Is Network Extension -- XPC --> launchd daemon possible?

Question

Created Jul ’20

Replies 4

Boosts 0

Views 1.2k

Participants 2

I want/need/would like the Network Extension to send a XPC message to a XPC listener of a launchd daemon.

So far, what I'm observing is:

the NE is apparently able to obtain a remote proxy object for the XPC service name defined by the launchd daemon.
when the proxy invokes one of the methods of the remote interface, it does nothing:
- the completion handler of the method is not called in the Network Extension.
- the proxy error handler is not called either.

In Console, I'm seeing:

Code Block com.xxxxxxxxx.extension    Error Domain=NSCocoaErrorDomain Code=4099 "The connection to service on pid 0 named com.xxxxxxx.logListener was invalidated." UserInfo={NSDebugDescription=The connection to service on pid 0 named com.xxxxxxx.logListener was invalidated.}

This is a bit mysterious considering that the pid for the listener is not 0 (i.e. the kernel_task).

Questions:

Is it possible to send XPC messages from a Network Extension to a launchd daemon?
Maybe this requires to use some specific service names too or specific bundle identifier for the launchd daemon. Which ones?

I would rather not have to send a XPC message from the launchd daemon to the NE as this would mean that the launchd daemon would need to be launched at startup. Also this would not make a lot of sense from an architectural point of view since it's the launchd daemon that is supposed to be a service for the network extensions and no the opposite.

Boost

Answer 1

tartempion OP

Jul ’20

After some additional attempts, it looks like that:

its' possible.
the name of the Mach service needs to be prefixed with the team identifier and the app group/hosting app prefix.

1

Answer 2

Babse OP

Jul ’20

@tartempion :
Am facing the same issue . do you host The XPC service in an app . i have a .xpc as target (not a daemon application containing .xpc ) which is directly used in launchd . have published the MachServices properly . any pointers would really help .

0

Answer 3

tartempion OP

Jul ’20

@Babse

In my case, the XPC service is in a launchd daemon.

To figure out how to make this work, I had the XPC service client code in both the Network Extension and in an app.

Because the results of stopping and starting a Network Extension on Catalina are totally unreliable, having the same code in an app helped making sure that the XPC service was correctly started by launchd and that messaging through a proxy object worked.

This proved to be useful to detect little mistakes such as not having the same mach service name in the launchd .plist file and the listener code.

For the name of the service, I used the following pattern:

Code Block TeamID.bundle_identifier_of_the_app_embedding_the_network_extension.some_service_name

Currently, I have 3 XPC service names defined in the launchd .plist of a single daemon and all services are visible and usable from the Network Extension.

I'm not sure whether the name of the launchd .plist file and the Label values matter but, just in case (because of the strange sandbox idea of relying on a group name), I used the same value for both of them with the following pattern:

Code Block bundle_identifier_of_the_app_embedding_the_network_extension.something

Because starting and stopping Network Extensions is unreliable, when something does not work, I usually restart the Mac, thus removing the Network Extension through the System Preferences > Network pref pane seem to also work in most cases. So far, I've probably restarted the Mac more than I did when developing the kernel extension flavor…

1

Answer 4

Babse OP

Aug ’20

@tartempion : that is a very detaild answer . the answer helped me to move ahead . many thank you .

0