General: DevForums subtopic: App & System Services > Core OS Core OS is a catch-all subtopic for low-level APIs that don’t fall into one of these more specific areas: Processes & Concurrency Resources Files and Storage Resources Networking Resources Network Extension Resources Security Resources Virtualization Resources Share and Enjoy — Quinn “The Eskimo!” @ Developer Technical Support @ Apple let myEmail = "eskimo" + "1" + "@" + "apple.com"

Hi, I'm trying to mount my FSKit volume with a client app (SwiftUI). I already successfully did it with the "mount" command and I can instantiate my file-system with FSPathURLResource. Also, I managed to mount the file-system with DiskArbitration in a SwiftUI app, but I only managed to get it working with FSBlockDeviceResource. Is there a way to programmatically do it in a client app? Or is "mount" command currently the only option?

Application has specified the bluetooth-central background mode. Peripheral Device(BLE) is connected to the iPhone. Application will initiate a request 'retrieveConnectedPeripheralsWithServices' along with list of services to scan for. Application will receive a list of peripherals connected to the system whose service UUID's match. From the list of peripherals, application will initiate a request 'connectPeripheral' with the interested peripheral along with the option set to 'CBConnectPeripheralOptionEnableAutoReconnect'. This option is available from iOS 17+. CBConnectPeripheralOptionEnableAutoReconnect - This option will help in reconnect back to peripheral when peripheral becomes available. (Turn OFF and Turn ON) How do we achieve the same thing in earlier IOS version

Hi all, In InfiniTime, somebody finally implemented ANCS which forced iOS to encrypt the ble connection. As a result, my PineTime appears in the battery widget. Unfortunately, I only get a Bluetooth logo as the icon. Ideally it would be a smartwatch glyph. The GAP appearance value is being set to 0xC2 (smartwatch) Note: I've used CMF watches in the past, and they display with a smartwatch icon Any thoughts?

Hello, The customer requires transparent data encryption within their DLP system. All data on external storage must be encrypted and decrypted transparently. How can the data stream (read/write) be controlled? Are there any recommended way? Thank you in advance!

In FileProvider framework based app, is it mandatory to make the host-app sandboxed? I think, no, as Google Drive app is non-sandboxed. But when removing sandboxing from my hostApp, even though mount is visible in Finder but extesnion is not being launched and Finder shows a error message saying "MyApp encountered an error. Items may be out of date." And when I add app-sanboxing, then things work fine. Can someone please help how can we remove sandboxing of hostApp and still make it work. Is there any specific entitlement we need to add, or any whitelisting needed for our Developer Team Id?

We are working with earphones that support Bluetooth BR/EDR (non-BLE). In our iOS app using CoreBluetooth, BLE peripherals appear during discovery, but this device does not.

I ave an application that makes use of charts. I would like to have a button for the user to save the chart as a PDF. I tried to have the button save the PDF to the user's document directory directly. That attempt failed. But I was able to save the PDF to the application sandboxed documents directory. The question is how to programmatically move that file from the application documents folder to the user's general documents folder. So far I have not been able to find a method that will move the PDF file. Any ideas?

I'm debugging the following kernel panic to do with my custom filesystem KEXT: panic(cpu 0 caller 0xfffffe004cae3e24): [kalloc.type.var4.128]: element modified after free (off:96, val:0x00000000ffffffff, sz:128, ptr:0xfffffe2e7c639600) My reading of this is that somewhere in my KEXT I'm holding a reference 0xfffffe2e7c639600 to a 128 byte zone that wrote 0x00000000ffffffff at offset 96 after that particular chunk of memory had been released and zeroed out by the kernel. The panic itself is emitted when my KEXT requests the memory chunk that's been tempered with via the following set of calls. zalloc_uaf_panic() __abortlike static void zalloc_uaf_panic(zone_t z, uintptr_t elem, size_t size) { ... (panic)("[%s%s]: element modified after free " "(off:%d, val:0x%016lx, sz:%d, ptr:%p)%s", zone_heap_name(z), zone_name(z), first_offs, first_bits, esize, (void *)elem, buf); ... } zalloc_validate_element() static void zalloc_validate_element( zone_t zone, vm_offset_t elem, vm_size_t size, zalloc_flags_t flags) { ... if (memcmp_zero_ptr_aligned((void *)elem, size)) { zalloc_uaf_panic(zone, elem, size); } ... } The panic is triggered if memcmp_zero_ptr_aligned(), which is implemented in assembly, detects that an n-sized chunk of memory has been written after being free'd. /* memcmp_zero_ptr_aligned() checks string s of n bytes contains all zeros. * Address and size of the string s must be pointer-aligned. * Return 0 if true, 1 otherwise. Also return 0 if n is 0. */ extern int memcmp_zero_ptr_aligned(const void *s, size_t n); Normally, KASAN would be resorted to to aid with that. The KDK README states that KASAN kernels won't load on Apple Silicon. Attempting to follow the instructions given in the README for Intel-based machines does result in a failure for me on Apple Silicon. I stumbled on the Pishi project. But the custom boot kernel collection that gets created doesn't have any of the KEXTs that were specified to kmutil(8) via the --explicit-only flag, so it can't be instrumented in Ghidra. Which is confirmed as well by running: % kmutil inspect -B boot.kc.kasan boot kernel collection at /Users/user/boot.kc.kasan (AEB8F757-E770-8195-458D-B87CADCAB062): Extension Information: I'd appreciate any pointers on how to tackle UAFs in kernel space.

