Post

Replies

Boosts

Views

Activity

Installing Network Extension drops ongoing connections
Hey all! I have a System Extension that, while doing some other things, starts up my custom Network Extension via [NEProvider startSystemExtensionMode]. This Network Extension contains a class (let's call it MyDataProvider) that overrides the NEFilterDataProvider interface and implements handleNewFlow. MyDataProvider thus acts as a network content filter. The problem is that installing my System Extension on a Ventura 13.4 (or older) system and starting up the Network Extension seemingly drops any ongoing connection I have. For example, my ssh connection will hang. This makes it quite annoying attempting to install the System Extension remotely. I do not see this behavior for my other class that inherits the NEFilterPacketProvider interface. Is this behavior expected of the NEFilterDataProvider? It seems like a bug since I do not see any documentation stating this behavior.
0
0
625
May ’23
Allowing dynamic name registration in xpc_connection_create_mach_service
In the "Mach Services" section of the xpc_connection_create(3) man page, we have the following: Important: New service names may NOT be dynamically registered using xpc_connection_create_mach_service(). Only launchd jobs may listen on certain service names, and any service name that the job wishes to listen on must be declared in its launchd.plist(5). XPC may make allowances for dynamic name registration in debug scenarios, but these allowances abso- lutely will NOT be made in the production scenario. In a debugging scenario, how can I allow a dynamic name resolution for listeners? While the man page references this, it doesn't detail how to, and I can't find any information online about this. I can't tell if this text implies that it's currently possible, or may be allowed sometime in the future.
5
0
1.4k
Oct ’22
What is a Mach Service?
I've seen the term "Mach Service" used in many places. One such place being the man page for launchd.plist, another being xpc_connection_create_mach_service, yet I cannot find any documentation online explicitly defining what a Mach Service is. Closest thing I've found is the Mach Overview documentation, but that seems to be unrelated to "Mach Services" and closer to a more abstract umbrella term for a list of kernel primitives. So what is a Mach Service and what is the Mach bootstrap namespace? What functionality is it capable of? What is its purpose within an Application Bundle?
2
0
2.7k
Sep ’22
How do I get source code debugging in LLDB for System Extensions?
Following the instructions found here as well as around the Developer Forums, I've successfully managed to begin debugging my system extension on a virtual machine. Unfortunately, after archiving my system extension and copying over the .app file to my virtual machine, my .app loses access to the source code (on my host machine) and hitting any beak points via lldb yields me hard-to-read assembly code. How do I also get source code when attaching lldb to a system extension?
4
0
1.7k
Mar ’22
Unloading an old kext and loading a new one still runs the old kext
Hello, I'm currently developing a kext on Catalina 10.15.7 on a SIP disabled system (for easy building, loading, and unloading of kexts). When I printf "foo", build, then load the kext on my SIP disabled system, the console shows "foo" as expected. If I then unload, delete the kext, change the string to "bar", build, then reload the kext again, the message unexpectedly prints "foo" instead of the new message "bar". The only way I've been able to print "bar" is if I restart the system and load the kext again. I suspect this is a kext cache issue which I admittedly know little about. However, after trying the following commands after removing and deleting the old kext : kextcache -invalidate / kextcache -u / kextcache -U / -Boot touch /Library/Extensions It still does not update with the new "bar" message. To be more specific, here is the exact steps I use: sudo kextunload /Library/Extensions/mykext.kext sudo rm -rf /Library/Extensions/mykext.kext # Uncomment one or more of the four cache updaters below # sudo touch /Library/Extensions # sudo kextcache -system-caches # sudo kextcache -invalidate / # sudo kextcache -u /  sudo cp -r /Users/user/Library/Developer/Xcode/DerivedData/mykext-gaytpunjlfqfxygmrplhwibgikie/Build/Products/Debug/mykext.kext /Library/Extensions sudo chown -R root:wheel /Library/Extensions/mykext.kext sudo chmod -R go-rwx /Library/Extensions/mykext.kext sudo kextload /Library/Extensions/mykext.kext How can I test new kext builds without having to restart my virtual machine?
0
0
1.2k
Jun ’21