I am trying to sync the ntp time from the server using Kronos library. However, I believe the code is not fully protected from multithreading access since it is using low level system code. So, does anyone know how can I ensure sysctl and gettimeofday are thread-safe when calling them? Or, is there any thread-safe alternative to get the same result? func currentTime() -> TimeInterval { var current = timeval() let systemTimeError = gettimeofday(&current, nil) != 0 assert(!systemTimeError, "system clock error: system time unavailable") return Double(current.tv_sec) + Double(current.tv_usec) / 1_000_000 } static func systemUptime() -> TimeInterval { var mib = [CTL_KERN, KERN_BOOTTIME] var size = MemoryLayout<timeval>.stride var bootTime = timeval() let bootTimeError = sysctl(&mib, u_int(mib.count), &bootTime, &size, nil, 0) != 0 assert(!bootTimeError, "system clock error: kernel boot time unavailable") let now = currentTime() let uptime = Double(bootTime.tv_sec) + Double(bootTime.tv_usec) / 1_000_000 assert(now >= uptime, "inconsistent clock state: system time precedes boot time") return now - uptime } I have thought of using NSLock but I can only protect from the getter (caller) not the setter (system)

I have an exception handling frame for an Xcode application in macOS, which contains Cpp and Swift code. I am using the Unix signals frame for handling exceptions using sigaction. My sigaction signal handler get invoked when there is a swift or Cpp exception. However for some exceptions like SIGSEGV, the signal handler gets called repeatedly. To handle this I am using the SA_RESETHAND flag so that the handler gets invoked only once, and then the default action for the signal take over to terminate the process. This approach works well when an exception occurs due to Cpp code, however when it occurs due to Swift code, the signal handler still gets invoked repeatedly. Can someone explain why is this happening and What is the solution to this?

I wanted to perform handling for the exception in my mac and ios application, I am following this link, where it is suggested to follow either the mach exception handling or use Unix signals. I did not find many resources that could be followed to implement mach exception as suggested. Below are the few resources I could find. Can someone point to the some documentation that apple provides for this or some other helpful documentation. https://gist.github.com/rodionovd/01fff61927a665d78ecf

I'm currently trying to develop a transparent data encryption(TDE) system on MacOS 12.6.8. Our company has its own file encryption format. In order to facilitate safe and convenient file transfer between Windows and Mac platforms, we need to develop a TDE system on the Mac platform (on the Windows platform, we have developed such a system based on the Minifilter framework). I tried to implement this system using a MacFuse based file system and the Endpoint Security system extension, but found that this did not allow complete control of files on the Mac system. For example, when you use Finder to copy an encrypted file, the decrypted data will be copied out. I'm guessing this might be due to Finder or some other system process cache. By referring to the current product introductions of other companies, I learned that the current TDE systems on Mac systems are all based on kernel extension. But I noticed that Apple no longer encourages kernel extension development, and the Mac kernel has fewer and fewer APIs open to development. So I would like to ask is it still feasible to develop a TDE system based on the kernel extension?

Hey everyone, I'm currently working on developing a kernel extension (kext) for the custom file system on macOS. I opted for a kernel extension due to its potential for higher performance compared to using FileProvider. However, during development, I've noticed a significant performance bottleneck related to synchronous I/O operations within the VFS subsystem. It appears that all I/O operations in the macOS kernel, such as vnop_read/vnop_write (sock_receive/sock_send), are executed synchronously. (https://forums.swift.org/t/task-safe-way-to-write-a-file-asynchronously/54639/7) For example, the Linux kernel supports asynchronous I/O operations, which utilize struct file_operations.read_iter/write_iter. This discrepancy in implementation leads to a considerable performance gap, with macOS performing approximately 8-15 times slower than Linux implementation. Given this performance difference, I'm reaching out to seek advice and insights from the community. Are there any known strategies or best practices for improving the performance of kernel extensions related to file systems on macOS? Any guidance or suggestions on how to optimize the performance of file system operations on macOS kext would be greatly appreciated. Thank you in advance for your assistance!

