userclient access entitlements for 3rd-party apps

Question

P_Egor OP

Created Oct ’21

Replies 2

Boosts 0

Views 2.2k

Participants 3

Hello,

I'm developing a kit which works with PCIe card (a calculation accelerator). The kit contains a dynamic library which communicates with PCIe card driver (dext) via userclient part. Test applications inside the kit works well.

The kit itself can be used as a python module. But python app doesn't contain the userclient access entitlements and the communication with the driver is broken.

Is it possible to make/to sign a module (not application) to work with the hardware (PCIe card)? Or what is the common solution for such case?

One of the way is a disabling AMFI but it doesn't work for end-user.

Answered by in 692608022

Adding this com.apple.developer.driverkit.allow-any-userclient-access entitlement to the dext should allow any application to connect via UserClient to the dext. This should allow you to provide an API in your dext that can be accessed by other applications.

Boost

Answer 1

OP

Apple

Oct ’21

Accepted Answer

Adding this com.apple.developer.driverkit.allow-any-userclient-access entitlement to the dext should allow any application to connect via UserClient to the dext. This should allow you to provide an API in your dext that can be accessed by other applications.

0

Answer 2

myurik2 OP

Jun ’22

@Drewbadour I added com.apple.developer.driverkit.allow-any-userclient-access into my driver's entitlements and driver is no longer discoverable after re-install. I mean it no longer appears as process, I can't see it in ioreg and can't find a match via IOServiceGetMatchingServices.

In Console App I see:

taskgated-helper myDriver: Unsatisfied entitlements: com.apple.developer.driverkit.allow-any-userclient-access
amfid /Library/SystemExtensions/B7624EEF-3688-4735-A58B-26FEF4DE353C/myDriver.dext/myDriver signature not valid: -67671

I can discover driver if I remove this entitlement but I stuck on IOServiceOpen with kIOReturnError(iokit_common_err(0x2bc) // general error) error.
My setup:
macOS 12.4
Xcode Version 13.4

0