Dear Apple engineers and DriverKit developers, We have developed a DriverKit (DEXT) driver for an HBA RAID controller. The RAID controller is connected to hosts through Thunderbolt (PCIe port of the Thunderbolt controller). We use an IO script to verify the developed driver. The test fails after a few (10-12) hours of running with an error: “BUG IN CLIENT OF LIBDISPATCH: dispatch_sync called on queue already owned by current thread”. We inspected the stack trace of the crash report. This error happens in the interrupt handler. Thread 5 Crashed: 0 libdispatch.dylib 0x19671aa8c __DISPATCH_WAIT_FOR_QUEUE__ + 484 1 libdispatch.dylib 0x19671a5d0 _dispatch_sync_f_slow + 152 2 DriverKit 0x195d3fc1c IODispatchQueue::DispatchSync_f(void*, void (*)(void*)) + 296 3 DriverKit 0x195d40860 IOInterruptDispatchSourceThread(void*) + 380 4 libsystem_pthread.dylib 0x1968a3738 _pthread_start + 140 5 libsystem_pthread.dylib 0x1968ac6c8 thread_start + 8 On our side we created 5 DispatchQueue(s) for the interrupt processing and configured 5 interrupt handlers using ConfigureInterrupts(kIOInterruptTypePCIMessagedX, 1, 5). It gives 5 interrupts, as requested and it is not clear what is the reason for the issue. Our code samples are below uint32_t configureInterrupts(uint32_t requested, uint32_t required)  {      const kern_return_t ret = ioPCIdevice->ConfigureInterrupts(kIOInterruptTypePCIMessagedX, required, requested);      if (ret != kIOReturnSuccess)          return 0;      uint64_t interruptType = 0;      uint32_t interruptsCount = 0;      uint32_t interruptIndex = 0;        for ( ;; ++interruptIndex) {          if (IOInterruptDispatchSource::GetInterruptType(ioPCIdevice, interruptIndex, &interruptType) != kIOReturnSuccess)              break;          if ((interruptType & kIOInterruptTypePCIMessagedX) == 0)              continue;          ++interruptsCount;      }      return interruptsCount;  }  ..... // Create DQs     for(int i = 0; i < maxInterrupts; ++i) {          ret = IODispatchQueue::Create(INTERRUPT_DQ_NAME, 0, 0, &ivars->interruptQueue[i]);          if (kIOReturnSuccess != ret || nullptr == ivars->interruptQueue[i]) {              GH_PRINT_ERR("Interrupts queue %d creation failed with error %d", i, ret);              return false;          }      } ..... // Link DQ with interrupt   for(int index = 0; index < maxInterrupts; ++ index) {      kern_return_t ret = CreateActionHandleInterruptRequest(size, &ivars->interruptActions[index]);      if (kIOReturnSuccess != ret) {          GH_PRINT_ERR("Create action for interrupt handler %u failed.", index);          return ;      }      ret = IOInterruptDispatchSource::Create(ivars->PCI_io.dev, index, ivars->interruptQueue[index], &ivars->interruptSources[index]);      if (kIOReturnSuccess != ret || nullptr == ivars->interruptSources[index]) {          GH_PRINT_ERR("Creating interrupt source %u failed for interrupt index %u.", index, index);          return ;      }      ret = ivars->interruptSources[index]->SetHandler(ivars->interruptActions[index]);      if (kIOReturnSuccess != ret) {          GH_PRINT_ERR("Setting the handler for interrupt source %u failed.", index);          return ;      }      ivars->contexts[index] = ivars->interruptActions[index]->GetReference();      }  ..... // definition for interrupt handler void    HandleInterruptRequest ( OSAction *action, uint64_t count, uint64_t time) TYPE (IOInterruptDispatchSource::InterruptOccurred);  Do you have any clue how we can fix this error? Or directions and ways for investigation? Please let us know if you need more details.

Hi, We are using the AX88772C as a USB->Ethernet bridge in a product we are developing. Due to the chip not following the NCM protocol, it is not supported by the default networking drivers on the iPhone. Initially, we intended on using DriverKit to develop a userspace driver for this device. However, we have been informed DriverKit is only available on iPad OS, not iOS. As such is the case, we have found two possible alternatives. First being IOkit, and the second being External Accessory Session (EASession). What are the limitations of each of these options? We need the ability to send and receive USB packets to Control and Bulk endpoints. Is this possible with either of the options defined above? Would either of these options require the device to be MFi certified? We have read that some APIs within IOkit require the apple device to be jailbroken. Is there a list of features that can be used without a jailbroken device? Documentation on these 2 options is limited, so any official documentation would be great. Thanks!