Hello, How can I get the boot args in C++ or Objective-C on macOS without launching the nvram command tool? Take -arm64e_preview_abi for example. How can I check if it exists and if it's effective now or a reboot is needed for it to take effect. Thanks!

Am I calling this right? host_priv_t hostPriv = 0; int err = host_get_host_priv_port(mach_host_self(), &hostPriv); err = host_processors(hostPriv, &processorList, &processorCount); host_get_host_priv_port above returns 4 "(os/kern) invalid argument". Tried with App Sandbox enabled and disabled.

I have some c code that returns memory usage of a current task on my machine and recently redacted it to use the proc_getallinfio struct so I can instead retrieve systemwide memory usage. im calling that code in swift however im getting the error "Initializer 'init(_:)' requires that 'proc_taskallinfo' conform to 'BinaryInteger'" and im not sure what the appropriate field is to pass that works with proc_getallinfo struct. resident_size does not work in this context. import IOKit import Foundation @_silgen_name("kernMem") func kernMem(storeMemData: UnsafeMutablePointer <proc_taskallinfo>) -> kern_return_t @main struct MacStatAppApp: App { @State public var printMemory: String = "" //dynamic state object to store data that will be passed to swiftUI var body: some Scene { WindowGroup { ContentView(printMemory: $printMemory) //binding for printMemory to pass data to contentview .onAppear { var storeMemData = proc_taskallinfo() //define pointer let result = kernMem(storeMemData: &storeMemData) if result == KERN_SUCCESS { let memoryUsage = Double(storeMemData) / (1024.0 * 1024.0 * 1024.0) //conversion for GB, 1024 to the power of 3 print(String(format: "memory usage: %.2f GB", memoryUsage)) } else { print("failed to obtain memory usage data:\(result)") } } } } }

HI devs, help me please, i want to debug Big Sur kernel on inter-based macbook from Monterey on m1, i have installed KDK_11.6.4_20G417.kdk in Monterey system on m1 macmini, then launch lldb, have created target and got this message : WARNING! Python version 3 is not supported for xnu lldbmacros. (lldb) target create /Library/Developer/KDKs/KDK_11.6.4_20G417.kdk/System/Library/Kernels/kernel warning: 'kernel' contains a debug script. To run this script in this debug session:   command script import "/Library/Developer/KDKs/KDK_11.6.4_20G417.kdk/System/Library/Kernels/kernel.dSYM/Contents/Resources/Python/kernel.py" To run all discovered debug scripts in this session:   settings set target.load-script-from-symbol-file true Current executable set to '/Library/Developer/KDKs/KDK_11.6.4_20G417.kdk/System/Library/Kernels/kernel' (x86_64). (lldb) settings set target.load-script-from-symbol-file true ############################## WARNING! Python version 3 is not supported for xnu lldbmacros. Please restart your debugging session with the following workaround defaults write com.apple.dt.lldb DefaultPythonVersion 2 ############################## Loading kernel debugging from /Library/Developer/KDKs/KDK_11.6.4_20G417.kdk/System/Library/Kernels/kernel.dSYM/Contents/Resources/Python/kernel.py LLDB version lldb-1300.0.42.3 Swift version 5.5.2-dev settings set target.process.python-os-plugin-path "/Library/Developer/KDKs/KDK_11.6.4_20G417.kdk/System/Library/Kernels/kernel.dSYM/Contents/Resources/Python/lldbmacros/core/operating_system.py" settings set target.trap-handler-names hndl_allintrs hndl_alltraps trap_from_kernel hndl_double_fault hndl_machine_check _fleh_prefabt _ExceptionVectorsBase _ExceptionVectorsTable _fleh_undef _fleh_dataabt _fleh_irq _fleh_decirq _fleh_fiq_generic _fleh_dec command script import "/Library/Developer/KDKs/KDK_11.6.4_20G417.kdk/System/Library/Kernels/kernel.dSYM/Contents/Resources/Python/lldbmacros/xnu.py" error: module importing failed: Traceback (most recent call last):  File "<string>", line 1, in <module>  File "/Library/Developer/KDKs/KDK_11.6.4_20G417.kdk/System/Library/Kernels/kernel.dSYM/Contents/Resources/Python/lldbmacros/xnu.py", line 123   print "Execution interrupted by user"      ^ SyntaxError: Missing parentheses in call to 'print'. Did you mean print("Execution interrupted by user")? settings set target.process.optimization-warnings false How can i solve this problem? lldb linked with python 3, but kdk uses python 2, also command line tools version 12.5.1 which uses python 2 i can not install on monterey too.

