Tells code signing services that the calling code will directly respond to hosting inquiries over the given port.


func SecHostSetHostingPort(_ hostingPort: mach_port_t, _ flags: SecCSFlags) -> OSStatus



A Mach message port with send rights. This port is recorded and handed to parties interested in querying the host about its children.


Optional flags; see SecCSFlags for possible values. Pass defaultFlags for standard behavior.

Return Value


If you want to use dynamic hosting mode (see Guest Code), call this function before calling any other code signing services hosting functions. When you call SecHostSetHostingPort(_:_:), the calling code takes direct responsibility for answering questions about its guests using the hosting IPC services. After you call this function, you cannot call the SecHostCreateGuest(_:_:_:_:_:_:), SecHostRemoveGuest(_:_:_:), or SecHostSetGuestStatus(_:_:_:_:) functions.

The SecHostSelectGuest(_:_:) and SecHostSelectedGuest(_:_:) functions work after calling this function.

Once you call this function, the calling code must act in dynamic hosting mode; proxy hosting mode is disabled for the lifetime of the calling code.

Dynamic hosting is useful if you have a large host with many guests that are changing status frequently. In that case, it’s more efficient to only respond to requests for information when they’re made than to call the status update functions (SecHostCreateGuest(_:_:_:_:_:_:), SecHostSetGuestStatus(_:_:_:_:), or SecHostRemoveGuest(_:_:_:)) every time something changes. However, dynamic hosting mode is not fully supported by high-level API functions at this time. Unless you have extensive knowledge of Mach messaging and have a particular need to manage your guest code dynamically, it is recommended that you use proxy hosting mode.

See Also

Guest Management

func SecCodeCopyHost(SecCode, SecCSFlags, UnsafeMutablePointer<SecCode?>) -> OSStatus

Retrieves the code object for the host of specified guest code.

func SecHostSelectGuest(SecGuestRef, SecCSFlags) -> OSStatus

Makes the calling thread the proxy for a specified guest.

func SecHostSelectedGuest(SecCSFlags, UnsafeMutablePointer<SecGuestRef>) -> OSStatus

Retrieves the handle for the guest currently selected for the calling thread.

func SecCodeMapMemory(SecStaticCode, SecCSFlags) -> OSStatus

Asks the kernel to accept the signing information currently attached to a code object and uses it to validate memory page-ins.