Re: Integrity checks for Mac kernel extensions
Re: Integrity checks for Mac kernel extensions
- Subject: Re: Integrity checks for Mac kernel extensions
- From: Shantonu Sen <email@hidden>
- Date: Fri, 24 Aug 2012 11:13:13 -0700
I'm talking about the 99% of kexts that are loaded by the preboot environment or in the prelinked kernelcache. You know, like the platform expert, IOStorageFamily, the AHCI driver stack, most everything in /System/Library/Extensions
You seem to be drawing conclusions based on writing a BSD filesystem kext (?) which is not the general case, and certainly has a different operating environment than 99% of kexts (which are IOKit kexts, match asynchronously with respect to the root filesystem and each other, and cannot in general call into the BSD side of the kernel early in boot without panicking)
Shantonu
On Aug 24, 2012, at 11:04 AM, Ken Hornstein <email@hidden> wrote:
>> What happens if the root filesystem isn't mounted (which it typically
>> isn't when 99% of kernel extensions are loaded, which is what the
>> OP asked for)?
>
> Wait ... the root filesystem isn't mounted when kexts are loaded? And
> kextd is running? How does THAT work? I will freely confess that when
> I did this it was well pass system boot time, so obviously the root filesystem
> was mounted.
>
> --Ken
> _______________________________________________
> Do not post admin requests to the list. They will be ignored.
> Darwin-kernel mailing list (email@hidden)
> Help/Unsubscribe/Update your Subscription:
>
> This email sent to email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Darwin-kernel mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden