diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
new file mode 100644
index 0000000..1c1a97f
--- /dev/null
+++ b/.github/workflows/build.yml
@@ -0,0 +1,129 @@
+name: Build on-device support tools
+
+on:
+ push:
+ paths:
+ - 'tools/**'
+ workflow_dispatch:
+
+jobs:
+ build-darwin:
+ strategy:
+ matrix:
+ include:
+ - arch: arm64
+ gnu_triple: aarch64-apple-darwin
+ os: iphoneos
+ targetos_os: ios
+ minos: 11.0
+ - arch: arm64
+ gnu_triple: aarch64-apple-darwin
+ os: appletvos
+ targetos_os: tvos
+ minos: 11.0
+ - arch: arm64
+ gnu_triple: aarch64-apple-darwin
+ os: bridgeos
+ targetos_os: bridgeos
+ minos: 2.0
+ runs-on: macos-15
+ env:
+ GPTFDISK_VERSION: 1.0.10
+
+ steps:
+ - name: Checkout
+ uses: actions/checkout@v4
+ with:
+ fetch-depth: 0
+
+ - name: Install dependencies (packages)
+ run: |
+ brew install make gnu-sed
+ curl -LO https://github.com/ProcursusTeam/ldid/releases/download/v2.1.5-procursus7/ldid_macosx_x86_64
+ sudo install -m755 ldid_macosx_x86_64 /usr/local/bin/ldid
+
+ - name: Download dependencies
+ run: |
+ if [ "${{ matrix.os }}" = "bridgeos" ]; then
+ git clone --depth=1 https://github.com/palera1n/BridgeOS.sdk.git
+ echo "SDK=$(pwd)/BridgeOS.sdk" >> $GITHUB_ENV
+ else
+ echo "SDK=$(xcrun -sdk ${{ matrix.os }} --show-sdk-path)" >> $GITHUB_ENV
+ fi
+ curl -LO https://sourceforge.net/projects/gptfdisk/files/gptfdisk/${{ env.GPTFDISK_VERSION }}/gptfdisk-${{ env.GPTFDISK_VERSION }}.tar.gz
+ tar -xf gptfdisk-${{ env.GPTFDISK_VERSION }}.tar.gz
+
+ - name: Setup environment
+ run: |
+ mkdir sysroot out
+ echo "DESTDIR=$(pwd)/sysroot" >> $GITHUB_ENV
+ echo "PREFIX=/usr/local" >> $GITHUB_ENV
+ echo "PKG_CONFIG_PATH=$(pwd)/sysroot/usr/local/lib/pkgconfig" >> $GITHUB_ENV
+ echo "CONFIGURE_ARGS=--prefix=/usr/local --disable-shared --enable-static --build=x86_64-apple-darwin --host=${{ matrix.gnu_triple }}" >> $GITHUB_ENV
+ echo "CC=$(xcrun --find cc)" >> $GITHUB_ENV
+ echo "CXX=$(xcrun --find c++)" >> $GITHUB_ENV
+ echo "CPP=$(xcrun --find cc) -E" >> $GITHUB_ENV
+ echo "CFLAGS=-g -Os -isystem ${{ env.SDK }}/usr/include/c++/v1 -arch ${{ matrix.arch }} -mtargetos=${{ matrix.targetos_os }}${{ matrix.minos }} -isysroot ${{ env.SDK }} -isystem $(pwd)/sysroot/usr/local/include -Os -g -flto=full -Wl,-object_path_lto,lto.o -D_FILE_OFFSET_BITS=64 -D_TIME_BITS=64" >> $GITHUB_ENV
+ echo "CPPFLAGS=-g -Os -isystem ${{ env.SDK }}/usr/include/c++/v1 -arch ${{ matrix.arch }} -mtargetos=${{ matrix.targetos_os }}${{ matrix.minos }} -isysroot ${{ env.SDK }} -isystem $(pwd)/sysroot/usr/local/include -Wno-error-implicit-function-declaration -Os -D_FILE_OFFSET_BITS=64 -D_TIME_BITS=64" >> $GITHUB_ENV
