Mailing Lists: Apple Mailing Lists
Image of Mac OS face in stamp
 
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: IOKit KEXT Questions

On Aug 15, 2007, at 3:21 PM, Matt Burnett wrote: 
I have 2 questions regarding IOKit KEXTs.

- How does IOMemoryDescriptor deal with memory protection (mprotect/ vm_protect)? Is there a class available to check/change the protection of certain pages in memory or should i use mprotect/ vm_protect?

- Why do IOKit KEXTs have issues resolving kernel symbols, and what can i do to work around it. For example if i create a KEXT in C, i can lookup the address of any symbol which is in /mach.sym, however I get unresolved symbol errors if i do the same in a IOKit KEXT.

Example HelloIOKit.cpp Code:
...
extern "C" int execve(void *, void *, int *);
...
IOLog("Found execve at %p\n",execve);
...
Example kextload output:
kextload: extension HelloIOKit.kext appears to be valid
kld(): Undefined symbols:
_execve
...

We hide system calls so someone unscrupulous does not overwrite their entry points with jump instructions to their own code, perhaps thinking that we do not change locking or other implementations details in software updates.

If you need to trap and/or prevent this type of operation for legitimate reasons, use kauth instead.

-- Terry
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Darwin-dev mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/darwin-dev/email@hidden

This email sent to email@hidden
References: 
 >IOKit KEXT Questions (From: Matt Burnett <email@hidden>)



Visit the Apple Store online or at retail locations.
1-800-MY-APPLE

Contact Apple | Terms of Use | Privacy Policy

Copyright © 2007 Apple Inc. All rights reserved.