XPC is a a low-level (libSystem) interprocess communication mechanism that is based on serialized property lists.

XPC Documentation

Pinned Posts

Posts under XPC tag

88 Posts
Sort by:
Post marked as solved
5 Replies
65 Views
Hi, I have a question regarding securing XPC communication. I'm trying to get on the server side the process audit token for the connecting client. I've saw NSXPCConnection has a member called auditSessionIdentifier which I saw it is always returning same number for different connections. What does this represent, can it be used to identify the client connecting process? NSXPCConnection has auditToken, which is what I need, but it is a private property. I would use this, but I'm not sure if this will not result in app being rejected by Apple. Is anyone using it and had the app rejected/accepted? NSXPCConnection has processIdentifier but this alone it is kind of useless. But I was thinking to combine this with task_extmod_info (detect process changes) and audit token with task_name_for_pid. Any other suggestions to get the client process audit token based on NSXPCConnection? Thanks
Posted
by smaryus.
Last updated
.
Post not yet marked as solved
13 Replies
890 Views
Hi, Greetings for the day! We would like to update you that we have created Content Filter NetworkExtension and this extension is working fine till Big Sur M1 however we are facing some strange problem in M1 Monterey. Intermittently, When we try to browse websites, it does not respond and after 3-5 minutes its opened the websites correctly. We would like to update you that our subclass overrides handleNewFlow, handleInboundDataFromFlow, handleOutboundDataFromFlow, handleInboundDataCompleteForFlow and handleOutboundDataCompleteForFlow. In all these methods we first check whether NEFilterFlow is nil or not and then pauseVerdict and once asynchronous methods completes execution then we call resumeFlow with verdict (allowVerdict/dropVerdict). When above mentioned issue generated we collected console streaming log and found these lines in the logs (Not from our application): Ignoring resume command for flow 3c8faf3c4a9f7 which does not exist Ignoring resume command for flow 3c90795d4d6f9 which does not exist Ignoring resume command for flow 3c9086d1ede69 which does not exist Ignoring resume command for flow 3c909b251d53b which does not exist We are not sure how above line get printed because we don’t have this logs in our source code so we would need your help to understand this problem and resolution so that we can solve this issue. We have couple of extra queries: What is flow mentioned in above logs in bold text? Is it NEFilterFlow's identifier or something else? How we can validate whether NEFilterFlow is valid or not before calling resumeFlow Why above line is getting printed in log which says flow does not exist. Is there any timeout maintained by NetworkExtension? We are using XPC for interprocess communication so our question is that, Is NetworkExtension/XPC maintain the queue size and if it overflow the size then above line is getting printed. If this is the case then how we can handle that? Is it known issue in NetworkExtension framework itself on M1 Monterey? Thanks & Regards, Mohmad Vasim
Posted Last updated
.
Post marked as solved
2 Replies
102 Views
I've seen the term "Mach Service" used in many places. One such place being the man page for launchd.plist, another being xpc_connection_create_mach_service, yet I cannot find any documentation online explicitly defining what a Mach Service is. Closest thing I've found is the Mach Overview documentation, but that seems to be unrelated to "Mach Services" and closer to a more abstract umbrella term for a list of kernel primitives. So what is a Mach Service and what is the Mach bootstrap namespace? What functionality is it capable of? What is its purpose within an Application Bundle?
Posted
by jbicklebb.
Last updated
.
