I know there are some know issues about the extensive usage of the clone system call from docker. At the moment there is an issue #9 on github without solution...Is there a plan to support natively docker on OSX kernel?

On modern systems all KEXTs must be code signed with a Developer ID. Additionally, the Developer ID must be specifically enabled for KEXT development. You can learn more about that process on the Developer ID page. If your KEXT is having code signing problems, check that it’s signed with a KEXT-enabled Developer ID. Do this by looking at the certificate used to sign the KEXT. First, extract the certificates from the signed KEXT: % codesign -d --extract-certificates MyKEXT.kext Executable=/Users/quinn/Desktop/MyKEXT/build/Debug/MyKEXT.kext/Contents/MacOS/MyKEXT This creates a bunch of certificates of the form codesignNNN, where NNN is a number in the range from 0 (the leaf) to N (the root). For example: % ls -lh codesign* -rw-r--r--+ 1 quinn staff 1.4K 20 Jul 10:23 codesign0 -rw-r--r--+ 1 quinn staff 1.0K 20 Jul 10:23 codesign1 -rw-r--r--+ 1 quinn staff 1.2K 20 Jul 10:23 codesign2 Next, rename each of those certificates to include the .cer extension: % for i in codesign*; do mv $i $i.cer; done Finally, look at the leaf certificate (codesign0.cer) to see if it has an extension with the OID 1.2.840.113635.100.6.1.18. The easiest way to view the certificate is to use Quick Look in Finder. Note If you’re curious where these Apple-specific OIDs comes from, check out the documents on the Apple PKI page. In this specific case, look at section 4.11.3 Application and Kernel Extension Code Signing Certificates of the Developer ID CPS. If the certificate does have this extension, there’s some other problems with your KEXT’s code signing. In that case, feel free to create a new thread here on DevForums with your details. If the certificate does not have this extension, there are two possible causes: Xcode might be using an out-of-date signing certificate. Re-create your Developer ID signing certificate using the developer site and see if the extension shows up there. If so, you’ll have to investigate why Xcode is not using the most up-to-date signing certificate. If a freshly-created Developer ID signing certificate does not have this extension, you need to apply to get your Developer ID enabled for KEXT development per the instructions on the Developer ID page. Share and Enjoy — Quinn “The Eskimo!” @ Developer Technical Support @ Apple let myEmail = "eskimo" + "1" + "@" + "apple.com" Change history: 20 Jul 2016 — First published. 28 Mar 2019 — Added a link to the Apple PKI site. Other, minor changes. 15 Mar 2022 — Fixed the formatting. Updated the section number in the Developer ID CPS. Made other minor editorial changes.

I'm trying to compile the open source dyld-360.18, using its xcode project. Has anybody outside Apple had success doing that?Besides numerous missing includes which have to be copied from various places in Apple's open source repos, the source also references _simple_getenv, which doesn't seem to be defined anywhere, including in the latest _simple.h which was previously a part of Apple's open source libc.Perhaps _simple.h has moved from libc into the "internal" OS X SDK, the one set by default in the xcode project to build the dyld target. Any chance it could be added to the open source repos?I know this isn't strictly Kernel, if there's a better place to post this, please advise.Thanks!Dan

Hi. I'm using the Kernel framework and I'm having an issue with it: in my project I include from the framework the header Kernel/kern/thread.h. When I try to compile my source code XCode says that he is unable to find an header included by the Kernel framework: kern/kern_types.h. Actually I don't understand how this is possible, but I went to check in /usr/include and effectively inside kern/ (wich is where the incude does reference) are missing a lot of file. How can I fix this problem? Thanks to everyone.Snapshot from /usr/include/kern, where all kern/ files are missing.

