We added a packet filter to our app, then found a way to not need it, so we want to be able to remove it on upgrades. But we don't want to install it if it's not already installed. Simple, right? The basic flow of the code is, on start-up, it does a propertiesRequestForExtensiion request. The method for the delegate goes through the various versions, ignoring any that are property.isEnabled == NO. When it comes to one that is enabled, it checks the version -- if it's the same version as the running app, it goes to deactivate it. If it's a different version, it goes to enable the current version (creating a activationRequestForExtensiion request). This should all be very simple. Except. At some point during this, the properties request gets a failure -- Domain=OSSystemExtensionErrorDomain Code=1. Ok, it seems there are lots of them laying around (I haven't rebooted in a while), and that method doesn't return once it finds one that is enabled. So maybe it doesn't like that. And then the activation request that was submitted also fails, also with the same error that doesn't explain anything. I thought, ok, maybe they don't like to stop on each other's toes, so let's create a serial dispatch queue, and have all of the system extension requests use that queue. That way, the activation request won't begin until the properties request has finished! Only I did that. And it did get a bit further -- the request method was invoked! Only then I still got messages about the properties and activation requests failing with the same unknown error. So then I looked at console. And sysextd is crashing, every time this happens. And then I dump all of the logs around that time, and look through them, and see... nothing. I had hoped to end this with a description of how I achieved victory, but instead... I'm going to have to reboot and see if that solves the mysterious crashing of sysextd.

Hello! I'm trying to get data (like audio) stream from custom vendor usb device with bulk endpoint. When I use AsyncIO in cycle some data was lost. And I saw that AsyncIOBundled can help me with this issue. I've trying to use it: Create memory buffers for (int i = 0; i < DEFAULT_BUF_NUMBER; i++) { kern_return_t ret = IOBufferMemoryDescriptor::Create( kIOMemoryDirectionInOut, DEFAULT_BUF_LENGTH, 0, &ivars->buffers[i] ); } Create MemoryDescriptorRing and set MemoryDescriptor for each index kern_return_t MyDriver::SetupRingBuffer(IOMemoryDescriptor** memoryDescriptors, uint16_t length) { kern_return_t ret = kIOReturnSuccess; ret = ivars->inPipe->CreateMemoryDescriptorRing(length); if (ret != kIOReturnSuccess) { IOLog("CreateMemoryDescriptorRing failed %s", StringFromReturn(ret)); return ret; } for (int i = 0; i < length; i++) { ret = ivars->inPipe->SetMemoryDescriptor(memoryDescriptors[i], i); if (ret != kIOReturnSuccess) { IOLog("SetMemoryDescriptor failed %s", StringFromReturn(ret)); break; } } return ret; } Create completion Run AsyncIOBundled for only 1 index ret = ivars->inPipe->AsyncIOBundled( i, 1, &transferAccepted, (const unsigned int *)&ivars->dataBufferLengthArray, DEFAULT_BUF_NUMBER, ivars->readBundledCompletion, 0 ); In completion i'm always get the error 0xe0005000 (UNDEFINED) But if I use AsyncIO with same buffer - it's success. What am I doing wrong? There are no differences btw AsyncIOBundled and AsyncIO requests in wireshark

