I'm writing some code, intended to be run on macOS (not IOS). My code could greatly benefit from using IOReport, which is an undocumented IOKit API for obtaining various metrics like energy consumption on an Apple processor. I don't plan to submit my program to the App Store, but I do plan on making the Git repo containing my code public.
My understanding is that using undocumented IOKit APIs is strictly forbidden for IOS or macOS applications intended to be made available on the App Store.
But what about programs not intended to be submitted to the App Store, like in my case?
I'm wondering if anybody knows what Apple's policy is regarding using undocumented APIs in such a way on macOS.
IOKit
RSS for tagGain user-space access to hardware devices and drivers using IOKit.
Posts under IOKit tag
34 Posts
Sort by:
Post
Replies
Boosts
Views
Activity
Hello @all
I'm develop a DriverKit driver extension and without entitlement checks by OS everything runs fine. But if the entitlements check is enabled in the NVRAM then I get an error due connecting my IOUserClient instance. Which entitlements are really and exactly required for my driver?
My driver contains:
one IOUserClient instance
and multiple IOUserSerial instances
The bundle identifier of the driver ist:
org.eof.tools.VSPDriver
The bundle identifier of the client app
org.eof.tools.VSPInstall
My entire source code is available on GitHub if any one want to dive deep in :)
kernel[0:5107] () [VSPDriver]: NewUserClient called.
kernel[0:5107] () [VSPDriver]: CreateUserClient: create VSP user client from Info.plist.
kernel[0:5107] () [VSPUserClient]: init called.
kernel[0:5107] () [VSPUserClient]: init finished.
kernel[0:5107] () [VSPDriver]: CreateUserClient: check VSPUserClient type.
kernel[0:5107] () [VSPDriver]: CreateUserClient: success.
kernel[0:5107] () [VSPDriver]: NewUserClient finished.
kernel[0:5107] () [VSPUserClient]: Start: called.
kernel[0:5107] () [VSPUserClient]: User client successfully started.
kernel[0:389f] DK: VSPUserClient-0x100001127:UC failed userclient-access check, needed bundle ID org.eof.tools.VSPDriver
kernel[0:389f] DK: VSPUserClient-0x100001127:UC entitlements check failed
kernel[0:5107] () [VSPUserClient]: Stop called.
kernel[0:5107] () [VSPUserClient]: User client successfully removed.
kernel[0:5107] () [VSPUserClient]: free called.
Here my drivers entitlement file:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>com.apple.developer.driverkit</key>
<true/>
<key>com.apple.developer.driverkit.allow-third-party-userclients</key>
<true/>
<key>com.apple.developer.driverkit.family.serial</key>
<true/>
</dict>
</plist>
Here my drivers Info.plist file
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>CFBundleDevelopmentRegion</key>
<string>$(DEVELOPMENT_LANGUAGE)</string>
<key>CFBundleExecutable</key>
<string>$(EXECUTABLE_NAME)</string>
<key>CFBundleIdentifier</key>
<string>$(PRODUCT_BUNDLE_IDENTIFIER)</string>
<key>CFBundleInfoDictionaryVersion</key>
<string>6.0</string>
<key>CFBundleName</key>
<string>$(PRODUCT_NAME)</string>
<key>CFBundlePackageType</key>
<string>$(PRODUCT_BUNDLE_PACKAGE_TYPE)</string>
<key>CFBundleShortVersionString</key>
<string>1.0</string>
<key>CFBundleVersion</key>
<string>1</string>
<key>NSHumanReadableCopyright</key>
<string>Copyright © 2025 by EoF Software Labs</string>
<key>OSBundleUsageDescription</key>
<string>Provide virtual serial port</string>
<key>com.apple.developer.driverkit</key>
<true/>
<key>com.apple.developer.driverkit.allow-any-userclient-access</key>
<true/>
<key>com.apple.developer.driverkit.communicates-with-drivers</key>
<true/>
<key>com.apple.developer.system-extension.redistributable</key>
<true/>
<key>OSBundleLibraries</key>
<dict>
<key>com.apple.iokit.IOSerialFamily</key>