Post not yet marked as solved
0 Replies
87 Views
I want to print out every hmCharacteristic's value in my Smart Home and therefore created this screen (code see below). Unfortunately, I am always getting these two errors whenever I try to call the HmCharacteristic.readValue() function (error messages see below). I am using a physical test iPhone with a real HomeKit Smart Home (no HomeKitAccessorySimulator). I am also using a paid apple developer Account and did enable the HomeKit entitlement as well as allowed the app to use HomeKit data on my test iPhone. My question is: Why do I get the bundleId is invalid and XPC not entitled errors and how do I fix them? import SwiftUI import HomeKit struct screen: View { var body: some View { VStack { Image(systemName: "globe") .imageScale(.large) .foregroundColor(.accentColor) Text("Hello, world!") } .padding() } init() { let hmHomeManager = HMHomeManager(); DispatchQueue.main.asyncAfter(deadline: .now() + 1) { for hmHome in hmHomeManager.homes { for hmRoom in hmHome.rooms { for hmAccessory in hmRoom.accessories { for hmService in hmAccessory.services { for hmCharacteristic in hmService.characteristics { Task { hmCharacteristic.readValue { error in print("\(hmHome.name)/\(hmRoom.name)/\(hmAccessory.name)/\(hmService.name)/\(hmCharacteristic.localizedDescription) = \(hmCharacteristic.value ?? "[[nil]]")") } } } } } } } }; } } struct ContentView_Previews: PreviewProvider { static var previews: some View { screen() } } validateSessionInfo: bundleID is invalid. Please specify the bundleID for kRTCReportingSessionInfoClientBundleID initWithSessionInfo: XPC not entitled, 1
Posted Last updated
.
Post not yet marked as solved
3 Replies
138 Views
I create a local CFMessagePortRef using CFMessagePortCreateLocal and then use CFMachPortGetPort() to try to get the mach port from it like below: NSString *portIdentifier = [[groupName stringByAppendingString:@"."] stringByAppendingString:sdkId]; NSString *portName = [[portIdentifier stringByAppendingString:@"."] stringByAppendingString:@"mach.port"]; CFMessagePortContext context = {0,(__bridge void *)self,nil,nil,nil}; self.sendPort = CFMessagePortCreateLocal(kCFAllocatorDefault, (__bridge CFStringRef)portName, &callback, &context, false); CFMachPortGetPort(ms->_port); It works till iOS 15 but crashes on iOS 16. Can anyone help? I have defined below definition of __CFMessagePort: struct __CFMessagePort {     CFRuntimeBase _base;     CFLock_t _lock;     CFStringRef _name;     CFMachPortRef _port;        /* immutable; invalidated */     CFMutableDictionaryRef _replies;     int32_t _convCounter;     int32_t _perPID;            /* zero if not per-pid, else pid */     CFMachPortRef _replyPort;        /* only used by remote port; immutable once created; invalidated */     CFRunLoopSourceRef _source;        /* only used by local port; immutable once created; invalidated */     dispatch_source_t _dispatchSource;  /* only used by local port; invalidated */     dispatch_queue_t _dispatchQ;    /* only used by local port */     CFMessagePortInvalidationCallBack _icallout;     CFMessagePortCallBack _callout;    /* only used by local port; immutable */     CFMessagePortCallBackEx _calloutEx;    /* only used by local port; immutable */     CFMessagePortContext _context;    /* not part of remote port; immutable; invalidated */ };
Posted Last updated
.
