Skip to content

Update the installation documentation for the macOS ida #30

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
aquynh merged 68 commits into from
Oct 6, 2017
Merged

Update the installation documentation for the macOS ida #30

aquynh merged 68 commits into from
Oct 6, 2017

Conversation

@fjh658
Copy link
Contributor

@fjh658 fjh658 commented Oct 3, 2017

Update the installation documentation for the macOS ida

jianhua.fengjh and others added 30 commits August 1, 2017 21:45
fixed inf no attribute "mf", because ida pro beta 3 (170724) renamed …
9f4c7fd 
…inf.is_mf()/set_mf() -> is_be()/set_be()
@fjh658
fixed inf no attribute "mf", because ida pro beta 3 (170724) renamed …
024e984 
…inf.is_mf()/set_mf() -> is_be()/set_be()
@fjh658
fixed inf no attribute "mf", because ida pro beta 3 (170724) renamed …
6efffeb 
…inf.is_mf()/set_mf() -> is_be()/set_be()
@fjh658
fixed inf no attribute "mf", because ida pro beta 3 (170724) renamed …
1666ee7 
…inf.is_mf()/set_mf() -> is_be()/set_be()
fixed inf no attribute "mf", because ida pro7 beta 3 (170724) renamed…
a2efbec 
… inf.is_mf()/set_mf() -> is_be()/set_be()
@fjh658
fixed inf no attribute "mf", because ida pro7 beta 3 (170724) renamed…
7ec9087 
… inf.is_mf()/set_mf() -> is_be()/set_be()
@fjh658
fixed inf no attribute "mf", because ida pro7 beta 3 (170724) renamed…
cf967f4 
… inf.is_mf()/set_mf() -> is_be()/set_be()
@fjh658
fixed inf no attribute "mf", because ida pro7 beta 3 (170724) renamed…
7f074a8 
… inf.is_mf()/set_mf() -> is_be()/set_be()
Merge branch 'master' of https://github.com/fjh658/keypatch
e2b3cf9
@fjh658
Merge branch 'master' of https://github.com/fjh658/keypatch
292c3bb
@fjh658
Merge branch 'master' of https://github.com/fjh658/keypatch
4893f18
@fjh658
Merge branch 'master' of https://github.com/fjh658/keypatch
2c95168
Add ida pro version check, about be(big endian)
5f4d382
@fjh658
Add ida pro version check, about be(big endian)
72f70f9
@fjh658
Add ida pro version check, about be(big endian)
0802608
@fjh658
Add ida pro version check, about be(big endian)
055f7df
Since ida pro7 beta 3 (170724) renamed inf.mf -> is_be()/set_be(), Co…
53e0eba 
…mpatible with ida pro 6, 7(beta);

for everyone is happy
@fjh658
Since ida pro7 beta 3 (170724) renamed inf.mf -> is_be()/set_be(), Co…
bf837f7 
…mpatible with ida pro 6, 7(beta);

for everyone is happy
@fjh658
Since ida pro7 beta 3 (170724) renamed inf.mf -> is_be()/set_be(), Co…
e9085b8 
…mpatible with ida pro 6, 7(beta);

for everyone is happy
@fjh658
Since ida pro7 beta 3 (170724) renamed inf.mf -> is_be()/set_be(), Co…
81b7e08 
…mpatible with ida pro 6, 7(beta);

for everyone is happy
@fjh658 @aquynh
Fixed inf has no attribute "mf" (keystone-engine#25)
b4c04f2 
* fixed inf no attribute "mf",   because ida pro beta 3 (170724)   renamed inf.is_mf()/set_mf() -> is_be()/set_be()

* fixed inf no attribute "mf",   because ida pro7 beta 3 (170724)   renamed inf.is_mf()/set_mf() -> is_be()/set_be()

* Add ida pro version check, about be(big endian)