Hello! I'm working on a mobile app that communicates with a peripheral via Bluetooth with security level 2 in a customised way, as there are also other communication protocols used. We use a bluetooth service with a specific UUID that has a write characteristic for sending data to the device and a notify characteristic for receiving data from the device. After connecting for the first time, a pairing prompt appears after successful connection and subscribing to notifications. When all is set, that is notifications are enabled, a handshake is performed and a communication session is established. There can be only one session for a bluetooth connection. So I have two questions: Regarding the pairing, is there any way that I can know the result of the pairing, so that I could start the handshake after it is accepted? What could be the best approach here? Asking because I noticed some instability on first connection (peripheral ignoring handshake). After disconnecting using Core Bluetooth, the system maintains the connection for some time before actually disconnecting. When opening the app shortly after killing the previous instance, it gets connected very quickly as it reuses the existing connection. The problem is, however, that the device wouldn't accept the new handshake and it is pretty much impossible to reuse previous session. In our use case we need a new BLE connection for each session. Is there any way I could forcibly disconnect from the device or enforce a new connection (not a reused one)? What might be the best approach here? The way I handle it now is by using retrieveConnectedPeripherals and if the device is found to be connected, I use scanning. If the device is advertising then we know it's not connected. Other than that we could also poll retrieveConnectedPeripherals and wait. But obviously it is not optimal, as the user has to wait longer than ususal. Other than that retrievePeripherals is used for getting the peripheral, if the app once found it during scanning. I saw this post describing similar issue, is it the only solution to implement API for disconnecting on the peripheral side?

A user of my app noticed that when using it to move a file to the trash on an USB drive, the trash doesn't show the file until unmounting the drive and mounting it again. I was able to reproduce it with one of my own USB drives, but with another USB drive it doesn't reproduce. All USB drives are formatted APFS. When moving a file to the trash from the Finder, both USB drives immediately list it in the trash. Is this a macOS bug, or am I doing something wrong? I created FB19941168. let openPanel = NSOpenPanel() openPanel.runModal() let url = openPanel.urls[0] do { var result: NSURL? try FileManager.default.trashItem(at: url, resultingItemURL: &result) print(result as Any) } catch { fatalError(error.localizedDescription) }