Post not yet marked as solved
0 Replies
87 Views
I’ve explained this issue many times before, both here on DevForums and in DTS tech support incidents, but never in a coherent fashion. This week I received yet another DTS TSI about this issue, and I’m using that as an excuse to write it up properly (-: Share and Enjoy — Quinn “The Eskimo!” @ Developer Technical Support @ Apple let myEmail = "eskimo" + "1" + "@" + "apple.com" XPC and App-to-App Communication There is no supported way to directly communicate between apps using XPC. In the beginning… … there was Mach messaging. In Mach messaging, services are represented by a port, a kernel object that manages message-based IPC. A server has a receive right for a port, allowing it to receive messages that were sent to that port. A client that wants to send a message to a port must have a send right for that port. Mach is a capability-based system. You can’t create a send right from scratch; you must be granted it by someone. Mach messages can transfer send rights from process to process. However, this presents a chicken and egg problem: How do you get your first send right? The answer here is the bootstrap service. Every process starts with a send right to a bootstrap port. When a process wants to access a service, it sends a message with the service name to the bootstrap port. On success, the bootstrap service replies with a message with a send right to the port for that service. Not all processes talk to the same bootstrap port. Rather, the system manages multiple bootstrap ports, where each port represents a bootstrap namespace. The system gives each process a send right to the bootstrap port that’s appropriate for its execution context. The bootstrap service uses this bootstrap port to determine what service names are accessible to a client talking to that port. These bootstrap namespaces form a tree. At the root there is a global bootstrap namespace. A launchd daemon runs in that namespace. Below that are a set of per-user bootstrap namespaces, and below those are per-session bootstrap namespaces for each login sessions. A GUI app runs in a login session namespace. For a more in-depth explanation of this concept, see the Execution Contexts section of Technote 2083 Daemons and Agents. IMPORTANT That technote is very old and the bootstrap namespace model is now significantly more complex than what’s described there. However, the basic ideas are still valid. XPC Fundamentals XPC wraps Mach messaging in an API that’s much easier to use. An XPC connection represents a communication channel between two processes. An XPC listener listens for incoming connections. While there are anonymous listeners, most listeners are associated with a named endpoint, where the name is registered in a bootstrap namespace. This is what allows the client to connect to the listener by name. XPC is tightly integrated with the on-demand architecture supported by launchd. launchd manages a set of jobs — XPC services, launchd daemons and agents, and so on — and each job publishes a set of named endpoints. Client processes connect to these endpoints by name. Under the covers, XPC looks up the name in the client’s bootstrap namespace. A launchd job doesn’t need to run to publish its named endpoints. Rather, launchd learns about the endpoints by reading a property list associated with the job. For example: An XPC service advertises a single named endpoint, namely the bundle ID in the service’s Info.plist; for the details, see the xpcservice.plist man page. A launchd daemon can advertise multiple named endpoints via the MachServices property in its launchd property list; for the details, see the launchd.plist man page. launchd monitors these named endpoints for demand. When a client process sends a message to a connection that targets a named endpoint, launchd starts the associated job. The job then services the demand by starting XPC listeners for its named endpoints. XPC has two APIs: The low-level C API The Foundation XPC API, commonly referred to by the main class name, NSXPCConnection This post focuses on the latter but the same concepts apply to both. App-to-App Problems The XPC architecture is incompatible with direct app-to-app communication: There’s no way for launchd to know what named endpoints it should monitor on your app’s behalf. Launching an app is a heavyweight operation, one clearly visible to the user, so it’s not something that launchd can do on demand. This limitation is reflected in the XPC API. Specifically, there are three ways to create an XPC listener: The service() class method — This creates a listener for an XPC service’s named endpoint. The init(machServiceName:) initialiser — This creates a listener for one of the names advertised in the MachServices property of a launchd daemon or agent. The anonymous() class method — This creates an anonymous listener. None of these are useful in setting up app-to-app communication. The Xcode Gotcha One particularly gnarly gotcha here is that app-to-app communication using XPC works when you run your apps from Xcode. This is a side effect of the infrastructure used by Xcode to debug XPC services. That infrastructure allows the listener app to create a listener using init(machServiceName:) even though the corresponding service name is not known to launchd. So your code works in the debugger but then fails when you run it from the Finder. Ouch! Alternatives If you can’t use XPC for app-to-app communication, what are the alternatives? Here’s a short list of things that might work: Unix domain sockets — For the details, see the unix man page, or any good text book an BSD Sockets. CFMessagePort — For the details, see its documentation. XPC rendezvous — See the XPC Rendezvous section, below. Which is best depends on your circumstances. Unix domain sockets is an industry standard API that works well. It relies on the BSD Sockets API, which is un-fun to call from Swift. Its access control is based on file system permissions, which is helpful if you need to cut across bootstrap namespaces. In contrast, CFMessagePort is a thin wrapper around Mach messaging. That means that its tied to your bootstrap namespace, which can be useful. It’s relatively easy to call from Swift, but still not trivial. XPC rendezvous is based on XPC, so it has all of its advantages. The main disadvantages is that it requires a launchd job to help with the rendezvous, which isn’t always feasible. Oh, and here’s a short list of things to avoid: Mach messaging — I strongly recommend against using Mach messaging directly. It’s almost impossible to use correctly. Distributed Objects (DO) — This has been deprecated for many years now, and for good reason. It has a wide range of weird and wonderful bugs. XPC Rendezvous One way to set up app-to-app communication is with an XPC rendezvous. This technique requires a launchd job that’s visible to both parties: This launchd job advertises a named endpoint. Client A calls the anonymous() class method to create an anonymous listener. It then uses the endpoint property to get an endpoint (NSXPCListenerEndpoint) for that listener. It uses XPC to send this endpoint to the launchd job. The launchd job stores this endpoint. Client B uses XPC to get the endpoint from the launchd job. Client B passes the endpoint to the init(listenerEndpoint:) initialiser to open a connection directly to client A. IMPORTANT The launchd job in step one cannot be an XPC service. Third-party XPC services are always scoped to their container app (see the discussion of the ServiceType property in the xpcservice.plist man page) and thus can’t fulfil the primary requirement of an XPC rendezvous, namely, to be visible to both parties. Most other launchd jobs do work for this, including: launchd daemons and agents Service Management login items System extensions
Posted
by eskimo.