+ echo "CXXFLAGS=-stdlib=libc++ -g -Os -isystem${{ env.SDK }}/usr/include/c++/v1 -isysroot ${{ env.SDK }} -arch ${{ matrix.arch }} -mtargetos=${{ matrix.targetos_os }}${{ matrix.minos }} -isystem $(pwd)/sysroot/usr/local/include -Os -D_FILE_OFFSET_BITS=64 -D_TIME_BITS=64" >> $GITHUB_ENV
+ echo "LDFLAGS=-g -Wl,-dead_strip -arch ${{ matrix.arch }} -isysroot ${{ env.SDK }} -mtargetos=${{ matrix.targetos_os }}${{ matrix.minos }} -L$(pwd)/sysroot/usr/local/lib" >> $GITHUB_ENV
+ echo "CFLAGS_FOR_BUILD=-arch $(uname -m) -isysroot $(xcrun -sdk macosx --show-sdk-path) -Os" >> $GITHUB_ENV
+ echo "CXXFLAGS_FOR_BUILD=-stdlib=libc++ -arch $(uname -m) -isysroot $(xcrun -sdk macosx --show-sdk-path) -Os" >> $GITHUB_ENV
+ echo "CPPFLAGS_FOR_BUILD=-arch $(uname -m) -isysroot $(xcrun -sdk macosx --show-sdk-path) -Wno-error-implicit-function-declaration -Os" >> $GITHUB_ENV
+ echo "LDFLAGS_FOR_BUILD=-Wl,-dead_strip" >> $GITHUB_ENV
+
+ - name: Prepare headers
+ if: matrix.os != 'macosx'
+ run: |
+ mkdir -p sysroot/{{,System}/Library/Frameworks,/usr/{local/include/{bsm,objc,os/internal,sys,firehose,CoreFoundation,FSEvents,IOKit/kext,libkern,kern,arm,{mach/,}machine,CommonCrypto,Security,CoreSymbolication,Kernel/{kern,IOKit,libkern},rpc,rpcsvc,xpc/private,ktrace,mach-o,dispatch},lib/pkgconfig,/local/lib}}
+ MACOSX_SYSROOT=$(xcrun -sdk macosx --show-sdk-path)
+ TARGET_SYSROOT=${{ env.SDK }}
+ cp -af ${MACOSX_SYSROOT}/usr/include/{arpa,bsm,hfs,net,xpc,netinet,servers,timeconv.h,launch.h} sysroot/usr/local/include
+ cp -af ${MACOSX_SYSROOT}/usr/include/objc/objc-runtime.h sysroot/usr/local/include/objc
+ cp -af ${MACOSX_SYSROOT}/usr/include/libkern/{OSDebug.h,OSKextLib.h,OSReturn.h,OSThermalNotification.h,OSTypes.h,machine} sysroot/usr/local/include/libkern
+ cp -af ${MACOSX_SYSROOT}/usr/include/kern sysroot/usr/local/include
+ cp -af ${MACOSX_SYSROOT}/usr/include/sys/{tty*,ptrace,kern*,random,reboot,user,vnode,disk,vmmeter,conf}.h sysroot/usr/local/include/sys
+ cp -af ${MACOSX_SYSROOT}/System/Library/Frameworks/Kernel.framework/Versions/Current/Headers/sys/disklabel.h sysroot/usr/local/include/sys
+ cp -af ${MACOSX_SYSROOT}/System/Library/Frameworks/IOKit.framework/Headers/{AppleConvergedIPCKeys.h,IOBSD.h,IOCFBundle.h,IOCFPlugIn.h,IOCFURLAccess.h,IOKitServer.h,IORPC.h,IOSharedLock.h,IOUserServer.h,audio,avc,firewire,graphics,hid,hidsystem,i2c,iokitmig.h,kext,ndrvsupport,network,ps,pwr_mgt,sbp2,scsi,serial,storage,stream,usb,video} sysroot/usr/local/include/IOKit
+ cp -af ${MACOSX_SYSROOT}/System/Library/Frameworks/Security.framework/Headers/{mds_schema,oidsalg,SecKeychainSearch,certextensions,Authorization,eisl,SecDigestTransform,SecKeychainItem,oidscrl,cssmcspi,CSCommon,cssmaci,SecCode,CMSDecoder,oidscert,SecRequirement,AuthSession,SecReadTransform,oids,cssmconfig,cssmkrapi,SecPolicySearch,SecAccess,cssmtpi,SecACL,SecEncryptTransform,cssmapi,cssmcli,mds,x509defs,oidsbase,SecSignVerifyTransform,cssmspi,cssmkrspi,SecTask,cssmdli,SecAsn1Coder,cssm,SecTrustedApplication,SecCodeHost,SecCustomTransform,oidsattr,SecIdentitySearch,cssmtype,SecAsn1Types,emmtype,SecTransform,SecTrustSettings,SecStaticCode,emmspi,SecTransformReadTransform,SecKeychain,SecDecodeTransform,CodeSigning,AuthorizationPlugin,cssmerr,AuthorizationTags,CMSEncoder,SecEncodeTransform,SecureDownload,SecAsn1Templates,AuthorizationDB,SecCertificateOIDs,cssmapple}.h sysroot/usr/local/include/Security
+ cp -af ${MACOSX_SYSROOT}/usr/include/{ar,bootstrap,launch,libc,libcharset,localcharset,nlist,NSSystemDirectories,tzfile,vproc}.h sysroot/usr/local/include
+ cp -af ${MACOSX_SYSROOT}/usr/include/mach/{*.defs,{mach_vm,shared_region}.h} sysroot/usr/local/include/mach
+ cp -af ${MACOSX_SYSROOT}/usr/include/mach/machine/*.defs sysroot/usr/local/include/mach/machine
+ cp -af ${MACOSX_SYSROOT}/usr/include/rpc/pmap_clnt.h sysroot/usr/local/include/rpc
+ cp -af ${MACOSX_SYSROOT}/usr/include/rpcsvc/yp{_prot,clnt}.h sysroot/usr/local/include/rpcsvc
+ cp -af ${TARGET_SYSROOT}/usr/include/mach/machine/thread_state.h sysroot/usr/local/include/mach/machine
+ cp -af ${TARGET_SYSROOT}/usr/include/mach/arm sysroot/usr/local/include/mach
+ cp -af ${MACOSX_SYSROOT}/System/Library/Frameworks/IOKit.framework/Headers/* sysroot/usr/local/include/IOKit
+ gsed -E s/'__IOS_PROHIBITED|__TVOS_PROHIBITED|__WATCHOS_PROHIBITED'//g < ${TARGET_SYSROOT}/usr/include/stdlib.h > sysroot/usr/local/include/stdlib.h
+ gsed -E s/'__IOS_PROHIBITED|__TVOS_PROHIBITED|__WATCHOS_PROHIBITED'//g < ${TARGET_SYSROOT}/usr/include/time.h > sysroot/usr/local/include/time.h
+ gsed -E s/'__IOS_PROHIBITED|__TVOS_PROHIBITED|__WATCHOS_PROHIBITED'//g < ${TARGET_SYSROOT}/usr/include/unistd.h > sysroot/usr/local/include/unistd.h
+ gsed -E s/'__IOS_PROHIBITED|__TVOS_PROHIBITED|__WATCHOS_PROHIBITED'//g < ${TARGET_SYSROOT}/usr/include/mach/task.h > sysroot/usr/local/include/mach/task.h
+ gsed -E s/'__IOS_PROHIBITED|__TVOS_PROHIBITED|__WATCHOS_PROHIBITED'//g < ${TARGET_SYSROOT}/usr/include/mach/mach_host.h > sysroot/usr/local/include/mach/mach_host.h
+ gsed -E s/'__IOS_PROHIBITED|__TVOS_PROHIBITED|__WATCHOS_PROHIBITED'//g < ${TARGET_SYSROOT}/usr/include/ucontext.h > sysroot/usr/local/include/ucontext.h
+ gsed -E s/'__IOS_PROHIBITED|__TVOS_PROHIBITED|__WATCHOS_PROHIBITED'//g < ${TARGET_SYSROOT}/usr/include/signal.h > sysroot/usr/local/include/signal.h
+ gsed -E /'__API_UNAVAILABLE'/d < ${TARGET_SYSROOT}/usr/include/pthread.h > sysroot/usr/local/include/pthread.h
+ gsed -i -E s/'__API_UNAVAILABLE\(.*\)'// sysroot/usr/local/include/IOKit/IOKitLib.h
+
+ - name: Build resize tool
+ run: |
+ ${{ env.CC }} ${{ env.CFLAGS }} ${{ env.LDFLAGS}} tools/resize.c -o out/resize_apfs
+ ldid -Stools/resize.xml out/resize_apfs
+
+ - name: Build gdisk