The device I am trying to develop a firmware updater for is an NVMe drive with a USB4 interface. It can connect in USB4 mode (tunneled NVMe), in USB 3 mode or in USB 2 mode. In USB 2 and USB 3 mode, the device descriptor shows one interface with two alternates. Alternate 0 uses the bulk-only protocol, with one IN and one OUT pipe. Alternate 1 uses the UAS protocol, with two IN and two OUT pipes. I use identical code in my driver to send custom CDBs. I can see using IORegistryExplorer that in USB 2 mode, macOS chooses alternate 0, the bulk-only protocol. My custom CDBs and their accompanying data pay loads are put on the bus, more or less as expected. In USB 3 mode, macOS chooses alternate 1, the UAS protocol. My custom CDB is put on the bus, but no payload data is transferred. Is this expected behavior? If so, is there a way to force the OS to choose alternate 0 even when on USB 3, perhaps with another dext? I'll file a bug about this when Feedback Assistant lets me.

Hello everyone, I am migrating a legacy KEXT to a DriverKit (DEXT) architecture. While the DEXT itself is working correctly, I am completely blocked by a code signing issue when trying to establish the UserClient connection from our SwiftUI management app. Project Goal & Status: Our DEXT (com.accusys.Acxxx.driver) activates successfully (systemextensionsctl list confirms [activated enabled]). The core functionality is working (diskutil list shows the corresponding disk device node). The Core Problem: The userclient-access Signing Error To allow the app to connect to the DEXT, the com.apple.developer.driverkit.userclient-access entitlement is required in the app's .entitlements file. However, as soon as this entitlement is added, the build fails. Both automatic and manual signing fail with the same error: `Provisioning profile ... doesn't match the entitlements file's value for the ... userclient-access entitlement.` This build failure prevents the generation of an .app bundle, making it impossible to inspect the final entitlements with codesign. What We've Confirmed: The necessary capabilities (like DriverKit Communicates with Drivers) are visible and enabled for our App ID on the developer portal. The issue persists on a clean system state and on the latest macOS Sequoia 15.7.1. Our Research and Hypothesis: We have reviewed the official documentation "Diagnosing issues with entitlements" (TN3125). According to the documentation, a "doesn't match" error implies a discrepancy between the entitlements file and the provisioning profile. Given that we have tried both automatic and manual profiles (after enabling the capability online), our hypothesis is that the provisioning profile generation process on Apple's backend is not correctly including the approved userclient-access entitlement into the profile file itself. The build fails because Xcode correctly detects this discrepancy. Our Questions: Did we misunderstand a step in the process, or is the issue not with the entitlement request at all? Alternatively, are there any other modifications we can make to successfully connect our App to the DEXT and trigger NewUserClient? Thank you for any guidance.

I have a USB-device with three interfaces: Vendor-Specific Bulk CDC Serial Control CDC Serial Data To configure the vendor specific bulk endpoints I need to send vendor specific control requests to endpoint 0. I'm using libusb for this task. As long as the interfaces for the CDC serial port are present I get an access error when trying to send vendor control requests. If I disable these CDC interfaces I can send vendor control request without any problems: Is this by design or ist there any possibility to send vendor control requests to the USB device while a CDC driver is active?