<string>1.0</string>
</dict>
<key>IOKitPersonalities</key>
<dict>
<key>VSPDriver</key>
<dict>
<key>CFBundleIdentifier</key>
<string>$(PRODUCT_BUNDLE_IDENTIFIER)</string>
<key>CFBundleIdentifierKernel</key>
<string>com.apple.kpi.iokit</string>
<key>IOMatchCategory</key>
<string>$(PRODUCT_BUNDLE_IDENTIFIER)</string>
<key>IOProviderClass</key>
<string>IOUserResources</string>
<key>IOResourceMatch</key>
<string>IOKit</string>
<key>IOProbeScore</key>
<integer>0</integer>
<key>IOClass</key>
<string>IOUserService</string>
<key>IOUserClass</key>
<string>VSPDriver</string>
<key>IOUserServerName</key>
<string>$(PRODUCT_BUNDLE_IDENTIFIER)</string>
<key>UserClientProperties</key>
<dict>
<key>IOClass</key>
<string>IOUserUserClient</string>
<key>IOUserClass</key>
<string>VSPUserClient</string>
</dict>
<key>SerialPortProperties</key>
<dict>
<key>CFBundleIdentifierKernel</key>
<string>com.apple.driver.driverkit.serial</string>
<key>IOProviderClass</key>
<string>IOSerialStreamSync</string>
<key>IOClass</key>
<string>IOUserSerial</string>
<key>IOUserClass</key>
<string>VSPSerialPort</string>
<key>HiddenPort</key>
<false/>
<key>IOTTYBaseName</key>
<string>vsp</string>
<key>IOTTYSuffix</key>
<string>0</string>
</dict>
</dict>
</dict>
</dict>
</plist>
Here the entitlements of the client app
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>com.apple.developer.driverkit</key>
<true/>
<key>com.apple.developer.driverkit.allow-third-party-userclients</key>
<true/>
<key>com.apple.developer.driverkit.communicates-with-drivers</key>
<true/>
<key>com.apple.developer.shared-with-you</key>
<true/>
<key>com.apple.developer.system-extension.install</key>
<true/>
<key>com.apple.security.application-groups</key>
<array>
<string>$(TeamIdentifierPrefix).org.eof.apps</string>
</array>
</dict>
</plist>
Here the Info.plist of the client app:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>CFBundleDevelopmentRegion</key>
<string>$(DEVELOPMENT_LANGUAGE)</string>
<key>CFBundleExecutable</key>
<string>$(EXECUTABLE_NAME)</string>
<key>CFBundleIdentifier</key>
<string>$(PRODUCT_BUNDLE_IDENTIFIER)</string>
<key>CFBundleInfoDictionaryVersion</key>
<string>6.0</string>
<key>CFBundleName</key>
<string>$(PRODUCT_NAME)</string>
<key>CFBundlePackageType</key>
<string>$(PRODUCT_BUNDLE_PACKAGE_TYPE)</string>
<key>CFBundleShortVersionString</key>
<string>1.0</string>
<key>CFBundleVersion</key>
<string>1</string>
<key>LSMinimumSystemVersion</key>
<string>$(MACOSX_DEPLOYMENT_TARGET)</string>
<key>com.apple.developer.driverkit</key>
<true/>
<key>com.apple.developer.driverkit.install</key>
<true/>
<key>com.apple.developer.system-extension.install</key>
<true/>
<key>com.apple.developer.system-extension.uninstall</key>
<true/>
<key>com.apple.developer.driverkit.userclient-access</key>
<array>
<string>VSPDriver</string>
</array>
<key>com.apple.private.driverkit.driver-access</key>
<array>
<string>VSPDriver</string>
</array>
<key>com.apple.security.temporary-exception.iokit-user-client-class</key>
<array>
<string>IOUserUserClient</string>
</array>
</dict>
</plist>
Our product is using IOKit framework for monitoring USB device activities. We have used IOKit framework for getting the notification for USB plugin and un-plugins. With the macOS version 15.3 we are started seeing issue with it. When the notification is received during USB plugin/connection, we are unable to get IOUSBDeviceInterface object which will be used for further processing.
Currently we are seeing the below error every time, while trying to create the IO plugin interface using IOCreatePlugInInterfaceForService API:
create plugin Error: (0xe00002be): (iokit/common) resource shortage
Due to this the we are unable to proceed with the flow further and the entire flow is broken.
These logics work fine in macOS version 15.2 and lower versions without any issues.
logic used:
USBDevice::initInterfaceInterfaceByIOService(io_service_t entry)
{
IOCFPlugInInterface** plugInInterface = NULL;
IOUSBInterfaceInterface** interface = NULL;
SInt32 score = 0;
mach_error_code err =
IOCreatePlugInInterfaceForService(entry, kIOUSBInterfaceUserClientTypeID, kIOCFPlugInInterfaceID, &plugInInterface, &score);
if ((err != 0) || (!plugInInterface)) {
os_log_error(OS_LOG_DEFAULT, "Unable to create plugin \n");
return nullptr;
}
auto result = (*plugInInterface)->QueryInterface(plugInInterface, CFUUIDGetUUIDBytes(kIOUSBInterfaceInterfaceID), (LPVOID*)&interface);
(*plugInInterface)->Release(plugInInterface);
if (result || !interface) {
os_log_error(OS_LOG_DEFAULT, "Unable to create interface \n");
return nullptr;
}
return interface;
}
Can anyone advice on thread safety of IOHIDDeviceSetReport calls in IOKit framework? Any pointers to documentation covering the topic?
The Developer documentation for IOKit marks it as available for iOS 16+ but I had a hard time finding a way to import it into an iOS project.
I finally managed to do that using a bridging header file and iokit_linking.hpp. Why is it that hard to make it work on iOS? Is it okay to do it this way?
If I use any IOKit methods and/or properties in my app will I be able to submit it to the App Store?
Thanks.
Hello everyone.
After a lot of research and some tests from various sources, I have actually built a small SerialDriverKit IOUserSerial driver. Unfortunately, the documentation on the official sites is tight-lipped and very thin. At least I have a running driver instance. Now my request and question: Can anyone give me a tip on how to get the data from the serial client? I have already called IOUserSerial::ConnectQueues(...) in the IOUserSerial::Start() method and I got the IOMemoryDescriptors for interrupt, RX and TX to my driver instance. I tried to get access to the memory in the method IOUserSerial::TxDataAvailable() with IOMemoryDescriptor::CreateMapping(...).
Unfortunately, no data is coming in. It's always 0x00. Here is the OS log:
kernel: (org.eof.tools.VSPDriver.dext)
kernel: (org.eof.tools.VSPDriver.dext) [VSPDriver] init called.
kernel: (org.eof.tools.VSPDriver.dext) [VSPDriverPrivate] constructor called.
kernel: (org.eof.tools.VSPDriver.dext) [VSPDriver] start called.
kernel: (org.eof.tools.VSPDriver.dext) IOUserSerial::: 40 0x600000da4058
kernel: (org.eof.tools.VSPDriver.dext) [VSPDriverPrivate] Start called.
kernel: (org.eof.tools.VSPDriver.dext) [VSPDriverPrivate] Connect INT/RX/TX buffer.
kernel: (org.eof.tools.VSPDriver.dext) IOUserSerial::: 59 0x600000da4058
kernel: (org.eof.tools.VSPDriver.dext) [VSPDriverPrivate] prepare TCP socket.
kernel: (org.eof.tools.VSPDriver.dext) [VSPDriver] driver started successfully.
kernel: DK: VSPDriver-0x100000753::start(IOUserResources-0x100000116) ok
...
... some client serial setup stuff
...
kernel: (IOUserSerial) IOUserSerial::hwResetFIFO: 1076 ==>0
kernel: (IOUserSerial) IOUserSerial::hwResetFIFO: 1076 <==
kernel: (IOUserSerial) IOUserSerial::hwResetFIFO: 1076 locklevel = 1
kernel: (org.eof.tools.VSPDriver.dext) [VSPDriver] HwResetFIFO called.
kernel: (org.eof.tools.VSPDriver.dext) [VSPDriverPrivate] HwResetFIFO called.
kernel: (org.eof.tools.VSPDriver.dext) [VSPDriverPrivate] HwResetFIFO: tx=0 rx=1
kernel: (IOUserSerial) IOUserSerial::hwResetFIFO: 1076 ==>0
kernel: (org.eof.tools.VSPDriver.dext) [VSPDriver] TxDataAvailable called.
kernel: (org.eof.tools.VSPDriver.dext) [VSPDriverPrivate] TxDataAvailable called.
kernel: (org.eof.tools.VSPDriver.dext) [VSPDriverPrivate] TxDataAvailable: address=0x104c22000 length=16384
kernel: (org.eof.tools.VSPDriver.dext) [VSPDriverPrivate] TxDataAvailable: debug TX buffer
kernel: (org.eof.tools.VSPDriver.dext) [VSPDriverPrivate] TxDataAvailable: TX> 0x00
kernel: (org.eof.tools.VSPDriver.dext) [VSPDriverPrivate] TxDataAvailable: TX> 0x00
kernel: (org.eof.tools.VSPDriver.dext) [VSPDriverPrivate] TxDataAvailable: TX> 0x00
kernel: (org.eof.tools.VSPDriver.dext) [VSPDriverPrivate] TxDataAvailable: TX> 0x00
kernel: (org.eof.tools.VSPDriver.dext) [VSPDriverPrivate] TxDataAvailable: TX> 0x00
kernel: (org.eof.tools.VSPDriver.dext) [VSPDriverPrivate] TxDataAvailable: TX> 0x00
kernel: (org.eof.tools.VSPDriver.dext) [VSPDriverPrivate] TxDataAvailable: TX> 0x00
kernel: (org.eof.tools.VSPDriver.dext) [VSPDriverPrivate] TxDataAvailable: TX> 0x00
kernel: (org.eof.tools.VSPDriver.dext) [VSPDriverPrivate] TxDataAvailable: TX> 0x00
kernel: (org.eof.tools.VSPDriver.dext) [VSPDriverPrivate] TxDataAvailable: TX> 0x00
kernel: (org.eof.tools.VSPDriver.dext) [VSPDriverPrivate] TxDataAvailable: TX> 0x00
kernel: (org.eof.tools.VSPDriver.dext) [VSPDriverPrivate] TxDataAvailable: TX> 0x00
kernel: (org.eof.tools.VSPDriver.dext) [VSPDriverPrivate] TxDataAvailable: TX> 0x00
kernel: (org.eof.tools.VSPDriver.dext) [VSPDriverPrivate] TxDataAvailable: TX> 0x00
kernel: (org.eof.tools.VSPDriver.dext) [VSPDriverPrivate] TxDataAvailable: TX> 0x00
kernel: (org.eof.tools.VSPDriver.dext) [VSPDriverPrivate] TxDataAvailable: TX> 0x00
Hi,
I’m currently working on a project to sanitize data (Remove customer data) on MacBook storage devices (Refurbish). The NVMe SSD is embedded on the motherboard. I’ve created a simple proof-of-concept code (Running in terminal) with the following steps:
Check and Match the NVMe Device: Verify that the physical drive (disk0) exists on the system.
Open the Connection: Establish a connection to the device (disk0).
Send NVMe Admin Commands: For testing, I sent the IDENTIFY (0x06) command to confirm that the connection to the device works.
Close the Service and Connection: Terminate the connection after the test.
However, during runtime, I encountered an error when sending the command:
Error: Failed to send NVMe Admin Command with error: -536870206 ((iokit/common) invalid argument)
I’m unsure why this results in an "Invalid argument" error. Is the method I’m using to send the Admin Command incorrect? If so, what is the proper function call to use in the IOKit framework? Alternatively, are there any other recommended methods to achieve this?
In the future, I also need to send commands like ‘Sanitize (84h)’ and ‘Format NVM (80h).’ Since I’m new to macOS development, I’d greatly appreciate any advice or guidance from experts in this area.
I have attached the source code and related ioreg file for 'IOMedia' and 'IONVMeController' for you guy reference.
IOMedia
IONVMeController
sendAdminCommands.cpp
Thank you so much for your help!
Regards,
Winson
I have a C++/Objective-C command line application, running on MacOs (15.1.1 (24B91)), that communicates with a Bluetooth LE peripheral. The application is build with Apple clang 16.0.0 and CMake as build system using Boost.Asio.
I'm able to establish a L2CAP channel and after the channel is established, the peripheral sends a first (quite small) SDU on that channel to the application. The PSM is 0x80 and was chosen by the peripherals BLE stack. The application receives the PSM via GATT notification.
I can see the SDU being send in a single LL PDU with Wireshark. I can also see the SDU being received in Apples PacketLogger. But I miss the corresponding call to a stream event handler. For all other GATT related events, the corresponding delegates / callbacks are called.
The code that creates a dispatch queue and passes it to the CBCentralManager looks like this:
dispatch_queue = dispatch_queue_create("de.torrox.ble_event_queue", NULL);
manager = [[CBCentralManager alloc] initWithDelegate:self queue:dispatch_queue options:nil];
When the L2CAP channel is established, the didOpenL2CAPChannel callback gets called from a thread within the dispatch_queue (has been verified with lldb):
- (void)peripheral:(CBPeripheral *)peripheral
didOpenL2CAPChannel:(CBL2CAPChannel *)channel
error:(NSError *)error
{
[channel inputStream].delegate = self;
[channel outputStream].delegate = self;
[[channel inputStream] scheduleInRunLoop:[NSRunLoop currentRunLoop] forMode:NSDefaultRunLoopMode];
[[channel outputStream] scheduleInRunLoop:[NSRunLoop currentRunLoop] forMode:NSDefaultRunLoopMode];
[[channel inputStream] open];
[[channel outputStream] open];
...
// a reference to the channel is stored in the outside channel object
[channel retain];
...
}
Yet, not a single stream event is generated:
- (void)stream:(NSStream *)stream
handleEvent:(NSStreamEvent)event_code
{
Log( @"stream:handleEvent %@, %lu", stream, event_code );
...
}
When I add a functionality, to poll the input stream, the stream will report the expected L2CAP input. But no event is generated.
The main thread of execution is usually blocking on a boost::asio::io_context::run() call. The design is, to have the stream callback stream:handleEvent to post call back invocations on that io_context, and thus to wake up the main thread and get that callbacks being invoked on the main thread.
All asynchronous GATT delegate calls are working as expected. The only missing events, are the events from the L2CAP streams. The same code worked in an older project on an older version of MacOs and an older version of Boost.
How can I find out, why the stream delegates are not called?
On a macOS machine running v15.0, I have a daemon run by launchd which subscribes to the sleep and wakeup notifications using the IORegisterForSystemPower method.
void PowerCallBack(void* refCon, io_service_t service, natural_t messageType, void* messageArgument)
{
switch (messageType)
{
case kIOMessageSystemWillSleep:
logger->Debug("Received sleep notification from macOS");
if (refCon)
{
//Handle Sleep
}
IOAllowPowerChange(root_port, (long)messageArgument);
break;
case kIOMessageSystemHasPoweredOn:
logger->Debug("Received wakeup notification from macOS");
if (refCon)
{
// Handle Wakeup
}
break;
default:
break;
}
}
void MacOSNotification::RegisterNotifications()
{
logger->Debug("Registering for notifications from macOS");
powerNotificationThread = [[NSThread alloc] initWithBlock:^{
// Notifier object, used to deregister later
root_port = IORegisterForSystemPower(this, ¬ifyPortRef, PowerCallBack, ¬ifierObject);
if (root_port == 0)
{
return;
}
logger->Debug("Registered for system power notifications from macOS");
// Add the notification port to the application runloop
CFRunLoopAddSource(CFRunLoopGetCurrent(),
IONotificationPortGetRunLoopSource(notifyPortRef),
kCFRunLoopCommonModes);
CFRunLoopRun();
}]; //END OF THREAD BLOCK
[powerNotificationThread start];
}
Using this mechanism, I am getting notifications for normal sleep and wakeup transitions like closing and opening the lid. I need these notifications to terminate/reconnect my connection to a cloud service when we go to sleep/wakeup respectively.
I have noticed from the power logs at /private/var/log/powermanagement that the after the sleep initiated by lid closing or clicking sleep in the top apple menu (both of which I can detect as they generate power notification), the macOS machine wakes up with the following message from powerd logs:
DarkWake from Deep Idle [CDNP] : due to SMC.OutboxNotEmpty smc.70070000 wifibt/
I do not get any notification for this wakeup and my application threads start running. This happens every 15 to 16 mins from my observation.
After this DarkWake, we go back to 'Maintenance' sleep in under a minute as can be seen by the following powerd log:
Entering Sleep state due to 'Maintenance Sleep':TCPKeepAlive=active
I do not get any notifications for this either.
Is there a way to track and get notified of these DarkWake -> Maintenance sleep cycles? At the very least I would like to log when we go into and come out of these states. Currently I just rely on seeing a 15 min window of no logs to know this must have a DarkWake -> Maintenance sleep cycle.
Also is there a way to make sure my application and its threads are not woken up by DarkWake (like an opt-out)? I would like to make it so that my application only runs when we are properly sleeping and waking.
Firstly, I realise that Kexts are deprecated. And for my needs, user-space IOKit from an application might be more than I’ll ever need, but I can’t help ensuring I’ve got all my ducks in a row while I’m designing an app.