I have a 14 inch 2021 macbook pro, 32gb, running Sonoma 14.2.1. After 20-30 days of uptime, kernel_task starts to use about 100-250% cpu. On my last reboot, kernel_task had used 100 hours of cpu time with less than 30 days of uptime, suggesting an average usage of 13.9% cpu average for the entire 30 day period. Looking on the forums, I see others complaining about high kernel_task cpu usage related to thermals or external monitor usage. I do use an external monitor, however in my case I see no correlation between either temperature or monitor usage and the kernel_task cpu spike. Running the fan in full blast with Mac Fan Control does nothing, and neither does unplugging the external monitor. I also tried switching the usb-c cable to the right side as has been suggested, no success. I've also seen many threads where apple simply responds to reboot and see if the problem persists. For me a reboot "fixes" the problem, but it always comes back 20-30 days later, so this is not a fix. I'm fairly certain this is a kernel bug that apple needs to fix instead of just telling people to reboot more often...

I have a virtual device, which is redirected to Mac from Windows OS. However, In MacOS, it does not recognized as a HID device even it has only one HID interface. The device name is Virtual Fido, it more likes to be identified as an audio device. Could any one help check? Thanks. 2024-01-31 16:37:03.102014+0800 0x1df Error 0x0 0 0 kernel: (IOUSBFamily) AppleUSBLegacyRoot@(null): AppleUSBLegacyRoot::usbServiceCallback: controller <private> (S1F0) usbServiceArray <private>(count 1) options 0x00000000 2024-01-31 16:37:03.102020+0800 0x1df Error 0x0 0 0 kernel: (IOUSBFamily) AppleUSBLegacyRoot@(null): AppleUSBLegacyRoot::usbServiceCallback: [0] <private> 2024-01-31 16:37:03.102023+0800 0x1df Error 0x0 0 0 kernel: (IOUSBFamily) AppleUSBLegacyRoot@(null): AppleUSBLegacyRoot::usbServiceCall: controller <private> (S1F0) usbService <private> (Virtual FIDO) options 0x00000000 2024-01-31 16:37:03.102035+0800 0x1df Error 0x0 0 0 kernel: (IOUSBFamily) AppleUSBLegacyRoot@(null): AppleUSBLegacyRoot::getOrCreateLegacyControllerGated: located existing AppleUSBController@00000000 2024-01-31 16:37:03.102037+0800 0x1df Error 0x0 0 0 kernel: (IOUSBFamily) AppleUSBLegacyRoot@(null): AppleUSBLegacyRoot::usbServiceCallGated: IOUSBHostDevice <private> (Virtual FIDO) 2024-01-31 16:37:03.102046+0800 0x1df Error 0x0 0 0 kernel: (IOUSBFamily) AppleUSBLegacyRoot@(null): AppleUSBLegacyRoot::addDeviceToUsbPlane: 2024-01-31 16:37:03.102288+0800 0x1df Error 0x0 0 0 kernel: (IOUSBFamily) AppleUSBLegacyRoot@(null): AppleUSBLegacyRoot::usbServiceCall: usbServiceCallbackGated completed with 0x00000000 and service <private> 2024-01-31 16:37:03.102302+0800 0x1df Error 0x0 0 0 kernel: (IOUSBFamily) AppleUSBLegacyRoot@(null): AppleUSBLegacyRoot::usbServiceCall: registering Virtual