Re: Stripping IOKit kernel extensions
Re: Stripping IOKit kernel extensions
- Subject: Re: Stripping IOKit kernel extensions
- From: Geoffrey Schmit <email@hidden>
- Date: Tue, 12 Sep 2006 21:48:42 -0500
On 12/09/2006 at 2:28 PM, Ryan McGann <email@hidden> wrote:
> I am trying to strip my IOKit driver and am running into problems.
> Spefically, kextload crashes (bus error) when it attempts to load the
> kext when I strip it. It loads fine without stripping.
>
> I found a discussion about this very issue in the archives, but I
> didn't see a resolution for the OP.
>
> I have a symbols file which contains _kmod_info, and all symbols for
> my driver (both static data and methods). When I strip the executable,
> I use strip -u -s <symbols.txt> <path to kext binary>. I get a nice
> trim binary that contains only _kmod_info and the following symbols
> (I've included their demanged form, but the symbols file contains the
> mangled names of course):
>
> [...]
>
> I'm not sure what other symbols I need to include in the binary to prevent kextload from
> crashing. Is there a way to do this from Xcode? If not, what's the proper strip/nmedit
> command needed to do what is necessary? This is all on Tiger with Xcode 2.3.
You may have found the thread that I started on darwin-drivers (kextload Bus Error When Patching C++ Code). The resolution is that it isn't possible to strip a kext in the manner you describe :)
There are a number of symbols that must not be stripped. Dean Reece provided the following list:
> Make sure you've used the OSDefine* and OSDeclare* macros correctly in
> your project. Also, make sure you are not stripping all the symbols.
> The kext patcher needs at least the following symbols to be able to
> patch up your vtables if a superclass you use changes:
>
> For every class that inherits from OSObject Keep:
> __ZTV<##><classname>
> __ZN<##><classname>10gMetaClassE
> __ZN<##><classname>10superClassE
>
> Also keep the following symbols, as they are used to load & unload
> your kext.
> _kmod_info
> __antimain
> __realmain
> __start
> __stop
In my experience additional symbols are also required. However, this is somewhat moot due to the following issue:
On 26/02/2005 at 12:03 PM, Godfrey van der Linden <email@hidden> wrote:
> There is a latent bug in the patcher that may also be tripping you. A
> reliable driver must have at least one local/non-exported i.e. static
> symbol. This has to do with the way that I walk the symbol table
> before patching. The code expects a local symbol, all of my test
> cases had them (sigh), otherwise it will skip the first exported or
> undefined symbol it finds.
By invoking strip in the above manner, there will not be any local symbols left. So, I tried to find a way to strip a subset of the local symbols (i.e., those not required by Apple's kext patcher). However, the strip tool doesn't support stripping only a subset of local symbols. Apple's response to my bug report is:
> Engineering has determined that this issue behaves as intended
> based on the following information:
>
> "strip -S" is the appropriate incantation for current releases. We
> may be able to tighten that in the future, but the kext system does
> need access to some local symbols for the patching process.
I wasn't thrilled with this option, so I devised the following workaround:
I examined the symbols in each object file after it is compiled. If the object file doesn't contain any local symbols that need to be preserved, I strip it (i.e., strip -x). If it does, I leave it alone. Not perfect, but much better than my previous solution of preserving all local symbols. Later, when linking the kernel extension, I invoked strip with the -R option and pass a file that enumerates those global symbols that should be stripped. After these steps the kernel extension only exports the global symbols that I want and the local symbols that are required for patching.
I didn't use Xcode at the time I did this; so, I'm not sure how easy it would be to integrate this functionality into it.
geoff
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Darwin-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden