User Profile

hi I developed an app that has an HID system extension, in debugging mode everything work fine, extension installed and the app connects to it and work but when I signed the app, everything was ruined, the app just can install system extension but can't connect to it system extension entitle ment <key>com.apple.developer.driverkit</key> <true/> <key>com.apple.developer.driverkit.family.hid.device</key> <true/> <key>com.apple.developer.driverkit.family.hid.eventservice</key> <true/> <key>com.apple.developer.driverkit.family.hid.virtual.device</key> <true/> <key>com.apple.developer.driverkit.transport.hid</key> <true/> <key>com.apple.security.app-sandbox</key> <true/> <key>com.apple.security.files.user-selected.read-only</key> <true/> <key>com.apple.security.network.client</key> <true/> <key>com.apple.security.network.server</key> <true/> app entitlement <key>com.apple.developer.driverkit.userclient-access</key> <array> <string>com.[TeamName].[ExtensionName]</string> </array> <key>com.apple.security.app-sandbox</key> <true/> <key>com.apple.developer.system-extension.install</key> <true/> <key>com.apple.security.files.user-selected.read-write</key> <true/> <key>com.apple.security.network.client</key> <true/> <key>com.apple.security.network.server</key> <true/> seems to can connect to SystemExtension com.apple.developer.driverkit.userclient-access is necessary but if I don't remove this from app entitlement the code signature will be invalid part codes to connect to SystemExtension static const char* dextIdentifier = "[driver bundle identifier]"; // this maybe should change to com.[TeamName].[DriverName] when app want to publish(i don't know) softu2f_ctx *softu2f_init(softu2f_init_flags flags) { softu2f_ctx *ctx = NULL; io_service_t service = IO_OBJECT_NULL; io_iterator_t iterator = IO_OBJECT_NULL; kern_return_t ret; int err; // Find driver. ret = IOServiceGetMatchingServices(kIOMasterPortDefault, IOServiceNameMatching(dextIdentifier), &iterator); if (ret != kIOReturnSuccess) { syslog(LOG_WARNING, "u2f: cant find services"); goto fail; } while ((service = IOIteratorNext(iterator)) != IO_OBJECT_NULL) { ret = IOServiceOpen(service, mach_task_self(), 0, &ctx->con); if(ret != kIOReturnSuccess) { syslog(LOG_WARNING, "u2f: cant open service"); break; } else{ syslog(LOG_WARNING, "u2f: opened service"); } IOObjectRelease(service); } Note: when the app was signed the iterator was been 0 (and should not be) Note: the entitlement about DriverKit was granted (maybe the problem is userclient-access not granted)