FIDO@00810000 (<private>) for matching 2024-01-31 16:37:03.104499+0800 0x247c Info 0x0 120 0 kernelmanagerd: Received MIG message 2024-01-31 16:37:03.105412+0800 0x247c Info 0x0 120 0 kernelmanagerd: Received MIG message 2024-01-31 16:37:03.105453+0800 0x284b Default 0x0 120 0 kernelmanagerd: Received kext load notification: com.apple.iokit.IOAudioFamily 2024-01-31 16:37:03.105460+0800 0x284b Default 0x0 120 0 kernelmanagerd: Received kext load notification: com.apple.driver.AppleUSBAudio 2024-01-31 16:37:03.106066+0800 0x11d6 Default 0x0 643 0 icdd: [com.apple.imagecapture:icdd] Device DB | Creating local devices 2024-01-31 16:37:03.106170+0800 0x512 Info 0x0 244 0 com.apple.ifdreader: [com.apple.CryptoTokenKit:smartcard] new device skipped: 0x0e0f/0x0123 810000 (entryId=4294969016) 2024-01-31 16:37:03.106551+0800 0x11d6 Default 0x0 0 0 kernel: (Sandbox) Sandbox: icdd(643) allow file-read-data /Library/Image Capture/Devices 2024-01-31 16:37:03.106602+0800 0x11d6 Default 0x0 643 0 icdd: [com.apple.imagecapture:icdd] Device DB | Creating bonjour devices 2024-01-31 16:37:03.106968+0800 0x11d6 Default 0x0 643 0 icdd: [com.apple.imagecapture:icdd] => [Matching] | [ 0x00,0x00,0x00 ] 2024-01-31 16:37:03.106989+0800 0x11d6 Default 0x0 643 0 icdd: [com.apple.imagecapture:icdd] Added | 0x10000011 - [USB][ Virtual FIDO ] ( 0, 0, 0) @ 0x810000 | 2024-01-31 16:37:03.107041+0800 0x11d6 Default 0x0 643 0 icdd: [com.apple.imagecapture:icdd] Autolaunch | 00000000-0000-0000-0031-323334353637 => (null) 2024-01-31 16:37:03.335288+0800 0x276f Default 0x0 424 0 trustd: [com.apple.securityd:pinningQA] could not enable test hierarchy: no UAT pinning preferences set | | | +-o VMware Virtual USB Hub@00800000 <class IOUSBHostDevice, id 0x1000003de, registered, matched, active, busy 0 (35 ms), retain 38> | | | +-o AppleUSBHostLegacyClient <class AppleUSBHostLegacyClient, id 0x1000003e1, !registered, !matched, active, busy 0, retain 8> | | | +-o AppleUSB20Hub@00800000 <class AppleUSB20Hub, id 0x1000003e4, registered, matched, active, busy 0 (33 ms), retain 35> | | | | +-o AppleUSB20HubPort@00810000 <class AppleUSB20HubPort, id 0x1000003e7, registered, matched, active, busy 0 (33 ms), retain 16> | | | | | +-o Virtual FIDO@00810000 <class IOUSBHostDevice, id 0x1000006b8, registered, matched, active, busy 0 (3 ms), retain 20> | | | | | +-o AppleUSBHostLegacyClient <class AppleUSBHostLegacyClient, id 0x1000006bb, !registered, !matched, active, busy 0, retain 8> | | | | | +-o AppleUSBHostCompositeDevice <class AppleUSBHostCompositeDevice, id 0x1000006bf, !registered, !matched, active, busy 0, retain 4> | | | | +-o AppleUSB20HubPort@00820000 <class AppleUSB20HubPort, id 0x1000003e8, registered, matched, active, busy 0 (0 ms), retain 12> | | | | +-o AppleUSB20HubPort@00830000 <class AppleUSB20HubPort, id 0x1000003e9, registered, matched, active, busy 0 (0 ms), retain 12>