I am using a Silicon labs CP2102 chip. I have configured a custom USB VID and PID on the chip, and want to create a MacOs driver (or rather map this custom VID/PID to an existing driver) to make it accessible as a USB serial device from my Mac. Preferably I'd like to map my device to the com.apple.DriverKit-AppleUSBSLCOM.dext driver, but I think the generic USB serial driver (com.apple.DriverKit-AppleUSBSerial.dext) should work too. Silabs also has their own driver (com.silabs.cp210x.dext, downloadable from their web page), if for some reason it is easier to map to that than to one of the native drivers that could also work. Based on https://developer.apple.com/documentation/kernel/implementing_drivers_system_extensions_and_kexts#3616855 and https://developer.apple.com/documentation/driverkit/creating_a_driver_using_the_driverkit_sdk it should be possible to create a codeless dext, which just inherits from e.g. IOUserUSBSerial. I've tried both creating just a DriverKit driver and putting it under /Library/DriverExtensions/ and creating a (default) app and adding a DriverKit driver to it, and putting the app in my /Applications/ folder, but neither works for me. My driver implementation is just this: #include <USBSerialDriverKit/IOUserUSBSerial.iig> class MyDriver: public IOUserUSBSerial { }; and my IOKitPersonalities looks like this: <key>IOKitPersonalities</key> <dict> <key>MyDriver</key> <dict> <key>CFBundleIdentifier</key> <string>com.mydriver.MyDriverApp.MyDriver</string> <key>IOClass</key> <string>IOUserUSBSerial</string> <key>IOMatchCategory</key> <string>com.mydriver.MyDriverApp.MyDriver</string> <key>IOProviderClass</key> <string>IOUSBHostInterface</string> <key>IOUserClass</key> <string>MyDriver</string> <key>IOUserServerName</key> <string>com.mydriver.MyDriverApp.MyDriver</string> <key>bConfigurationValue</key> <integer>1</integer> <key>bInterfaceNumber</key> <integer>0</integer> <key>idProduct</key> <integer>(my custom PID, decimal value)</integer> <key>idVendor</key> <integer>(my custom VID, decimal value)</integer> </dict> </dict> I've disabled SIP and enabled developer mode (systemextensionsctl developer on), though I'm not sure if it's needed. I've scanned through the system logs and looked at the ioreg output. When I connect a CP2102 chip with default VID and PID, I can see that it maps to the native com.apple.DriverKit-AppleUSBSLCOM.dext driver. When I connect the same chip with my custom VID and PID, I don't see any trace of my driver being used. I can see it in the System Information app, but it doesn't map to my driver. I'm currently suspecting it is an Entitlements issue. In my app I have an Entitlements file, where I've added DriverKit USB Transport and DriverKit Serial Family. Do I need something like this for the driver target? There is no default Entitlements file there, but maybe I should create one? Or is there something else I'm missing? I've also noted one odd thing: When I install my app I can see a system log entry, complaining that "package type not SYSX" (for my driver). But I don't think it should be a SYSX package? It's currently specified as a DEXT package.

