;
},
{
Name = "CLANG_ENABLE_STACK_ZERO_INIT";
Type = Boolean;
DefaultValue = "$(ENABLE_ENHANCED_SECURITY)";
Category = Security;
},
{
Name = "_CLANG_TRIVIAL_AUTO_VAR_INIT_DEFAULT_ENABLE_ZERO_INIT_YES";
Type = Boolean;
DefaultValue = "zero";
},
{
Name = "_CLANG_TRIVIAL_AUTO_VAR_INIT_DEFAULT_ENABLE_ZERO_INIT_NO";
Type = Boolean;
DefaultValue = "default";
},
{
Name = "_CLANG_TRIVIAL_AUTO_VAR_INIT_DEFAULT";
Type = String;
DefaultValue = "$(_CLANG_TRIVIAL_AUTO_VAR_INIT_DEFAULT_ENABLE_ZERO_INIT_$(CLANG_ENABLE_STACK_ZERO_INIT))";
},
{
Name = "CLANG_TRIVIAL_AUTO_VAR_INIT";
Type = Enumeration;
Expand All @@ -1809,7 +1921,7 @@
zero,
pattern,
);
DefaultValue = default;
DefaultValue = "$(_CLANG_TRIVIAL_AUTO_VAR_INIT_DEFAULT)";
CommandLineArgs = {
default = ( );
uninitialized = ( "-ftrivial-auto-var-init=uninitialized" );
Expand Down Expand Up @@ -2900,19 +3012,50 @@
Condition = "$(CLANG_UNDEFINED_BEHAVIOR_SANITIZER_TRAP_ON_SECURITY_ISSUES) && $(GCC_OPTIMIZATION_LEVEL) != 0";
},
{
Name = "CLANG_ENABLE_C_TYPED_ALLOCATOR_SUPPORT";
Name = "_CLANG_ENABLE_TYPED_ALLOCATOR_SUPPORT_DEFAULT_ENHANCED_SECURITY_YES";
Type = Enumeration;
Values = (
compiler-default,
YES,
NO,
);
DefaultValue = YES;
},
{
Name = "_CLANG_ENABLE_TYPED_ALLOCATOR_SUPPORT_DEFAULT_ENHANCED_SECURITY_NO";
Type = Enumeration;
Values = (
compiler-default,
YES,
NO,
);
DefaultValue = compiler-default;
},
{
Name = "_CLANG_ENABLE_TYPED_ALLOCATOR_SUPPORT_DEFAULT";
Type = Enumeration;
Values = (
compiler-default,
YES,
NO,
);
DefaultValue = "$(_CLANG_ENABLE_TYPED_ALLOCATOR_SUPPORT_DEFAULT_ENHANCED_SECURITY_$(ENABLE_ENHANCED_SECURITY))";
},
{
Name = "CLANG_ENABLE_C_TYPED_ALLOCATOR_SUPPORT";
Type = Enumeration;
Values = (
compiler-default,
YES,
NO,
);
DefaultValue = "$(_CLANG_ENABLE_TYPED_ALLOCATOR_SUPPORT_DEFAULT)";
CommandLineArgs = {
compiler-default = ();
YES = ("-ftyped-memory-operations");
NO = ("-fno-typed-memory-operations");
};
Category = Language;
},
{
Name = "CLANG_ENABLE_CPLUSPLUS_TYPED_ALLOCATOR_SUPPORT";
Expand All @@ -2922,7 +3065,7 @@
YES,
NO,
);
DefaultValue = compiler-default;
DefaultValue = "$(_CLANG_ENABLE_TYPED_ALLOCATOR_SUPPORT_DEFAULT)";
CommandLineArgs = {
compiler-default = ();
YES = ("-ftyped-cxx-new-delete", "-ftyped-cxx-delete");
Expand All @@ -2933,6 +3076,7 @@
YES = ("-ftyped-cxx-new-delete", "-ftyped-cxx-delete");
NO = ();
};
Category = LanguageCXX;
},
// Index-while-building options, not visible in build settings.
{
Expand Down
1 change: 0 additions & 1 deletion Sources/SWBUniversalPlatform/Specs/Ld.xcspec
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -736,7 +736,6 @@
);
};
},

{
Name = "__CREATE_INFOPLIST_SECTION_IN_BINARY";
Type = Boolean;
Expand Down
17 changes: 17 additions & 0 deletions Sources/SWBUniversalPlatform/Specs/en.lproj/Apple Clang.strings
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -695,6 +695,23 @@ The restrictions on `offsetof` may be relaxed in a future version of the C++ sta
"[CLANG_ENABLE_MODULES]-value-[YES]" = "Yes";
"[CLANG_ENABLE_MODULES]-value-[NO]" = "No";

"[CLANG_ENABLE_STACK_ZERO_INIT]-name" = "Enable Stack Zero Initialization";
"[CLANG_ENABLE_STACK_ZERO_INIT]-description" = "Automatically initializes stack variables to zero as a security protection.";
"[CLANG_ENABLE_STACK_ZERO_INIT]-value-[YES]" = "Yes";
"[CLANG_ENABLE_STACK_ZERO_INIT]-value-[NO]" = "No";

"[CLANG_ENABLE_C_TYPED_ALLOCATOR_SUPPORT]-name" = "Enable Typed Allocator in C";
"[CLANG_ENABLE_C_TYPED_ALLOCATOR_SUPPORT]-description" = "Enables compiler rewriting of allocation calls in C to provide type information to the allocator. Mitigates use-after-free security vulnerabilities.";
"[CLANG_ENABLE_C_TYPED_ALLOCATOR_SUPPORT]-value-[YES]" = "Yes";
"[CLANG_ENABLE_C_TYPED_ALLOCATOR_SUPPORT]-value-[NO]" = "No";
"[CLANG_ENABLE_C_TYPED_ALLOCATOR_SUPPORT]-value-[compiler-default]" = "Compiler Default";

"[CLANG_ENABLE_CPLUSPLUS_TYPED_ALLOCATOR_SUPPORT]-name" = "Enable Typed Allocator in C++";
"[CLANG_ENABLE_CPLUSPLUS_TYPED_ALLOCATOR_SUPPORT]-description" = "Enables compiler rewriting of allocation calls in C++ to provide type information to the allocator. Mitigates use-after-free security vulnerabilities.";
"[CLANG_ENABLE_CPLUSPLUS_TYPED_ALLOCATOR_SUPPORT]-value-[YES]" = "Yes";
"[CLANG_ENABLE_CPLUSPLUS_TYPED_ALLOCATOR_SUPPORT]-value-[NO]" = "No";
"[CLANG_ENABLE_CPLUSPLUS_TYPED_ALLOCATOR_SUPPORT]-value-[compiler-default]" = "Compiler Default";

"[CLANG_MODULES_AUTOLINK]-name" = "Link Frameworks Automatically";
"[CLANG_MODULES_AUTOLINK]-description" = "Automatically link SDK frameworks that are referenced using `#import` or `#include`. This feature requires also enabling support for modules. This build setting only applies to C-family languages.";
"[CLANG_MODULES_AUTOLINK]-value-[YES]" = "Yes (when modules are enabled)";
Expand Down
2 changes: 1 addition & 1 deletion Sources/SWBUtil/Signatures.swift
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -191,7 +191,7 @@ public struct CodeSignatureInfo: Codable, Sendable {

let result2 = SecCodeCopySigningInformation(code!, [SecCSFlags(rawValue: kSecCSSigningInformation)], &info)
if result2 != 0 {
throw MacError(result)
throw MacError(result2)
}

if !skipValidation {
Expand Down
Loading