Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[macOS] task_for_pid failing with 0x5 #1034

Open
adamsitnik opened this issue Jul 18, 2022 · 7 comments
Open

[macOS] task_for_pid failing with 0x5 #1034

adamsitnik opened this issue Jul 18, 2022 · 7 comments
Labels
question

Comments

@adamsitnik
Copy link
Member

I've ported BenchmarkDotNet from ClrMd v1 to v2 hoping that it's going to give us macOS support (dotnet/BenchmarkDotNet#1499).

When I try to attach to the process using DataTarget.AttachToProcess I am getting following error:

task_for_pid failed with status code 0x5

I googled a bit and it seems that I need to sign the app to be able to use this API and also run as root?

Is that true (the first article is from 2010)? Is there no easier way to get it working?

cc @leculver @nxtn @mfilippov
@adamsitnik adamsitnik mentioned this issue Jul 18, 2022
Open
@mfilippov
Copy link
Contributor

@adamsitnik You also need to have entitlement: com.apple.security.get-task-allow

@mfilippov
Copy link
Contributor

Usually dotnet had this entitlements:

codesign -d --entitlements - /usr/local/share/dotnet/dotnet 
Executable=/usr/local/share/dotnet/dotnet
[Dict]
	[Key] com.apple.security.cs.allow-dyld-environment-variables
	[Value]
		[Bool] true
	[Key] com.apple.security.cs.allow-jit
	[Value]
		[Bool] true
	[Key] com.apple.security.cs.debugger
	[Value]
		[Bool] true
	[Key] com.apple.security.cs.disable-library-validation
	[Value]
		[Bool] true
	[Key] com.apple.security.get-task-allow
	[Value]
		[Bool] true

@leculver
Copy link
Contributor

@mikem8361 Knows more about this than I do. Mike, do you know what permissions/entitlements/etc are needed to attach to a process with task_for_pid?

We are at the mercy of whatever Apple requires here. I should probably update the documentation with what we find here. I'm not an OS X expert though.

@mikem8361
Copy link
Member

As far as I know, as long as the host (/usr/local/share/dotnet/dotnet) that is running clrmd has the com.apple.security.cs.debugger entitlement and the target app's host (assuming dotnet) has the com.apple.security.get-task-allow then it should work without being supervisor. Try running the clrmd "side" (the code calling task_for_pid) under sudo.

@NinoFloris
Copy link

It would be really helpful if we can get macOS supported. @adamsitnik with some pointers I could work on it. It looks like at the moment it's even gated behind ShouldUseClrMdDisassembler not passing for macOS?

@adamsitnik
Copy link
Member Author

It looks like at the moment it's even gated behind ShouldUseClrMdDisassembler not passing for macOS?

That is correct, I wanted to display a nice error to the users.

@timcassell timcassell mentioned this issue Nov 23, 2024
Closed
@nsky99
Copy link

nsky99 commented Nov 25, 2024

I have also encountered the same problem. May I ask if your issue has been resolved? I tried to disable Apple's SIP protection and sudo could be called normally, but it cannot be called normally in SIP enabled mode. task_for_pid returned 5

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
question
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@mfilippov @NinoFloris @adamsitnik @leculver @mikem8361 @nsky99