Hello,I am having an hard time figuring out how memory mapped files works under iOS. Suppose that I want to read a big file, let's say 4GB. If I use memory mapped files in READ mode I should be able to get a valid pointer to a file and benefit from the page fault mechanism of virtual memory but apparently iOS can map only up to 2.5GB of data. I run the following test on an iPad Pro A1673 that has 2GB of ram and got as result:2018-04-06 17:20:12.660888+0200 TestMemory[414:316466] Data address: 0x1022240002018-04-06 17:20:12.662355+0200 TestMemory[414:316466] Data address: 0x1122240002018-04-06 17:20:12.663801+0200 TestMemory[414:316466] Data address: 0x12b9000002018-04-06 17:20:12.665235+0200 TestMemory[414:316466] Data address: 0x13b9000002018-04-06 17:20:12.666756+0200 TestMemory[414:316466] Data address: 0x14b9000002018-04-06 17:20:12.668202+0200 TestMemory[414:316466] Data address: 0x15b9000002018-04-06 17:20:12.669597+0200 TestMemory[414:316466] Data address: 0x16ff240002018-04-06 17:20:12.739549+0200 TestMemory[414:316466] Data address: 0x1e00000002018-04-06 17:20:12.747604+0200 TestMemory[414:316466] Data address: 0x1f00000002018-04-06 17:20:12.749130+0200 TestMemory[414:316466] Data address: 0x2000000002018-04-06 17:20:12.764753+0200 TestMemory[414:316466] NSData failed: Error Domain=NSCocoaErrorDomain Code=256 "The file “02808580-5D42-43BC-B5AA-628E3682A546” couldn’t be opened." UserInfo={NSFilePath=/var/mobile/Containers/Data/Application/5207275C-5525-47CA-AC4B-2AA07E05C1E9/Documents/02808580-5D42-43BC-B5AA-628E3682A546, NSUnderlyingError=0x1c0455270 {Error Domain=NSPOSIXErrorDomain Code=12 "Cannot allocate memory"}}2018-04-06 17:20:12.764801+0200 TestMemory[414:316466] Mapped 2684354560- (NSString*)createFileOfSize:(unsigned long long)size { NSString* uuid = [[NSUUID UUID] UUIDString]; NSString* documentFolderPath = [[[NSFileManager defaultManager] URLsForDirectory:NSDocumentDirectory inDomains:NSUserDomainMask] lastObject].path; NSString* filePath = [documentFolderPath stringByAppendingPathComponent:uuid]; NSFileHandle *fileHandle = [NSFileHandle fileHandleForWritingAtPath:filePath]; if (fileHandle == nil) { [[NSFileManager defaultManager] createFileAtPath:filePath contents:nil attributes:nil]; fileHandle = [NSFileHandle fileHandleForWritingAtPath:filePath]; } [fileHandle truncateFileAtOffset:size]; [fileHandle closeFile]; return filePath; } - (void)test { const unsigned long long MB = 1 << 20; const unsigned long long GB = 1 << 30; unsigned long long space = 4 * GB; unsigned long long size = 64 * MB; unsigned long long fileCount = space / size; NSMutableArray* mapped = [NSMutableArray array]; int i = 0; for (i = 0; i < fileCount; i++) { NSString* filePath = [self createFileOfSize:size]; NSError* error = nil; NSData* data = [NSData dataWithContentsOfFile:filePath options:NSDataReadingMappedAlways error:&error]; if (error) { NSLog(@"NSData failed: %@", error); break; } else { const void* bytes = [data bytes]; NSLog(@"Data address: %p", bytes); [mapped addObject:data]; } } NSLog(@"Mapped %llu", i * size); }Any idea of why we have this limitation?Thanks!Libe

In a 10.13.x system I find that /var/db/SystemPolicyConfiguration/KextPolicy is corrupted.I see sqlite commands report:Error: database disk image is malformedHow to fix this file?

I have implmented the IOMedia Filter driver without content hint for MAC OS Mojave. The driver gets loaded successfully for the IOMedia objects with IOPropertyMatch as "Whole". I could filter the IO requests at the disk layer successfully. This works very well for RAW and formatted disk. The disk I am using here is external SSD device attached to MAC laptop using Thunderbolt-3 interface. I see the driver is getting loaded when I plug-in the TB3 cable. In this case the driver is able to filter the IO requests. If the disk is formatted with the HFS+ Filesystem then I see the filesystem content too. I am facing an issue when I keep plug-in the TB3 cable and reboot the laptop. I have kept the kext files in "/System/Library/Extensions" directory. There are two scenarios to consider, either disk is RAW or Formatted with the HFS+ Filesystem. The scenario 1 is working as expected, but in second scenario the driver is not able to detect the disk. Scenario 1: RAW Disk (Working well) Attached RAW disk through TB3 cable to laptop Reboot the laptop I see the driver is loaded and filter the IO requests successfully. Scenario 2: Disk formatted with HFS+ Filesystem (Failed to load driver) Attached HFS+ Filesystem disk through TB3 cable to laptop Reboot the laptop I see the driver failed to detect the disk <<<=== FAILED But MAC OS detected the HFS+ filesystem on the disk In Scenario 2, after reboot the filter driver seems to be getting loaded, but not able to detect the disk. It seems the MAC OS FS driver is detecting formatted disk before the filter driver. But if I plug-out the disk and plug-in again, I see the filter driver detects disk and start filtering IO requests. I think this could be because of driver loading order during boot time, but I am not sure. The filter driver should detect the disk before MAC OS FS driver detect the formatted disk. Thats the reason may be the filter driver failed to detect the disk after reboot. I am out of ideas what can be done to resolve this issue. Do you think it is driver load order issue? How can we manage the driver load order in MAC OS? Can anybody please help me to resolve this issue? Thanks in advance.

"kmutil load" will fail to load a 3rd party kernel extension when booted into an OS on an external drive. The same kernel extension will load fine when booting from the internal "Macintosh HD" . "kmutil inspect" also fails with the same error message when booted using an external drive, but works fine when booting with the internal "Macintosh HD". Both errors indicate the "kernelcache" file cannot be found: sh-3.2/usr/bin/kmutil load -p /Library/Extensions/XXXX.kext Error Domain=KMErrorDomain Code=71 "Could not find: Unable to get contents of boot kernel collection collection at /System/Volumes/Preboot/3B670FAA-F124-41AB-98A8-7C3940B5ECAC/boot/16FE8A65862647F7F8752DA7C4EF320E4CADEB250FCF438FB84A55F822BEB4A98108829E21658BB08B1E314BBC85169A/System/Library/Caches/com.apple.kernelcaches/kernelcache" UserInfo={NSLocalizedDescription=Could not find: Unable to get contents of boot kernel collection collection at /System/Volumes/Preboot/3B670FAA-F124-41AB-98A8-7C3940B5ECAC/boot/16FE8A65862647F7F8752DA7C4EF320E4CADEB250FCF438FB84A55F822BEB4A98108829E21658BB08B1E314BBC85169A/System/Library/Caches/com.apple.kernelcaches/kernelcache} sh-3.2/usr/bin/kmutil inspect No variant specified, falling back to release Error Domain=KMErrorDomain Code=71 "Invalid argument: Unable to read contents of file at /System/Volumes/Preboot/3B670FAA-F124-41AB-98A8-7C3940B5ECAC/boot/904DF99E6EB1281F8E510B3FFB953383F530F313CCFB30A9C1F98231A81B02BDA5E6E0D2BF26FC5D4EB3D2E226B8BC1C/System/Library/Caches/com.apple.kernelcaches/kernelcache" UserInfo={NSLocalizedDescription=Invalid argument: Unable to read contents of file at /System/Volumes/Preboot/3B670FAA-F124-41AB-98A8-7C3940B5ECAC/boot/904DF99E6EB1281F8E510B3FFB953383F530F313CCFB30A9C1F98231A81B02BDA5E6E0D2BF26FC5D4EB3D2E226B8BC1C/System/Library/Caches/com.apple.kernelcaches/kernelcache} The "kernelcache" file path does not exist. In fact, there is no "904DF..." directory under "boot". There is no "kernelcache" file in the entire "/System/Volumes/Preboot" mount. sh-3.2find /System/Volumes/Preboot -name kernelcache find: /System/Volumes/Preboot/.Trashes: Operation not permitted This is on an M1 MacBook Air running 11.3. Is there a special way to load kernel extensions when booting from an external drive? Thanks.

Hi, I have a MacBook Pro M1 that I'm trying to boot development kernel. The SW version is: ProductName: macOS ProductVersion: 11.4 BuildVersion: 20F71 I follow /Library/Developer/KDKs/KDK_11.4_20F71.kdk/KDK_ReadMe.rtfd/TXT.rtf and disabled SIP and authenticated-root. I also copy over the kernels to a livemohnt and update nvram: nvram boot-args="-v kcsuffix=development" Despite above changes, after reboot, I still don't see the OS booting using development kernel (sysctl kern.osbuildconfig shows I'm still running release.) Anyone has any luck to enable development/debug/custom kernels on Big Sur?

I have MacBook Air (13 inch, 2017), processor: intel core i5, updated to macOS Big Sur version 11.5.2 It shuts down every few minutes on its own even before the update. I don't know what to do. Please help. panic(cpu 3 caller 0xffffff8004dc57d6): Kernel trap at 0xffffff8004b010f6, type 14=page fault, registers: CR0: 0x000000008001003b, CR2: 0xffffffa04b32bdc8, CR3: 0x0000000008d08000, CR4: 0x00000000003626e0 RAX: 0x0000000000000000, RBX: 0x0000000000000000, RCX: 0x0000000000000058, RDX: 0x0000000000000001 RSP: 0xffffffa04b36bdb8, RBP: 0xffffffa04b36be50, RSI: 0x0000000000000058, RDI: 0xffffffa04b32bdc8 R8: 0x0000000000000000, R9: 0x0000000000989680, R10: 0xffffffa025e42d00, R11: 0xffffff867c84f640 R12: 0xffffff9348ca8ce0, R13: 0x0000000000000000, R14: 0xffffff9348cf52e0, R15: 0x0000000000000001 RFL: 0x0000000000010246, RIP: 0xffffff8004b010f6, CS: 0x0000000000000008, SS: 0x0000000000000000 Fault CR2: 0xffffffa04b32bdc8, Error code: 0x0000000000000002, Fault CPU: 0x3, PL: 0, VF: 1 Backtrace (CPU 3), Frame : Return Address 0xffffffa04b36b7d0 : 0xffffff8004c8e04d  0xffffffa04b36b820 : 0xffffff8004dd4e13  0xffffffa04b36b860 : 0xffffff8004dc540a  0xffffffa04b36b8b0 : 0xffffff8004c32a2f  0xffffffa04b36b8d0 : 0xffffff8004c8d86d  0xffffffa04b36b9f0 : 0xffffff8004c8db63  0xffffffa04b36ba60 : 0xffffff800549dc0a  0xffffffa04b36bad0 : 0xffffff8004dc57d6  0xffffffa04b36bc50 : 0xffffff8004dc54bd  0xffffffa04b36bca0 : 0xffffff8004c32a2f  0xffffffa04b36bcc0 : 0xffffff8004b010f6  0xffffffa04b36be50 : 0xffffff8005dc4b79  0xffffffa04b36be80 : 0xffffff8005dc434f  0xffffffa04b36bec0 : 0xffffff8005dc3f2c  0xffffffa04b36bf10 : 0xffffff8005dc580b  0xffffffa04b36bf30 : 0xffffff80053edd9e  0xffffffa04b36bf70 : 0xffffff80053ed386  0xffffffa04b36bfa0 : 0xffffff8004c3213e     Kernel Extensions in backtrace:      com.apple.driver.AppleAHCIPort(346.100.2)[96E4936F-9A25-3093-A028-12D75A95B5DA]@0xffffff8005dbe000->0xffffff8005dc7fff       dependency: com.apple.iokit.IOAHCIFamily(294.100.1)[57370A7F-A42A-37E1-9DCC-D3FE6BF62516]@0xffffff800724a000->0xffffff8007259fff       dependency: com.apple.iokit.IOPCIFamily(2.9)[F7AA4BAF-35CF-3784-A50C-5FD9CDCBE488]@0xffffff800776c000->0xffffff8007794fff Process name corresponding to current thread: kernel_task Mac OS version: 20G95 Kernel version: Darwin Kernel Version 20.6.0: Wed Jun 23 00:26:31 PDT 2021; root:xnu-7195.141.2~5/RELEASE_X86_64 Kernel UUID: FECBF22B-FBBE-36DE-9664-F12A7DD41D3D KernelCache slide: 0x0000000004a00000 KernelCache base: 0xffffff8004c00000 Kernel slide:   0x0000000004a10000 Kernel text base: 0xffffff8004c10000 __HIB text base: 0xffffff8004b00000 System model name: MacBookAir7,2 (Mac-937CB26E2E02BB01) System shutdown begun: NO Panic diags file available: YES (0x0) Hibernation exit count: 7 System uptime in nanoseconds: 11827701616932 Last Sleep:     absolute     base_tsc     base_nano  Uptime : 0x00000ac1d9f417ab  Sleep : 0x00000a184fcda87b 0x00000000d6172f8c 0x00000a15e87892a8  Wake  : 0x00000a18765637ef 0x00000000d5b7f458 0x00000a186668b014 last started kext at 11024693187439: >!UAudio 405.39 (addr 0xffffff7f9f7ac000, size 315392) last stopped kext at 11297067824863: >!UAudio 405.39 (addr 0xffffff7f9f7ac000, size 315392) loaded kexts: com.disc-soft.DAEMONTools.VirtualSCSIBus 1.0.2 !AUpstreamUserClient 3.6.8 AudioAUUC 1.70 @filesystems.autofs 3.0 @fileutil 20.036.15 !APlatformEnabler 2.7.0d0 AGPM 122.1 X86PlatformShim 1.0.0 !AHDA 283.15 !AGraphicsDevicePolicy 6.3.5 @AGDCPluginDisplayMetrics 6.3.5 pmtelemetry 1 |IOUserEthernet 1.0.1 !A!IBDWGraphics 16.0.5 usb.!UUserHCI 1 |IO!BSerialManager 8.0.5d7 @Dont_Steal_Mac_OS_X 7.0.0 !AHV 1 !ADiskImages2 1 eficheck 1 !ABacklight 180.3 !ALPC 3.1 !A!IBDWGraphicsFramebuffer 16.0.5 !ACameraInterface 7.6.0 !ASMCLMU 212 !A!ISlowAdaptiveClocking 4.0.0 !AThunderboltIP 4.0.3 !AMCCSControl 1.14 |IO!BUSBDFU 8.0.5d7 |SCSITaskUserClient 436.140.1 !UCardReader 511.141.1 !ATopCaseHIDEventDriver 4050.1 !AFileSystemDriver 3.0.1 @filesystems.tmpfs 1 @filesystems.hfs.kext 556.100.11 @BootCache 40 @!AFSCompression.!AFSCompressionTypeZlib 1.0.0 @!AFSCompression.!AFSCompressionTypeDataless 1.0.0d1 @filesystems.apfs 1677.141.1 !AAHCIPort 346.100.2 AirPort.BrcmNIC 1400.1.1 @private.KextAudit 1.0 !ASmartBatteryManager 161.0.0 !ARTC 2.0 !AACPIButtons 6.1 !AHPET 1.8 !ASMBIOS 2.1 !AACPIEC 6.1 !AAPIC 1.7 @!ASystemPolicy 2.0.0 @nke.applicationfirewall 311 |IOKitRegistryCompatibility 1 |EndpointSecurity 1 usb.cdc.ecm 5.0.0 @kext.triggers 1.0 DspFuncLib 283.15 @kext.OSvKernDSPLib 529 !AGraphicsControl 6.3.5 |IOSerial!F 11 |IOAVB!F 940.4 |IOEthernetAVB!C 1.1.0 !ABacklightExpert 1.1.0 |IONDRVSupport 585.1 X86PlatformPlugin 1.0.0 IOPlatformPlugin!F 6.0.0d8 @!AGPUWrangler 6.3.5 @plugin.IOgPTPPlugin 985.2 |IOAccelerator!F2 442.9 @!AGraphicsDeviceControl 6.3.5 !AHDA!C 283.15 |IOHDA!F 283.15 |IOAudio!F 300.6.1 @vecLib.kext 1.2.0 |IOSlowAdaptiveClocking!F 1.0.0 !AThunderboltDPOutAdapter 8.1.4 |IOGraphics!F 585.1 !ASMBus!C 1.0.18d1 |Broadcom!BHost!CUSBTransport 8.0.5d7 |IO!BHost!CUSBTransport 8.0.5d7 |IO!BHost!CTransport 8.0.5d7 usb.IOUSBHostHIDDevice 1.2 usb.!UHub 1.2 usb.cdc 5.0.0 usb.networking 5.0.0 usb.!UHostCompositeDevice 1.2 !AMultitouchDriver 4440.3 !AInputDeviceSupport 4400.35 !AHS!BDriver 4050.1 IO!BHIDDriver 8.0.5d7 !AHIDKeyboard 224 !AHSSPIHIDDriver 61 !AThunderboltDPInAdapter 8.1.4 !AThunderboltDPAdapter!F 8.1.4 !AThunderboltPCIDownAdapter 4.1.1 !ABSDKextStarter 3 |IOSurface 290.8.1 @filesystems.hfs.encodings.kext 1 !AXsanScheme 3 |IOAHCIBlock!S 332 |IOAHCI!F 294.100.1 !AThunderboltNHI 7.2.8 |IOThunderbolt!F 9.3.2 |IO80211!F 1200.12.2b1 |IOSkywalk!F 1 mDNSOffloadUserClient 1.0.1b8 corecapture 1.0.4 usb.!UHostPacketFilter 1.0 |IOUSB!F 900.4.2 !AHSSPISupport 61 !A!ILpssSpi!C 3.0.60 !A!ILpssI2C 3.0.60 !A!ILpssGspi 3.0.60 !A!ILpssDmac 3.0.60 usb.!UXHCIPCI 1.2 usb.!UXHCI 1.2 !AEFINVRAM 2.1 !AEFIRuntime 2.1 |IOSMBus!F 1.1 |IOHID!F 2.0.0 $!AImage4 3.0.0 |IOTimeSync!F 985.2 |IONetworking!F 3.4 DiskImages 493.0.0 |IO!B!F 8.0.5d7 |IOReport!F 47 |IO!BPacketLogger 8.0.5d7 $quarantine 4 $sandbox 300.0 @kext.!AMatch 1.0.0d1 |CoreAnalytics!F 1 !ASSE 1.0 !AKeyStore 2 !UTDM 511.141.1 |IOUSBMass!SDriver 184.140.2 |IOSCSIBlockCommandsDevice 436.140.1 |IO!S!F 2.1 |IOSCSIArchitectureModel!F 436.140.1 !AMobileFileIntegrity 1.0.5 @kext.CoreTrust 1 !AFDEKeyStore 28.30 !AEffaceable!S 1.0 !ACredentialManager 1.0 KernelRelayHost 1 |IOUSBHost!F 1.2 !UHostMergeProperties 1.2 usb.!UCommon 1.0 !ABusPower!C 1.0 !ASEPManager 1.0.1 IOSlaveProcessor 1 !AACPIPlatform 6.1 !ASMC 3.1.9 |IOPCI!F 2.9 |IOACPI!F 1.4 watchdog 1 @kec.pthread 1 @kec.corecrypto 11.1 @kec.Libm 1