I just saw another post regarding bookmarks on iOS where an Apple engineer made the following statement: [quote='855165022, DTS Engineer, /thread/797469?answerId=855165022#855165022'] macOS is better at enforcing the "right" behavior, so code that works there will generally work on iOS. [/quote] So I went back to my macOS code to double-check. Sure enough, the following statement: let bookmark = try url.bookmarkData(options: .withSecurityScope) fails 100% of the time. I had seen earlier statements from other DTS Engineers recommending that any use of a URL be bracketed by start/stopAccessingSecurityScopedResource. And that makes a lot of sense. If "start" returns true, then call stop. But if start returns false, then it isn't needed, so don't call stop. No harm, no foul. But what's confusing is this other, directly-related API where a security-scoped bookmark cannot be created under any circumstances because of the URL itself, some specific way the URL was initially created, and/or manipulated? So, what I'm asking is if someone could elaborate on what would cause a failure to create a security-scoped bookmark? What kinds of URLs are valid for creation of security-scoped bookmarks? Are there operations on a URL that will then cause a failure to create a security-scoped bookmark? Is it allowed to pass the URL and/or bookmark back and forth between Objective-C and Swift? I'm developing a new macOS app for release in the Mac App Store. I'm initially getting my URL from an NSOpenPanel. Then I store it in a SQLite database. I may access the URL again, after a restart, or after a year. I have a login item that also needs to read the database and access the URL. I have additional complications as well, but they don't really matter. Before I get to any of that, I get a whole volume URL from an NSOpen panel in Swift, then, almost immediately, attempt to create a security-scoped bookmark. I cannot. I've tried many different combinations of options and flows of operation, but obviously not all. I think this started happening with macOS 26, but that doesn't really matter. If this is new behaviour in macOS 26, then I must live with it. My particular use requires a URL to a whole volume. Because of this, I don't actually seem to need a security-scoped bookmark at all. So I think I might simply get lucky for now. But this still bothers me. I don't really like being lucky. I'd rather be right. I have other apps in development where this could be a bigger problem. It seems like I will need completely separate URL handling logic based on the type of URL the user selects. And what of document-scoped URLs? This experience seems to strongly indicate that security-scoped URLs should only ever be document-scoped. I think in some of my debugging efforts I tried document-scoped URLs. They didn't fix the problem, but they seemed to make the entire process more straightforward and transparent. Can a single metadata-hosting file host multiple security-scoped bookmarks? Or should I have a separate one for each bookmark? But the essence of my question is that this is supposed to be simple operation that, in certain cases, is a guaranteed failure. There are a mind-bogglingly large number of potential options and logic flows. Does there exist a set of options and logic flows for which the user can select a URL, any URL, with the explicit intent to persist it, and that my app can save, share with helper apps, and have it all work normally after restart?

Connect with ios in android

I'm trying to use FSKit to create a File System Extension that can read MFS-formatted disk images, following the old MFSLives sample project for reference. I have a well-formed MFS formatted img file that I'm trying to mount, but I'm having trouble getting the system to actually use my FSModule. DiskImageMounter fails to mount the img file, but I'm able to use it to attach the image as a device by clicking "Ignore" when it prompts me that it isn't able to read the disk. This is effectively the same as using the hdiutil command in Terminal. hdiutil attach -imagekey diskimage-class=CRawDiskImage -nomount Sample.img I've read that FSKit isn't fully integrated with Disk Arbitration yet, so I decided to see if I could force the system to use my extension by using the mount command. mkdir /tmp/Sample mount -F -t MFS disk54 /tmp/Sample Watching the logs in Console, I can see that fskit_agent sees my extension in its "New Modules List", and I see an MFS process gets launched and logs messages from com.apple.running and com.apple.xpc. However, the logs from the MFS process end there, and don't include any of my debug logs, which should be posted when my FSFileSystem subclass is created or when probeResource is called. Ultimately the mount command fails with exit code 69 and prints the following error message: mount: Probing resource: The operation couldn’t be completed. Permission denied mount: Unable to invoke task I've checked everything I could think of: The extension is enabled in System Settings. The extension has the FSKit Module capability added in Xcode. The Info.plist sets the FSSupportsBlockResources key to YES. The Info.plist sets both the FSName and FSShortName keys to MFS. The extension has its Team set to my developer account, with Xcode setting the Provisioning Profile and Signing Certificate automatically. The hosting app has its Team set to my developer account with the "Development" signing certificate. I wanted to see if it was something with my project configuration or implementation, so I downloaded the KhaosT/FSKitSample project from GitHub. Once I got that building, I tried mounting a disk image using the MyFS extesnion, but my system wouldn't run that either. Is there something about the system configuration I should be aware of to enable File System Extensions? I have my MFS extension showing up and enabled, but I'm not sure if there's something I'm missing that I still have to do. Is there a capability or signing requirement I didn't list that's required for the extension to run? The documentation doesn't specify anything about the entitlements, signing capabilities, or Info.plist keys, so I'm not sure what I should be looking for. I'm running macOS Sequoia 15.6.1 on an M2 Max MacBook Pro, and I'm building my project with Xcode 26 beta 6.