Last updated
.
Post not yet marked as solved
10 Replies
230 Views
I'm trying to create an XPC service to communicate between my Endpoint Security Extension and its Container App. I've taken the Sample Endpoint App from here. I've then followed the steps under Creating the Service here In fact, when I added the XPC service via the template, Xcode automatically added an Embed XPC Services phase to the container app. I can confirm that in the built container app I see the xpc service: SampleEndpointApp.app/Contents/XPCServices/Service.xpc If I initiate an NSXPCConnection from the container app then I can both connect and make RPCs. Furthermore I see the service process running via ps and also launchtl. If however I try to initiate an NSXPCConnection from the extension then I see nothing. RPC doesn't work and I don't see the service being launched. I've tried this with and without the connection in the main app. What am I missing here? What needs to be done to allow both processes to talk to each other? Is there some permissions issue here? Note that my plist for the service is as follows:
Posted
by HormyAJP.
Last updated
.
Post not yet marked as solved
2 Replies
171 Views
Two Obj-C processes A and B, communicating via XPC, using NSXPCConnection (the connection is created from an endpoint, unnamed). The method signature is this: - (void)userAction:(NSString *)identifier             update:(OITNFWPreventionStage)stage          eventInfo:(NSDictionary * _Nonnull)actionInfo          withError:(NSError * _Nullable)error              reply:(void (^ _Nullable)(BOOL))reply; I'm using a normal asynchronous proxy id<myProtocol> monitorProxy = [self.monitorConnection remoteObjectProxyWithErrorHandler:^(NSError * _Nonnull error) {         NSLog( @"Monitoring XPC proxy call failed: %@", error);     }]; Since the actionInfo I'm using is NSMutableDictionary the gets updated frequently from concurrent queues and thread - I synchronize ALL my calls from process A to process B on an NSOperationQueue     NSOperationQueue *monitorUpdateQueue = [[NSOperationQueue alloc] init];     monitorUpdateQueue.name = @"monitoring queue";     monitorUpdateQueue.maxConcurrentOperationCount = 1;     monitorUpdateQueue.qualityOfService = NSQualityOfServiceUtility; My calls typically look like this:     [monitorUpdateQueue addOperationWithBlock:^{         actionInfo[@"Files"] = [fileEvents valueForKeyPath:@"dictionary"]; // some NSArray of NSDictionaries         actionInfo[@"stage"] = ActionStagePreblocked;         [monitorProxy userAction:userActionIdentifier update:ActionStagePreblocked eventInfo:actionInfo withError:nil reply:^(BOOL reported) {             NSLog(@"Action reported");         }];     }]; Now every now and then, Process A (the caller) crashes inside this remote call... I Full crash log. Couldn't attach .ips file Exception Type: EXC_BAD_ACCESS (SIGSEGV) Exception Codes: KERN_INVALID_ADDRESS at 0x00004c52f8b94400 