are these error codes documented somewhere? what tool(s) can be used to check kext signatures?

I recently updated my test machine to Big Sur beta 3. I built a driver installation app, which hosts a driverkit extension. The app used to run on Big Sur b1. Now, it won't launch at all in the debugger, it fails with this error: Domain: RBSRequestErrorDomain Code: 5 from Finder it fails with an error -1, and no further information. If I move it to /Applications and run it from there, I get a crash report which says it failed due to a code signing error. xception Type: EXCCRASH (Code Signature Invalid) Exception Codes: 0x0000000000000000, 0x0000000000000000 Exception Note: EXCCORPSE_NOTIFY the thing is, codesign says it is fine: codesign -v -vvv /Applications/DriverInstallationApp.app /Applications/DriverInstallationApp.app: valid on disk /Applications/DriverInstallationApp.app: satisfies its Designated Requirement spctl says 'rejected' without giving a reason. I have SIP turned off on this machine, so I'd never notarized the app before. So in desperation I tried notarizing the app. Once notarized, the app is "accepted" by spctl, but it still crashes with the same "code signature invalid" error. Does anyone have any ideas on how I can debug this?

Does anyone know how to do this?We'd like to ber able to reproduce at will the situation where users are asked to approve the installation of our kexts.There are posts on this forum but they're quite oldhttps://forums.developer.apple.com/thread/100281 (never answered)https://forums.developer.apple.com/thread/101412(Quinn suggested using a VM snapshot)Our QA tests on real Macs with real hardware. It takes a long time to re-install an 8GB OS. Isn't there a sanctioned way to wipe this particular slate clean?

I'm trying to build the driverkit sample from github (https://github.com/knightsc/USBApp)according to this: https://developer.apple.com/system-extensions/"If you plan to deploy drivers built with DriverKit, allow other developers to use your system extensions, or use the EndpointSecurity API, you’ll need to request an entitlement from Apple.While your request is in review, you can test system extensions on your Mac by temporarily turning off System Integrity Protection."I'm trying to build on a system with SIP off, but I can't get as far as testing because Xcode won't build or sign the dext. I don't want it signed, because I have no entitlements, I'd be happy to run it locally to figure out if it is worth proceeding with even requesting entitlements.Has anyone been able to build and test a dext without already having entitlements?

I've watched the video of WWDC 2019 session 702, System Extensions and DriverKit, and I'm still a little puzzled.For instance, what's the point of USBDriverKit, that is, why would I use it in preference to the already extant user-mode USB APIs? The demo shows an extension that does nothing - it logs to the debugger, but it doesn't provide any services to multiple clients in the system. In a KEXT, those services are provided by publishing them in the IORegistry; they provide well-known interfaces in the kernel to which a well-known user client can connect. If my extension ships in my own app, and provides services only to that app, I may as well implement the extension's functions directly in my app.How does my app (or more importantly, a third-party app) communicate with my dext? That wasn't covered in session 702. Neither was the case of replacing or augmenting an existing system driver, for example filtering the data passing through a USB mass storage driver, based on sideband data which the standard system driver cannot convey. For a kext, I would simply call IORegisterService and the rest of the stack would be build on top of my driver.Is the sample code for the demo of session 702 available? Any other sample code for DriverKit?