I have a virtual device, which is redirected to Mac from Windows OS. However, In MacOS, it does not recognized as a HID device even it has only one HID interface. The device name is Virtual Fido, it more likes to be identified as an audio device. Could any one help check? Thanks. 2024-01-31 16:37:03.102014+0800 0x1df Error 0x0 0 0 kernel: (IOUSBFamily) AppleUSBLegacyRoot@(null): AppleUSBLegacyRoot::usbServiceCallback: controller <private> (S1F0) usbServiceArray <private>(count 1) options 0x00000000 2024-01-31 16:37:03.102020+0800 0x1df Error 0x0 0 0 kernel: (IOUSBFamily) AppleUSBLegacyRoot@(null): AppleUSBLegacyRoot::usbServiceCallback: [0] <private> 2024-01-31 16:37:03.102023+0800 0x1df Error 0x0 0 0 kernel: (IOUSBFamily) AppleUSBLegacyRoot@(null): AppleUSBLegacyRoot::usbServiceCall: controller <private> (S1F0) usbService <private> (Virtual FIDO) options 0x00000000 2024-01-31 16:37:03.102035+0800 0x1df Error 0x0 0 0 kernel: (IOUSBFamily) AppleUSBLegacyRoot@(null): AppleUSBLegacyRoot::getOrCreateLegacyControllerGated: located existing AppleUSBController@00000000 2024-01-31 16:37:03.102037+0800 0x1df Error 0x0 0 0 kernel: (IOUSBFamily) AppleUSBLegacyRoot@(null): AppleUSBLegacyRoot::usbServiceCallGated: IOUSBHostDevice <private> (Virtual FIDO) 2024-01-31 16:37:03.102046+0800 0x1df Error 0x0 0 0 kernel: (IOUSBFamily) AppleUSBLegacyRoot@(null): AppleUSBLegacyRoot::addDeviceToUsbPlane: 2024-01-31 16:37:03.102288+0800 0x1df Error 0x0 0 0 kernel: (IOUSBFamily) AppleUSBLegacyRoot@(null): AppleUSBLegacyRoot::usbServiceCall: usbServiceCallbackGated completed with 0x00000000 and service <private> 2024-01-31 16:37:03.102302+0800 0x1df Error 0x0 0 0 kernel: (IOUSBFamily) AppleUSBLegacyRoot@(null): AppleUSBLegacyRoot::usbServiceCall: registering Virtual FIDO@00810000 (<private>) for matching 2024-01-31 16:37:03.104499+0800 0x247c Info 0x0 120 0 kernelmanagerd: Received MIG message 2024-01-31 16:37:03.105412+0800 0x247c Info 0x0 120 0 kernelmanagerd: Received MIG message 2024-01-31 16:37:03.105453+0800 0x284b Default 0x0 120 0 kernelmanagerd: Received kext load notification: com.apple.iokit.IOAudioFamily 2024-01-31 16:37:03.105460+0800 0x284b Default 0x0 120 0 kernelmanagerd: Received kext load notification: com.apple.driver.AppleUSBAudio 2024-01-31 16:37:03.106066+0800 0x11d6 Default 0x0 643 0 icdd: [com.apple.imagecapture:icdd] Device DB | Creating local devices 2024-01-31 16:37:03.106170+0800 0x512 Info 0x0 244 0 com.apple.ifdreader: [com.apple.CryptoTokenKit:smartcard] new device skipped: 0x0e0f/0x0123 810000 (entryId=4294969016) 2024-01-31 16:37:03.106551+0800 0x11d6 Default 0x0 0 0 kernel: (Sandbox) Sandbox: icdd(643) allow file-read-data /Library/Image Capture/Devices 2024-01-31 16:37:03.106602+0800 0x11d6 Default 0x0 643 0 icdd: [com.apple.imagecapture:icdd] Device DB | Creating bonjour devices 2024-01-31 16:37:03.106968+0800 0x11d6 Default 0x0 643 0 icdd: [com.apple.imagecapture:icdd] => [Matching] | [ 0x00,0x00,0x00 ] 2024-01-31 16:37:03.106989+0800 0x11d6 Default 0x0 643 0 icdd: [com.apple.imagecapture:icdd] Added | 0x10000011 - [USB][ Virtual FIDO ] ( 0, 0, 0) @ 0x810000 | 2024-01-31 16:37:03.107041+0800 0x11d6 Default 0x0 643 0 icdd: [com.apple.imagecapture:icdd] Autolaunch | 00000000-0000-0000-0031-323334353637 => (null) 2024-01-31 16:37:03.335288+0800 0x276f Default 0x0 424 0 trustd: [com.apple.securityd:pinningQA] could not enable test hierarchy: no UAT pinning preferences set | | | +-o VMware Virtual USB Hub@00800000 <class IOUSBHostDevice, id 0x1000003de, registered, matched, active, busy 0 (35 ms), retain 38> | | | +-o AppleUSBHostLegacyClient <class AppleUSBHostLegacyClient, id 0x1000003e1, !registered, !matched, active, busy 0, retain 8> | | | +-o AppleUSB20Hub@00800000 <class AppleUSB20Hub, id 0x1000003e4, registered, matched, active, busy 0 (33 ms), retain 35> | | | | +-o AppleUSB20HubPort@00810000 <class AppleUSB20HubPort, id 0x1000003e7, registered, matched, active, busy 0 (33 ms), retain 16> | | | | | +-o Virtual FIDO@00810000 <class IOUSBHostDevice, id 0x1000006b8, registered, matched, active, busy 0 (3 ms), retain 20> | | | | | +-o AppleUSBHostLegacyClient <class AppleUSBHostLegacyClient, id 0x1000006bb, !registered, !matched, active, busy 0, retain 8> | | | | | +-o AppleUSBHostCompositeDevice <class AppleUSBHostCompositeDevice, id 0x1000006bf, !registered, !matched, active, busy 0, retain 4> | | | | +-o AppleUSB20HubPort@00820000 <class AppleUSB20HubPort, id 0x1000003e8, registered, matched, active, busy 0 (0 ms), retain 12> | | | | +-o AppleUSB20HubPort@00830000 <class AppleUSB20HubPort, id 0x1000003e9, registered, matched, active, busy 0 (0 ms), retain 12>

Does the Vision Pro Battery Pack allow data passthrough to the Vision Pro? Specifically, I am wanting to confirm whether the platform supports FIDO2 / YubiKey style devices. If someone has a DevKit, could you try testing a keyboard or thumb drive to see if either of those work. If so, I should have all I need to proceed with my project. Thanks.

I have two USB cameras, they both recognize the camera properly under windows, but on macos there is one that recognizes only the USB, but not the camera. Would like to ask if there is any solution idea or the underlying code reference. thank you.