Exception Codes: 0x0000000000000001, 0x00004c52f8b94400 Exception Note: EXC_CORPSE_NOTIFY Termination Reason: Namespace SIGNAL, Code 11 Segmentation fault: 11 Terminating Process: exc handler [83282] VM Region Info: 0x4c52f8b94400 is not in any region. Bytes after previous region: 83438207583233 Bytes before following region: 21633872346112 REGION TYPE START - END [ VSIZE] PRT/MAX SHRMOD REGION DETAIL commpage (reserved) 1000000000-7000000000 [384.0G] ---/--- SM=NUL ...(unallocated) ---> GAP OF 0x5f9000000000 BYTES MALLOC_NANO 600000000000-600008000000 [128.0M] rw-/rwx SM=PRV and the thread's stack looks like this: Thread 10 Crashed:: Dispatch queue: monitoring queue (QOS: UTILITY) 0 libobjc.A.dylib 0x18a7e8310 objc_retain + 16 1 Foundation 0x18b8eb4a8 -[NSDictionary(NSDictionary) encodeWithCoder:] + 596 2 Foundation 0x18b8ba5f4 -[NSXPCEncoder _encodeObject:] + 520 3 Foundation 0x18b8b9ae4 _NSXPCSerializationAddInvocationArgumentsArray + 276 4 Foundation 0x18b8b95fc -[NSXPCEncoder _encodeInvocation:isReply:into:] + 256 5 Foundation 0x18b8b8798 -[NSXPCConnection _sendInvocation:orArguments:count:methodSignature:selector:withProxy:] + 1356 6 CoreFoundation 0x18aa08040 ___forwarding___ + 1088 7 CoreFoundation 0x18aa07b40 _CF_forwarding_prep_0 + 96 8 myproc 0x10041370c __84-[myproc scanContentOfFilesInEvents:userActionInfo:monitorProxy:monitoringQueue:]_block_invoke_2.1588 + 1064 (myproc.m:3690) 9 Foundation 0x18b8e0600 __NSBLOCKOPERATION_IS_CALLING_OUT_TO_A_BLOCK__ + 24 10 Foundation 0x18b8e04a8 -[NSBlockOperation main] + 104 11 Foundation 0x18b8e0438 __NSOPERATION_IS_INVOKING_MAIN__ + 24 12 Foundation 0x18b8df67c -[NSOperation start] + 804 13 Foundation 0x18b8df350 __NSOPERATIONQUEUE_IS_STARTING_AN_OPERATION__ + 24 14 Foundation 0x18b8df204 __NSOQSchedule_f + 184 15 libdispatch.dylib 0x18a7ad990 _dispatch_block_async_invoke2 + 148 16 libdispatch.dylib 0x18a79ebac _dispatch_client_callout + 20 17 libdispatch.dylib 0x18a7a2080 _dispatch_continuation_pop + 504 18 libdispatch.dylib 0x18a7a16dc _dispatch_async_redirect_invoke + 596 19 libdispatch.dylib 0x18a7b031c _dispatch_root_queue_drain + 396 20 libdispatch.dylib 0x18a7b0b58 _dispatch_worker_thread2 + 164 21 libsystem_pthread.dylib 0x18a959574 _pthread_wqthread + 228 22 libsystem_pthread.dylib 0x18a9582c4 start_wqthread + 8 Sorry for the terrible formatting, I could not attach the .ips file, but I attached its full text. My question: When I'm passing an NSMutableDictionary to the remote proxy. Is it received "mutable" on the other side? and while it is being worked in on the receiving side, what happens if I modify it on the calling side (process A) ? How do Mutable objects behave on XPC calls? The Dictionary I'm moving only contains basic "plist approved" entries - NSString, NSNumber, NSDate, and collections (NSArray, NSDictionary). That's all. No custom classes there. I will be most grateful for any idea or hint.
Posted
by suMac.
Last updated
.
