Post

Replies

Boosts

Views

Activity

Sysextd Crashing loading Network Extension
HiI am facing weird issue, while loading Tranparent App proxy on macOS 10.15.4 (19E287) (Darwin 19.4.0) using OSSystemExtensionRequest, sysextd gets crashed. App receives SystemExtension com.test.client.test-Client.TestMacAppProxy request did fail: Error Domain=OSSystemExtensionErrorDomain Code=1 "(null)" in request: didFailWithError delegate method.Following logs are generated by sysextd before crash:default 17:26:10.287333+0530 sysextd attempting to realize extension with identifier com.test.client.test-Client.TestMacAppProxydefault 17:26:10.298649+0530 sysextd Realizing target path: <private>default 17:26:10.299194+0530 sysextd Bundle class: UncachedBundledefault 17:26:10.322048+0530 sysextd staging extension with identifier com.test.client.test-Client.TestMacAppProxydefault 17:26:10.383045+0530 sysextd Making activation decision for extension with teamID teamID("27W52P9M7Q"), identifier com.test.client.test-Client.TestMacAppProxydefault 17:26:10.383088+0530 sysextd No extension policy -- activation decision is UserOptiondefault 17:26:10.383116+0530 sysextd validating extension with identifier com.test.client.test-Client.TestMacAppProxydefault 17:26:11.093684+0530 sysextd waiting for external validation of extension with identifier com.test.client.test-Client.TestMacAppProxydefault 17:26:11.094281+0530 nesessionmanager Validating system extension com.test.client.test-Client.TestMacAppProxydefault 17:26:11.094002+0530 sysextd attempting to realize extension with identifier com.test.client.test-Client.TestMacAppProxydefault 17:26:11.109415+0530 sysextd Realizing target path: <private>default 17:26:11.109797+0530 sysextd Bundle class: UncachedBundledefault 17:26:11.128982+0530 ReportCrash Parsing corpse data for process sysextd [pid 11854]App Proxy entitlement:<plist version="1.0"><plist version="1.0"><dict> <key>com.apple.developer.networking.networkextension</key> <array> <string>packet-tunnel-provider</string> <string>app-proxy-provider</string> <string>content-filter-provider</string> <string>dns-proxy</string> </array> <key>com.apple.security.app-sandbox</key> <true/> <key>com.apple.security.application-groups</key> <array> <string>$(TeamIdentifierPrefix)com.example.app-group2</string> </array> <key>com.apple.security.network.client</key> <true/> <key>com.apple.security.network.server</key> <true/> <key>com.apple.security.temporary-exception.files.absolute-path.read-write</key> <array> <string>/Library/Logs/TestLogs/</string> </array></dict></plist>App proxy info.plist:<plist version="1.0"><dict> <key>CFBundleDevelopmentRegion</key> <string>$(DEVELOPMENT_LANGUAGE)</string> <key>CFBundleDisplayName</key> <string>TestClientMacAppProxy</string> <key>CFBundleExecutable</key> <string>$(EXECUTABLE_NAME)</string> <key>CFBundleIdentifier</key> <string>$(PRODUCT_BUNDLE_IDENTIFIER)</string> <key>CFBundleInfoDictionaryVersion</key> <string>6.0</string> <key>CFBundleName</key> <string>$(PRODUCT_NAME)</string> <key>CFBundlePackageType</key> <string>$(PRODUCT_BUNDLE_PACKAGE_TYPE)</string> <key>CFBundleShortVersionString</key> <string>2.0</string> <key>CFBundleVersion</key> <string>2</string> <key>LSMinimumSystemVersion</key> <string>$(MACOSX_DEPLOYMENT_TARGET)</string> <key>NSHumanReadableCopyright</key> <string>Copyright © 2020 Test, Inc. All rights reserved.</string> <key>NSSystemExtensionUsageDescription</key> <string></string> <key>NetworkExtension</key> <dict> <key>NEMachServiceName</key> <string>$(TeamIdentifierPrefix)com.example.app-group2.MySystemExtension</string> <key>NEProviderClasses</key> <dict> <key>com.apple.networkextension.app-proxy</key> <string>AppProxyProvider</string> </dict> </dict></dict>Crash report:Process: sysextd [11854]Path: /System/Library/Frameworks/SystemExtensions.framework/Versions/A/Helpers/sysextdIdentifier: sysextdVersion: 35.100.1Code Type: X86-64 (Native)Parent Process: launchd [1]Responsible: sysextd [11854]User ID: 0Date/Time: 2020-05-27 17:26:11.129 +0530OS Version: Mac OS X 10.15.4 (19E287)Report Version: 12Anonymous UUID: 118067B6-A40A-F8BE-457E-DD9A538CD532Sleep/Wake UUID: 9235D660-727F-41A5-B4EF-D09B3DB093CCTime Awake Since Boot: 38000 secondsTime Since Wake: 8300 secondsSystem Integrity Protection: disabledCrashed Thread: 1 Dispatch queue: sysextd.extension_managerException Type: EXC_BAD_INSTRUCTION (SIGILL)Exception Codes: 0x0000000000000001, 0x0000000000000000Exception Note: EXC_CORPSE_NOTIFYTermination Signal: Illegal instruction: 4Termination Reason: Namespace SIGNAL, Code 0x4Terminating Process: exc handler [11854]Application Specific Information:dyld3 modeThread 0:0 libsystem_kernel.dylib 0x00007fff70c594da __semwait_signal_nocancel + 101 libsystem_c.dylib 0x00007fff70b695e4 nanosleep$NOCANCEL + 1852 libsystem_c.dylib 0x00007fff70b8cf38 sleep$NOCANCEL + 413 libdispatch.dylib 0x00007fff70ac93da _dispatch_queue_cleanup2 + 1564 libsystem_pthread.dylib 0x00007fff70d15054 _pthread_tsd_cleanup + 5515 libsystem_pthread.dylib 0x00007fff70d17512 _pthread_exit + 706 libsystem_pthread.dylib 0x00007fff70d14e08 pthread_exit + 427 libdispatch.dylib 0x00007fff70ac4fce dispatch_main + 998 sysextd 0x0000000102bef860 0x102be7000 + 349129 sysextd 0x0000000102bef099 0x102be7000 + 3292110 libdyld.dylib 0x00007fff70b12cc9 start + 1Thread 1 Crashed:: Dispatch queue: sysextd.extension_manager0 sysextd 0x0000000102c2d29e 0x102be7000 + 2873901 sysextd 0x0000000102c187ab 0x102be7000 + 2026672 sysextd 0x0000000102c10a0a 0x102be7000 + 1705063 sysextd 0x0000000102c1802f 0x102be7000 + 2007514 sysextd 0x0000000102c18098 0x102be7000 + 2008565 com.apple.Foundation 0x00007fff392de4f3 __NSXPCCONNECTION_IS_CALLING_OUT_TO_EXPORTED_OBJECT_S1__ + 106 com.apple.Foundation 0x00007fff392689be -[NSXPCConnection _decodeAndInvokeMessageWithEvent:flags:] + 23637 com.apple.Foundation 0x00007fff3921fb29 message_handler + 2108 libxpc.dylib 0x00007fff70d572bc _xpc_connection_call_event_handler + 569 libxpc.dylib 0x00007fff70d561cb _xpc_connection_mach_event + 93410 