Privacy Manifest file for iOS about libevent HOT 5 CLOSED

The Privacy Manifest is to explain reasons why the lib is using any of the API listed here:
https://developer.apple.com/documentation/bundleresources/privacy_manifest_files/describing_use_of_required_reason_api?language=objc
By providing a file in a format like this one:
https://github.com/ZipArchive/ZipArchive/blob/main/SSZipArchive/Supporting%20Files/PrivacyInfo.xcprivacy

From the documentation list, the libevent library uses:

• stat, fstat: which needs a declaration of one of the reasons: DDA9.1, C617.1, 3B52.1, 0A2A.1
• mach_absolute_time: which needs a declaration of one of the reasons: 35F9.1, 8FFB.1, 3D61.1

For the first case, fstat is used exclusively to access the st_size in the following places:

• evbuffer_file_segment_new which is for "Copy data from a file into the evbuffer for writing to a socket." -- This is likely covered by reason 0A2A.1 since the file path is provided by the iOS app, not by the libevent SDK.
• evutil_read_file_ used by evdns_base_resolv_conf_parse (to read the "/etc/resolv.conf" file) and evdns_base_load_hosts (to read the "/etc/hosts" file) -- There are no supporting reasons for this in the Apple document ; in other words, it seems it's not really permitted to access the size of those two files on iOS?

For the second case, mach_absolute_time is used in the following places:

#if defined(HAVE_MACH_MONOTONIC)
evutil_configure_monotonic_time_
evutil_gettime_monotonic_
#endif

Well, on iOS, libevent cmake configures itself with HAVE_POSIX_MONOTONIC instead of HAVE_MACH_MONOTONIC, so it's unused.

Conclusion,

1. Make sure you build with the correct flags to avoid mach_absolute_time.
2. We could write a Privacy Manifest for iOS for using fstat (reason 0A2A.1), but the goal of Apple is to avoid accessing file timestamps for tracking/fingerprinting and we don't read st_atimespec/st_mtimespec/st_ctimespec (we only read st_size). The annoying part is that Apple only offers APIs for accessing fileSize on "file paths", not on "file descriptors", so there are no good alternatives than fstat. [edit] Actually, from https://forums.developer.apple.com/forums/thread/734750, it lists lseek(SEEK_END) as an alternative.

from libevent.

Looks like you know how to do this. Maybe you can submit a PR? Thanks in advance!

from libevent.

Hey @azat I don't have any experience unfortunately, I'm trying to understand how this all works / what is even needed for my company. I'm also unfamiliar with all the usages of API's in this library :(

from libevent.

@azat can you explain what the purpose of this is please?

#if defined(HAVE_MACH_MONOTONIC)
/* ======
   Apple is a little late to the POSIX party.  And why not?  Instead of
   clock_gettime(), they provide mach_absolute_time().  Its units are not
   fixed; we need to use mach_timebase_info() to get the right functions to
   convert its units into nanoseconds.

   To all appearances, mach_absolute_time() seems to be honest-to-goodness
   monotonic.  Whether it stops during sleep or not is unspecified in
   principle, and dependent on CPU architecture in practice.
 */

int
evutil_configure_monotonic_time_(struct evutil_monotonic_timer *base,
    int flags)
{
	const int fallback = flags & EV_MONOT_FALLBACK;
	struct mach_timebase_info mi;
	memset(base, 0, sizeof(*base));
	/* OSX has mach_absolute_time() */
	if (!fallback &&
	    mach_timebase_info(&mi) == 0 &&
	    mach_absolute_time() != 0) {
		/* mach_timebase_info tells us how to convert
		 * mach_absolute_time() into nanoseconds, but we
		 * want to use microseconds instead. */
		mi.denom *= 1000;
		memcpy(&base->mach_timebase_units, &mi, sizeof(mi));
	} else {
		base->mach_timebase_units.numer = 0;
	}
	return 0;
}

int
evutil_gettime_monotonic_(struct evutil_monotonic_timer *base,
    struct timeval *tp)
{
	ev_uint64_t abstime, usec;
	if (base->mach_timebase_units.numer == 0) {
		if (evutil_gettimeofday(tp, NULL) < 0)
			return -1;
		adjust_monotonic_time(base, tp);
		return 0;
	}

	abstime = mach_absolute_time();
	usec = (abstime * base->mach_timebase_units.numer)
	    / (base->mach_timebase_units.denom);
	tp->tv_sec = usec / 1000000;
	tp->tv_usec = usec % 1000000;

	return 0;
}
#endif

from libevent.

At the time of writing there was no clock_gettime on MacOS, but since 10.12 it seems that there is. Can you send a PR with supporting for clock_gettime in MacOS? (detection in autoconf/cmake + ifdef for it here, in this place)

from libevent.