Updating extensions for iOS 9

From iPhone Development Wiki
Revision as of 13:33, 21 October 2015 by Kirb (talk | contribs) (→‎Compiling ldid on El Capitan: brew install ldid <3)
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

Let's collect knowledge like we did with Updating extensions for iOS 8 and Updating extensions for iOS 7 - paste in your notes and share what you've learned, and somebody else will organize it later. :) If you want to ask questions and share tips over chat with other developers, see How to use IRC for how to connect to #theos and #iphonedev.

Hey developer, you can add your knowledge here! Yes, you! Make an account and edit this page!

It's also helpful to double-check the statements here and add more info! These are notes and drafts from early research - feel free to update them.

If you want to see what's been recently updated on this page, you can use the wiki's history feature to compare the revisions (to look at the diff) since the last time you visited this page.

Compiling ldid on El Capitan

Not quite iOS 9, but still something to be aware of: El Capitan does not include OpenSSL, which ldid requires to compile. In order to get OpenSSL and modify ldid's make script to use it, follow these steps.

  • Install Homebrew if you haven't already.
  • Install OpenSSL through Homebrew:
brew install openssl
  • Clone ldid as normal.
  • Download this modded make.sh and replace the old one with this one.
  • Make as normal:
./make.sh

Alternatively, kirb (hi, that's me) just got ldid added to the main Homebrew repo.

brew update
brew install ldid

This may be seen as more convenient for ensuring ldid is kept up to date in future.

What has changed in iOS 9? (Classes, frameworks, etc.)

Compilation changes

32 bit binaries loaded on 64 bit devices fail to do so since the 32 bit pagesize has been changed from 4096 bytes to 16384 bytes.

Tweaks targeted at 32 bit binaries on iOS 9 must now be compiled with

   -Wl,-segalign,4000

This LDFLAG can be used to compile for older iOS versions as it had to be a multiple of 1000 and this new alignment is compatible.

If using Theos, add it like so to your makefile:

   XXX_LDFLAGS += -Wl,-segalign,4000

If using Xcode, add a new entry to Other linker flags containing "-Wl,-segalign,4000" to the build settings of your project or target and make sure that the build option "Enable Bitcode" is disabled.

Source: saurik's tweet

One example of this are tweaks that modify Cydia, which is a 32 bit app.

Entitlements

Tweaks interacting with BackBoardServices now require an entitlement and will fail with the following error if it's not present on the binary:

xbs/Sources/BackBoardServices/SpringBoard-3296.10.2/megatrond/SystemAppService/BKSSystemApplicationClient.m:32
Oct 14 21:29:57 iPhone SpringBoard[1860] <Error>: *** Terminating app due to uncaught exception 'NSInternalInconsistencyException', reason: 'Client lacks entitlement com.apple.backboard.client’

Use ldid to sign your tweak with the following entitlement XML file:

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
	<key>com.apple.backboard.client</key>
	<true/>
</dict>
</plist>

Using ldid:

   ldid -Sentitlements.xml Tweak.dylib

Using theos, add this to your makefile:

   XXX_CODESIGN_FLAGS = -Sentitlements.xml

Which tools and other preexisting things are still working on iOS 9? Which ones don't work?

No fixes for the following at the time of this writing. Note that these work on 32-bit devices, such as an iPhone 5.

  • Cycript fails with the following error:
dyld: Library not loaded: /usr/lib/libapr-1.0.dylib
  Referenced from: /usr/bin/cycript
  Reason: no suitable image found.  Did find:
    /usr/lib/libapr-1.0.dylib: mmap() error 22 at address=0x0013F000, size=0x00001000 segment=__DATA in Segment::map() mapping /usr/lib/libapr-1.0.dylib
    /usr/lib/libapr-1.0.dylib: mmap() error 22 at address=0x00163000, size=0x00001000 segment=__DATA in Segment::map() mapping /usr/lib/libapr-1.0.dylib
Trace/BPT trap: 5
  • wget fails with the following error
dyld: Library not loaded: /usr/lib/libintl.8.dylib
  Referenced from: /usr/bin/wget
  Reason: no suitable image found.  Did find:
	/usr/lib/libintl.8.dylib: mmap() error 22 at address=0x00387000, size=0x00001000 segment=__DATA in Segment::map() mapping /usr/lib/libintl.8.dylib
	/usr/lib/libintl.8.dylib: mmap() error 22 at address=0x00393000, size=0x00001000 segment=__DATA in Segment::map() mapping /usr/lib/libintl.8.dylib
Trace/BPT trap: 5
  • python fails with the following error
dyld: Library not loaded: /usr/lib/libpython2.7.dylib
  Referenced from: /usr/bin/python
  Reason: no suitable image found.  Did find:
	/usr/lib/libpython2.7.dylib: mmap() error 22 at address=0x00242000, size=0x0002A000 segment=__DATA in Segment::map() mapping /usr/lib/libpython2.7.dylib
	/usr/lib/libpython2.7.dylib: mmap() error 22 at address=0x003D6000, size=0x0002A000 segment=__DATA in Segment::map() mapping /usr/lib/libpython2.7.dylib
Trace/BPT trap: 5
  • lighttpd fails with the following error
dyld: Library not loaded: /usr/lib/lighttpd/liblightcomp.dylib
  Referenced from: /usr/sbin/lighttpd
  Reason: no suitable image found.  Did find:
	/usr/lib/lighttpd/liblightcomp.dylib: mmap() error 22 at address=0x0012F000, size=0x00001000 segment=__DATA in Segment::map() mapping /usr/lib/lighttpd/liblightcomp.dylib
Trace/BPT trap: 5

Killed: 9

Pangu9 causes many command-line tools to not work, with the error "Killed: 9"

This can be solved by running "ldid -S `which <command>`"

Daemons

In iOS 9 the way daemons are loaded appears to have changed. Daemons prefixed with "com.apple" are loaded first with other daemons being loaded by launchd significantly later. This creates a bug for daemons that use XPC to communicate with SpringBoard. SpringBoard will be loaded before the daemon meaning a connection can never be established. Changing the daemon prefix to "com.apple" appears to make it load at the same time as SpringBoard allowing for the connection to succeed. More research is required into why other daemons are being loaded much later than in iOS 8.

Additionally, daemons are now outputting the error:

This daemon is not allowed to execute. Running anyway.

This may be related to daemons being loaded late and needs to be looked into.