I am trying to debug a kernel panic in our kext. I can attach to the target Mac over ethernet if I: cause an NMI using add an IOPanic call to my kext and cause it to be executed use Dtrace to invoke a panic However if I reproduce the kernel panic which I am investigating, the Mac just restarts. How can I make the Mac wait for me to attach with lldb rather than restarting? My target configuration is: Mac is 2021 M1 Pro 14" MacBook Pro macOS 14.2 (23C64) Network: Apple Thunderbolt 3 <-> Thunderbolt 3 adapter + Apple Thunderbolt 2 to ethernet adapters Boot-args = "debug=0x44 wdt=-1 kdp_match_name=en8" (I have also tried debug=0x104C0C)

Hello, I'm trying to build XNU with KASAN support. However I get error: clang: error: unsupported option '-fsanitize=kernel-hwaddress' for target 'arm64e-apple-darwin23.2.0' If I try to compile a non-kernel C code with -fsanitize=hwaddress, I get the same target error. But Apple ships HWASan kernels with KDK, which shows there is a clang which is capable of compiling hwasan code for arm64e. How can we compile hwasan sanitized code ourselves? Is it a private toolchain or released somewhere?

I am using Xcode 15.2 Beta on macOS Sonoma 14.3 Beta with the macOS Sonoma 14.2 SDK. Similarly to post 702244, I am trying to build the same exact repository, partially for my own education. The issue I am running into is that one of the files references IOKit/hid/IOHIDDevice.h, which, in turn, references IOKit/IOReporter.h. Since both of these are searched for, with #include <…>, in a base path of Kernel.framework/Versions/A/Headers, it follows that there should at least be a file somewhere in that folder called IOReporter.h, but there is not. There isn't even a copy in IOKit.framework/Versions/A/Headers, although that folder has another version of hid/IOHIDDevice.h entirely, which does not reference a IOReporter.h file. Is the lack of an IOReporter.h file deliberate, accidental, or is the mere continued existence of a kernel-space IOKit IOHIDDevice.h, containing a deprecated kernel-space IOHIDDevice symbol, an accident; possibly a simple hold-over from a previous version? Is there a way to make this compile? Am I missing anything? Should it be assumed that deprecated kernel-mode APIs will simply not compile?

hi, I am using the openpty function in my code to run an interactive command, for example, "hdiutil convert -format UDRO /tmp/myFileName.sparsebundle -o ./test". The file myFileName.sparsebundle is an encrypted disk with a password. When running this command, it triggers the security server and a password input dialog box pops up. I don't want this dialog box to appear, and I want to provide the password through the fd_master returned by openpty. How can I achieve this?

hi, so i have a little bit of work left on the Asus Xonar family of audio devices. thanks to APPUL's samplepciaudiodriver code and their excellent documentation, Evegeny Gavrilov's kxAudio driver for MAC and Takashi Iwai's exceptional documentation of the ALSA API i have something that is ready for testing. the stats look good, but unfortunately i this is my second HDAV1.3 deluxe. the other one is also in the same room consuming all of my devices with powered audio outputs. no matter, i am in the process of acquiring another xonar sound card in this family. which brings me to my question: what is the benefit of getting an apple developer account for 99 dollars a year? will i be able to distribute a beta kext with my signature that will allow people to test the binary? i don't think others could run a self-signed kext built on one machine, on another, correct? so would a developer license allow others to test a binary built on my machine, assuming they're x86? my hope is that the developer program would allow me to test the binaries and solicit input from enthusiast mac pro owners WORLD WIDE. i them hope to create a new program that will give us the wealth mixers/controls this fantastic line is capable of providing.

Hello, I have tried to create a thread with thread_create_running API. It works but i would like to suspend this thread. I can call thread_suspend, but my thread has already been start before i call this API. Is there a way to create a thread without running it automaticaly. Thanks