Post marked as solved
3 Replies
160 Views
Hi, I have a problem with XPC communication, maybe someone has a suggestion how to fix it. So I have 2 applications that communicate over XPC (NSXPCConnection). One app (sender) calls a method that ends up on the other side(receiver). The method has a completion block to get the response back. The problem is that the receiver crashes while executing the method, before sending back a response. The invalidationHandler is called, because the connection died. My question is: is there a way to make XPC execute the response block, with error or something? If not, any suggestions how to handle this case, to "fake" call the response block for sender? Thanks
Posted
by smaryus.
Last updated
.
Post not yet marked as solved
16 Replies
1.7k Views
I built an app which hosts a CMIOExtension. The app works, and it can activate the extension. The extension loads in e.g. Photo Booth and shows the expected video (a white horizontal line which moves down the picture). I have a couple of questions about this though. The sample Camera Extension is built with a CMIOExtension dictionary with just one entry, CMIOExtensionMachServiceName which is $(TeamIdentifierPrefix)$(PRODUCT_BUNDLE_IDENTIFIER) This Mach service name won't work though. When attempting to activate the extension, sysextd says that the extensions has an invalid mach service name or is not signed, the value must be prefixed with one of the App Groups in the entitlement. So in order to get the sample extension to activate from my app, I have to change its CMIOExtensionMachServiceName to <my team ID>.com.mycompany.my-app-group.<myextensionname> Is this to be expected? The template CMIOExtension generates its own video using a timer. My app is intended to capture video from a source, filter that video, then feed it to the CMIOExtension, somehow. The template creates an app group called "$(TeamIdentifierPrefix)com.example.app-group", which suggests that it might be possible to use XPC to send frames from the app to the extension. However, I've been unable to do so. I've used NSXPCConnection * connection = [[NSXPCConnection alloc] initWithMachServiceName:, using the CMIOExtensionMachServiceName with no options and with the NSXPCConnectionPrivileged option. I've tried NSXPCConnection * connection = [[NSXPCConnection alloc] initWithServiceName: using the extension's bundle identifier. In all cases when I send the first message I get an error in the remote object proxy's handler: Error Domain=NSCocoaErrorDomain Code=4099 "The connection to service named <whatever name I try> was invalidated: failed at lookup with error 3 - No such process." According to the "Daemons and Services Programming Guide" an XPC service should have a CFBundlePackageType of XPC!, but a CMIOExtension is of type SYSX. It can't be both. Does the CMIOExtension loading apparatus cook up a synthetic name for the XPC service, and if so, what is it? If none, how is one expected to get pixel buffers into the camera extension?
Posted
by ssmith_c.
Last updated
.
Post marked as solved
1 Replies
147 Views
I can't seem to find any references to this in the docs, which is odd because it seems like it would be a fairly common consideration. When defining an NSXPCInterface for an object to be proxied, can XPC support methods that throw exceptions - coding and passing those exceptions back to the peer? Given NSError does not implement NSSecureCoding, I can't see how it would work. But perhaps there is some other approach I don't know about. And assuming there is no support for propagating exceptions across XPC, how does one typically handle the need to return errors from XPC interfaces?
Posted
by cleishm.
Last updated
.
Post not yet marked as solved
6 Replies
289 Views
Our app has a network extension (as I've mentioned lots 😄). We do an upgrade by downloading the new package, stopping & removing all of our components except for the network extension, and then installing the new package, which then loads a LaunchAgent causing the containing app to run. (The only difference between a new install and upgrade is the old extension is left running, but not having anything to tell it what to do, just logs and continues.) On some (but not all) upgrades... nothing ends up able to communicate via XPC with the Network Extension. My simplest cli program to talk to it gets Could not create proxy: Error Domain=NSCocoaErrorDomain Code=4099 "The connection to service named blah was invalidated: failed at lookup with error 3 - No such process." UserInfo={NSDebugDescription=The connection to service named bla was invalidated: failed at lookup with error 3 - No such process.} Could not communicate with blah Restarting the extension by doing a kill -9 doesn't fix it; neither does restarting the control daemon. The only solution we've come across so far is rebooting. I filed FB11086599 about this, but has anyone thoughts about this?