I noticed in the above Kext deprecation notice that it’s more about specific APIs that are deprecated rather than the kext mechanism itself (no mention of IOKit kernel APIs there). Along with the fact that a reboot would be required and various other policy changes.
While reading up on System Extensions and the various newer tools, DriverKit, Endpoint Security etc, I’ve noticed there’s no mention of this “IOKit Driver” target/deliverable in the Xcode template chooser. It looks like, from the requirements, that DriverKit is aimed at hardware manufacturers, with a need to request the DriverKit entitlement for development.
With respect to Apple’s internal Kext deprecation roadmap, how safe is it to build a product that relies on using an IOKit Driver and are there any requirements similar to DriverKit? Would a developer need to request an entitlement?
If I developed an app using user-space IOKit and, for illustration purposes let’s say I also included an IOKit Driver in the app bundle. If I used the IOKit API, including header file constants only (no digging around in the IORegistryExplorer for non-public keys), as Apple intends them to be used, would this fall foul of any App Store rules that anyone is aware of?
Put another way, would making use of an IOKit Driver disqualify my app from being distributed via the App Store, similar to an Endpoint Security extension?
As an aside, there are a lot of API in the ES Framework that could be used to build apps that have nothing to do with Endpoint Security. File system related apps for example. It’s a shame there isn’t an enhanced middle ground between FSEvents and Endpoint Security framework.
Hi,
I am trying to develop MacOS application which will be connecting to USB devices and should be available in AppStore.
So it must be Sandbox and probably I've to use permission com.apple.security.device.usb.
I've following requirements:
I need to detect USB devices with file system
I need to have ability to upload & download files from this device
I need to read device serial number
I wonder if I can use IOKit for this and it will be compliant with AppStore rules or not?
Hi everyone,
Are there any new updates on communicating with iPhones via USB-C without needing an MFi chip, especially with the iPhone 15 or upcoming iPhone 16?
I'm developing a custom accessory and wondering if the switch to USB-C has introduced any new possibilities for data communication without going through the MFi program.
Thanks!
Hello,
I am facing with misunderstanding how to read usb device properties correctly.
The notification 'kIOTerminatedNotification' is delivered after an IOService has been terminated. Can I use IORegistryEntryCreateCFProperties() to get properties of terminated device?
I am asking because I/O Registry is a dynamic database that captures the connections of all driver and nub objects currently active. Howerver, can we say that terminated device is still active?
If IORegistryEntryCreateCFProperties() can not be used, are there any other way? (e.g. using Device Interface)
Thank you in advance!
Is there an option to create a macOS filter driver for the IONVMeFamily Driver that would enable sending NVMe Admin commands( likes security send , security receive, Firmware download)? This approach would allow us to reuse the IO path provided by the family driver.
Hello,
I'd like to find out if macOS Sequoia's MAC Address randomization affects the data (specifically, MAC addresses) we receive from I/O Kit.
For context, I'd like to find out if it affects my Mac App Store receipt validation code in any way.
Thank you,
– Matthias
Hi all,
I was wondering if anyone knew a way to change the brightness of your MacBook screen in Swift without using an overlay that changes the colours?
I want the effect of just pressing the F1 and F2 brightness controls but done without using system events/ Applescript popping up windows on the screen.
I think the UIScreen.brightness is something similar to what I want but it is not available for NSscreen. I can't figure out a way to do it with IOKit either.
Things like ddccl doesn't work as the screen is not an external monitor.
If there is a solution using Swift or terminal commands any help is much appreciated.
Thanks,
James
Hello,
I am working on app which must prevent attaching any USB devices to Mac due to security.
Unfortunately I have not found any direct way to implement such blocking:
Looks like IOKit does not allow to block USB (at least in user space)
ES_EVENT_TYPE_AUTH_IOKIT_OPEN (Endpoint Security) does not prevent using USB device if I send response ES_AUTH_RESULT_DENY for "AppleUSBHostDeviceUserClient"
I have found several similar problems on forum but no any solution:
https://developer.apple.com/forums/thread/671193
(https://developer.apple.com/forums/thread/756573
https://developer.apple.com/forums/thread/741051
What is the easiest way to implement such blocking?
Thank you in advance!
Investigating a kernel panic, I discovered that Apple Silicon Panic traces are not working with how I know to symbolicate the panic information. I have not found proper documentation that corrects this situation.