I'm writing a C/C++ command line program which, at some point, calls IOHIDManagerOpen. I've added both my program executable and lldb as permitted for input monitoring (as far as I remember, my program was added after showing up a permission prompt, I've added lldb manually later, trying to resolve the problem). My problem is that when I run my program from within lldb in Terminal, the call to IOHIDManagerOpen returns kIOReturnNotPermitted. When I run my program directly in the terminal session (without lldb), this call returns kIOReturnSuccess. Such behaviour means it will be impractical to use lldb for any debugging of this program. What can be done to make lldb session behave the same way, the normal execution works? I'm on: 23.2.0 Darwin Kernel Version 23.2.0: Wed Nov 15 21:55:06 PST 2023; root:xnu-10002.61.3~2/RELEASE_ARM64_T6020 arm64 and: lldb-1500.0.200.58 Apple Swift version 5.9.2 (swiftlang-5.9.2.2.56 clang-1500.1.0.2.5)

Hi. I wish I'd found a way to determine the USB hub port to which an iPad is connected, even if it means creating a one-time mapping of identifiers and ports beforehand. I thought I'd find some hardware identifiers that might help, but they appear to fluctuate depending on how the iPad carts are connected to the Mac. Is there anything reliable to achieve the desired result? Thanks for your insights. Franck

Few user space applications are available in market for example xnvme, but does not have any interaction with Admin Submission/Completion queues. Also IOCTLs are not very prominent . Is there any ways to get access to the native NVMe Mac driver source code? Thanks, hopefully we will get some positive response here.

this is a repost with more appropriate tags. The original is here: https://developer.apple.com/forums/thread/744268 Can anyone advise, or give example of, communicating large (>128 byte) incoming buffers from a dext to a user-space app? My specific situation is interrupt reads from a USB device. These return reports which are too large to fit into the asyncData field of an AsyncCompletion call. Apple's CommunicatingBetweenADriverKitExtensionAndAClientApp sample shows examples of returning a "large" struct, but the example is synchronous. The asynchronous example returns data by copying into a IOUserClientAsyncArgumentsArray, which isn't very big. I can allocate a single buffer larger than 4K in user space, and communicate that buffer to my driver as an IOMemoryDescriptor when I set up my async callback. The driver retains the descriptor, maps it into its memory space and can thus write into it when the hardware returns interrupt data. The driver then calls AsyncCompletion, which will cause my user-side callback to be called, so the user side software knows that there's new data available in the previously allocated buffer. That's fine, it works, but there are data race problems - since USB interrupt reads complete whenever the hardware has provided data, incoming completions happen at unpredictable times, so the shared buffer contents could change while the user side code is examining them. Is there an example somewhere of how to deal with this? Can I allocate memory on the driver side on demand, create an IOMemoryDescriptor for it and return that descriptor packed inside the asyncData? If so, how does the driver know when it can relinquish that memory? I have a feeling there's something here I just don't understand...

When my macOS app try to deactivate CameraExtension, my app's didFailWithError is called with this error. Error Domain=OSSystemExtensionErrorDomain Code=4 "(null)" I cannot search for error code=4 with that domain. MyApp calls OSSystemExtensionManager.shared.submitRequest with OSSystemExtensionRequest.deactivationRequest I did implement these tasks. BundleID, MyApp: com.myapp, BundleID, CameraExtension: com.myapp.camera Added entitlement and App Groups for app and extension MyApp has SystemExtension capability on Xcode and provision MyApp is installed on /Applications/MyAppGroup/MyApp.app MyApp is executed by Finder macOS is Sonoma 14.2.1 (23C71) on M1 MacBook

Can anyone advise, or give example of, communicating large (>128 byte) incoming buffers from a dext to a user-space app? My specific situation is interrupt reads from a USB device. These return reports which are too large to fit into the asyncData field of an AsyncCompletion call. Apple's CommunicatingBetweenADriverKitExtensionAndAClientApp sample shows examples of returning a "large" struct, but the example is synchronous. The asynchronous example returns data by copying into a IOUserClientAsyncArgumentsArray, which isn't very big. I can allocate a single buffer larger than 4K in user space, and communicate that buffer to my driver as an IOMemoryDescriptor when I set up my async callback. The driver retains the descriptor, maps it into its memory space and can thus write into it when the hardware returns interrupt data. The driver then calls AsyncCompletion, which will cause my user-side callback to be called, so the user side software knows that there's new data available in the previously allocated buffer. That's fine, it works, but there are data race problems - since USB interrupt reads complete whenever the hardware has provided data, incoming completions happen at unpredictable times, so the shared buffer contents could change while the user side code is examining them. Is there an example somewhere of how to deal with this? Can I allocate memory on the driver side on demand, create an IOMemoryDescriptor for it and return that descriptor packed inside the asyncData? If so, how does the driver know when it can relinquish that memory? I have a feeling there's something here I just don't understand...

