I'm developing a kernel extension which processes every socket is build on system and waits in user space to get confirmation from user to allow or deny that socket.
I'm using IOSleep to apply the wait i mentioned above but it gives this error when loading kernel extension.
"the following symbols are unresolved for this kext:
_IOSleep"
First of all , i want to know am i correct about using IOSleep to make waiting ?
If not , how should i apply desired waiting to cover time interval that i need to get user confirmation about allowing or rejecting a specific socket connection?
Thanks in advance for any useful response.
IOSleep is perfectly fine in a kernel extension. The error you see is because libraries are linked to kexts at load time, not compile time.
When you add functions to your code that require linking against new libraries, you must call kextlibs on the compiled binary in order to find out what you need to add to the plist file. This is explained in the Add Library Declarations section of the Generic Kernel Extension tutorial in the Mac Developer Library, but it's easy to forget to do this after the first time.
The basic steps are:
Build your kext
Run the command kextlibs -xml MyKext.kext in the Terminal
Replace the <key>OSBundleLibraries</key><dict>...</dict> part of your kext's Info.plist file with the printout from the above
Rebuild your kext
It should now link correctly when you load it with kextload.
Related
I'm attempting to try out some modifications in SAP's Privileges.app. Unfortunately, their (understandable) Support policy is
This project is 'as-is' with no support, no changes being made. You are welcome to make changes to improve it but we are not available for questions or support of any kind.
Unfortunately, this app uses two constructs I've never come across before in my professional experience, an XPC service + helper (Launch daemon?) and a DockTile plugin. I'm having a hard time just fundamentally getting the app to work when launched from Xcode - it launches, but it seems that there are issues between (maybe?) sandboxing, signing and perhaps entitlements? I've updated the signing to use my own team, of course, and everything compiles/links/launches properly, but when the XPC service tries to install the helper tool it fails
2022-06-29 17:03:56.284544-0500 PrivilegesXPC[13079:128535] [logging-persist] cannot open file at line 45530 of [9ff244ce07]
2022-06-29 17:03:56.284570-0500 PrivilegesXPC[13079:128535] [logging-persist] os_unix.c:45530: (0) open(/var/db/DetachedSignatures) - Undefined error: 0
2022-06-29 17:04:21.060214-0500 PrivilegesXPC[13079:128537] SAPCorp: ERROR! Failed to connect to helper tool: NSCocoaErrorDomain / 4097
2022-06-29 17:04:31.471555-0500 Privileges[13064:127420] SAPCorp: ERROR! Error Domain=NSPOSIXErrorDomain Code=25 "Inappropriate ioctl for device"
2022-06-29 17:04:45.717751-0500 Privileges[13064:129162] SAPCorp: ERROR! Installation of the helper tool failed: Error Domain=CFErrorDomainLaunchd Code=4 "(null)"
As near as I can tell, the last two errors are thrown from a failure in
success = SMJobBless(
kSMDomainSystemLaunchd,
CFSTR("corp.sap.privileges.helper"),
self->_authRef,
&error
);
but I haven't been able to ascertain why this is failing. Searching for errors around Inappropriate ioctl for device has not been fruitful, unfortunately.
If there's anyone out there with some experience in dealing with apps using some of these more esoteric moving parts that can share some things to try, I'd be much obliged. Bonus points if there's any way to debug code running in a DockTile plugin - as near as I can tell, it's running in SystemUIServer, but I can't attach to that (even as root) from Xcode.
I think I've sorted out getting this running. Here's a few roadblocks I encountered.
SMJobBless has some very particular expectations around code-signing - you'll find references to this in some forum posts and there's a sample project that's also referenced with a utility script - which doesn't run on modern macOS because it's written for Python 2 -- which isn't installed by default anymore and a bit difficult to come by. But, after agonizingly converting Python 2-isms over to Python 3, you'll come to find out that that's not the only thing that's changed, a number of the tools (codesign and otool) don't output the same on ARM64 at which time you'll finally stumble across a kind soul that converted SMJobBless.py ... only to find out that it's not actually needed for this project?! Not sure if it's because the Launch Service is contained in the XPC and not the app, but either way - it seems to not be needed.
If you've run Privileges before, it'll have installed it's escalated helper, which will stand in the way of a local Xcode build copying itself over - which matters because of the aforementioned code signing. You'll need to clear away these artifacts
$ sudo rm -rf /Library/PrivilegedHelperTools/corp.sap.privileges.helper
$ sudo rm /Library/LaunchDaemons/corp.sap.privileges.helper.plist
Just deleting them isn't enough, it seems some sort of runtime launchd state needs to be wiped. It's unclear to me if some incantation of launchctl will clear this out, maybe an invocation of launchctl kickstart -k <foo> or something? I ended up rebooting and that seemed to do the trick anyway.
It seems like you need a particular signing certificate to allow the various signing validations that SMJobBless and the XPC communications are doing to be valid. Particularly, it seems you'll need a Developer ID Application, which happens to match what's encoded in the .xcodeproj pulled down from the GitHub repo. This means you can't enable Automatically manage signing as you won't get this type of certificate (as near as I can tell - please correct me if I'm wrong).
Once you've got all that sorted, since you aren't signing with the SAP developer's certificate, your certificate will have a different unique Team ID, so you'll need to update SMAuthorizedClients and SMPrivilegedExecutables, respectively, (look for 7R5ZEU67FQ and replace with your team ID) in
PrivilegesHelper/PrivilegesHelper-Info.plist
PrivilegesXPC/Info.plist
I think that's basically got it. Hope that helps someone else
I downloaded the source code of Linphone app from GitHub (https://github.com/onmyway133/linphone-iphone) and tried to run it on my iPhone. It is working fine with transport selected as UDP but when I select transport setting as TCP outgoing works fine but the app don't notify about any incoming call.
I also tried to track the network calls by installing Linphone for mac on my macbook but for TCP it not even start any session of network requests.
Any one faced such issue or is there any other way to achieve SIP calling in local network? Any help is welcome.
The source code at the URL mentioned in the question "https://github.com/onmyway133/linphone-iphone" is not latest one. I had to check out the latest version from git url mention at linphone.org and after trying it many times finally I got the complete code and also I had to do few changes to compile the latest source code successfully.
I faced this error while compiling the code on terminal:
Shell script 'Makefile' at path 'linphone-iphone/submodules/build-i386-apple-darwin/mssilk/sdk' was downloading corrupt SILK_SDK_SRC_v1.0.9.zip.
Fix: System terminal was downloading only 600Kbs of file size (i.e. corrupt zipped file) from the URL http://developer.skype.com/silk/SILK_SDK_SRC_v1.0.9.zip due to which next command was not able to unzip it and was displaying file missing error. I changed the default URL to 'http://bkvoice.googlecode.com/files/SILK_SDK_SRC_v1.0.9.zip' thus process was able to download the file that was actually 62.9MBs of size.
Hope it'll help someone.
I am testing OpenDBX to connect to MSSQL server for a project on Ubuntu Linux.
I am using C/C++ and eclipse CDT IDE.
I built a simple test app from the OpenDBX Web page (below without error testing shown).
odbx_init( &handle, "mssql", "172.16.232.60", "" );
odbx_bind( handle, "testdb", "testuser", "testpwd", ODBX_BIND_SIMPLE );
odbx_finish( handle );
Problem:
When I run the code from shell or Run->Run I see connection established with server (wireshark).
When I attempt to run from with eclipse debugger the application blocks on odbx_init(...) and I see nothing go out on wireshark (SYN/ACK).
I have gdb setup as sudo, (how to debug application as root in eclipse in Ubuntu?)
I also use this same platform and setup to access network with sockets with other applications we are developing.
Any ideas on why odbx_init might be blocking from debugger?
One last bit of information to add. The issue does not occur when using the C++ API. Only the C API presents the issue described.
One last bit of information to add.
The issue does not occur when using the C++ API.
Only the C API presents the issue described.
I found a "work-around". Apparently the dynamic load of the library fails when in the eclipse GDB debug mode. To work around this at beginning of main I explicitly load the library and then close it immediately. This puts the library in memory so when the calls to the OpenDBX API are made the library is already resident. Not sure about all the low level details but this allows me to debug OpenDBX in eclipse. If anyone has a better explanation or fix/work-around please let me know. Here is the workaround code at beginning of main():
void *lib_handle_mssql;
lib_handle_mssql = dlopen("/usr/lib/opendbx/libmssqlbackend.so",RTLD_NOW);
if(!lib_handle_mssql)
{
// Bad, Bad, Bad...
printf("%s\n",dlerror());
exit(EXIT_FAILURE);
}
dlclose(lib_handle_mssql);
// Can now debug in eclipse IDE.
On windows and such I used to use a trick to find out of a file is currently in use (written specifically).
I use to open the file for writing and if it failed most likey another process is busy accessing it.
Sadly these trick (using C OPEN with exclusive lock for writing) doesn't work on my Mac. While my curl in a terminal is still writing my -fileBusy() check fails.
fcnt call on the fd with F_GETLK doesn't reveal any locking as well.
Is there any chance for me to detect if a file is in use by another process?
Ps> listening for fsevents can't be done because my app launches after the is created by the other app / process.
Apple confirmed via email that the solution described in the link below is a valid one and not considered a private API.
More information:
http://lists.apple.com/archives/cocoa-dev/2010/May/msg01455.html
You could try running the following shell command using NSTask:
lsof -Fc path/to/thefile
That will give you the process ID and name of any process(es) that have thefile open.
i am using trk for phone debug
it is working properly for Helloworld project
but it is showing error for my project when i start project in phone debug mode
1)Load failed
2)TrkProtocolPlugin:failed to download specified file to target
(please verify that target path is writable)
if any body understand what problem i am facing plz help me out from this problem
Thanks in advance
In your case, I would check:
if the application has correct privileges assigned (along with appropriate certificate)
if ID of the application is not in conflict with some other application on device
if installation package does not contain problematic commands (e.g. copy commands to non-accessible directories)
Can you manually install the application on the phone? That is the first test you must perform before even attempting to use TRK.
Also, can your application start, at least to the point of showing a panic? TRK cannot help you if the applications cannot even load its DLL dependencies due to for example Platform Security capability mismatch. TRK needs a process to attach too in order to do its job ...