So basically the problem starts in system preferences -> security & privacy. There is no allow button at all. I received letter from Apple that app is successfully notarised. Digging into the problem I've found that problem is with kext. So after sudo kextutil /pathtokext I see such errors in terminal: Filesystem error: Invalid ownership (503:20) should be (0:0) on /private/var/db/KernelExtensionManagement/Staging/com.name.filesystems.P88h7Z/name.kext/Contents Filesystem error: Invalid ownership (503:20) should be (0:0) on /private/var/db/KernelExtensionManagement/Staging/com.name.filesystems.P88h7Z/name.kext/Contents/_CodeSignature Filesystem error: Invalid ownership (503:20) should be (0:0) on /private/var/db/KernelExtensionManagement/Staging/com.name.filesystems.P88h7Z/name.kext/Contents/_CodeSignature/CodeResources Filesystem error: Invalid ownership (503:20) should be (0:0) on /private/var/db/KernelExtensionManagement/Staging/com.name.filesystems.P88h7Z/name.kext/Contents/MacOS Filesystem error: Invalid ownership (503:20) should be (0:0) on /private/var/db/KernelExtensionManagement/Staging/com.name.filesystems.P88h7Z/name.kext/Contents/MacOS/name Filesystem error: Invalid ownership (503:20) should be (0:0) on /private/var/db/KernelExtensionManagement/Staging/com.name.filesystems.P88h7Z/name.kext/Contents/Info.plist" UserInfo={NSLocalizedDescription=Validating extension failed: Kext name v2080.20 in executable kext bundle bundle name at name.filesystems.P88h7Z/name.kext:

