Hi, I'm looking for a developer to update a currently Intel-only legacy kext into a system extension so it works on M1 / ARM / Apple Silicon. Here's the problem: I'm a heavy user of a legacy software named ControllerMate. Unfortunately, it has been abandoned by the developer and he didn't make it open-source. The latest update was in late 2018 and the developer has stopped responding entirely and can not be reached, even to previous beta-testers. Confirmed by several power users who tried over the years. The app basically allows creation of macros and cascades and is extremely powerful. It's used by many people in the video post production and music production space in their professional workflows, and people built individual workflows around this over the years to work faster and more efficiently. Since it hasn't been updated, people are somewhat stuck and can't upgrade without breaking their workflows. Especially now with the new and powerful M1s, this becomes much more urgent and relevant again. The kext might have to be reverse engineered or hacked - I know, not something people in an Apple developer forum wanna hear, but we're desperate to find somebody for this and keep this going. I truly appreciate any input, insights and leads! Thank you!

Hi, I'm developing firmware for a USB audio device for which audio playback currently cuts off after about a second. The normal system logs via Console do not seem to throw any error related to USB audio (and nor do kernel-only logs via log stream --process 0). Is there a good way to dive deeper into what might be happening? Looking into the AppleUSBAudio driver, it contains a bunch of verbose "USB Sound assertion (%s) in %s at line %d\n" logs via IOLog(). Are they supposed to end up in the system logs under normal conditions, or does this require setting IOKit debug verbosity in boot-args? New to debugging Mac OS kernel things.. thanks for helping!

Not really a question. As part of porting other platform code, FreeBSD and Linux, there is a #define macro used to specify module parameters. It is desirable for these new sysctl to show automatically when "upstream" adds them. (without having to manually maintain a list) This is usually done with "Linker Sets" but they are not available in kexts, mostly due to __mh_execute_header. I took a different approach with: #define ZFS_MODULE_PARAM(scope_prefix, name_prefix, name, type, perm, desc) \ SYSCTL_DECL( _kstat_zfs_darwin_tunable_ ## scope_prefix); \ SYSCTL_##type( _kstat_zfs_darwin_tunable_ ## scope_prefix, OID_AUTO, name, perm, \ &name_prefix ## name, 0, desc) ; \ __attribute__((constructor)) void \ _zcnst_sysctl__kstat_zfs_darwin_tunable_ ## scope_prefix ## _ ## name (void) \ { \ sysctl_register_oid(&sysctl__kstat_zfs_darwin_tunable_ ## scope_prefix ## _ ## name ); \ } \ __attribute__((destructor)) void \ _zdest_sysctl__kstat_zfs_darwin_tunable_ ## scope_prefix ## _ ## name (void) \ { \ sysctl_unregister_oid(&sysctl__kstat_zfs_darwin_tunable_ ## scope_prefix ## _ ## name ); \ } Ie, when macro is used, I use __attribute__((constructor)) on a function named after the sysctl, which is then called automatically on kext load, and each one of those functions, call sysctl_register_oid(). And likewise for destructor / unregister. So far it works quite well. Any known drawbacks? I've not tested it on M1.

I've received details from Dropbox, and I'm waiting for confirmation from Microsoft, that Apple is deprecating some kernel extensions in the upcoming release of macOS. My understanding is that the change is likely to cuase problems with online files stored within OneDrive and Dropbox. I'm trying to get an idea about the timing of the release of macOS 12.3 and updates from Microsoft and Dropbox. Dropbox have indicated that their Beta application update will be available at the end of March 2022—so, depending upon timing this may or may not be an issue. I work within Higher Education in Australasia and trying to work out the possible impact in order to provide advice to the sector. Any information about the change, and likely impact would be welcomed.

Having a peculiar issue trying to support the use of O_EXCL. (Fail if O_CREAT and file exists). It will fail the first time, then if the call is repeated, it works as expected. It is not entirely clear how macOS should handle O_EXCL, it has been mentioned that vnop_create() should always return EEXIST - does that mean even in the success case, it should return EEXIST instead of 0? That seems odd. Output of test program is: # (1) Create the file with (O_WRONLY|O_CREAT). open okay write okay close okay 86 -rw-r----- 1 501 0 29 Jan 12 17:08 /Volumes/BOOM/teest.out Deleting /Volumes/BOOM/teest.out # (2) Try creating with (O_WRONLY|O_CREAT|O_EXCL). writef: Stale NFS file handle 436207628 87 ---------- 1 501 wheel 0 0 "Jul 9 07:53:53 2037" "Jan 12 17:09:02 2022" "Jan 12 17:09:02 2022" "Jan 1 09:00:00 1970" 1048576 0 0 /Volumes/BOOM/teest.out So, since the file is deleted in between the tests, O_EXCL shouldn't really kick in here, and yet, something goes wrong. The nfs server sends ESTALE to the nfs client. The dtrace stack is: Stack: kernel.development`nfsrv_setattr+0x7c6 kernel.development`nfssvc_nfsd+0xbdc kernel.development`nfssvc+0x106 kernel.development`unix_syscall64+0x2ba kernel.development`hndl_unix_scall64+0x16 Result: 0 259014 nfsrv_setattr: entry 0 259014 mac_vnode_check_open:entry 0 259015 hook_vnode_check_open:return 2 nfsd 0 259015 mac_vnode_check_open:return 2 nfsd 0 229396 nfsrv_rephead:entry 0 1 2 3 4 5 6 7 8 9 a b c d e f 0123456789abcdef 0: 46 00 00 00 F... So, nfssrv_setattr() replies with 0x46/70 (ESTALE) seemingly because the call hook_vnode_check_open() returns 2 (ENOENT). Why though, the file was removed, I verified the cache has no entry. Then created again, confirmed it IS in the cache. <zfs`zfs_vnop_remove (zfs_vnops_osx.c:1700)> zfs_vnop_remove error 0: checking cache: NOTFOUND <zfs`zfs_vnop_create (zfs_vnops_osx.c:1427)> *** zfs_vnop_create: with 1: EXCL <zfs`zfs_create (zfs_vnops_os.c:660)> zfs_create: zp is here 0x0 <zfs`zfs_vnop_create (zfs_vnops_osx.c:1458)> ** zfs_vnop_create created id 82 <zfs`zfs_vnop_create (zfs_vnops_osx.c:1475)> zfs_vnop_create error -1: checking cache: FOUND I am having issues finding where the code for hook_vnode_check_open comes from anyway? The failure call in nfs server is: if (!error && mac_vnode_check_open(ctx, vp, FREAD | FWRITE)) { error = ESTALE; } So uh, why? If I let the test run again, this time the file exists, it returns EEXIST as expected. If I run the first test twice, ie, without O_EXCL, both work. So it seems to only go wrong with O_EXCL, and file doesn't exist. It is curious as to why nfs server figures out that exclusive is set, then clears va_mode? case NFS_CREATE_EXCLUSIVE: exclusive_flag = 1; if (vp == NULL) { VATTR_SET(vap, va_mode, 0); But doesn't use exclusive_flag until after calling VNOP_CREATE(), and it doesn't pass it either.

