Stack Overflow
Stack Overflow

Questions tagged [xnu]

xnu is the name of the operating system kernel that underpins Mac OS X/darwin and iOS.

xnu is the name of the operating system kernel that underpins Darwin, which in turn is the core of Apple's macOS (formerly OS X and Mac OS X), iOS/iPadOS (formerly iPhoneOS), tvOS, and watchOS operating systems. It has its origins in the NeXTStep operating system, and is a combination of parts of the Mach kernel (mainly the virtual memory subsystem and inter-process communication via Mach "ports"), the 4.3BSD kernel (networking, process management, POSIX compatibility, VFS/file system layer) and a device driver subsystem called the I/O Kit, which was developed in C++ specifically for the xnu kernel.

147 questions
0
votes
1 answer

Why is this pointer dereference ignored in this inline assembly statement?

In the XNU sources, specifically there is a function for fast access of thread-local data: __attribute__((always_inline)) static __inline__ void* _os_tsd_get_direct(unsigned long slot) { void *ret; __asm__("mov %%gs:%1,…
Bryan
  • 193
  • 7
0
votes
1 answer

How does Pfctl set firewall rules to kernel extension

I'd like to build a daemon based process that configure the network kernel module firewall capabilities. Currently, I can control this kernel firewall using pfctl and various configuration files that describe the filtering rules. However, I wish to…
Zohar81
  • 4,554
  • 5
  • 29
  • 82
0
votes
1 answer

Kext trigger panic in thread context switch in macOS 10.14.

Recently, I've tested my kext on 10.14 and it seem to run smoothly for a while. But after some random time(can take few minutes), It produces the following panic : thread_invoke: preemption_level -1, possible cause: unlocking an unlocked mutex or…
Zohar81
  • 4,554
  • 5
  • 29
  • 82
0
votes
1 answer

why is this pointer Typedef'd to a struct

I've been looking through the code for various IPC systems and I happen to come across these lines in Mach(xnu-123.5/osfmk/ipc/ipc_port.h) typedef port_name_t mach_port_name_t; typedef mach_port_name_t *mach_port_name_array_t; where the…
Emacs Fan
  • 3
  • 1
0
votes
1 answer

What’s the role of UPL (Universal Page List) in XNU?

I’m just beginner of XNU and studying that source code. While seeing the VM. I have three questions. • What is role of UPL? Is it the same to anon_vma and PST node in Linux for reverse mapping? • If first answer is True, How XNU can find virtual…
Levi
  • 79
  • 8
0
votes
1 answer

macOS Kauth API lack vnode rename prevention

In order to protect my project file from being deleted by unauthorized entities, I used kauth_listen_scope with KAUTH_SCOPE_VNODE option to add new callback function that prevent other from deleting those files. However, it appears that it's…
Zohar81
  • 4,554
  • 5
  • 29
  • 82
0
votes
1 answer

How to instrument XNU kernel binary at compile time?

I want to insert my code block at the prologue of each function in XNU kernel at compile time. Writing an LLVM pass for IR transformation is probably the best choice for it, but I couldn't find any information about building XNU kernel with LLVM…
user10007
  • 1
  • 1
0
votes
1 answer

IPC between kext modules

I was wondering if I can implement bi-directional communication channel between 2 kext modules using sockets under the domain PF_SYSTEM. this method mostly used to communicate between driver and user-space agent.. In my particular case I've got one…
user7256215
0
votes
1 answer

About accessing userspace memory from kernel

I'm doing kext development at XNU kernel, there is KPI function called copyin and its friends, similar to copy_from_user at Linux kernel So I'm using copyin at most time, it's more secure processing data at kernelspace rather than relatively…
cocoa
  • 11
  • 6
0
votes
2 answers

Mac OS (10.13.1) task_for_pid for forked process "(os/kern) failure"

Last time I'm trying to write simple genetic fuzzer (using strictly Mac OS, just for fun). My idea is something like that : -> Main program that control forked process --> forked process load binary code from disk and jump into it. -> parent ask for…
Domin568
  • 31
  • 8
0
votes
1 answer

kextutil says my kernel extension signature is invalid, but code sign says it is valid. It does not load

This is the first time I have ever tried to sign a kernel extension, so I am open to the possibility that I'm doing it wrong. I requested a kernel signing certificate from Apple. I was required to fill out a form that demonstrated that I really…
Mike Crawford
  • 2,232
  • 2
  • 18
  • 28
0
votes
1 answer

OS X WindowServer: No matching context for device (xxxxx) on real mac

I have a Macbook Air 13" (2017 model, base 1.8Ghz) and I wanted to see if I could run Mavericks on it. The 2017 model is identical to the 2015 save the upgraded processor and different Board-ID (Mac-937CB26E2E02BB01). Its Board-ID isn't whitelisted…
Daniel Rodriguez
  • 31
  • 1
  • 4
0
votes
1 answer

What library contains the kernel code called through IOConnectCallMethod

I am reversing iOS firmware. Is there any way I can find the kernel binary code, which is called via IOConnectCallMethod?
Alex
  • 392
  • 1
  • 12
0
votes
1 answer

SIP off on mac os but still cant load my kext

i,m new to kext programming so my problem is: i,m running macOS 10.11.6 i have turned SIP off but when i try to load my kext using kextload and using the -v flag i get that my kext was successfully loaded: *Requesting load of…
yazan daba
  • 219
  • 5
  • 11
0
votes
1 answer

Catch system calls on Mac OS X

I'm trying to catch all systems-calls called by a given PID with a self-made program (I cant use any of strace, dtruss, gdb...). So i used the function kern_return_t task_set_emulation(task_t target_port, vm_address_t routine_entry_pt, int…
limaconoob
  • 53
  • 1
  • 7
1 2 3
9
10