1) The circumstances: iPADOS~>18, USB still-imaging-gadget, 1-3 gadgets might connect simultaneously via USB-hub, proprietary DExt, UserClient App in developers' iPADs or in TestFlight. = 1 variation A) UserClientApp has attribute [Background modes][Enable external communications]. = 1 variation B) "active USB-hub" vs "passive". = 1 variation C) "ConsoleApp logs iPAD" vs "ConsoleApp is not started". = 1 the term "zombie" below assume issue: == after plug-in ConsoleApp logs "IOUsbUserInterface::init", "::start"; == UserClient never receives respective callback from IOServiceAddMatchingNotification == further IOKit APIs "teardown", "restart" and "re-enumeration of connected gadgets" doesn't reveal the zombie (while it sees another simultaneous gadget); == unplug of the gadget logs "IOUsbUserInterface::stop". =2) The situation when UserClient is in foreground: ~ everything is fine. Note in MAC OS everything (same DExt and UserClient-code) works fine in background and in foreground. =3) The situation when UserClient is in background (beneath ~"Files" or "Safari"): =3A) "1A=true" phys plugin causes zombie in ~1/20 cases (satisfactory) =3B) "1A=false" phys plugin causes zombie in ~1/4 cases (non-satisfactory) =3C) "1 variation B" and "1 variation C" reduce zombies by ~>30%. =3D) ConsoleApp logs with filter "IOAccessory" (~about USB-energy) always look similar by my eyes. =4) From Apple-store: "The app declares support for external-accessory in the UIBackgroundModes"..."The external accessory background mode is intended for apps that communicate with hardware accessories through the External Accessory framework."..."Additionally, the app must be authorized by MFi," =5) My wish/ask: =5 option A) A clue to resolve the "zombie-plugin-issue in background" in a technical manner. = E.g. find a straightforward solution that ~elevates UserClient's "privileges" in background like [Enable external communication]... E.g. what ConsoleApp-logs to add/watch to reveal my potential bugs in DExt or in UserClient? =5 option B) A way to pursue Apple-store to accept (without MFI) an UserClientApp with [Enable external communication].

I've made a dext and a user client that overrides IOUserSCSIPeripheralDeviceType00, with the object of writing device firmware to the driver. I can gain and relinquish exclusive access to the device, I can call UserReportMediumBlockSize and get back a sensible answer (512). I can build command parameters with the INQUIRY macro from IOUserSCSIPeripheralDeviceHelper.h and send that command successfully using UserSendCB, and I receive sensible-looking Inquiry data from the device. However, what I really want to do is send a WriteBuffer command (opcode 0x3B), and that doesn't work. I have yet to put a bus analyzer on it, but I don't think the command goes out on the bus - there's no valid sense data, and the error returned is 0xe00002bc, or kIOReturnError, which isn't helpful. This is the code I have which doesn't work. kern_return_t driver::writeChunk(const char * buf, size_t atOffset, size_t length, bool lastOne) { DebugMsg("writeChunk %p at %ld for %ld", buf, atOffset, length); SCSIType00OutParameters outParameters; SCSIType00InParameters response; memset(&outParameters, 0, sizeof(outParameters)); memset(&response, 0, sizeof(response)); SetCommandCDB(&outParameters.fCommandDescriptorBlock, 0x3B, // byte 0, opcode WriteBuffer command lastOne ? 0x0E : 0x0F, // byte 1 mode: E=save deferred, F = download and defer save 0, // byte 2 bufferID (atOffset >> 16), // byte 3 (atOffset >> 8), // byte 4 atOffset, // byte 5 (length >> 16), // byte 6 (length >> 8), // byte 7 length, // byte 8 0, // control, byte 9 0, 0, 0, 0, 0, 0); // bytes 10..15 outParameters.fLogicalUnitNumber = 0; outParameters.fBufferDirection = kIOMemoryDirectionOut; outParameters.fDataTransferDirection = kSCSIDataTransfer_FromInitiatorToTarget; outParameters.fTimeoutDuration = 1000; // milliseconds outParameters.fRequestedByteCountOfTransfer = length; outParameters.fDataBufferAddr = reinterpret_cast<uint64_t>(buf); uint8_t senseBuffer[255] = {0}; outParameters.fSenseBufferAddr = reinterpret_cast<uint64_t>(senseBuffer); outParameters.fSenseLengthRequested = sizeof(senseBuffer); kern_return_t retVal = UserSendCDB(outParameters, &response); return retVal; }

Hi everyone, We are experiencing an issue with SMS messages sent from our banking app (iOS) to our customers. The SMS are being delivered by the carrier, but on iOS devices some of them appear to be filtered or blocked, and users don’t see them in the Messages app. This seems to be related to new SMS filtering rules on iOS (possibly affecting financial institutions and transactional SMS). • Has anyone faced a similar situation? • Are there specific Apple guidelines or best practices for SMS sender IDs / content to avoid being filtered? • Is there any official documentation from Apple regarding these new SMS filtering mechanisms? Any guidance or experiences would be greatly appreciated. Thanks in advance!

Hi Apple, We are working on a general USB device management solution on macOS for enterprise security. Our goal is to enforce policy-based restrictions on USB devices, such as: For USB storage devices: block mount, read, or write access. For other peripherals (e.g., USB headsets or microphones, raspberry pi, etc): block usage entirely. We know in past, kernel extension would be the way to go, but as kext has been deprecated. And DriverKit is the new advertised framework. At first, DriverKit looked like the right direction. However, after reviewing the documentation more closely, we noticed that using DriverKit for USB requires specific entitlements: DriverKit USB Transport – VendorID DriverKit USB Transport – VendorID and ProductID This raises a challenge: if our solution is meant to cover all types of USB devices, we would theoretically need entitlements for every VendorID/ProductID in existence. My questions are: Is DriverKit actually the right framework for this kind of general-purpose USB device control? If not, what framework or mechanism should we be looking at for enforcing these kinds of policies? We also developed an Endpoint Security product, but so far we haven’t found a relevant Endpoint Security event type that would allow us to achieve this. Any guidance on the correct technical approach would be much appreciated. Thanks in advance for your help.

We have a management application which manages security enable and disable for an external PCIe based storage device using Kernel Extension(SCSI Architecture Model Family for External USB Mass Storage devices which deals with IOSCSIBlockCommandsDevice, IOSCSIPeripheralDeviceType00 and IOBlockStorageService) Now the issue we are facing is when we try to unlock the device using security code (already being set) , we will relink the device using VU command (RelinkBridge). Even-though both the commands are successful , the device is not getting relinked due to which we are not able to use the device for storage. If someone have faced similar issue or any pointer on how to resolve this issue , it would be helpful. Thanks in advance.

Hi, We were planning on using DriverKit to develop a USB Driver on IOS for iPhone. Within the DriverKit website, it say 'IOS16.0+' which lead us to believe it was compatible with iPhones running IOS16.0+. However, it appears DriverKit is only available for iPads running iPadOS, and computers running macOS. Are there any alternatives that would allow us to create a device specific USB driver for an iPhone running IOS?

Hello everyone, I'm developing a CarPlay app and am trying to test it with the dock on the right side of the screen, as is standard for right-hand drive vehicles like those in Japan. Currently, the CarPlay Simulator always displays the dock on the left, and I can't find an option to change its position. This is important for ensuring a proper user experience for my target market. Has anyone figured out how to configure the simulator for RHD layouts? Any guidance on how to move the dock to the right would be greatly appreciated. Thanks in advance for your help!

We have developed the driver for the ProCapture video capture card based on PCIDriverKit. The App can communicate with the driver through the UserClient API. Currently, there is an issue where, when the App starts, there is a small probability that it causes a driver crash. However, the crash stack trace does not point to our code but appears to be within the PCIDriverKit framework. We have spent several weeks debugging but still cannot identify the root cause of the crash. Could you please review the crash log and suggest any methods to help pinpoint the issue? com.magewell.ProCaptureDriver-2025-09-15-153522.ips com.magewell.ProCaptureDriver-2025-09-15-082500.ips

Hello, dear Apple engineers. We have recently tried to pair our Android phones and iPhones via BLE SMP, but have encountered a very high probability of pairing failures. Through PacketLogger and Android phone HCI, we have determined that the issue is caused by the iOS side sending an SMP Pairing Failed message during the SMP process. Please help us analyze the reason for this.

Hi guys! OK, reaching out for some help here. I am having all kinds of trouble with OSDeclareDefaultStructors. I have seriously been at this for nearly a week now and have come to the conclusion that I need to reach out for help from people that are more experience using Xcode. I believe entirely that my issue is just that I can't for whatever reason see how to set up includes and libraries and things like that. I have this line: OSDeclareDefaultStructors(NukeVirtualGamepad) No matter what I do, Xcode will not recognize OSDeclareDefaultStructors. The project builds a DriverKit &gt; Driver extension. I have literally tried absolutely everything with this. I am at a loss for words. I even set up a new blank project and it still will not recognize OSDeclareDefaultStructors. I did a lot of research and it looks like expo needs OSDeclareDefaultStructors in order for the extension to build with a binary in it instead of being just a codeless extension. Here is the code with the issue: #pragma once #include &lt;DriverKit/OSMetaClass.h&gt; #include &lt;HIDDriverKit/IOUserHIDDevice.h&gt; #include &lt;DriverKit/OSData.h&gt; class NukeVirtualGamepad : public IOUserHIDDevice { OSDeclareDefaultStructors(NukeVirtualGamepad) // The problem is right here! This line! public: // Keep it minimal; no 'override' keywords since the .h types may not mark them virtual bool init(); void free(); kern_return_t Start(IOService* provider); void Stop (IOService* provider); OSData* newReportDescriptor(); // (Optional) helper you’ll use later to inject input matching your report kern_return_t PostInput(uint16_t buttons, int8_t x, int8_t y); }; I do have to mention to everyone that I am still very new with Xcode. So there is a ton that I don't know yet or might be misunderstanding. Has anyone seen this before? Thank you in advance.