+ run: |
+ cd gptfdisk-${{ env.GPTFDISK_VERSION }}
+ gsed -i -e 's|/local/|/meow/|g' Makefile.mac
+ gsed -i '/FATBINFLAGS=/d' Makefile.mac
+ gsed -i '/CXX=/d' Makefile.mac
+ gsed -i '/CXXFLAGS=/d' Makefile.mac
+ gsed -i '/THINBINFLAGS=/d' Makefile.mac
+ gmake -j$(sysctl -n hw.ncpu) -f Makefile.mac gdisk LDLIBS="-lc++"
+ ldid -S../tools/gdisk.xml gdisk
+ install -m755 gdisk ../out
+
+ - uses: actions/upload-artifact@v4
+ with:
+ name: hoolock-support-${{ matrix.os }}
+ path: |
+ out/gdisk
+ out/resize_apfs
diff --git a/.gitignore b/.gitignore
index e43b0f9..2d7abb6 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1,2 @@
.DS_Store
+tools/resize
diff --git a/tools/gdisk.xml b/tools/gdisk.xml
new file mode 100644
index 0000000..c09d9e0
--- /dev/null
+++ b/tools/gdisk.xml
@@ -0,0 +1,11 @@
+
+
+
+ platform-application
+
+ com.apple.private.security.no-container
+
+ com.apple.private.security.disk-device-access
+
+
+
diff --git a/tools/resize.c b/tools/resize.c
new file mode 100644
index 0000000..5fc3217
--- /dev/null
+++ b/tools/resize.c
@@ -0,0 +1,58 @@
+#include
+#include
+#include
+#include
+#include
+#include
+
+#if TARGET_OS_OSX || TARGET_OS_SIMULATOR
+#define APFS_FW_PATH "/System/Library/PrivateFrameworks/APFS.framework/Versions/A/APFS"
+#else
+#define APFS_FW_PATH "/System/Library/PrivateFrameworks/APFS.framework/APFS"
+#endif
+
+int (*APFSContainerResize)(const char *bsdname, uint64_t newSize);
+
+int main(int argc, const char * argv[]) {
+ size_t new_size;
+ char* endptr;
+
+ if (argc != 3) {
+ fprintf(stderr, "usage: %s \n", argv[0]);
+ return -1;
+ }
+
+ new_size = strtoull(argv[2], &endptr, 0);
+
+ if (argv[2] == endptr) {
+ fprintf(stderr, "Invalid new size given\n");
+ return -1;
+ }
+
+ void *handle = dlopen(APFS_FW_PATH, RTLD_LAZY);
+
+ if (!handle) {
+ fprintf(stderr, "Could not load APFS.framework: %s", dlerror());
+ return -1;
+ }
+
+ APFSContainerResize = dlsym(handle, "APFSContainerResize");
+ if (!APFSContainerResize) {
+ fprintf(stderr, "Function APFSContainerResize not found: %s", dlerror());
+ dlclose(handle);
+ return -1;
+ }
+
+ printf("About to resize %s to %s bytes, in an online resize, device will become unresponsive.\n", argv[1], argv[2]);
+
+ int result = APFSContainerResize(argv[1], new_size);
+ if (result != 0) {
+ fprintf(stderr,"APFSContainerResize failed: %d: %s\n", result, mach_error_string(result));
+ return -1;
+ }
+
+ printf("The operation completed successfully\n");
+
+ dlclose(handle);
+ return 0;
+}
diff --git a/tools/resize.xml b/tools/resize.xml
new file mode 100644
index 0000000..80dca8a
--- /dev/null
+++ b/tools/resize.xml
@@ -0,0 +1,14 @@
+
+
+
+
+ com.apple.security.iokit-user-client-class
+
+ AppleAPFSUserClient
+
+ com.apple.private.security.no-container
+
+ platform-application
+
+
+