2

I have googled and searched here and have come up empty.

I have an application that installs a system extension and I'm resorting to writing to a file when the extension is installed to know.

Is there an objective C or Swift function that does essentially what systemextensionctl list does? This is a sandboxed app and I don't want to (and suspect I can't) fork/run a shell command.

spartygw
  • 3,289
  • 2
  • 27
  • 51
  • 1
    I'm not aware of one, but if one exists, I'd love to know about it! For DriverKit extensions, I'm currently matching the device(s) in IOKit in the app as well, and then detecting whether the dext's service node turns up in IOKit as well. If it shows up, my extension clearly is installed. I'm not sure how you'd go about that with other types of extension. – pmdj May 04 '22 at 07:33
  • 1
    That said, I believe you *can* spawn processes (for example using `NSTask` or `posix_spawn`) from a sandboxed process in macOS. (Not in iOS/iPadOS/tvOS) Whether or not `systemextensionctl` works inside the sandbox is another matter. I have no sandbox restriction in my uses, but my main issue with `systemextensionctl` is that its output is not in any way designed to be machine-readable, and there's no guarantee its output will be formatted consistently across macOS versions. – pmdj May 04 '22 at 07:38
  • @pmdj yep, totally agree that the output is fugly and needs help from grep at the very least to check. Would be nice if there was at least a `systemextensionctl list ` filter or something. Forking an `NSTask` is something we really want to do even if we can in the sandbox. Feels like a hole in the API. – spartygw May 04 '22 at 14:39

1 Answers1

1

There is still no public API to do that, but there is a way to use the private API under the systemextensionctl, OSSystemExtensionClient, as described here. You will need to reverse the OSSystemExtensionClient futher to get the list of extensions.

It also may be that you can find desired information in some .db files.

Both things are not considered as public and could be changed at any moment.

Arthur Bulakaiev
  • 1,207
  • 8
  • 17