XPC is a a low-level (libSystem) interprocess communication mechanism that is based on serialized property lists.

XPC Documentation

Pinned Posts

Posts under XPC tag

92 Posts
Sort by:
Post not yet marked as solved
10 Answers
1.7k Views
This is new Catalina behavior. The file access error described below never happened on Mojave and High Sierra.My sandboxed Mac App store app includes a sandboxed XPC helper service in its app bundle.The XPC helper service has the standard entitlements: com.apple.security.app-sandbox and com.apple.security.inheritThe host app creates a document file in its own sandbox container's Caches directory. After the save operation completes,it invokes a method on the XPC service, sending the document's URL. That method on the XPC service tries to open and read the document file at that URL.Error Received: The file couldn’t be opened because you don’t have permission to view it. Permission denied.So then I tried an experiment where the user would select a folder for the XPC service to put files using NSSavePanel.The document was then written there by the host app.XPC service could not open the file either. The file couldn’t be opened because you don’t have permission to view it. Permission denied.In both instances, the XPC service did not "inherit" the sandbox state of its host app. This violates the com.apple.security.inherit entitlement.The radar report is: FB7450619
Posted
by sbrodhead.
Last updated
.
Post not yet marked as solved
0 Answers
22 Views
XPC is the preferred inter-process communication (IPC) mechanism on Apple platforms. XPC has two APIs: The high-level NSXPCConnection API, for Objective-C and Swift The low-level C API, which, while callable from all languages, works best with C-based languages General: DevForums tag: XPC NSXPCConnection class documentation XPC C API documentation XPC has extensive man pages — For the C API, start with the xpc man page; this is the original source for the XPC C API documentation and still contains tidbits that you can’t find elsewhere. Also read the xpcservice.plist man page, which documents the property list format used by XPC services. Daemons and Services Programming Guide archived documentation Technote 2083 Daemons and Agents — It hasn’t been updated in… well… decades, but it’s still remarkably relevant. TN3113 Testing and Debugging XPC Code With an Anonymous Listener Related tags include: Inter-process communication, for other IPC mechanisms Service Management, for installing and uninstalling Service Management login items, launchd agents, and launchd daemons Share and Enjoy — Quinn “The Eskimo!” @ Developer Technical Support @ Apple let myEmail = "eskimo" + "1" + "@" + "apple.com"
Posted
by eskimo.
Last updated
.
Post not yet marked as solved
10 Answers
740 Views
I built an app which hosts a CMIOExtension. The app works, and it can activate the extension. The extension loads in e.g. Photo Booth and shows the expected video (a white horizontal line which moves down the picture). I have a couple of questions about this though. The sample Camera Extension is built with a CMIOExtension dictionary with just one entry, CMIOExtensionMachServiceName which is $(TeamIdentifierPrefix)$(PRODUCT_BUNDLE_IDENTIFIER) This Mach service name won't work though. When attempting to activate the extension, sysextd says that the extensions has an invalid mach service name or is not signed, the value must be prefixed with one of the App Groups in the entitlement. So in order to get the sample extension to activate from my app, I have to change its CMIOExtensionMachServiceName to <my team ID>.com.mycompany.my-app-group.<myextensionname> Is this to be expected? The template CMIOExtension generates its own video using a timer. My app is intended to capture video from a source, filter that video, then feed it to the CMIOExtension, somehow. The template creates an app group called "$(TeamIdentifierPrefix)com.example.app-group", which suggests that it might be possible to use XPC to send frames from the app to the extension. However, I've been unable to do so. I've used NSXPCConnection * connection = [[NSXPCConnection alloc] initWithMachServiceName:, using the CMIOExtensionMachServiceName with no options and with the NSXPCConnectionPrivileged option. I've tried NSXPCConnection * connection = [[NSXPCConnection alloc] initWithServiceName: using the extension's bundle identifier. In all cases when I send the first message I get an error in the remote object proxy's handler: Error Domain=NSCocoaErrorDomain Code=4099 "The connection to service named <whatever name I try> was invalidated: failed at lookup with error 3 - No such process." According to the "Daemons and Services Programming Guide" an XPC service should have a CFBundlePackageType of XPC!, but a CMIOExtension is of type SYSX. It can't be both. Does the CMIOExtension loading apparatus cook up a synthetic name for the XPC service, and if so, what is it? If none, how is one expected to get pixel buffers into the camera extension?
Posted
by ssmith_c.
Last updated
.
Post not yet marked as solved
11 Answers
524 Views
I thought Swift wasn't supposed to get them, which is part of the reason why I chose to use it for my network extension. But we're getting crashes occasionally, that look like: Thread 4 Crashed::  Dispatch queue: com.apple.NSXPCConnection.user.endpoint 0   com.kithrup.MyApp.NExt                  0x102c4ffe2 MyExt.sendData(_:data:completion:) + 610 1   com.kithrup.MyApp.NExt                  0x102c5091f @objc MyExt.sendData(_:data:completion:) + 255 2   Foundation                              0x7ff81ef97490 __NSXPCCONNECTION_IS_CALLING_OUT_TO_EXPORTED_OBJECT_S3__ + 10 3   Foundation                              0x7ff81ef3fa1f -[NSXPCConnection _decodeAndInvokeMessageWithEvent:flags:] + 2322 4   Foundation                              0x7ff81eef641e message_handler + 206 5   libxpc.dylib                            0x7ff81de24b6c _xpc_connection_call_event_handler + 56 6   libxpc.dylib                            0x7ff81de23947 _xpc_connection_mach_event + 1382 7   libdispatch.dylib                       0x7ff81df2e3b1 _dispatch_client_callout4 + 9 8   libdispatch.dylib                       0x7ff81df47041 _dispatch_mach_msg_invoke + 445 9   libdispatch.dylib                       0x7ff81df341cd _dispatch_lane_serial_drain + 342 10  libdispatch.dylib                       0x7ff81df47b77 _dispatch_mach_invoke + 484 11  libdispatch.dylib                       0x7ff81df341cd _dispatch_lane_serial_drain + 342 12  libdispatch.dylib                       0x7ff81df34e30 _dispatch_lane_invoke + 417 13  libdispatch.dylib                       0x7ff81df3eeee _dispatch_workloop_worker_thread + 753 14  libsystem_pthread.dylib                 0x7ff81e0e1fd0 _pthread_wqthread + 326 The XPC method is func sendData(_: UUID, data: Data?, completion: @escaping (_: Error?) -> Void) It's crashing on address 0x10, so pretty clearly a NULL-dereference. Since this is happening in my extension, it's in Swift (as I said above), so I have no idea what could be NULL without the compiler yelling at me first.
Posted
by kithrup.
Last updated
.
Post marked as solved
2 Answers
112 Views
Is it better to Create an NSXPCConnection, keep it around, and create proxies using that as needed, or Create an NSXPCConnection, create a proxy off of it, and then close the connection when done?
Posted
by kithrup.
Last updated
.
Post not yet marked as solved
6 Answers
1.5k Views
We see warnings like this logged by our processes using XPC: (Foundation) [com.apple.runtime-issues:Foundation] *** -[NSXPCDecoder validateAllowedClass:forKey:]: NSSecureCoding allowed classes list contains [NSObject class], which bypasses security by allowing any Objective-C class to be implicitly decoded. Consider reducing the scope of allowed classes during decoding by listing only the classes you expect to decode, or a more specific base class than NSObject. This will become an error in the future. Allowed class list: {( "'NSObject' (0x7ff844ee0d88) [/usr/lib]" )} As far as we can see, there is no explicit NSObject in allowed classes for any XPC connection. Where does this list and NSObject come from?
Posted Last updated
.
Post marked as Apple Recommended
1.7k Views
Quinn, you've often suggested that to validate the other side of an XPC connection, we should use the audit token. But that's not available from the XPC object, whereas the PID is. So everyone uses the PID. While looking for something completely unrelated, I found this in the SecCode.h file OSStatus SecCodeCreateWithXPCMessage(xpc_object_t message, SecCSFlags flags, SecCodeRef * __nonnull CF_RETURNS_RETAINED target); Would this be the preferred way to do this now? At least from 11.0 and up. Like I said, I was looking for something completely unrelated and found this and don't have the cycles right now to try it. But it looks promising from the description and I wanted to check in with you about it in case you can say yes or no before I get a chance to test it. Thanks
Posted
by mdolan.