Posted
by kithrup.
Last updated
.
Post not yet marked as solved
1 Replies
160 Views
I am attempting to communicate with a FileProviderExtension (NSFileProviderReplicatedExtension) using XPC. I want to allow the controlling application to manage how the extension communicates with the remote service - e.g. tell the extension to sign in (and provide credentials to do so), sign out, etc. I have implemented the NSFileProviderServicing protocol in the extension and provided an NSFileProviderServiceSource (following the FruitBasket sample code). However, I can't see how to get a general connection to the service from the controlling application. The only method I can find is FileManager().fileProviderServicesForItem(at url: URL), which requires a URL for an item managed by the extension. Given the controlling application wants to perform actions like sign in, there is no item in scope and thus no URL. I tried using NSFileProviderManager.documentStorageURL, but this is not available on macos. Any idea how to get the connection without a file URL? Or how to get a general purpose URL that will suffice? Or is there another IPC mechanism I should use?
Posted
by cleishm.
Last updated
.
Post not yet marked as solved
8 Replies
343 Views
I have a system network extension that is installed by my app. When I update my app I also update me system extension by returning ReplacementAction.replace at the actionForReplacingExtension delegate. When the new extension starts, I created a new NSXPCListener with the same mach service name, but the app can’t register to it. I updated from MyExtension version 1 to MyExtension version 2. On the Console logs I see: launchd: [system:] Service "NetworkExtension.com.MyExtension.2" tried to register for endpoint "machServiceName" already registered by owner: NetworkExtension.MyExtension.1 launchd: [system:] failed activation: name = machServiceName, flags = 0x0, requestor = MyApp[38340], error = 1: Operation not permitted
Posted
by or_b.
Last updated
.
Post not yet marked as solved
18 Replies
9.5k Views
is there any public API or Method to get resident size of current process of game like Debug Gauges to Monitor Memory?As far as i know someone use XCode instrument -&gt; show the Debuger navigator -&gt; Memory to get it, before i have found some API to get itfrom internet,but a big differece bettween with the result of XCode Debuger navigator .the first method like this: struct mach_task_basic_info info; mach_msg_type_number_t count = MACH_TASK_BASIC_INFO_COUNT; if (task_info(mach_task_self(), MACH_TASK_BASIC_INFO, (task_info_t)&amp; info, &amp;count) == KERN_SUCCESS) { int32_t _pss = (int32_t)info.resident_size / (1024 * 1024); }another method like this: task_vm_info_data_t vmInfo; mach_msg_type_number_t count = TASK_VM_INFO_COUNT; kern_return_t kernelReturn = task_info(mach_task_self(), TASK_VM_INFO, (task_info_t) &amp;vmInfo, &amp;count); if(kernelReturn == KERN_SUCCESS) { int32_t _pss = (int32_t) vmInfo.phys_footprint / (1024 * 1024); }someone discuss:https://github.com/aozhimin/iOS-Monitor-Platform/issues/5a big differnece bettween the result of the first method and the result of XCode Debug navigator instrument, info.resident_size will not increase When the memory is allocated continuously,but xcode Debug navigator will increase.but a little difference bettween the result of the second method and the result of XCode Debug navigator instrument when use game test,but application app will same with it. so i want to know how XCode Debug navigator to calculate Memory or how to get resident size of current process more precise,any idea will help me,thanks in advance!
Posted
by aimsgmiss.
Last updated
.
Post not yet marked as solved
2 Replies
332 Views
I'm building ExtensionKit support into my application, which is currently not sandboxed. The extensions must be sandboxed. For my use case, I need them to be able to launch executables the user has installed, with homebrew for example. My problem is some paths appear to disallow execution. As an example, an extension may want to run "/opt/homebrew/bin/go". This is actually just a symlink that ultimately resolves to another path under "/opt/homebrew". If I pass along a non-security-scoped bookmark to the extension process, it is able to read the files under "/opt/homebrew". But, it cannot execute anything. The only way I have found to enable execution is by setting "com.apple.security.temporary-exception.files.absolute-path.read-only" to ["/opt/homebrew/"]. Yet, I feel like there must be a way to do this. BBEdit has a feature that allows the user to type an executable path in its settings. It will then be able to launch the targeted process, despite being a sandboxed app. Am I seeing an ExtensionKit-specific limitation? Or perhaps my extension needs additional entitlements?