I’m creating my first DriverKit extension and I ran into an entitlement issue when trying to load my driver. Error 0x0 8397 7 taskgated-helper: (ConfigurationProfiles) [com.apple.ManagedClient:ProvisioningProfiles] App.Dext: Unsatisfied entitlements: com.apple.developer.driverkit.transport.usb I have already registered the entitlement com.apple.developer.driverkit.transport.usb with my vendor ID in the Apple Developer portal. However, when I download the provisioning profile, it doesn’t include the idVendor value. Screenshot from the developer portal (provisioning profile without idVendor) ? <key>com.apple.developer.driverkit.transport.usb</key> <array> <dict> <key>idVendor</key> <integer>1356</integer> </dict> </array> -Is this error caused by me registering the vendor ID incorrectly? -Or is there an issue with how the entitlement is reflected in the provisioning profile? Any guidance would be appreciated.

I am trying to localize the CFBundleDisplayName and OSBundleUsageDescription of a driver that is part of an app. I am able to use InfoPlist.strings files to localize the Bundle display name for the app, but when I try to use the same file as part of the driver, the name displayed in settings for the app does not change correctly. In fact, it seems to follow the default language set in the xcode project. If the default language is not included in the suite of InfoPlist.strings files, it seems to take the string from the info.plist file. sometimes it just seems to take the English version regardless of the default language or tablet language. Has anyone had success with this?

I’m creating my first DriverKit extension and I ran into an entitlement issue when trying to load my driver. Error 0x0 8397 7 taskgated-helper: (ConfigurationProfiles) [com.apple.ManagedClient:ProvisioningProfiles] App.Dext: Unsatisfied entitlements: com.apple.developer.driverkit.transport.usb I have already registered the entitlement com.apple.developer.driverkit.transport.usb with my vendor ID in the Apple Developer portal. However, when I download the provisioning profile, it doesn’t include the idVendor value. Screenshot from the developer portal (provisioning profile without idVendor) ? <key>com.apple.developer.driverkit.transport.usb</key> <array> <dict> <key>idVendor</key> <integer>1356</integer> <!-- Sony --> <!-- Có thể bổ sung: <key>idProduct</key> <integer>XXXXX</integer> --> </dict> </array>

Starting with iOS 26, we've noticed that the accessoryImage in CPListItem is not working as expected in CarPlay. Previously, accessoryImage would appear in place of the accessoryType, but now it appears awkwardly next to the detailText, and the image itself is not rendering properly. We have submitted feedback to Apple multiple times, but the issue still persists in the latest beta releases. In general, there seem to be several CarPlay UI problems introduced in iOS 26. For example: In CPPointOfInterestTemplate, the pinImage is displayed at an excessively large size. Scroll positions in lists behave unexpectedly. CPInformationTemplate allows infinite scrolling, which seems unintended. Please take a look into these issues. Thank you.

After some experimentation with copying multiple DriverKit SDKs into /Applications/Xcode.app/Contents/Developer/Platforms/DriverKit.platform/Developer/SDKs/DriverKit, it's become clear that Xcode only supports the DriverKit version that ships with it. There is no way to configure an alternative SDK within a project and changing to a different one results in strange build warnings and errors. This begs the question - how are developers supposed to develop and support dexts? Here's one example scenario: SCSIDriverKit introduced a breaking change in DriverKit 24.4 (macOS 15.4 and Xcode 16.3) due to a new feature. Once a dext is built against that kit, it will not function on macOS 15.0-15.3 whether that feature is implemented or not. We found a similar thing with NetworkingDriverKit as well. So, over the course of maintaining a Sequoia product while working in Sequoia itself, simply updating Xcode breaks the product. Not to mention trying to maintain a Sequoia product in Tahoe when it is released. How is this a good developer experience? Are developers resigned to having a myriad of Xcode versions which may require booting into multiple macOS versions to use? That would in turn produce a myriad of product versions that would need to be deciphered by the user or an installer? Shouldn't developers be able to use the latest tooling while still being able to produce products for OSes that are just a year or two old? Or should DriverKit files be conditionalized so configuring a deployment version in Xcode actually builds the right thing even with the latest SDK? I just don't get it. Help me understand. Replacing kexts with dexts seems like a development nightmare.