libdispatch.dylib 0x00007fff70ab96f8 _dispatch_client_callout4 + 911 libdispatch.dylib 0x00007fff70acebc9 _dispatch_mach_msg_invoke + 43512 libdispatch.dylib 0x00007fff70abeaf6 _dispatch_lane_serial_drain + 26313 libdispatch.dylib 0x00007fff70acf71c _dispatch_mach_invoke + 48114 libdispatch.dylib 0x00007fff70abeaf6 _dispatch_lane_serial_drain + 26315 libdispatch.dylib 0x00007fff70abf5d6 _dispatch_lane_invoke + 36316 libdispatch.dylib 0x00007fff70ac8c09 _dispatch_workloop_worker_thread + 59617 libsystem_pthread.dylib 0x00007fff70d13a3d _pthread_wqthread + 29018 libsystem_pthread.dylib 0x00007fff70d12b77 start_wqthread + 15Thread 2:0 libsystem_kernel.dylib 0x00007fff70c59502 __sigsuspend_nocancel + 101 libdispatch.dylib 0x00007fff70ac949a _dispatch_sigsuspend + 362 libdispatch.dylib 0x00007fff70ac9476 _dispatch_sig_thread + 53Thread 3:0 libsystem_pthread.dylib 0x00007fff70d12b68 start_wqthread + 0Thread 1 crashed with X86 Thread State (64-bit): rax: 0x000070000f899d70 rbx: 0x000070000f899d70 rcx: 0x0000000000000000 rdx: 0x0000000000000001 rdi: 0x000070000f899d70 rsi: 0xffffffff00000001 rbp: 0x000070000f899e10 rsp: 0x000070000f899d60 r8: 0x0000000000000000 r9: 0x0000000000000ae0 r10: 0x00007fff8edbfc40 r11: 0xfffff00a26891d78 r12: 0x00007ff5e9007f70 r13: 0x000070000f899d70 r14: 0x00007fff89d68098 r15: 0x00007fff89d7f430 rip: 0x0000000102c2d29e rfl: 0x0000000000010202 cr2: 0x00007fff975d10e8Logical CPU: 6Error Code: 0x00000000Trap Number: 6Binary Images: 0x102be7000 - 0x102c65fff sysextd (35.100.1) <8A4A86EE-EEAC-34BF-80C3-5DCD8D71E102> /System/Library/Frameworks/SystemExtensions.framework/Versions/A/Helpers/sysextd 0x102ef9000 - 0x102f0fff7 com.apple.security.csparser (3.0 - 59306.101.1) <EEE7ED0C-8625-3A9A-A1FB-F118800AB125> /System/Library/Frameworks/Security.framework/Versions/A/PlugIns/csparser.bundle/Contents/MacOS/csparser 0x103039000 - 0x1030caeff dyld (750.5) <1F893B81-89A5-3502-8510-95B97B9F730D> /usr/lib/dyldExternal Modification Summary: Calls made by other processes targeting this process: task_for_pid: 1 thread_create: 0 thread_set_state: 0 Calls made by this process: task_for_pid: 0 thread_create: 0 thread_set_state: 0 Calls made by all processes on this machine: task_for_pid: 11251599 thread_create: 0 thread_set_state: 2721VM Region Summary:ReadOnly portion of Libraries: Total=513.8M resident=0K(0%) swapped_out_or_unallocated=513.8M(100%)Writable regions: Total=100.7M written=0K(0%) resident=0K(0%) swapped_out=0K(0%) unallocated=100.7M(100%) VIRTUAL REGIONREGION TYPE SIZE COUNT (non-coalesced)=========== ======= =======Activity Tracing 256K 1Dispatch continuations 16.0M 1Kernel Alloc Once 8K 1MALLOC 74.7M 38MALLOC guard page 16K 4STACK GUARD 56.0M 4Stack 9752K 4VM_ALLOCATE 8K 2__DATA 13.6M 221__DATA_CONST 268K 14__FONT_DATA 4K 1__LINKEDIT 388.1M 4__OBJC_RO 32.2M 1__OBJC_RW 1888K 1__TEXT 125.7M 222__UNICODE 564K 1mapped file 27.2M 3shared memory 580K 8=========== ======= =======TOTAL 746.7M 531Please note I removed loaded dylibs to reduce the crash report size.
4
0
1.5k
May ’20
DNS Handling in Transparent App Proxy
HI,I would like to capture all the DNS requests in my Transparent App Proxy on macOS 10.15.4.First I tried different combinations but no luck:1 NENetworkRule *includeRule3 = [[NENetworkRule alloc] initWithDestinationNetwork:[NWHostEndpoint endpointWithHostname:@"" port:@"53"] prefix: 0 protocol:NENetworkRuleProtocolAny];It captures all TCP/UDP traffic along with DNS2. NENetworkRule *includeRule = [[NENetworkRule alloc] initWithDestinationNetwork:[NWHostEndpoint endpointWithHostname:@"0.0.0.0" port:@"53"] prefix: 0 protocol:NENetworkRuleProtocolAny];It does not capture anything.3. NENetworkRule *includeRule = [[NENetworkRule alloc] initWithDestinationHost:[NWHostEndpoint endpointWithHostname:@"" port:@"53"] protocol:NENetworkRuleProtocolAny];It also captures all TCP/UDP traffic along with DNS4. I setup DNS resolver: NSString *dnsServerIP = @"10.0.0.10"; NSArray<NSString *> *dnsServerList = [NSArray arrayWithObjects: dnsServerIP, nil]; NEDNSSettings *dnsSettings = [[NEDNSSettings alloc] initWithServers: dnsServerList]; NSString* TLD1 = @"com"; NSString* TLD2 = @"in"; NSArray<NSString *> *dnsMatchDomainList = [NSArray arrayWithObjects: TLD1, TLD2, nil]; dnsSettings.matchDomains = dnsMatchDomainList; dnsSettings.domainName = @"gp.com"; settings.DNSSettings = dnsSettings;I also setup Filter rule to capture DNS server IP address "10.0.0.10".NENetworkRule *includeRule = [[NENetworkRule alloc] initWithDestinationNetwork:[NWHostEndpoint endpointWithHostname:@"10.0.0.10" port:@"53"] prefix: 8 protocol:NENetworkRuleProtocolAny];No DNS request is captured.scutil --dns shows DNS resolver:DNS configuration (for service-specific queries)resolver #1 nameserver[0] : fe80::1 nameserver[1] : 10.0.0.10 service_identifier : 1 flags : Service-specific, Supplemental, Request A records, Request AAAA recordsStill DNS request is not received to Transparent App Proxy.Could you please help to get the right way to receive all the DNS requests to my Transparent App Proxy?Regards,Anand Choubey
6
0
1.3k
May ’20
Multiple Network Extension Interop
/HiMy query is specific to multiple NEAppProxyProvider and NEDNSProxyProvider providers on macOS platform.If multiple NEAppProxyProvider/NEDNSProxyProvider(s) are on the machine and all are active at the same time. Which provider will receive the TCP/UDP segment first? which is instantiated first or instantiated last?Regards,Anand Choubey
3
0
870
May ’20
Distribution of Network extension App with App Sandboxing disable
HiI know the App Sandboxing must be enabled to distribute Network extension applications from macOS App.And As per the below document, Network Extension apps can also be distributed outside from the Mac App Store using a provisioning profile.https://developer.apple.com/documentation/bundleresources/entitlements/com_apple_developer_networking_networkextension?language=objcCould you please confirm if I disable App Sandbox for my "App Proxy" extension. whether I can distribute my app outside of the Mac App Store?Regards,Anand Choubey
3
0
987
May ’20
Network Extensions interop
.(s)/HiMy query is specific to multiple NEAppProxyProvider and NEDNSProxyProvider providers on the machine.If multiple NEDNSProxyProvider(s) are on the machine and all are active at the same time. Which provider will receive the TCP/UDP segment first? which is instantiated first or instantiated last?My above question is NEAppProxyProvider providers too. Regards,Anand Choubey
2
0
404
Apr ’20
Network Filter extension Interop queries
Hi1. Network extension documents are either in objective c or swiftDoes Network extension API support C++, if yes, is there any document?2. In the real world, Many Network extensions (e.g. Content filters) will be running developed by different vendors like Antivirus vendors, Firewall vendors, etc.How does Network Extension framework arbitrate/adjudicate among multiple Network Extension running simultaneously on the system?ThanksAnand
6
0
1.2k
Oct ’19