objective c - Network Kernel Extensions case Mac Kernel Panic -
i code network kernel extensions on mac, code follows:, funcation proxy_tcp_unregistered,proxy_tcp_attach,proxy_tcp_detach empty funcation nothing
const static struct sflt_filter tcp_filter = { proxy_tcp_filter_handle, sflt_global, bundle_name, proxy_tcp_unregistered, //do nothing proxy_tcp_attach, //do nothing proxy_tcp_detach, //do nothing null, null, null, null, null, null, null, null, null, null, null, null }; kern_return_t kerntest_start(kmod_info_t * ki, void *d) { sflt_register(&tcp_filter, pf_inet, sock_stream, ipproto_tcp); return kern_success; } kern_return_t kerntest_stop(kmod_info_t *ki, void *d) { sflt_unregister(proxy_tcp_filter_handle); return kern_success; } and use shell test, after 50 times load, unload(kextload , kextunload), mac kernel panic happened:
*** panic report *** panic(cpu 3 caller 0xffffff8009a065ea): kernel trap @ 0xffffff7f8c775ba0, type 14=page fault, registers: .... fault cr2: 0xffffff7f8c775ba0, error code: 0x0000000000000010, fault cpu: 0x3, pl: 0 backtrace (cpu 3), frame : return address ..... kernel extensions in backtrace: xxxx.xxxx.proxy.hook(1.0)[7a521823-d1cf-353e-93ca-0345cd6f5454]@0xffffff7f8c771000->0xffffff7f8c777fff kmod dependency scan stopped due missing dependency page: 0xc0ffee570a4457da bsd process name corresponding current thread: kernel_task mac os version: 16b2555 kernel version: darwin kernel version 16.1.0: thu oct 13 21:26:57 pdt 2016; root:xnu-3789.21.3~60/release_x86_64 kernel uuid: 8941ac1c-b084-37de-8a34-4ce638c5cfc9 kernel slide: 0x0000000009600000 ... system uptime in nanoseconds: 28211489690166 last loaded kext @ 28211416923440: com.test.kextext 1.0 (addr 0xffffff7f8c778000, size 40960) last unloaded kext @ 28211489331506: com.test.kextext 1.0 (addr 0xffffff7f8c771000, size 28672) loaded kexts: com.test.kextext 1.0 com.apple.filesystems.smbfs 3.1 what did should deal this, not happend time.
if @ documentation sflt_unregister, you'll notice 2 things:
1:
unregisters socket filter. not detach socket filter sockets may attached @ time, prevent socket filter being attached new sockets.
the implication of callbacks can still called after sflt_unregister returns. need clean sockets might still attached filter before allow kext unloaded.
2:
returns: 0 on success otherwise errno error.
you shouldn't allow unloading kext if unregistering fails. (and likewise, shouldn't try unregister filter registration failed during kext start.)
Comments
Post a Comment