5 files changed, 9 insertions, 19 deletions

diff --git a/contrib/devtools/security-check.py b/contrib/devtools/security-check.py
index 8cd54d26c3..af9d63717d 100755
--- a/contrib/devtools/security-check.py
+++ b/contrib/devtools/security-check.py
@@ -158,13 +158,6 @@ def check_MACHO_NOUNDEFS(binary) -> bool:
     '''
     return binary.header.has(lief.MachO.HEADER_FLAGS.NOUNDEFS)
 
-def check_MACHO_LAZY_BINDINGS(binary) -> bool:
-    '''
-    Check for no lazy bindings.
-    We don't use or check for MH_BINDATLOAD. See #18295.
-    '''
-    return binary.dyld_info.lazy_bind == (0,0)
-
 def check_MACHO_Canary(binary) -> bool:
     '''
     Check for use of stack canary
@@ -214,7 +207,6 @@ BASE_PE = [
 
 BASE_MACHO = [
     ('NOUNDEFS', check_MACHO_NOUNDEFS),
-    ('LAZY_BINDINGS', check_MACHO_LAZY_BINDINGS),
     ('Canary', check_MACHO_Canary),
 ]
 
diff --git a/contrib/devtools/symbol-check.py b/contrib/devtools/symbol-check.py
index 4fb997b023..d85912398d 100755
--- a/contrib/devtools/symbol-check.py
+++ b/contrib/devtools/symbol-check.py
@@ -232,7 +232,7 @@ def check_MACHO_libraries(binary) -> bool:
     return ok
 
 def check_MACHO_min_os(binary) -> bool:
-    if binary.build_version.minos == [10,15,0]:
+    if binary.build_version.minos == [11,0,0]:
         return True
     return False
 
diff --git a/contrib/devtools/test-security-check.py b/contrib/devtools/test-security-check.py
index d666291cba..90268740c6 100755
--- a/contrib/devtools/test-security-check.py
+++ b/contrib/devtools/test-security-check.py
@@ -120,13 +120,13 @@ class TestSecurityChecks(unittest.TestCase):
 
         if arch == lief.ARCHITECTURES.X86:
             self.assertEqual(call_security_check(cc, source, executable, ['-Wl,-no_pie','-Wl,-flat_namespace','-Wl,-allow_stack_execute','-fno-stack-protector']),
-                (1, executable+': failed NOUNDEFS LAZY_BINDINGS Canary PIE NX CONTROL_FLOW'))
+                (1, executable+': failed NOUNDEFS Canary PIE NX CONTROL_FLOW'))
             self.assertEqual(call_security_check(cc, source, executable, ['-Wl,-no_pie','-Wl,-flat_namespace','-Wl,-allow_stack_execute','-fstack-protector-all']),
-                (1, executable+': failed NOUNDEFS LAZY_BINDINGS PIE NX CONTROL_FLOW'))
+                (1, executable+': failed NOUNDEFS PIE NX CONTROL_FLOW'))
             self.assertEqual(call_security_check(cc, source, executable, ['-Wl,-no_pie','-Wl,-flat_namespace','-fstack-protector-all']),
-                (1, executable+': failed NOUNDEFS LAZY_BINDINGS PIE CONTROL_FLOW'))
+                (1, executable+': failed NOUNDEFS PIE CONTROL_FLOW'))
             self.assertEqual(call_security_check(cc, source, executable, ['-Wl,-no_pie','-fstack-protector-all']),
-                (1, executable+': failed LAZY_BINDINGS PIE CONTROL_FLOW'))
+                (1, executable+': failed PIE CONTROL_FLOW'))
             self.assertEqual(call_security_check(cc, source, executable, ['-Wl,-no_pie','-Wl,-bind_at_load','-fstack-protector-all']),
                 (1, executable+': failed PIE CONTROL_FLOW'))
             self.assertEqual(call_security_check(cc, source, executable, ['-Wl,-no_pie','-Wl,-bind_at_load','-fstack-protector-all', '-fcf-protection=full']),
@@ -136,11 +136,9 @@ class TestSecurityChecks(unittest.TestCase):
         else:
             # arm64 darwin doesn't support non-PIE binaries, control flow or executable stacks
             self.assertEqual(call_security_check(cc, source, executable, ['-Wl,-flat_namespace','-fno-stack-protector']),
-                (1, executable+': failed NOUNDEFS LAZY_BINDINGS Canary'))
+                (1, executable+': failed NOUNDEFS Canary'))
             self.assertEqual(call_security_check(cc, source, executable, ['-Wl,-flat_namespace','-fstack-protector-all']),
-                (1, executable+': failed NOUNDEFS LAZY_BINDINGS'))
-            self.assertEqual(call_security_check(cc, source, executable, ['-fstack-protector-all']),
-                (1, executable+': failed LAZY_BINDINGS'))
+                (1, executable+': failed NOUNDEFS'))
             self.assertEqual(call_security_check(cc, source, executable, ['-Wl,-bind_at_load','-fstack-protector-all']),
                 (0, ''))
 
diff --git a/contrib/devtools/test-symbol-check.py b/contrib/devtools/test-symbol-check.py
index e304880140..fe8a99739f 100755
--- a/contrib/devtools/test-symbol-check.py
+++ b/contrib/devtools/test-symbol-check.py
@@ -121,7 +121,7 @@ class TestSymbolChecks(unittest.TestCase):
                 }
         ''')
 
-        self.assertEqual(call_symbol_check(cc, source, executable, ['-Wl,-platform_version','-Wl,macos', '-Wl,10.15', '-Wl,11.4']),
+        self.assertEqual(call_symbol_check(cc, source, executable, ['-Wl,-platform_version','-Wl,macos', '-Wl,11.0', '-Wl,11.4']),
                 (1, f'{executable}: failed SDK'))
 
     def test_PE(self):
diff --git a/contrib/guix/manifest.scm b/contrib/guix/manifest.scm
index f7b249b211..b77a2a8efe 100644
--- a/contrib/guix/manifest.scm
+++ b/contrib/guix/manifest.scm
@@ -615,5 +615,5 @@ inspecting signatures in Mach-O binaries.")
           ((string-contains target "-linux-")
            (list (make-bitcoin-cross-toolchain target)))
           ((string-contains target "darwin")
-           (list clang-toolchain-10 binutils cmake-minimal xorriso python-signapple))
+           (list clang-toolchain-11 binutils cmake-minimal xorriso python-signapple))
           (else '())))))