• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: Kernel Extensions
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Kernel Extensions

  • Subject: Re: Kernel Extensions
  • From: Jim Magee <email@hidden>
  • Date: Mon, 17 Nov 2003 17:43:38 -0500
On Nov 17, 2003, at 2:44 AM, Marek Kozubal wrote:
On Sat, 15 Nov 2003, Matt Jaffa wrote:

Marek Kozubal,

How do I write a user land daemon that the Kernel KEXT can actually
call, and how do I call it from within the Kernel extension?
One of the biggest questions I have is, Is there better documentation
on how to do everything? The online documentation, just teaches you how
to compile, non of the specifics on the capabilities of everything,
Is there a book out there that i can buy that will help alot?

Well I posted about an RPC system that used MIG to communicate between a
KEXT and user land daemon, this works currently, however Jim and Quinn
both don't like it because the kernel isnt a true mig task and there are
naked rights floating around, etc.

What I said was that it was SPI (i.e. subject to change). Let's face it, anytime you create a KEXT outside the IOKit domain, you will likely run into compatibility problems down the line. We are fixing that (as Joshua pointed out in a subsequent post).

But generic "sending" from the kernel to a user-level daemon will often run into "edge-conditions" that make it difficult to manage. For example, what if the daemon becomes unresponsive? Do you keep queueing forever until the kernel is starved for resources? Do you just drop messages? Do you block waiting for space? What thread are you running under when you try to do this? etc, ... You get the idea.

So, more likely than codifying a generic set of IPC/RPC mechanisms from kernel to user, we will likely be codifying specific ones. Like a way to reflect filesystem operations and/or network operations out to user-space. That way, we know what the constraints are, and can chose the proper actions when we run up against some of these edge conditions.

And this brings up back to the suggestion that you use ipfw - because it was specifically designed to reflect this kind of traffic out to user-space. That is, if you are going to use anything on these machines at all (instead of just using a proxy server on your network as others have suggested). The argument that any admin user could change the firewall rules doesn't really hold water. They can remove your kext as well.

--Jim
_______________________________________________
darwin-kernel mailing list | email@hidden
Help/Unsubscribe/Archives: http://www.lists.apple.com/mailman/listinfo/darwin-kernel
Do not post admin requests to the list. They will be ignored.
  • Follow-Ups:
    • [Split off] Re: Kernel Extensions
      • From: Stéphane Sudre <email@hidden>
References: 
 >Negative vm_stat results... (From: "William Kucharski" <email@hidden>)
 >Kernel Extensions (From: Matt Jaffa <email@hidden>)
 >Re: Kernel Extensions (From: Mike Vannorsdel <email@hidden>)
 >Re: Kernel Extensions (From: Matt Jaffa <email@hidden>)

  • Prev by Date: Re: test fork
  • Next by Date: [Split off] Re: Kernel Extensions
  • Previous by thread: Re: Kernel Extensions
  • Next by thread: [Split off] Re: Kernel Extensions
  • Index(es):
    • Date
    • Thread