objective c - Network Kernel Extensions case Mac Kernel Panic -

i code network kernel extensions on mac, code follows:, funcation proxy_tcp_unregistered,proxy_tcp_attach,proxy_tcp_detach empty funcation nothing

const static struct sflt_filter tcp_filter = {     proxy_tcp_filter_handle,     sflt_global,     bundle_name,     proxy_tcp_unregistered,  //do nothing     proxy_tcp_attach,        //do nothing     proxy_tcp_detach,        //do nothing     null,     null,     null,     null,     null,     null,     null,     null,     null,     null,     null,     null };  kern_return_t kerntest_start(kmod_info_t * ki, void *d) {     sflt_register(&tcp_filter, pf_inet, sock_stream, ipproto_tcp);     return kern_success; }  kern_return_t kerntest_stop(kmod_info_t *ki, void *d) {     sflt_unregister(proxy_tcp_filter_handle);     return kern_success; }

and use shell test, after 50 times load, unload(kextload , kextunload), mac kernel panic happened:

*** panic report *** panic(cpu 3 caller 0xffffff8009a065ea): kernel trap @ 0xffffff7f8c775ba0, type 14=page fault, registers: .... fault cr2: 0xffffff7f8c775ba0, error code: 0x0000000000000010, fault cpu: 0x3, pl: 0  backtrace (cpu 3), frame : return address .....        kernel extensions in backtrace:          xxxx.xxxx.proxy.hook(1.0)[7a521823-d1cf-353e-93ca-0345cd6f5454]@0xffffff7f8c771000->0xffffff7f8c777fff             kmod dependency scan stopped due missing dependency page: 0xc0ffee570a4457da  bsd process name corresponding current thread: kernel_task  mac os version: 16b2555  kernel version: darwin kernel version 16.1.0: thu oct 13 21:26:57 pdt 2016; root:xnu-3789.21.3~60/release_x86_64 kernel uuid: 8941ac1c-b084-37de-8a34-4ce638c5cfc9 kernel slide:     0x0000000009600000 ...  system uptime in nanoseconds: 28211489690166 last loaded kext @ 28211416923440: com.test.kextext 1.0 (addr 0xffffff7f8c778000, size 40960) last unloaded kext @ 28211489331506: com.test.kextext  1.0 (addr 0xffffff7f8c771000, size 28672) loaded kexts: com.test.kextext 1.0 com.apple.filesystems.smbfs 3.1

what did should deal this, not happend time.

if @ documentation sflt_unregister, you'll notice 2 things:

unregisters socket filter. not detach socket filter sockets may attached @ time, prevent socket filter being attached new sockets.

the implication of callbacks can still called after sflt_unregister returns. need clean sockets might still attached filter before allow kext unloaded.

returns: 0 on success otherwise errno error.

you shouldn't allow unloading kext if unregistering fails. (and likewise, shouldn't try unregister filter registration failed during kext start.)

Brazee

Search This Blog

objective c - Network Kernel Extensions case Mac Kernel Panic -

Comments

Post a Comment