Stack Overflow
Stack Overflow

Questions tagged [macos-system-extension]

System Extension bundles were introduced with macOS 10.15 as eventual replacements for kernel extensions.

System Extension bundles were introduced with macOS 10.15 as eventual replacements for kernel extensions.

66 questions
1
vote
1 answer

Should IOBufferMemoryDescriptor be released of free'd?

I am looking at the documentation of IOBufferMemoryDescriptor. It says "... Except where noted, you are also responsible for releasing buffers that you allocate.". IOBufferMemoryDescriptor::free also exists. My questions is: should I use free or…
tuple_cat
  • 1,165
  • 2
  • 7
  • 22
1
vote
0 answers

DriverKit - Access to hub for SuspendDevice() equivalent

I have written a DriverKit for a USB device and it seems to work well. It is a port from an existing KExt. In the KExt I could call SuspendDevice(true) on IOUsbDevice and it would tell the hub to suspend the port to which the device is attached. I…
ScottBraun
  • 61
  • 6
1
vote
0 answers

How to get invoked handleInterruptPacket override method in case of ACM DEXT(IOUserUSBSerial)?

In ACM Dext handleInterruptPacket override method is not getting invoked by the system. Kindly let me know anything missing. iig file: class UserUsbACMControl: public IOUserUSBSerial { virtual void handleInterruptPacket(const uint8_t…
david
  • 413
  • 5
  • 20
1
vote
1 answer

Pass Argument From App Delegate to System Extension, Mac OS

I am creating a system extension and bundling it in a Mac app on Mac OS Catalina. I have had success building the app and requesting activation of the extension from my application delegate (Swift). My System Extension can successfully run. My…
DemetriOS
  • 181
  • 13
1
vote
1 answer

idVendor for apple.developer.driverkit.transport.usb

I was reading this informative post How to set `com.apple.developer.driverkit.transport.usb` entitlement? I wanted to ask, where do I get this idVendor from? What should be its value ?
Baab
  • 179
  • 6
1
vote
1 answer

How to overwrite portions of a DriverKit OSData internal buffer?

The documentation of OSData says that "...You can add bytes to them and overwrite portions of the byte array.". I can see a method to append bytes, but I don't understand how I am able to overwrite a portion of the buffer. Another option would be to…
tuple_cat
  • 1,165
  • 2
  • 7
  • 22
1
vote
1 answer

How to protect on mac OS system extension security endpoint from being kill

How can I protect my macOS system extension endpoint security from: A. kill by the user (root user) B. unloading by the root user?
park joh
  • 23
  • 3
1
vote
0 answers

Building Xcode project without a provisioning profile

I'm sorry if it's already answered here but I wasn't able to find it. I want to play a bit with DriverKit and SEXTs but I'm not in the Apple Developer Program. Is there a way to build a project using DriverKit in Xcode without using a provisioning…
TheKuko
  • 11
  • 2
1
vote
0 answers

How to use Network System Extensions to manipulate the data before forwarding it

I have a product for macOS which uses Network Kernel Extensions to get the network data and modify the data based on some pre-defined rules. As kexts will no longer be supported starting macOS 10.16, I have to port my solution to use Network System…
toti
  • 325
  • 4
  • 12
1
vote
1 answer

NEFilterProvider record network activity

NEFilterProvider, or more specifically its 2 subclasses NEFilterDataProvider and NEFilterPacketProvider, has the functionality to allow or deny network activity. However, I couldn't find any way to log in the activity, for debugging purposes. I know…
DevShark
  • 8,558
  • 9
  • 32
  • 56
0
votes
0 answers

How to enable multiple proxy managers waiting for user approval event

I have a MacOS network extension that activates 3 network "Proxies" (TransparentProxy, AppProxy and DNSProxy). To activate the proxies I do: NEAppProxyProviderManager.loadAllFromPreferences { saveToPreferences { error in if (error) { …
Zohar81
  • 4,554
  • 5
  • 29
  • 82
0
votes
1 answer

What is the rule of flow orientation when packet tunnel provider and app proxy provider run simultaneously on one mac endpoint?

What is the rule of flow orientation when packet tunnel provider and app proxy provider run simultaneously on one mac endpoint? There is two applications run on one mac endpoint, one app with app proxy provider, and another with packet tunnel…
yanran
  • 33
  • 5
0
votes
0 answers

Screen watermark not worked on macOS 12.4, but work fine before macOS 12.4

I developed a screen watermarking program that worked fine before macOS 12.4. After upgrading to 12.4, "System Extension Blocked" pop-up cann't be click, but the other window is ok. the sample code like this NSScreen *screen = [NSScreen…
I'm a robot
  • 1
0
votes
1 answer

Is it possible to read/write another process' memory using the new Apple Endpoint Security Framework?

With kexts we could to vm_read/vm_write, is there a similar way for Endpoint Security?
Toma
  • 2,764
  • 4
  • 25
  • 44
0
votes
1 answer

Mac Endpoint security - Prevent users from deleting keychain items

I am trying out Endpoint security System extension to prevent users from deleting my app data. I used "ES_EVENT_TYPE_AUTH_UNLINK" to stop users from deleting app files. I am trying to figure out how I can stop user from deleting keychain item.
Durgaprasad
  • 1,910
  • 2
  • 25
  • 44
1 2 3
4
5