Attached file is an indentity-removed panic, received from causing an intentional panic (dereferencing nullptr), so that I know what functions to expect in the call stack. This is cut-and-pasted from the "Report To Apple" dialog that appears after the reboot:
panic_1_4_21_b.txt
To start, I download and install the matching KDK (in this case KDK_14.6.1_23G93.kdk), identified from this line:
OS version: 23G93
Kernel version: Darwin Kernel Version 23.6.0: Mon Jul 29 21:14:04 PDT 2024; root:xnu-10063.141.2~1/RELEASE_ARM64_T8122
Then start lldb from Terminal, using this command:
bash_prompt % lldb -arch arm64e /Library/Developer/KDKs/KDK_14.6.1_23G93.kdk/System/Library/Kernels/kernel.release.t8122
Next I load the remaining scripts per the instructions from lldb:
(lldb) settings set target.load-script-from-symbol-file true
I need to know what address to load my kext symbols to, which I read from this line of the panic log, after the @ symbol:
com.company.product(1.4.21d119)[92BABD94-80A4-3F6D-857A-3240E4DA8009]@0xfffffe001203bfd0->0xfffffe00120533ab
I am using a debug build of my kext, so the DWARF symbols are part of the binary. I use this line to load the symbols into the lldb session:
(lldb) addkext -F /Library/Extensions/KextName.kext/Contents/MacOS/KextName 0xfffffe001203bfd0
And now I should be able to use lldb image lookup to identify pointers on the stack that land within my kext. For example, the current PC at the moment of the crash lands within the kext (expected, because it was intentional):
(lldb) image lookup -a 0xfffffe001203fe10
Which gives the following incorrect result:
Address: KextName[0x0000000000003e40] (KextName.__TEXT.__cstring + 14456)
Summary: "ffer has %d retains\n"
That's not even a program instruction - that's within a cstring. No, that cstring isn't involved in anything pertaining to the intentional panic I am expecting to see.
Can someone please explain what I'm doing wrong and provide instructions that will give symbol information from a panic trace on an Apple Silicon Mac?
Disclaimers:
Yes I know IOPCIFamily is deprecated, I am in process of transitioning to DriverKit Dext from IOKit kext. Until then I must maintain the kext.
Terminal command "atos" provides similar incorrect results, and seems to not work with debug-built-binaries (only dSYM files)
Yes this is an intentional panic so that I can verify the symbolicate process before I move on to investigating an unexpected panic
I have set nvram boot-args to include keepsyms=1
I have tried (lldb) command script import lldb.macosx but get a result of error: no images in crash log (after the nvram settings)
Hello,
I am trying to get value of InterfaceClass for particular USB Device. I modified matching dictionary and added the property locationID property.
CFMutableDictionaryRef matchingDictionary = IOServiceMatching(kIOUSBInterfaceClassName);
if (!matchingDictionary)
{
return -1;
}
int32_t locationID = 0xffff;
CFNumberRef cfLocationID = CFNumberCreate(kCFAllocatorDefault, kCFNumberSInt32Type, &locationID);
CFDictionaryAddValue(matchingDictionary, CFSTR(kUSBHostPropertyLocationID), cfLocationID);
CFRelease(cfLocationID);
io_service_t ioService = IOServiceGetMatchingService(kIOMasterPortDefault, matchingDictionary);
if (!ioService)
{
return -1;
}
CFNumberRef cfInterfaceClass = (CFNumberRef)IORegistryEntrySearchCFProperty(ioService, kIOServicePlane, CFSTR(kUSBHostMatchingPropertyInterfaceClass), kCFAllocatorDefault, kNilOptions);
...
Unfortunately nothing is found and ioService is NULL. What can be wrong here?
Thank you in advance!
Many USB storage devices are NVMe devices accessed through a USB-NVMe bridge chip, such as those by JMicron and Asmedia. These chipsets do not forward SMART data requests to the devices, but do have the capability to forward raw NVMe commands to the devices using vendor specific requests.
How can we provide access to SMART data for NVMe devices accessed through a bridge chip like this?
Many people used the OSX SAT SMART kext driver to provide access to SMART data for devices using USB-SATA chips, but it is a kext and doesn't support NVMe. See https://binaryfruit.com/drivedx/usb-drive-support#install-instructions
Would we need to implement a kext like that to make this work? Is there a DriverKit way to do this?