objective c - Network Kernel Extensions case Mac Kernel Panic -


i code network kernel extensions on mac, code follows:, funcation proxy_tcp_unregistered,proxy_tcp_attach,proxy_tcp_detach empty funcation nothing

const static struct sflt_filter tcp_filter = {     proxy_tcp_filter_handle,     sflt_global,     bundle_name,     proxy_tcp_unregistered,  //do nothing     proxy_tcp_attach,        //do nothing     proxy_tcp_detach,        //do nothing     null,     null,     null,     null,     null,     null,     null,     null,     null,     null,     null,     null };  kern_return_t kerntest_start(kmod_info_t * ki, void *d) {     sflt_register(&tcp_filter, pf_inet, sock_stream, ipproto_tcp);     return kern_success; }  kern_return_t kerntest_stop(kmod_info_t *ki, void *d) {     sflt_unregister(proxy_tcp_filter_handle);     return kern_success; } 

and use shell test, after 50 times load, unload(kextload , kextunload), mac kernel panic happened:

*** panic report *** panic(cpu 3 caller 0xffffff8009a065ea): kernel trap @ 0xffffff7f8c775ba0, type 14=page fault, registers: .... fault cr2: 0xffffff7f8c775ba0, error code: 0x0000000000000010, fault cpu: 0x3, pl: 0  backtrace (cpu 3), frame : return address .....        kernel extensions in backtrace:          xxxx.xxxx.proxy.hook(1.0)[7a521823-d1cf-353e-93ca-0345cd6f5454]@0xffffff7f8c771000->0xffffff7f8c777fff             kmod dependency scan stopped due missing dependency page: 0xc0ffee570a4457da  bsd process name corresponding current thread: kernel_task  mac os version: 16b2555  kernel version: darwin kernel version 16.1.0: thu oct 13 21:26:57 pdt 2016; root:xnu-3789.21.3~60/release_x86_64 kernel uuid: 8941ac1c-b084-37de-8a34-4ce638c5cfc9 kernel slide:     0x0000000009600000 ...  system uptime in nanoseconds: 28211489690166 last loaded kext @ 28211416923440: com.test.kextext 1.0 (addr 0xffffff7f8c778000, size 40960) last unloaded kext @ 28211489331506: com.test.kextext  1.0 (addr 0xffffff7f8c771000, size 28672) loaded kexts: com.test.kextext 1.0 com.apple.filesystems.smbfs 3.1 

what did should deal this, not happend time.

if @ documentation sflt_unregister, you'll notice 2 things:

1:

unregisters socket filter. not detach socket filter sockets may attached @ time, prevent socket filter being attached new sockets.

the implication of callbacks can still called after sflt_unregister returns. need clean sockets might still attached filter before allow kext unloaded.

2:

returns: 0 on success otherwise errno error.

you shouldn't allow unloading kext if unregistering fails. (and likewise, shouldn't try unregister filter registration failed during kext start.)


Comments

Popular posts from this blog

resizing Telegram inline keyboard -

command line - How can a Python program background itself? -

php - "cURL error 28: Resolving timed out" on Wordpress on Azure App Service on Linux -