Hi! There are two fields in ES message: global_seq_num and seq_num, which are described as a continuous number sequence unless the kernel is "dropping events" because "kernel generated more events than the client could handle." https://developer.apple.com/documentation/endpointsecurity/es_message_t/3684979-global_seq_num https://developer.apple.com/documentation/endpointsecurity/es_message_t/3538607-seq_num However, as we all know, system will kill ES client, if the message is not answered in (deadline) time. I've a lot questions about this thing: What the "drop" actually is? The event is not provided to es client from the kernel? What does the "client could handle" means exactly? (I mean, es client will be already killed, if it can't respond to event in deadline) Are the dropped events responded by the system immediately, or they do wait something? Are only auth events could be dropped, or notify too? What is the system resolution for dropped auth events? (allow I guess) What I'm expected to do as a developer with these two fields - should I just log them and hope to find something out later, or can I react somehow during runtime if I met the break in *seq_num sequence?

I'm currently working on developing a PCI driver using PCIDriverKit, but I'm encountering challenges, particularly with the driver's extension. I need some insights on the APIs and methods to follow the best practices in generating PCI drivers for retrieving PCI devices information and running NVMe commands on the devices.

iOS uses the USB HID protocol to communicate wiredly with external peripherals. Is this technology feasible? Why?

I was trying to hide some external drives from desktop, I know I can do it from finder preferences, but it will hide all my external drives from desktop. I want drive A, B, C to be visible on desktop but don't want drive D to be visible. Some website suggest this solution: sudo SetFile -a V /Volumes/"Drive Name" but it says I need command line tools, since I was in terminal, and prompt come from MacOS itself, I stared installation. But what are this tools actually is it sahe to install it? And why this tool taking 2.35GB of storage just to hide one icon from desktop?

I am new to macOS development and presently tearing my hair out trying to get a driverkit extension to build. I have tried following the instructions here: https://developer.apple.com/documentation/driverkit/communicating_between_a_driverkit_extension_and_a_client_app namely, disabling SIP, but I am still unable to get my extension to build. The instructions say to set the code signing identity to "Sign to Run Locally" for all three targets, but this is not listed as an option for the driver extension.

Hello, We have a device that acts as a ***** device and communicates with a master over data sent over a USB serial port over a wired connection. We are trying to develop an Application on iOS that will enable us to use the USB connection between iPhone and our device. Kindly suggest to us what is the way to achieve this. A few searches let us know that Apple's MFi program needs to be enrolled. Please let us know how this works and where could we find process for the same. I thank you in advance! Makarand

I am trying to debug a kernel panic in our kext. I can attach to the target Mac over ethernet if I: cause an NMI using add an IOPanic call to my kext and cause it to be executed use Dtrace to invoke a panic However if I reproduce the kernel panic which I am investigating, the Mac just restarts. How can I make the Mac wait for me to attach with lldb rather than restarting? My target configuration is: Mac is 2021 M1 Pro 14" MacBook Pro macOS 14.2 (23C64) Network: Apple Thunderbolt 3 <-> Thunderbolt 3 adapter + Apple Thunderbolt 2 to ethernet adapters Boot-args = "debug=0x44 wdt=-1 kdp_match_name=en8" (I have also tried debug=0x104C0C)

I have a custom HID USB device that I can control on Mac with IOKit via the default HID MacOS driver. I am using IOHIDManager to detect it and send reports to it. I would like to extend this capability to iPad but the full IOKit framework is not supported on iOS/iPadOS. I saw that USBDriverKit is now supported on iPads with an M1 chip or newer. But, both MacOS and Windows can operate the device with their generic HID driver. As such, having to create a whole custom driver to interact with an HID device on iOS is really overkill. Would registering it in the MFi Program and operating it with the External Accessory framework be the correct route to take here? Or is there another framework for controlling HID devices on iPad over USB that I am not aware of?