Hi, I'm trying to get a legacy software to work on an M1 MBP / Monterey. Unfortunately the app hasn't been updated since late 2018 and the developer has gone dark, no replies via support, many people tried. The app (Controllermate) is a vital part of my workflow, so I really need this to work. I am unable to approve kernel extensions in the System Prefs / Sec+Priv / General tab. Other apps show up there, but this one doesn't. I went through he whole Recovery mode / reduced security routine, but still nothing. I'm not a developer, more of a power-user, so I'm asking for help here: Is there any chance to get this to work without updating the software? Any advice is highly appreciated! Thank you!

What are the recommended steps for non-interactively testing kexts on Big Sur/Monterey? Our CI pipeline deploys our in-development kexts to a macOS system and then runs tests on them without human intervention. This worked fine through 10.15, but with the latest 11.x and 12.x I cannot find any way to get around having to click "Allow" next to "System software from developer has been updated" in Security & Privacy. I thought perhaps this was a difference between notarized and non-notarized kexts, but even released versions of our kexts that are notarized experience the same problem. SIP is completely disabled, kext-consent is disabled, and our Team ID has been added to the kext-consent list. None of these seems sufficient to avoid having to click the Allow button. Is there any way (short of MDM, which is very heavyweight for this use case) to avoid kext consent during testing?

I am researching the drivers in macOS. Apple Developer lists that the Default Drivers are ApplePlatformExpert, IODTPlatformExpert, IOPlatformExpert, and the Apple Drivers are IODTNVRAM, AppleMacIO, AppleMacIODevice, AppleNMI. What are these drivers and how are they different?

Hi, I would like to know if there is another way to implement when inserting data before the read/write system call when SIP is turned on. I've tried Endpoint Security, but it only receives notifications of read/write operations and does not allow me to insert the data I want before reading/writing. (I first did this in kext via kauth_listen_scope, but it's been disabled since 10.15.) Can anyone point me in the right direction? I'd appreciate it so much!

Hi I'm trying to implement a device wide VPN by extending the packet tunnel provider and would like to exclude some of the apps, websites etc traffic so that its traffic wont pass through VPN not sure how we can do that any help here is appreciated

I'm developing an application in Objective C that works on vendor specific commands of SD cards using IOUSBHostPipe. These vendor SCSI passthrough commands are working fine. But when I try to issue a SCSI write(10) command, it seems to hang. The same implementation when done on Windows seems to be working fine. Is there a limitation to issuing a SCSI write(10) command in macOS? I'm a bit new to the macOS environment and would really appreciate some pointers to references that I can look into or any alternatives to this problem. Thanks in advance. Much appreciated :)

I’m trying to accept “kernal extensions” but my username does not show up. It says “Mac user” and my password does not work. How can i fix this? Thank you for the suggestions

I am getting regular kernel panics. I have a Kern*.panic file, and a .contents.panic These files now contain a 'macOSProcessedStackshotData' and so are encoded. I'm a dev, but not familiar with Apple Kernel debugging (though I've done this before on windows/aix/linux). How can I get some simple info from the panic, such as kernel backtrace, loaded drivers etc? Ideally I'm looking for a few points to specific drivers (maybe I can unplug a device) or situations I can avoid

Running Application like as Safari, Chrome, iTerm2, Xcode simulator ... in a situation that occupies a lot of CPU/GPU such as WindowServer and xcode build causes frequent kernel panic. I am using a 13-inch M1 MacBook Pro, and all ports such as hubs and docking have been removed. I confirmed that kernel panics occur more frequently by increasing the cpu occupancy through multiple xcode execution and executing various types of applications, especially using GPU hardware acceleration.. I attached two kinds of log below. kernel panic 1. iTerm kenerl panic 2 unknown kenerl panic 3 webkit

Even when SIP is disabled. It shows an error, and dumps the dtrace script to console! Used to work fine until BigSur.

i want to solve panic cpu

Can dyld, dylib and shared cache be compress and decompress when required to solve storage problem?