Last updated
.
Post not yet marked as solved
3 Answers
772 Views
I'm trying to send an IOSurfaceRef across an NSXPCConnection on osx 10.13 and I'm having trouble with the solution that was provided in the forum thread "Efficiently sending data from an XPC process to the host application." https://developer.apple.com/forums/thread/126716 From that thread: > However, that specific problem got resolved on 10.12 where we introduced a new Objective-C IOSurface object, and that object is transportable directly over NSXPCConnection . So double yay! But it doesn’t seem to work. I have a very simple service protocol that includes (void)sendFrame:(IOSurfaceRef)frame; along with some basic NSString sending methods that successfully transfer across my NSXPCConnection. I have a valid (non-NULL) IOSurface in my app that I send to my helper app with sendFrame, and when the call is executed in the helper, the resulting frame is always NULL. On the other hand, I’ve also tried creating an IOSurface with the (deprecated) kIOSurfaceIsGlobal property and sending the IOSurface’s ID instead with: (void)sendFrameID:(uint32_t)frameID; and [_service sendFrameID:IOSurfaceGetID(surface)]; And on the helper app side, I look up the IO to get an IOSurfaceRef: IOSurfaceRef frame = IOSurfaceLookup(frameID); and it works correctly – I get a valid IOSurface which I can display and see the same pixel contents in both the app and the helper. So what is meant by the new IOSurface object in 10.12 is “transportable directly” over NSXPCConnection? How is it supposed to work? I’m specifically interested in no-copy transfer. Thanks!
Posted
by diverdi.
Last updated
.
Post not yet marked as solved
16 Answers
25k Views
Previously discussed in beta:https://forums.developer.apple.com/message/330295This process stops responding every day it seems, I'm running 10.14.3 (18D109)When the process hangs, its Open Files and Ports include the following:txt /Library/Preferences/Logging/.plist-cache.ZP6RP0OT txt /private/var/db/timezone/tz/2018i.1.0/icutz/icutz44l.dat txt /usr/share/icu/icudt62l.dat txt /private/var/folders/35/dgpwsg457w17gs77hssnrbnw0000gn/0/com.apple.LaunchServices-231-v2.csstoreThose are not open when the service is running (before it hangs)Would like to know how frequently this hangs for everyone else and get steps to troubleshoot if possible.
Posted
by daplemac.
Last updated
.
Post not yet marked as solved
3 Answers
206 Views
I've configured an item and placeholder in NSFileProviderExtension iOS extension, and an XPC service in the provider (based on the template for XPC service for Mac, but as part of the NSFileProviderExtension When connecting to the service from the app using code example in getFileProviderServicesForItem I am getting an error straight in the completion handler of that function: Error Domain=NSCocoaErrorDomain Code=4097 "Error while sending identifierForItemAtURL:completionHandler:" UserInfo={NSDebugDescription=Error while sending identifierForItemAtURL:completionHandler:, NSUnderlyingError=0x2833640c0 {Error Domain=NSCocoaErrorDomain Code=4097 "connection from pid 30324 on anonymousListener or serviceListener" UserInfo={NSDebugDescription=connection from pid 30324 on anonymousListener or serviceListener}}} Could you maybe suggest what I am missing? Or, is there an example somewhere of the FileProvider extension with the service being called from the app? Code: File Provider service definition: https://github.com/simplex-chat/simplex-chat/blob/af3dcc4a9a9b24751bf9d74af67cf8e7d119597a/apps/ios/SimpleX%20Service/SimpleXFPService.swift Application code that calls the service: https://github.com/simplex-chat/simplex-chat/blob/af3dcc4a9a9b24751bf9d74af67cf8e7d119597a/apps/ios/Shared/FPService.swift Thank you!
Posted Last updated
.
Post not yet marked as solved
11 Answers
639 Views
I have an application which is doing screen recording, now I move the screen recording feature to a standalone native XPC module for better performance due to some reason that the app is tied an old lib which cannot generate native code for M1 (Intel only). My question is that, this new xpc module is belong to the App (demanded by the app), if I give the screen recording permission to the app, will the xpc screen scraping module be granted to the permission? Right now looks like it is not after I granted the application with the screen recording permission since display stream won't produce the frame data.