Posted
by mattie.
Last updated
.
Post not yet marked as solved
0 Replies
272 Views
Can NSXPCInterface work with non-void return type? The official document says, "All messages must be 'void' return type." (Reference) However, in the file provider sample code of wwdc21, it uses it with non-void return type. (Reference) I wondered whether it can or can not be used with non-void return type? Is the answer changed after swift support for async/await?
Posted
by jetswayss.
Last updated
.
Post marked as solved
3 Replies
632 Views
I have an app with the following simple architecture: Main App: A regular macOS app bundle with UI that allows users to customize settings of the app Helper: Another macOS app bundle with no UI (LSUIElement=1 in Info.plist) that is packaged inside the main app in the LoginItems directory doing the core tasks of the app in the background My requirements are: Distribution via the MAS (=sandbox enabled for both targets) Both apps should be able to communicate via XPC The main app should be closable by the user at any time, should not keep running after being closed, whereas the helper app should as it performs actions for which it needs to be kept running in the background Launch-on-login of the helper app should not (and according to 2.4.5 (iii) of the ASRG must not) happen automatically w/o user consent and therefore I assume should always be a checkbox optional to the user For sharing settings changed by the user in the main app with the helper too, I've added the Application Group capability to both targets to allow usage of a common user defaults suite. While that works fine, there's the requirement that from within the main app I'd also need to request information and call a method from the background process (bidirectional communication) which is where I'm currently stuck. I understand that an XPC Service (.xpc) would not be suitable for the helper here because it is automatically terminated when the parent app dies and may also not be suitable for my use cases as the helper needs to be able to request Screen Capture permissions from the user and I doubt this is possible for XPC bundles. I also understand that an XPC service which utilizes a mach-service XPC listener will only work in a sandboxed environment through the use of Service Management's SMLoginItemSetEnabled() API. My main issue here is that the mandatory requirement to leave the option to launch the helper on login open to the user conflicts with the requirement of being able to communicate with the helper via XPC any time the main app is open, regardless of user choices. If there wasn't the requirement to sandbox both apps, I would solve this issue with a launchd user agent that is kept alive but only runs at load if the user checked the launch-on-login box in the Settings of the main app. With sandbox enabled though, I'm currently launching the helper app manually if launch-on-login is disabled and let the Service Management API handle the lifecycle if it is enabled. For the first case, I haven't been able to establish an XPC connection w/o calling SMLoginItemSetEnabled() and I assume that is by design. Is there something obvious I've missed here as I kinda feel like this is a typical app setup many other 3rd party devs are having as well?
Posted
by tobi_2.
Last updated
.
Post not yet marked as solved
0 Replies
274 Views
How can I exchange information easily and securely between 2 apps on macOS? 1 of the app will infrequently request a short amount of data from the other one. Here are the options that I can see: DistributedNotificationCenter : very easy to implement. However, the notifications are broadcast to any apps that wants to listen to it, and apple's documentation clearly states that it's not secure. I would ideally like a mechanism that is as simple as this, but with a secure communication between 2 aps Apple Events. I am not sure how to make an app respond to apple event. And I think it would be the same problem : any other app could talk to these 2 apps and get information from them. I ideally want this to be more secure. XPC, this seems overly complex for what I want to do, as my understanding is that this essentially involves creating a third process that will regulate communication. Implementing IPC via sockets. It seems reasonable I think, as I can probably secure the communication better. However it feels over-enigneered to set up sockets that always listen for incoming connections, etc Am I missing a simple mechanism on macOS that could help me in that use case? Or am I looking at things incorrectly for one of these options? Thanks!
Posted Last updated
.