Hi everyone! I'd like to create an application for system monitoring using the Endpoint Security framework. I already have a working prototype and now I am trying to expand its capabilities to capture more event types. Started looking at filesystem-related events as one of the most important ones for my use case. These seem to be supported fairly well by the framework (ES_EVENT_TYPE_NOTIFY_OPEN/CLOSE/CREATE/WRITE etc.) However, the "READ FILE" event seems to be absent… Am I missing something here, or Endpoint Security framework does not provide this kind of information? If it doesn't, what is the reason behind this? Capturing this type of events seems quite relevant for security-related software. Thanks & Best regards, Roman

We are testing BLE connectivity between a custom device (nRF52832, nRF5 SDK) and the latest iPad A16. Setup: Peripheral: nRF52832 running Nordic’s SoftDevice (nRF5 SDK v13) . Central: iPad A16 (Latest iPadOS 18.6.2). Issue: During the connection procedure, the iPad sends a Link Layer Control PDU with Opcode 0xFF. This is a vendor-specific LL control opcode. Our peripheral does not respond, since the Nordic SoftDevice does not implement handling for 0xFF. As a result, the link stability is affected (connection may drop / negotiation fails). Observations: With older iPads and iPhones (A14/A15 chips), no such control opcode is sent — connection and notifications work fine. Only the iPad A16 sends this vendor-specific opcode. Nordic’s SoftDevice responds to standard LL control opcodes, but ignores vendor-specific ones. Questions: Is this 0xFF LL control PDU expected behavior on A16 devices? Should peripherals ignore vendor-specific LL opcodes, or is a response required for stable connection? Are there known changes in BLE Link Layer negotiation with iPad A16?

Description: While testing Core NFC functionality on iOS 26 beta, when the NFC switch is turned off, the system automatically displays an alert. The alert contains two buttons: “Cancel” and “Settings”. Expected Behavior: When the user taps the “Settings” button, the system should navigate to the system settings page where the NFC switch can be turned on. Actual Behavior: The alert appears as expected Tapping the “Settings” button does not navigate to the system settings page No callback is triggered in the app’s NFC session Steps to Reproduce: Turn off the NFC switch on an iOS 26 beta device Trigger Core NFC functionality (e.g., NFCNDEFReaderSession or NFCTagReaderSession) The system alert appears indicating NFC is turned off Tap the “Settings” button Impact: Users cannot directly navigate to enable NFC from the system alert, making NFC features in the app unusable and negatively affecting user experience. Device Information: iOS Version: iOS 26 beta Device Model: iPhone 14pro App uses Core NFC APIs to trigger NFC sessions

I have created a sample app which read/write from a network file. When the file was attempted to open (using open Linux API), connection to network file was lost. The thread which was stuck on the open method, returns after a long time. It was observed that for macOS, the maximum return time of the thread was around 10 mins, whereas in Windows and Linux, the maximum timeout was 60 sec and 90 sec. macOS has a very large timeout before returning the thread with a network failure error. Is this by designed and expected? With a large timeout as 10mins, it's difficult to respond swiftly back to the user.

Hello everyone, I’m developing an app that connects to Bluetooth Low Energy devices. While the stability of my connection is generally good, I’m looking to improve it. I noticed that the app from VanMoof, a company that makes ebikes, has an really strong connection. It even manages to connect to devices even when the app is forcefully closed. Could you please advise me on how I can improve the stability of my Bluetooth Low Energy connection and ensure that it continues to work even when the app is forcefully closed? Thanks in advance for your help!

In the context of a FPUIActionExtensionViewController module the prepare method is defined like this: override func prepare(forAction actionIdentifier: String, itemIdentifiers: [NSFileProviderItemIdentifier]) { So you would expect the itemIdentifiers list to be the item identifier but instead it is a list of the internal fileprovider IDs like: __fp/fs/docID(6595461) So this is a bit problematic because the only way to recover the ID is by using getUserVisibleURL to get the path which is not great. Is there a better way ? Am I missing something ? Thanks,

Hello fellow developers, I’m currently working on an app for controlling electric vehicle charging stations, and I’ve encountered some issues related to Bluetooth file transfer that I hope you can help with. For the OTA (Over-the-Air) update feature in this app, we need to transfer files via Bluetooth. These files are in .bin format and range in size from 1MB to 10MB. I’ve heard that Classic Bluetooth on iOS requires certification to use—is this true? If so, what are the general processes and requirements for this certification? Additionally, when considering BLE (Bluetooth Low Energy) for this purpose, we face challenges with transfer speed as well as file fragmentation and reassembly. Are there any optimization strategies for transferring large files over BLE that can improve speed while ensuring the integrity and accuracy of file fragmentation and reassembly? Finally, I’m wondering if there are any Bluetooth file transfer-related demos available for reference, especially sample code for iOS that handles file sizes and formats similar to what I described. This would be extremely helpful for resolving my current issues. Thank you very much for taking the time to read my questions. I look forward to your valuable advice and experience sharing.