I have a driver that was written with IOKit. It works fine on BigSur with an Intel Processor. It is compiled as a universal binary. Each time I try to use kextload to load the kext, the machine crashes with the following.... panic(cpu 5 caller 0xfffffe001e0b9320): Break 0xC470 instruction exception from kernel. Ptrauth failure with IA key resulted in 0xbffffe001cbc0630 at pc 0xfffffe001df2a5d4, lr 0x0addfe001df2a548 (saved state: 0xfffffe306b8c34e0)  x0: 0xfffffe306b8c3860 x1: 0x0000000000000000 x2: 0x0000000000000000 x3: 0xfffffe306b8c3890  x4: 0x0000000000000000 x5: 0x0000000000000000 x6: 0x00626778632e7265 x7: 0x0000000000000d80  x8: 0x000000000000000c x9: 0xfffffe0020892df8 x10: 0x00000000016a016a x11: 0x0000000000000001  x12: 0x00000000016a016a x13: 0x000000000000016a x14: 0xfffffe16669f5448 x15: 0x00000000016a016b  x16: 0xbffffe001cbc0630 x17: 0xfffffe001cbc0630 x18: 0x0000000000000000 x19: 0xfffffe233197ee60  x20: 0x0000000000000001 x21: 0x0000000000000001 x22: 0x8a8afe001cbc0630 x23: 0xfffffe001cb90000  x24: 0xfffffe001d88d971 x25: 0xfffffe001cb88000 x26: 0x0000000000000006 x27: 0x0000000000000006  x28: 0xcda1fe233197ee60 fp: 0xfffffe306b8c38f0 lr: 0x0addfe001df2a548 sp: 0xfffffe306b8c3830  pc: 0xfffffe001df2a5d4 cpsr: 0x80401208    esr: 0xf200c470     far: 0xfffffe30193c4000 Debugger message: panic Memory ID: 0x6 OS release type: User OS version: 20G80 Kernel version: Darwin Kernel Version 20.6.0: Wed Jun 23 00:26:27 PDT 2021; root:xnu-7195.141.2~5/RELEASE_ARM64_T8101 Fileset Kernelcache UUID: E46841F89DC3FD7ACEC6F404AC995579 Kernel UUID: AC4A14A7-8A8E-3AE6-85A6-55E6B2502BF9 iBoot version: iBoot-6723.140.2 secure boot?: YES Paniclog version: 13 KernelCache slide: 0x0000000015c9c000 KernelCache base: 0xfffffe001cca0000 Kernel slide:   0x00000000167e4000 Kernel text base: 0xfffffe001d7e8000 Kernel text exec base: 0xfffffe001d8b4000 mach_absolute_time: 0xc434196c Epoch Time:    sec   usec  Boot  : 0x610c5768 0x00000e2f  Sleep : 0x00000000 0x00000000  Wake  : 0x00000000 0x00000000  Calendar: 0x610c57eb 0x000ebce6 CORE 0 recently retired instr at 0xfffffe001da26d6c CORE 1 recently retired instr at 0xfffffe001da26d6c CORE 2 recently retired instr at 0xfffffe001da26d6c CORE 3 recently retired instr at 0xfffffe001da26d6c CORE 4 recently retired instr at 0xfffffe001da26d70 CORE 5 recently retired instr at 0xfffffe001da256a4 CORE 6 recently retired instr at 0xfffffe001da26d70 CORE 7 recently retired instr at 0xfffffe001da26d70 CORE 0 PVH locks held: None CORE 1 PVH locks held: None CORE 2 PVH locks held: None CORE 3 PVH locks held: None CORE 4 PVH locks held: None CORE 5 PVH locks held: None CORE 6 PVH locks held: None CORE 7 PVH locks held: None CORE 0: PC=0xfffffe00205f0ff0, LR=0xfffffe00205c3c10, FP=0xfffffe3097d5b440 CORE 1: PC=0xfffffe001da1cadc, LR=0xfffffe001db463c4, FP=0xfffffe3097e3b690 CORE 2: PC=0xfffffe001d92da64, LR=0xfffffe001d92da5c, FP=0xfffffe309978bee0 CORE 3: PC=0xfffffe001d92da64, LR=0xfffffe001d92da5c, FP=0xfffffe3097d3bee0 CORE 4: PC=0xfffffe001d92da64, LR=0xfffffe001d92da5c, FP=0xfffffe3097e2bee0 CORE 5 is the one that panicked. Check the full backtrace for details. CORE 6: PC=0xfffffe001d92da64, LR=0xfffffe001d92da5c, FP=0xfffffe3097e1bee0 CORE 7: PC=0xfffffe001d92da64, LR=0xfffffe001d92da5c, FP=0xfffffe3097a2bee0 Panicked task 0xfffffe1667fe1b70: 1825 pages, 3 threads: pid 101: kernelmanagerd Panicked thread: 0xfffffe166a254000, backtrace: 0xfffffe306b8c2bf0, tid: 11112  lr: 0xfffffe001d902b68 fp: 0xfffffe306b8c2c60  lr: 0xfffffe001d90294c fp: 0xfffffe306b8c2cd0  lr: 0xfffffe001da2c1c8 fp: 0xfffffe306b8c2cf0  lr: 0xfffffe001da1d674 fp: 0xfffffe306b8c2da0  lr: 0xfffffe001d8bb7e8 fp: 0xfffffe306b8c2db0  lr: 0xfffffe001d9025dc fp: 0xfffffe306b8c3140  lr: 0xfffffe001d9025dc fp: 0xfffffe306b8c31b0  lr: 0xfffffe001e0b4e80 fp: 0xfffffe306b8c31d0  lr: 0xfffffe001e0b9320 fp: 0xfffffe306b8c3340  lr: 0xfffffe001da1fa50 fp: 0xfffffe306b8c3410  lr: 0xfffffe001da1d9b8 fp: 0xfffffe306b8c34c0  lr: 0xfffffe001d8bb7e8 fp: 0xfffffe306b8c34d0  lr: 0xfffffe001df2a548 fp: 0xfffffe306b8c38f0  lr: 0xfffffe001df2b898 fp: 0xfffffe306b8c3970  lr: 0xfffffe001df30d14 fp: 0xfffffe306b8c39f0  lr: 0xfffffe001df3eaf4 fp: 0xfffffe306b8c3a50  lr: 0xfffffe001df41650 fp: 0xfffffe306b8c3af0  lr: 0xfffffe001df5ce24 fp: 0xfffffe306b8c3b80  lr: 0xfffffe001d967e0c fp: 0xfffffe306b8c3bd0  lr: 0xfffffe001d9082b0 fp: 0xfffffe306b8c3c40  lr: 0xfffffe001d8df960 fp: 0xfffffe306b8c3cc0  lr: 0xfffffe001d8f86f8 fp: 0xfffffe306b8c3d70  lr: 0xfffffe001da11ffc fp: 0xfffffe306b8c3e40  lr: 0xfffffe001da1d6f0 fp: 0xfffffe306b8c3ef0  lr: 0xfffffe001d8bb7e8 fp: 0xfffffe306b8c3f00 last started kext is my kext, which makes sense. Anyone seen this before and been successful in debugging it? Thanks

After installing a product that contains a system extension on a 10.14 device, a dialog shows at the bottom of "Security & Privacy" that says "Software was blocked from loading". Here you have to option to allow the extension. However I would like to delete the application and leave the extension blocked. After deleting the application I see that the dialog still remains. How do I remove this ?

Hey there! First of all, here is a link to the complete project to provide as much clarity as possible: click. Disclaimer: I'm a total kernel-noob, my whole C experience stems from AVR embedded hobbyist-work. I'm trying to fire callbacks for sleep, wake from sleep, system power up and system shut down (including for a restart). Wake and wake from sleep are firing as intended and logging to the file (crude, I know...). Everything else is not being called within the switch statement. Also: when restarting, I'm getting a new .shutdownStall in my /Library/Logs/DiagnosticReports. This looks like I'm screwing up with deallocating resources somewhere, but I just can't seem to find it, since I'm not yet comfortable enough with the whole environment. Is anybody able to spot the mistake? Thanks a lot for any help, I appreciate it big time! And sorry for my ignorance regarding the topic, I'm really new to all of this.

Considering this code: var taskInfoData = task_vm_info_data_t() var count = mach_msg_type_number_t(MemoryLayout<task_vm_info>.size) / 4 // sizeof(natural_t) let result: kern_return_t = withUnsafeMutablePointer(to: &taskInfoData) { $0.withMemoryRebound(to: integer_t.self, capacity: 1) { task_info(mach_task_self_, task_flavor_t(TASK_VM_INFO), $0, &count) } } var physicalFootprintBytes: Int64? = nil var availableMemoryBytes: Int64? = nil if result == KERN_SUCCESS { // https://github.com/apple/darwin-xnu/blob/2ff845c2e033bd0ff64b5b6aa6063a1f8f65aa32/osfmk/kern/task.c#L5396 // kTaskVMInfoRev1Count is defined in the bridging header if count >= kTaskVMInfoRev1Count { physicalFootprintBytes = Int64(taskInfoData.phys_footprint) } // Does not work if count >= kTaskVMInfoRev4Count { availableMemoryBytes = Int64(taskInfoData.limit_bytes_remaining) } } I built this code in Xcode 12.5 using the iPhoneOS 14.5 SDK targeting iOS 12.0. I ran this code on an iPhone 11 with iOS 14.8. I expected both the phys_footprint and limit_bytes_remaining fields to have sane values, but limit_bytes_remaining was zero. TASK_VM_INFO_COUNT in <mach/task.info> is 87 and my code (mach_msg_type_number_t(MemoryLayout<task_vm_info>.size) / 4) is also 87. However, the return value of the count variable is 42. This is equivalent to TASK_VM_INFO_REV2_COUNT in <mach/task.info>. After reading the XNU code, I found that there is a workaround to handle the wrong length [1]. I think this logic affects this code, but I don't know why. Is it considered a bug? Or are there any problems with my code? Does the deployment target of the app (currently iOS 12.0) affect this? [1] https://github.com/apple/darwin-xnu/blob/2ff845c2e033bd0ff64b5b6aa6063a1f8f65aa32/osfmk/kern/task.c#L5244

Now more than ever, it would really help if it were S.O.P. for Apple was to simultaneously release each KDK with each system update. System volume sealing makes the work-arounds for missing KDKs quite painful.