• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: Integrity checks for Mac kernel extensions
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Integrity checks for Mac kernel extensions

  • Subject: Re: Integrity checks for Mac kernel extensions
  • From: Evan Lojewski <email@hidden>
  • Date: Fri, 24 Aug 2012 13:16:18 -0600
I think a good question to ask here is *why* you want to do an
integrity check. Do you just want to make sure that the Kext hasn't
been corrupted? Additionally, if the Kext is loading from a prelim led
kernel or cache, the binary itself may get modified.

Evan Lojewski

On Aug 24, 2012, at 1:08 PM, Ken Hornstein <email@hidden> wrote:

>> You seem to be drawing conclusions based on writing a BSD filesystem
>> kext (?) which is not the general case, and certainly has a different
>> operating environment than 99% of kexts (which are IOKit kexts,
>> match asynchronously with respect to the root filesystem and each
>> other, and cannot in general call into the BSD side of the kernel
>> early in boot without panicking)
>
> Well, yeah, that's my experience, and I hope I've never presented myself
> as the be-all expert when it comes to MacOS kernel extensions because
> obviously I'm not.
>
> My original point was that you can definitely access filesystems
> from kexts, but I was under the impression that kext loading was
> handled exclusively by kextd and friends and obviously everything
> will be up and running by that time.  As you've pointed out, that's
> not a valid assumption; I learned something new today.
>
> It occurs to me that if your kext is loaded before the root filesystem is
> mounted you could do somet goofy stuff like have a thread wait around until
> it is available, but that probably falls under "here be dragons".
>
> --Ken
> _______________________________________________
> Do not post admin requests to the list. They will be ignored.
> Darwin-kernel mailing list      (email@hidden)
> Help/Unsubscribe/Update your Subscription:
>
> This email sent to email@hidden
 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Darwin-kernel mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden
  • Follow-Ups:
    • Re: Integrity checks for Mac kernel extensions
      • From: Evan Lojewski <email@hidden>
References: 
 >Re: Integrity checks for Mac kernel extensions (From: Ken Hornstein <email@hidden>)

  • Prev by Date: Re: Integrity checks for Mac kernel extensions
  • Next by Date: Re: Integrity checks for Mac kernel extensions
  • Previous by thread: Re: Integrity checks for Mac kernel extensions
  • Next by thread: Re: Integrity checks for Mac kernel extensions
  • Index(es):
    • Date
    • Thread