Re: The correct way to identify applications in a kext
Re: The correct way to identify applications in a kext
- Subject: Re: The correct way to identify applications in a kext
- From: Juuso Salonen <email@hidden>
- Date: Thu, 12 May 2011 16:22:03 +0300
On Thu, May 12, 2011 at 1:23 PM, Quinn "The Eskimo!" <email@hidden> wrote:
> You can't call the code signing API directly from your KEXT. The traditional approach is to have a user space helper process that performs code signature verification on your behalf. Your KEXT can then cache the code signing result for the lifetime of the process
This user-space-helper approach is something I feel queasy about,
although it is probably caused by my lack of understanding. Simply
put, isn't it way too slow? I'm under the impression that when one of
the socket filter's callbacks gets called, it should return with an
answer as quickly as possible. Sending a kernel control socket message
to the userland daemon and waiting for an answer sounds like
unacceptably sloppy behavior from a kernel-level socket filter.
Is my speed concern valid? Perhaps I am thinking about the kext-daemon
communication in a wrong way.
Also, thanks for your answer about the code signing API. It does
indeed look like the right way to do app identification.
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Darwin-kernel mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden