User Profile

I built an app which hosts a CMIOExtension. The app works, and it can activate the extension. The extension loads in e.g. Photo Booth and shows the expected video (a white horizontal line which moves down the picture). I have a couple of questions about this though. The sample Camera Extension is built with a CMIOExtension dictionary with just one entry, CMIOExtensionMachServiceName which is $(TeamIdentifierPrefix)$(PRODUCT_BUNDLE_IDENTIFIER) This Mach service name won't work though. When attempting to activate the extension, sysextd says that the extensions has an invalid mach service name or is not signed, the value must be prefixed with one of the App Groups in the entitlement. So in order to get the sample extension to activate from my app, I have to change its CMIOExtensionMachServiceName to <my team ID>.com.mycompany.my-app-group.<myextensionname> Is this to be expected? The template CMIOExtension generates its own video using a timer. My app is intended to capture video from a source, filter that video, then feed it to the CMIOExtension, somehow. The template creates an app group called "$(TeamIdentifierPrefix)com.example.app-group", which suggests that it might be possible to use XPC to send frames from the app to the extension. However, I've been unable to do so. I've used NSXPCConnection * connection = [[NSXPCConnection alloc] initWithMachServiceName:, using the CMIOExtensionMachServiceName with no options and with the NSXPCConnectionPrivileged option. I've tried NSXPCConnection * connection = [[NSXPCConnection alloc] initWithServiceName: using the extension's bundle identifier. In all cases when I send the first message I get an error in the remote object proxy's handler: Error Domain=NSCocoaErrorDomain Code=4099 "The connection to service named <whatever name I try> was invalidated: failed at lookup with error 3 - No such process." According to the "Daemons and Services Programming Guide" an XPC service should have a CFBundlePackageType of XPC!, but a CMIOExtension is of type SYSX. It can't be both. Does the CMIOExtension loading apparatus cook up a synthetic name for the XPC service, and if so, what is it? If none, how is one expected to get pixel buffers into the camera extension?

I'm trying to make a DEXT target within my project. It compiles and links fine if I build just its own scheme. However, if I build my app's target, which includes the DEXT as a dependency, the build fails when linking the DEXT. The linker commands are different in the two cases. When built as part of the larger project, the DEXT linker command includes -fsanitize\=undefined. This flag is absent when I build using the DEXT's scheme alone. I searched the .pbxproj for "sanitize" - it doesn't appear, so it looks like Xcode is adding this flag. The linker failure is this: File not found: /Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/lib/clang/13.1.6/lib/darwin/libclang_rt.ubsan_driverkit_dynamic.dylib The only files with "driver kit" in their name in that directory are these two: libclang_rt.cc_kext_driverkit.a libclang_rt.driverkit.a The successful link command includes this directive: -lc++ /Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/lib/clang/13.1.6/lib/darwin/libclang_rt.driverkit.a while the unsuccessful link command includes this one: -lc++ /Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/lib/clang/13.1.6/lib/darwin/libclang_rt.ubsan_driverkit_dynamic.dylib I tried adding -fno-sanitize=undefined to the OTHER_LINKER_FLAGS for the DEXT target, hoping that this would cancel the effect of the previous -fsanitize, but then I get undefined symbol errors: Undefined symbol: ___ubsan_handle_shift_out_of_bounds Undefined symbol: ___ubsan_handle_type_mismatch_v1 These appear to be referred to by the macros used in the iig magic. I'm using Xcode 13.4.1 (13F100). Does anyone know how I can fix this?

In my keychain, I have one Developer ID Application certificate, with a private key, for my Team. In Xcode's Accounts/Manage Certificates dialog, there are three Developer ID Application certificates, two of which have a red 'x' badge and the status 'missing private key'. I can right click on any of those three entries and my only enabled choice is "Export". Email creator or Delete are disabled. Why? In my Team's account, there are indeed three Developer ID Application certificates, with different expiration dates, but I only have the private key for one of them. By choosing Manual signing, I can choose a specific certificate from my keychain, but Xcode 13.2.1 tells me that this certificate is missing its private key - but I can see that private key in my keychain!

For some time I've been sharing an internal macOS app with my colleagues by simply building it locally, zipping it up and emailing, or sharing on Slack or Teams. In the Target Settings in Xcode, Signing and Capabilities, the Team is set to my company, the Signing Certificate is set to Development (not "Sign to run locally"). This has worked for some time. None of the recipients complained that they couldn't run the app. Of course it is not notarized so they need to right-click and select Open the first time around. When I examine the signature of the app I distribute this way, using `codesign -dvvv, the signing authority is me (not my company). One of my colleagues recently migrated to a new Mac Mini M1. On this Mac, when attempting to open the app, he saw the "you do not have permission to open the application" alert. He's supposed to consult his sys admin (himself). I fixed the problem by Archiving a build and explicitly choosing to sign it using the company's Developer ID certificate. The version produced this way has a signing authority of my company, not me, and my colleague can run it. Does anyone know why my previous builds work on other machines for other users? It appears that the locally-built app was actually signed by my personal certificate, although Xcode's UI said it would be signed by my company - but it didn't only work for me? What is the expected behavior if you try to open an app signed with a personal certificate on a machine owned by a different person? Should Security & Privacy offer the option of approving that particular personal certificate?

I've watched the video of WWDC 2019 session 702, System Extensions and DriverKit, and I'm still a little puzzled.For instance, what's the point of USBDriverKit, that is, why would I use it in preference to the already extant user-mode USB APIs? The demo shows an extension that does nothing - it logs to the debugger, but it doesn't provide any services to multiple clients in the system. In a KEXT, those services are provided by publishing them in the IORegistry; they provide well-known interfaces in the kernel to which a well-known user client can connect. If my extension ships in my own app, and provides services only to that app, I may as well implement the extension's functions directly in my app.How does my app (or more importantly, a third-party app) communicate with my dext? That wasn't covered in session 702. Neither was the case of replacing or augmenting an existing system driver, for example filtering the data passing through a USB mass storage driver, based on sideband data which the standard system driver cannot convey. For a kext, I would simply call IORegisterService and the rest of the stack would be build on top of my driver.Is the sample code for the demo of session 702 available? Any other sample code for DriverKit?

I'm trying to build the driverkit sample from github (https://github.com/knightsc/USBApp)according to this: https://developer.apple.com/system-extensions/"If you plan to deploy drivers built with DriverKit, allow other developers to use your system extensions, or use the EndpointSecurity API, you’ll need to request an entitlement from Apple.While your request is in review, you can test system extensions on your Mac by temporarily turning off System Integrity Protection."I'm trying to build on a system with SIP off, but I can't get as far as testing because Xcode won't build or sign the dext. I don't want it signed, because I have no entitlements, I'd be happy to run it locally to figure out if it is worth proceeding with even requesting entitlements.Has anyone been able to build and test a dext without already having entitlements?

are these error codes documented somewhere? what tool(s) can be used to check kext signatures?

I recently updated my test machine to Big Sur beta 3. I built a driver installation app, which hosts a driverkit extension. The app used to run on Big Sur b1. Now, it won't launch at all in the debugger, it fails with this error: Domain: RBSRequestErrorDomain Code: 5 from Finder it fails with an error -1, and no further information. If I move it to /Applications and run it from there, I get a crash report which says it failed due to a code signing error. xception Type: EXCCRASH (Code Signature Invalid) Exception Codes: 0x0000000000000000, 0x0000000000000000 Exception Note: EXCCORPSE_NOTIFY the thing is, codesign says it is fine: codesign -v -vvv /Applications/DriverInstallationApp.app /Applications/DriverInstallationApp.app: valid on disk /Applications/DriverInstallationApp.app: satisfies its Designated Requirement spctl says 'rejected' without giving a reason. I have SIP turned off on this machine, so I'd never notarized the app before. So in desperation I tried notarizing the app. Once notarized, the app is "accepted" by spctl, but it still crashes with the same "code signature invalid" error. Does anyone have any ideas on how I can debug this?

Does anyone know how to do this?We'd like to ber able to reproduce at will the situation where users are asked to approve the installation of our kexts.There are posts on this forum but they're quite oldhttps://forums.developer.apple.com/thread/100281 (never answered)https://forums.developer.apple.com/thread/101412(Quinn suggested using a VM snapshot)Our QA tests on real Macs with real hardware. It takes a long time to re-install an 8GB OS. Isn't there a sanctioned way to wipe this particular slate clean?