Posted
by stang.
Last updated
.
Post not yet marked as solved
6 Answers
317 Views
In my project I have a host application and a husk application. What I want to do is, every time the user launches a new view in the host application, I want to create one more dock icon by launching another instance of husk application. Then the husk application behaves like it is the view itself by monitoring the event of click/quit and send them to the host application through XPC. The XPC tutorial tells me an XPC service embedded in an application is invisible to the processes outside the bundle. To communicate between two foreground applications it seems that I need to create a third helperTool/agent/daemon which venders a Mach/XPC service. But I wonder if I can put husk application inside the bundle of the hose application. So they can directly connect to the XPC service which is also embedded in the same bundle. If the answer is no, maybe NSDistributedNotificationCenter is much better and simpler in my scenario?
Posted
by Cecil1345.
Last updated
.
Post not yet marked as solved
1 Answers
171 Views
Hello We are developing our own iOS Network Extensions-based VPN and it has an HTTP proxy in the VPN. In addition, we also use PAC (Proxy auto-configuration) script to configure what kind of HTTP/HTTPS traffic should route to our proxy in the VPN. However, we get this kind of message "Received XPC error Connection invalid for message type 3 kCFNetworkAgentXPCMessageTypePACQuery" randomly on iOS 15.5. We have not been aware of any weird behavior of iOS based on the error message. We are afraid of this error message is caused by our VPN solution. Is there any suggestion that should consider or follow to fix this error?
Posted
by AndyCheng.
Last updated
.
Post not yet marked as solved
3 Answers
1.4k Views
I am trying to figure out how to programatically install a per-user launchd agent - I have an executable Swift script I wrote and I need macOS to enforce it always be running. I found the SMJobBless sample code which I could play with to see how this works, but it hasn't been updated since it was last built with Xcode 4.6. As you can imagine it doesn't compile in Xcode 10. I was able to get it to build by upgrading to the recommended project settings, increasing the deployment target, and selecting my team for the two targets. Following the ReadMe I need to run ./SMJobBlessUtil.py setreq to configure the Info.plists appropriately. These instructions are out of date but eskimo was kind enough to provide updated instructions here to find the .app url. But when I do this and run the command I receive the following output:MacBook:SMJobBless Jordan$ ./SMJobBlessUtil.py setreq /Users/Jordan/Library/Developer/Xcode/DerivedData/SMJobBless-dffakkidazmiowcishyrborysygm/Build/Products/Debug/SMJobBlessApp.app SMJobBlessApp/SMJobBlessApp-Info.plist SMJobBlessHelper/SMJobBlessHelper-Info.plist Traceback (most recent call last): File "./SMJobBlessUtil.py", line 424, in main() File "./SMJobBlessUtil.py", line 418, in main setreq(appArgs[1], appArgs[2], appArgs[3:]) File "./SMJobBlessUtil.py", line 360, in setreq appToolDict[bundleID] = toolNameToReqMap[bundleID] KeyError: '$(PRODUCT_BUNDLE_IDENTIFIER)'It would seem this python script isn't able to work with the newer project structures, not surprisingly. I wasn't able to find any other information on how to accomplish this task in the modern days. So could you please explain how to go about this? 🙂I have an executable .swift file and a .plist that works when loaded from ~/Library/LaunchAgents/ ready to be added to an existing Xcode project. Thanks!
Posted
by Jordan.
Last updated
.
Post not yet marked as solved
4 Answers
4.2k Views
Hello! I am using macOS Catalina, Xcode 11. I just started working on app development and this is my first project. Every time i try to simulate the code the program crashes and it gives me thread 1 signal SIGTERM error. My code is very simple, I don't think i have an error there. I am really stuck, I tried to run different projects but it doesn’t work on any of them. Please, can someone help me fix this error? Thanks in advance!
Posted
by begaimk.
Last updated
.
