How does the Endpoint Security Client communicate with the Container APP?

Question

Ere0n OP

Created 1d

Replies 1

Boosts 0

Participants 2

I've developed a Endpoint Security system extension, which will be installed in a container APP.

I use XPC to send message from container APP to the ES client, it works fine.

I have developed an Endpoint Security system extension that will be installed in a container app.

I utilize XPC to send messages from the container app to the ES client, and it functions properly. However, when I attempt to send messages from the ES client to the container app, it always displays an error: 'Couldn’t communicate with a helper application.'.

I have removed the sandbox capability of the container app and also employed the same app group for both the ES client and the container app. When an XPC client is connected, I use the following code in the ES client to establish two-way communication.

- (BOOL)listener:(NSXPCListener *)listener shouldAcceptNewConnection:(NSXPCConnection *)newConnection {
    newConnection.exportedInterface = [NSXPCInterface interfaceWithProtocol:@protocol(NXFileGuardXPCProtocol)];
    
    NXFileGuardXPCService *xpcService = [NXFileGuardXPCService sharedInstance];
    newConnection.exportedObject = xpcService;
    
    // To APP container client (As remote interface)
    newConnection.remoteObjectInterface = [NSXPCInterface interfaceWithProtocol:@protocol(NXFileGuardXPCClientProtocol)];
    
    [newConnection activate];
    self.containerAPPConnection = newConnection;
    return YES;
}

But it always fails. How can I deal with this error?

Answered by DTS Engineer in 806559022

I recommend that you start by reading XPC and App-to-App Communication. It explains a lot of the backstory here. Also, check out the general XPC Resources page.

You won’t be able to open an XPC connection from your ES sysex to your app because, as explained in XPC and App-to-App Communication, that runs counter to macOS’s core architecture. However, once your app has opened a connection to the your sysex, you can send messages from the sysex to the app. There are a bunch of ways to do this, but the easiest is to configure the incoming connection for reverse communication. I talk about this more here, here, and probably elsewhere.

ps Life will be a lot easier if you prototype this using loopback, as explained in TN3113 Testing and Debugging XPC Code With an Anonymous Listener.

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

Boost

Answer 1

DTS Engineer OP

Apple

1d

Recommended

I recommend that you start by reading XPC and App-to-App Communication. It explains a lot of the backstory here. Also, check out the general XPC Resources page.

You won’t be able to open an XPC connection from your ES sysex to your app because, as explained in XPC and App-to-App Communication, that runs counter to macOS’s core architecture. However, once your app has opened a connection to the your sysex, you can send messages from the sysex to the app. There are a bunch of ways to do this, but the easiest is to configure the incoming connection for reverse communication. I talk about this more here, here, and probably elsewhere.

ps Life will be a lot easier if you prototype this using loopback, as explained in TN3113 Testing and Debugging XPC Code With an Anonymous Listener.

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

0