Hi,
I am experiencing following crashes intermittently in macOS network extension. Sometime in an hour or two or three. I don't see anywhere references to my project code hence i am unable to understand this crashes. Anyone please point me into right direction from here:
Crash Dumps
Samples:
Process: com.skyhighsecurity.epclient.networkextension [39224]
Path: /Library/SystemExtensions/*/com.skyhighsecurity.epclient.networkextension
Identifier: com.skyhighsecurity.epclient.networkextension
Version: 1.0 (1)
Code Type: ARM-64 (Native)
Parent Process: launchd [1]
User ID: 0
Date/Time: 2023-03-20 13:46:51.6991 +0530
OS Version: macOS 12.6.3 (21G419)
Report Version: 12
Anonymous UUID: 72617D4C-9E91-7141-D71D-9CB5BDADAA25
Sleep/Wake UUID: B462FD28-68B4-4B46-84EB-D16E29760748
Time Awake Since Boot: 32000 seconds
Time Since Wake: 5 seconds
System Integrity Protection: disabled
Crashed Thread: 3 Dispatch queue: NEFilterExtensionProviderContext queue
Exception Type: EXC_BREAKPOINT (SIGTRAP)
Exception Codes: 0x0000000000000001, 0x0000000182e26104
Exception Note: EXC_CORPSE_NOTIFY
Termination Reason: Namespace SIGNAL, Code 5 Trace/BPT trap: 5
Terminating Process: exc handler [39224]
Application Specific Information:
BUG IN CLIENT OF LIBPLATFORM: os_unfair_lock is corrupt
Abort Cause 1949042982
Thread 0:
0 libsystem_kernel.dylib 0x182dd5d70 __sigsuspend_nocancel + 8
1 libdispatch.dylib 0x182c5b5e0 _dispatch_sigsuspend + 48
2 libdispatch.dylib 0x182c5b5b0 _dispatch_sig_thread + 60
Thread 1:
0 libsystem_pthread.dylib 0x182e07078 start_wqthread + 0
Thread 2:
0 libsystem_pthread.dylib 0x182e07078 start_wqthread + 0
Thread 3 Crashed:: Dispatch queue: NEFilterExtensionProviderContext queue
0 libsystem_platform.dylib 0x182e26104 _os_unfair_lock_corruption_abort + 88
1 libsystem_platform.dylib 0x182e21184 _os_unfair_lock_lock_slow + 328
2 libsystem_pthread.dylib 0x182e07640 pthread_mutex_destroy + 64
3 Foundation 0x183d7ac18 -[_NSXPCConnectionClassCache dealloc] + 48
4 libobjc.A.dylib 0x182cb7c58 objc_object::sidetable_release(bool, bool) + 260
5 NetworkExtension 0x19148b798 -[NEFilterSocketFlow .cxx_destruct] + 40
6 libobjc.A.dylib 0x182c9d8e4 object_cxxDestructFromClass(objc_object*, objc_class*) + 116
7 libobjc.A.dylib 0x182c94b0c objc_destructInstance + 80
8 libobjc.A.dylib 0x182c94ab8 _objc_rootDealloc + 80
9 NetworkExtension 0x19148246c -[NEFilterDataExtensionProviderContext handleSocketSourceEventWithSocket:] + 132
10 libdispatch.dylib 0x182c481b4 _dispatch_client_callout + 20
11 libdispatch.dylib 0x182c4b670 _dispatch_continuation_pop + 500
12 libdispatch.dylib 0x182c5e8e0 _dispatch_source_invoke + 1596
13 libdispatch.dylib 0x182c4f784 _dispatch_lane_serial_drain + 376
14 libdispatch.dylib 0x182c50404 _dispatch_lane_invoke + 392
15 libdispatch.dylib 0x182c5ac98 _dispatch_workloop_worker_thread + 648
16 libsystem_pthread.dylib 0x182e08360 _pthread_wqthread + 288
17 libsystem_pthread.dylib 0x182e07080 start_wqthread + 8
Post
Replies
Boosts
Views
Activity
Hi,
I want to know if i can ask NEPacketTunnelProvider to reroute traffic from virtual utun to physical interface?
Let me break it down:
As per includedRoutes, Traffic came on NEPacketTunnelProvider virtual interface(utun).
After parsing packet if in case for some condition matches (such as port number etc), i want to route it via physical interface. Can we achieve this?
Raw Socket can't be opened in System Extension hence i can't go via this route.
I don't see any ways in NEPacketTunnelProvider / NEPacketTunnelNetworkSettings to achieve this.
Hi, I have applied below rule
let filterRules = ["0.0.0.0", "::"].map { address -> NEFilterRule in
let localNetwork = NWHostEndpoint(hostname: address, port: "0")
let networkRule = NENetworkRule(remoteNetwork: nil,
remotePrefix: 0,
localNetwork: localNetwork,
localPrefix: 0,
protocol: .TCP,
direction: .any)
return NEFilterRule(networkRule: networkRule, action: .filterData)
}
I have written below code in method: override func handleInboundData
if remoteEndpoint.hostname == "10.207.135.79" {
os_log(.debug, log: self.log, "dropping for 10.207.135.79.");
return .drop()
}
From device 10.207.135.79 i am trying to send TCP as below:
1. ssh userName@10.213.175.1
It is getting drop as expected. kex_exchange_identification: Connection closed by remote host
2. Send via netcat(nc) nc 10.213.175.1 8888
During netcat, it's not getting drop.
3. Send via curl(nc) curl 10.213.175.1:8888
During curl, it's not getting drop.
10.213.175.1 is IP where system extension filter provider running.
is this expected behaviour?
Hello, I have created raw socket as below
rawSockfd = socket(AF_INET,SOCK_RAW,IPPROTO_IP)
Added flag 5 sec SO_RCVTIMEO, IP_HDRINCL to 1 via setsockopt.
Sending IP Packet as below:
struct sockaddr_in connection = getSockAddr(dstIPAddress);
long bytes = sendto(rawSockfd, (uint8_t *)packet, size, 0, (struct sockaddr *)&connection, sizeof(struct sockaddr));
I am trying to receive as below:
long rsize = recvfrom(rawSock, buffer, size, 0, (struct sockaddr *)&connection, (socklen_t *)&addrlen);
This works fine for ICMP, UDP. recvfrom able to read packet back.
We are facing issue during TCP. recvfrom returns error: Resource temporarily unavailable after 5 sec timeout. If we remove timeout flag SO_RCVTIMEO then it gets stuck forever.
TCPdump shows following logs on destination. Instead of SYN ACK it's getting Reset:
09:21:03.972632 IP 10.215.179.1.54745 > 10.207.134.154.8181: Flags [SEW], seq 358899317, win 65535, options [mss 1380,nop,wscale 6,nop,nop,TS val 426499980 ecr 0,sackOK,eol], length 0
09:21:03.972755 IP 10.207.134.154.8181 > 10.215.179.1.54745: Flags [R.], seq 0, ack 358899318, win 0, length 0
is this something macOS not sending TCP response back to rawsocket or something is wrong in my code?