Shared memory & App Sandbox

I thought I’d just post this here; in the hopes that I can save others wasted time.

https://developer.apple.com/library/archive/documentation/Security/Conceptual/AppSandboxDesignGuide/AppSandboxInDepth/AppSandboxInDepth.html#//apple_ref/doc/uid/TP40011183-CH3-SW24

“shmget”, “shmat”, “shdt” & “shctl” use System V semaphores underneath, and therefore BLOCKED by the App Sandbox

The docs say that shared memory is possible, they provide a warning about “System V semaphores”, but don’t make it clear which functions I should or shouldn’t use for shared memory. I searched for some shared memory tutorials, and found some. None mentioned “System V”, so I followed a couple (and they really basic) and in doing so, I figured out some things (that are logical) but not documented in the tutorials and successfully created shared memory between two Xojo applications. I then wrapped these in a way so that my apps could communicate with one another.

I re-read that documentation and searched for some tutorials on the entitlements, with examples. Tried a whole bunch of variations, but nothing worked. It’s not a case that it simply didn’t work, the application would freeze and was very hard to kill from the GUI. Had to kill it via the terminal.

Then I checked the console… Turns out “shmget”, “shmat”, “shdt” & “shctl” use System V semaphores underneath, and therefore are BLOCKED by the App Sandbox. If only Apple’s documentation could have explained which functions are compatible, it would have saved me a couple of days. Therefore I’m documenting this here, in the hopes that it will save others from wasting their time.

Which functions are compatible? I don’t know just yet, I have another set to try, but until I’ve tried them I can’t say.

Thanks for trying and telling us.

I should also add that during development, I was reading the Man pages and header files, no where does it state that these functions use the scary “System V semaphores”.

If I’m totally honest, I half expected it to be blocked by the Sandbox (I’m pretty certain that shared memory goes against the idea of security), but I am still really disappointed & frustrated.

For posterity sake. The functions that are/were compatible with the App Sandbox are as follows.

Private Function shm_open lib system (name as cString, flags as int32, permissions as int32) as integer Private Function ftruncate lib system (fd as int32, len as Uinteger) as integer Private Function mmap lib system (addr as ptr, len as UInteger, protections as int8, flags as int8, fd as int8, offset as integer) as ptr Private Function munmap lib system (buffer as ptr, len as Uinteger) as integer Private Function shm_unlink lib system (name as cString) as integer

do the XPC versions of these work ?
https://developer.apple.com/documentation/xpc/1505369-xpc_shmem_map?language=objc
etc ?
that seems to be their purpose

[quote=480887:@Norman Palardy]do the XPC versions of these work ?
https://developer.apple.com/documentation/xpc/1505369-xpc_shmem_map?language=objc
etc ?
that seems to be their purpose[/quote]
I’ve not tried them, and I’ll be honest, I’m a little nervous when it has XPC in the name, as that suggests to me that it’s designed to work with a XPC process, which I’ve never attempted to do with Xojo.

But looking at the function names, they appear to be XPC friendly versions of the API I listed.