[AppleAppBuilder] arm64 Catalyst apps need to codesign bundled .dylibs #51667
Description
Found a difference between x64 and arm64 MacCatalyst.
With the hardened runtime and the com.apple.security.cs.disable-library-validation entitlement, on x64 I can dlopen completely unsigned .dylib libraries. But on arm64, the .dylib must be at least ad-hoc signed (ie codesign -s - .../foo.dylib) or else dlopen will fail with something like
dlopen(/Users/alklig/work/dotnet-runtime/runtime/artifacts/bin/System.Buffers.Tests/net6.0-Debug/maccatalyst-arm64/AppBundle/System.Buffers.Tests/Debug-maccatalyst/System.Buffers.Tests.app/Contents/Resources/libSystem.Native.dylib, 5): no suitable image found. Did find:\n\t/Users/alklig/work/dotnet-runtime/runtime/artifacts/bin/System.Buffers.Tests/net6.0-Debug/maccatalyst-arm64/AppBundle/System.Buffers.Tests/Debug-maccatalyst/System.Buffers.Tests.app/Contents/Resources/libSystem.Native.dylib: code signature in (/Users/alklig/work/dotnet-runtime/runtime/artifacts/bin/System.Buffers.Tests/net6.0-Debug/maccatalyst-arm64/AppBundle/System.Buffers.Tests/Debug-maccatalyst/System.Buffers.Tests.app/Contents/Resources/libSystem.Native.dylib) not valid for use in process using Library Validation: Trying to load an unsigned library
This affects our pinvoke libraries like libSystem.Native.dylib, libSystem.IO.Compression.Native.dylib, etc that we included in the Resources of the app bundle.