* Since ida pro7 beta 3 (170724) renamed inf.mf -> is_be()/set_be(),  Compatible with ida pro 6, 7(beta);
for everyone is happy
@Rupan @aquynh
Minor bug fixes and code cleanup (keystone-engine#26)
d4a14f0
Merge remote-tracking branch 'upstream/master'
94408f4
Merge remote-tracking branch 'upstream/master'
5c1c387
@fjh658
Merge remote-tracking branch 'upstream/master'
0887f36
@fjh658
Merge remote-tracking branch 'upstream/master'
4d68a39
@fjh658
Merge remote-tracking branch 'upstream/master'
741df42
@fjh658
Merge remote-tracking branch 'upstream/master'
406a1ea
@fjh658
Merge remote-tracking branch 'upstream/master'
0733a65
@fjh658
Merge remote-tracking branch 'upstream/master'
ccc6a00
fjh658 and others added 18 commits September 6, 2017 13:24
@fjh658
Merge branch 'master' of https://github.com/fjh658/keypatch
1d85be2
@fjh658
Merge branch 'master' of https://github.com/fjh658/keypatch
54377cb
@fjh658
Merge branch 'master' of https://github.com/fjh658/keypatch
fd98b02
@fjh658
Merge branch 'master' of https://github.com/fjh658/keypatch
a68d5e4
@fjh658
Merge branch 'master' of https://github.com/fjh658/keypatch
6a37685
@fjh658
Merge branch 'master' of https://github.com/fjh658/keypatch
7f955eb
@fjh658
Merge branch 'master' of https://github.com/fjh658/keypatch
54635fa
@fjh658
Merge branch 'master' of https://github.com/fjh658/keypatch
f5a8b7c
@fjh658
Merge branch 'master' of https://github.com/fjh658/keypatch
424e612
@fjh658
Merge branch 'master' of https://github.com/fjh658/keypatch
52e384e
@fjh658
Merge branch 'master' of https://github.com/fjh658/keypatch
00340bb
@fjh658
Merge branch 'master' of https://github.com/fjh658/keypatch
928303e
@fjh658
Merge branch 'master' of https://github.com/fjh658/keypatch
d48c3c6
Merge branch 'master' of https://github.com/fjh658/keypatch
d29756a
@fjh658
Merge branch 'master' of https://github.com/fjh658/keypatch
bb5d3fc
@fjh658
Merge branch 'master' of https://github.com/fjh658/keypatch
2a291df
@fjh658
Update the installation documentation for the macOS ida
8c2a899
@fjh658
Merge branch 'master' of https://github.com/keystone-engine/keypatch
6e8d65a
@SilverBut SilverBut mentioned this pull request Oct 4, 2017
Merged
@aquynh
Copy link
Member

aquynh commented Oct 5, 2017

cool, but this update docs for Mac is just for IDA7 (64bit), right?

@fjh658
Copy link
Contributor Author

fjh658 commented Oct 5, 2017

@aquynh
IDA 7 also has x86, x64. I have been testing on both versions.
In fact, macOS version does not need to discuss the situation(x86, x64).
I will explain in detail the reasons.

@aquynh
Copy link
Member

aquynh commented Oct 5, 2017

because Mac IDA is universal binary?

i merged #31, so there is a bit conflict now. could you please fix that when you update with more info?

@fjh658
Copy link
Contributor Author

fjh658 commented Oct 5, 2017
edited
Loading

The macOS python is universal binary.

  1. First, if you install several python version on macOS, IDA will use only this
/System/Library/Frameworks/Python.framework/Versions/2.7/bin/python
  1. Python is universal binary on macOS
/System/Library/Frameworks/Python.framework/Versions/2.7/bin/python
/System/Library/Frameworks/Python.framework/Versions/2.7/bin/python: Mach-O universal binary with 2 architectures: [x86_64: Mach-O 64-bit executable x86_64] [i386: Mach-O executable i386]
/System/Library/Frameworks/Python.framework/Versions/2.7/bin/python (for architecture x86_64):	Mach-O 64-bit executable x86_64
/System/Library/Frameworks/Python.framework/Versions/2.7/bin/python (for architecture i386):	Mach-O executable i386
  • In fact, pkg too.
https://www.python.org/ftp/python/2.7.14/python-2.7.14-macosx10.6.pkg
  1. IDA loads the key process of python
    • IDA 7.0 x86(similar 6.8,6.9,6.95)
      • python.pmc or python.pmc64 and lib-dynload/ida_32/ are i386 
            file python.pmc
    python.pmc: Mach-O dynamically linked shared library i386

    file /Applications/IDA_Pro_7.0_x86/idaq.app/Contents/MacOS/./python/lib/python2.7/lib-dynload/ida_32/_ida_allins.so
    /Applications/IDA_Pro_7.0_x86/idaq.app/Contents/MacOS/./python/lib/python2.7/lib-dynload/ida_32/_ida_allins.so: Mach-O dynamically linked shared library i386

    [  0] 0x00000000 ./idaq
   	[  1] 0x0042e000 /usr/lib/dyld
   	[  2] 0x9391b000 /System/Library/Frameworks/Carbon.framework/Versions/A/Carbon
   	[234] 0x09fc7000 /Applications/IDA_Pro_7.0_x86/idaq.app/Contents/MacOS/./plugins/python.pmc
   	[235] 0x0c800000 /System/Library/Frameworks/Python.framework/Versions/2.7/Python
   	[236] 0x059fa000 /System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/lib-dynload/_locale.so
	[237] 0x05ce6000 /System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/lib-dynload/time.so
	[238] 0x0c9f9000 /Applications/IDA_Pro_7.0_x86/idaq.app/Contents/MacOS/./python/lib/python2.7/lib-dynload/ida_32/_ida_idaapi.so
	[239] 0x05cee000 /System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/lib-dynload/_struct.so
	[240] 0x05cf8000 /System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/lib-dynload/_bisect.so
	[241] 0x0ca9c000 /Applications/IDA_Pro_7.0_x86/idaq.app/Contents/MacOS/./python/lib/python2.7/lib-dynload/ida_32/_ida_kernwin.so
	[242] 0x0cb96000 /Applications/IDA_Pro_7.0_x86/idaq.app/Contents/MacOS/./python/lib/python2.7/lib-dynload/ida_32/_ida_pro.so
	[243] 0x09ce2000 /System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/lib-dynload/_ctypes.so
	[245] 0x0ccad000 /Applications/IDA_Pro_7.0_x86/idaq.app/Contents/MacOS/./python/lib/python2.7/lib-dynload/ida_32/_ida_diskio.so
	[251] 0x09cfa000 /System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/lib-dynload/_functools.so
	[252] 0x0cdd3000 /Applications/IDA_Pro_7.0_x86/idaq.app/Contents/MacOS/./python/lib/python2.7/lib-dynload/ida_32/_ida_allins.so
	...
	[320] 0x00000001177cc000 /usr/local/lib/python2.7/site-packages/keystone/libkeystone.dylib
    • IDA 7.0 x64
      • python.dylib or python64.dylib and lib-dynload/ida_32/ are x64 
         	file /Applications/IDA_Pro_7.0/ida.app/Contents/MacOS/./plugins/python.dylib
 	/Applications/IDA_Pro_7.0/ida.app/Contents/MacOS/./plugins/python.dylib: Mach-O 64-bit dynamically linked shared library x86_64

 	file /Applications/IDA_Pro_7.0/ida.app/Contents/MacOS/./python/lib/python2.7/lib-dynload/ida_32/_ida_allins.so
 	/Applications/IDA_Pro_7.0/ida.app/Contents/MacOS/./python/lib/python2.7/lib-dynload/ida_32/_ida_allins.so: Mach-O 64-bit dynamically linked shared library x86_64

 	[  0] 0x0000000000000000 ./ida
 	[  1] 0x0000000100446000 /usr/lib/dyld
 	[236] 0x000000010e263000 /Applications/IDA_Pro_7.0/ida.app/Contents/MacOS/./plugins/python.dylib
 	...
 	[323] 0x00000001177cc000 /usr/local/lib/python2.7/site-packages/keystone/libkeystone.dylib
  2. Compiled libkeystone.dylib is universal binary
file /usr/local/lib/python2.7/site-packages/keystone/libkeystone.dylib
/usr/local/lib/python2.7/site-packages/keystone/libkeystone.dylib: Mach-O universal binary with 2 architectures: [i386: Mach-O dynamically linked shared library i386] [x86_64]
/usr/local/lib/python2.7/site-packages/keystone/libkeystone.dylib (for architecture i386):	Mach-O dynamically linked shared library i386
/usr/local/lib/python2.7/site-packages/keystone/libkeystone.dylib (for architecture x86_64):	Mach-O 64-bit dynamically linked shared library x86_64

@fjh658
Merge branch 'master' of https://github.com/keystone-engine/keypatch
23ef0bc 
Merged macOS keypatch docs

# Conflicts:
#	README.md
@fjh658
Copy link
Contributor Author

fjh658 commented Oct 5, 2017

@aquynh I have resolved the conflict.

aquynh
aquynh reviewed Oct 5, 2017
View reviewed changes
README.md Outdated
### Appendix. Install Keystone for IDA Pro

We all know that before IDA 7.0, IDA Pro's Python is 32-bit itself, so it can only loads 32-bit libraries. For this reason, we have to build & install Keystone 32-bit. However, IDA 7.0 is now a native 64-bit application, which means we also need to install a correct version of Keystone. This section details the steps towards that goal.
We all know that <= IDA 7.0 (eg: 6.8, 6.9, 6.95, 7.0_x86), IDA Pro's Python is 32-bit itself, so it can only loads 32-bit libraries. For this reason, we have to build & install Keystone 32-bit. However, IDA 7.0 is now a native 64-bit application, which means we also need to install a correct version of Keystone. This section details the steps towards that goal.
Copy link
Member

@aquynh aquynh Oct 5, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

why did you change "before" to "<=", which indicates also v7.0 (due to =) here?

Copy link
Contributor Author

@fjh658 fjh658 Oct 5, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

IDA7.0 contains (32bit, 64bit). @aquynh

Copy link
Member

@aquynh aquynh Oct 5, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yes, but that is confused. how about keeping that "before" part, but change the later part "IDA 7.0 is now a native 64-bit application ..." to "since IDA 7.0 supports both 32-bit & 64-bit ..." ?

Copy link
Contributor Author

@fjh658 fjh658 Oct 5, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@aquynh modified

@fjh658
Copy link
Contributor Author

fjh658 commented Oct 5, 2017

@aquynh modified, please review.

@aquynh aquynh merged commit de711c5 into keystone-engine:master Oct 6, 2017
@aquynh
Copy link
Member

aquynh commented Oct 6, 2017

merged, thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@aquynh aquynh aquynh left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@fjh658 @aquynh @Rupan