Bug 152579 - Build LibreOffice for macOS on Apple Silicon with pointer authentication codes (PACs): arm64e, rather than without PAC (arm64)
Summary: Build LibreOffice for macOS on Apple Silicon with pointer authentication code...
Status: NEW
Alias: None
Product: LibreOffice
Classification: Unclassified
Component: LibreOffice (show other bugs)
Version:
(earliest affected)
7.5.0.0 beta1+
Hardware: ARM macOS (All)
: medium enhancement
Assignee: Not Assigned
URL:
Whiteboard:
Keywords:
Depends on:
Blocks: 144200
  Show dependency treegraph
 
Reported: 2022-12-18 17:11 UTC by Sierk Bornemann
Modified: 2025-06-10 13:30 UTC (History)
2 users (show)

See Also:
Crash report or crash signature:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Sierk Bornemann 2022-12-18 17:11:32 UTC 
Description:
Please compile/build LibreOffice for macOS as arm64e binary rather than arm64 binary.

See:

Apple Developer: Preparing your app to work with pointer authentication
Test your app against the arm64e architecture to ensure that it works seamlessly with enhanced security features.
https://developer.apple.com/documentation/security/preparing_your_app_to_work_with_pointer_authentication

Arm: Armv8-A architecture: 2016 additions: Pointer Authentication Code (PAC)
https://community.arm.com/arm-community-blogs/b/architectures-and-processors-blog/posts/armv8-a-architecture-2016-additions

See also:

stackoverflow: Xcode arm64 Vs arm64e
https://stackoverflow.com/questions/52624308/xcode-arm64-vs-arm64e

Theos.dev – A cross-platform build system for creating iOS, macOS, Linux, and Windows programs: arm64e Deployment
https://theos.dev/docs/arm64e-deployment

Steps to Reproduce:
% lipo -archs /Applications/LibreOffice.app/Contents/MacOS/soffice

% /usr/sbin/system_profiler SPApplicationsDataType | grep -B0 -A7 "LibreOffice"

Actual Results:
% lipo -archs /Applications/LibreOffice.app/Contents/MacOS/soffice 
arm64

% /usr/sbin/system_profiler SPApplicationsDataType | grep -B0 -A7 "LibreOffice" 
LibreOffice:

      Version: 7.4.3.2
      Obtained from: Identified Developer
      Last Modified: 07.12.22, 13:46
      Kind: iOS
      Signed by: Developer ID Application: The Document Foundation (7P5S3ZLCN7), Developer ID Certification Authority, Apple Root CA
      Location: /Applications/LibreOffice.app

Expected Results:
% lipo -archs /Applications/LibreOffice.app/Contents/MacOS/soffice 
arm64e

% /usr/sbin/system_profiler SPApplicationsDataType | grep -B0 -A7 "LibreOffice" 
LibreOffice:

      Version: 7.4.3.2
      Obtained from: Identified Developer
      Last Modified: 07.12.22, 13:46
      Kind: Apple Silicon
      Signed by: Developer ID Application: The Document Foundation (7P5S3ZLCN7), Developer ID Certification Authority, Apple Root CA
      Location: /Applications/LibreOffice.app


Reproducible: Always


User Profile Reset: No

Additional Info:
For comparison (the only Apple app, part of macOS, that is compiled as arm64e-only rather than as a Universal Binary (x86_64 arm64e), all other Apple apps of the OS seem to be build als Univeral Binary (x86_64 arm64e) – which might change in the future in favor of arm64e-only):

% lipo -archs /System/Library/CoreServices/Rosetta\ 2\ Updater.app/Contents/MacOS/Rosetta\ 2\ Updater
arm64e

% /usr/sbin/system_profiler SPApplicationsDataType | grep -B0 -A7 "Rosetta 2 Updater"
    Rosetta 2 Updater:

      Version: 1.0
      Obtained from: Apple
      Last Modified: 02.12.22, 12:37
      Kind: Apple Silicon
      Signed by: Software Signing, Apple Code Signing Certification Authority, Apple Root CA
      Location: /System/Library/CoreServices/Rosetta 2 Updater.app
Comment 1 Julien Nabet 2022-12-19 08:54:08 UTC 
Christian/Stephan: thought you might be interested in this one since it concerns macOS build.
Comment 2 eisa01 2023-03-18 10:59:34 UTC 
So 7.5 is delivered as arm64, not arm64e so setting as confirmed
Comment 3 Sierk Bornemann 2025-06-10 13:30:06 UTC 
Reading the release notes of Xcode 26 Beta 1 released yesterday, this info in the section Security comes to my attention, which might be additionally very helpful to know providing LibreOffice on macOS with pointer authentication enabled and shipped as arm64e binary rather than arm64 binary:

Apple Developer: Xcode 26 Beta Release Notes – Section Security
https://developer.apple.com/documentation/xcode-release-notes/xcode-26-release-notes#Security

<quote>
…

Security
New Features

• […]

• Xcode now provides an “Enhanced Security” capability, which enables additional runtime and compile-time protections for your application and builds it with pointer authentication enabled. For more information see https://developer.apple.com/documentation/xcode/enabling-enhanced-security-for-your-app (143278278)

• […]

…
</quote>


while having special attention to section Prepare your app for pointer authentication in the further document referred to therein:

Apple Developer: Enabling enhanced security for your app – Section Prepare your app for pointer authentication
https://developer.apple.com/documentation/xcode/enabling-enhanced-security-for-your-app#Prepare-your-app-for-pointer-authentication

<quote>
…

Prepare your app for pointer authentication

The Enhanced Security capability includes additional runtime platform restrictions, which Xcode enables by default for your app when you adopt the capability by setting the ENABLE_POINTER_AUTHENTICATION build setting to Yes. With these additional runtime platform restrictions enabled, Xcode builds your app for the arm64e architecture and enables pointer authentication.

When pointer authentication is enabled, the system generates […]

…

If you need to turn off pointer authentication for your target, uncheck the Authenticate Pointers checkbox in the Signing and Capabilities editor, or set the ENABLE_POINTER_AUTHENTICATION build setting to No.

…
</quote>