Post not yet marked as solved
12 Answers
578 Views
Hi, I’d like to perform client-side certificate authentication from https based connection in macOS. I’m using the method didReceiveChallenge from URLSession. However, I cannot read the keychain directly since my process is running as Daemon, and my client certificate reside in login keychain. So I've followed the guidance from this question https://developer.apple.com/forums/thread/106851, and sent this authentication request to a user-based process which is running in the current user so it has access to the keychain. After I acquire the NSURLCredential object, I’d like to return it back to the Daemon, so it may run the completionHandler with that credential. However, After I successfully create the NSURLCredential in the user process, and send it back using some reply callback. It looks like the object didn’t serialized properly and I get the following error : Exception: decodeObjectForKey: Object of class "NSURLCredential" returned nil from -initWithCoder: while being decoded for key <no key> Here’s my client side code ( I made sure that the server side create a valid NSURLCredential object). and the problem occur after I send the XPC request, right when i’m about to get the callback response (reply) - (void)URLSession:(NSURLSession *)session didReceiveChallenge:(NSURLAuthenticationChallenge *)challenge completionHandler:(void (^)(NSURLSessionAuthChallengeDisposition disposition, NSURLCredential *credential))completionHandler { if (challenge.protectionSpace.authenticationMethod == NSURLAuthenticationMethodClientCertificate) { [myXpcService getCertIdentityWithAcceptedIssuers:challenge.protectionSpace.distinguishedNames withReply:^(NSURLCredential *cred, NSError *error) { if (error != nil) { completionHandler(NSURLSessionAuthChallengeCancelAuthenticationChallenge, nil); } else { completionHandler(NSURLSessionAuthChallengeUseCredential, cred); } }]; } Perhaps anybody can tell me what did I do wrong here ? Does XPC is capable to pass complex objects like NSURLCredentials ? thanks !
Posted
by chapo213.
Last updated
.
Post not yet marked as solved
0 Answers
136 Views
We'd prefer our security application not be worked around by the complex task of typing sudo launchctl unload /Library/LaunchDaemons/foo.plist 😄. Is there a way to prevent that? (We're not using ServiceManagement because we need ot control some of the plist entries, sadly.)
Posted
by kithrup.
Last updated
.
Post not yet marked as solved
2 Answers
194 Views
XPC connection keeps getting interrupted. I'm creating an xpc endpoint in FxPlug plugin for FCP X using xpc_endpoint_create. This endpoint is then passed to a helper mach service running in the background and stored there. Next, our main application is launched and retrieves the stored endpoint from the helper service. It creates the communication channel using xpc_connection_create_from_endpoint The main application communicates with FxPlug plugin using that endpoint. It all works well when I am debugging either our application or FxPlug. The moment I use the release build on both, the connection works fine for a while but is very quickly interrupted (usually 2-10 seconds), FxPlug plugin gets flagged as non-responsive and is unloaded by FCP X. This behavior is erratic and may cease after some time on some machines. We've been working on this and some other issues with FxPlug team for months and some changes have been made, but we're stuck with that one last bit. I want to stress the following: when I use a debug version of either plugin or our app, everything works fine, fxplug is never unloaded or marked as unresponsive, the connection is stable. When both components are using release builds, it all comes apart for no apparent reason. Both plugin and application can normally recover and reconnect after being unloaded and restored. Any thoughts on why an xpc connection would be interrupted in this way?
Posted
by BartW.
Last updated
.
Post not yet marked as solved
11 Answers
2.2k Views
What is Error Domain=com.apple.photos.error Code=46104 mean? This error appears when I try to create an album on iOS14. case: User first gives AddOnly authorization and then gives ReadWrite authorization. After I get the ReadWrite authorization, create an album. code reference: [[PHPhotoLibrary sharedPhotoLibrary] performChanges:^{     PHAssetCollectionChangeRequest *request = [PHAssetCollectionChangeRequest creationRequestForAssetCollectionWithTitle:albumName]  albumPlaceholder = [request placeholderForCreatedAssetCollection]; } completionHandler:^(BOOL success, NSError * _Nullable error) { // success is NO, error is "Error Domain=com.apple.photos.error Code=46104"  }]; The supplementary log information for the above question is as follows: 2020-08-17 11:28:19.470871+0800 XXXX[4255:1139139] CoreData: XPC: Unable to connect to server with options { NSXPCStoreServerEndpointFactory = "<PLXPCPhotoLibraryStoreEndpointFactory: 0x280ce8760>"; skipModelCheck = 1;} 2020-08-17 11:28:19.479533+0800 XXXX[4255:1139139] CoreData: XPC: Unable to load metadata: Error Domain=NSCocoaErrorDomain Code=134060 "关键数据出错。" UserInfo={Problem=Unable to send to server; failed after 8 attempts.} 2020-08-17 11:28:19.483149+0800 XXXXX[4255:1139139] [error] error: addPersistentStoreWithType:configuration:URL:options:error: returned error NSCocoaErrorDomain (134060) CoreData: error: addPersistentStoreWithType:configuration:URL:options:error: returned error NSCocoaErrorDomain (134060) CoreData: annotation: userInfo:CoreData: annotation: Problem : Unable to send to server; failed after 8 attempts. CoreData: annotation: storeType: NSXPCStoreCoreData: annotation: configuration: (null) CoreData: annotation: URL: file:///var/mobile/Media/PhotoData/Photos.sqlite CoreData: annotation: options: CoreData: annotation: NSXPCStoreServerEndpointFactory : <PLXPCPhotoLibraryStoreEndpointFactory: 0x280ce8760>CoreData: annotation: skipModelCheck : 1 2020-08-17 11:28:19.485049+0800 XXXXX[4255:1139139] [Generic] Failed to connect to XPC PhotoLibraryStore file:///var/mobile/Media/PhotoData/Photos.sqlite with options { NSXPCStoreServerEndpointFactory = "<PLXPCPhotoLibraryStoreEndpointFactory: 0x280ce8760>"; skipModelCheck = 1;}: Error Domain=NSCocoaErrorDomain Code=134060 "关键数据出错。" UserInfo={Problem=Unable to send to server; failed after 8 attempts.} 2020-08-17 11:28:19.485565+0800 XXXXX[4255:1139139] [Migration] Failed to configure PSC for library file:///var/mobile/Media/: Error Domain=NSCocoaErrorDomain Code=134060 "关键数据出错。" UserInfo={Problem=Unable to send to server; failed after 8 attempts.} 2020-08-17 11:28:19.485943+0800 XXXXX[4255:1139139] [LibraryBundle] Unable to create PLLibraryBundleLogInfo because PSC is nil There is another problem. When saving the video, if the AddOnly permission is taken first and then the ReadWrite permission is taken, the performChanges method will freeze for more than 10 seconds before calling the completionHandler. The following is the log information: [Generic] Failed to connect to XPC PhotoLibraryStore file:///var/mobile/Media/PhotoData/Photos.sqlite with options { NSXPCStoreServerEndpointFactory = "<PLXPCPhotoLibraryStoreEndpointFactory: 0x280700d00>"; These problems only occur during a cold launch when the AddOnly permission is taken first and then the ReadWrite permission is taken. Whether the app only takes the AddOnly permission, only takes the ReadWrite permission, or closes the app after authorization and reopens it will not happen.
Posted
by THUYu.
Last updated
.
Post not yet marked as solved
3 Answers
224 Views
I am trying to pass an array of C-structs to an XPC Service, but the service receives only the first element. Following is the C struct struct MyStruct { char *name; unsigned char v1; unsigned char v2; Status status; // a c-style enum }; and I am using it like this struct MyStruct structs[3] = {{"name1", 0, 0, success}, {"name2", 1,1, success}, {0}}; [[_connectionToService remoteObjectProxy] doSomething:structs]; and doSomething is declared as - (void)doSomething: (struct MyStruct[]) structs; The document Creating XPC Services mentions that C structures and arrays containing only the types listed above are supported, but I am unable to get it to work even for an array of c-strings or ints. Also, there's an API for making synchronous RPC calls but there is no documentation available for it. - (id)synchronousRemoteObjectProxyWithErrorHandler:(void (^)(NSError *error))handler It does seem to block but only if the remote method has a reply block. Is this the expected behaviour? And is it safe to cache the proxy object returned by this method?
Posted Last updated
.