1. |
OS X Architectural Overview |
|
1-2 hours |
|
Introduction to the Architecture of OS X
- The Darwin environment
- XNU: The Kernel
- Micro vs. Monolithic Kernels
- Review of prerequisites
|
2. |
The XNU Source |
|
1 hours |
|
Making sense of the XNU source, we discuss its directory structure, and how to navigate it. Unlike Linux, which has the Linux Cross Reference, OS X's XNU, while as formidable, has no such tools.
- Obtaining the latest source code
- Navigating the source: What's in each directory?
- Compiling the Kernel
- The Kernel debug kit
Exercises include:
- Compiling the Kernel and adding symbol information
|
3. |
Programming KEXTs |
|
2 (3) hours |
|
Kernel Extensions, or "KEXTs", are the Mac OS equivalent of Kernel modules. In this module, we detail the architecture of KEXTs, commands used to manipulate them, and the process of creating one.
- Anatomy of a Kernel Extension
- KEXT related commands:
- kextk
- kextstat
- kextload/kextutil
- kextfind
- Building your first KEXT:
- The Entry and exit
- The Info.plist
- Handling dependencies
Exercises include:
- Using OSKext APIs to display loaded extensions
- Creating a simple Kernel Extension
|
4. |
Kernel Survival Guide |
|
2 hours |
|
The Kernel is a very inhospitable environment. In user space, we have rock solid isolation. A crash in a process doesn't usually affect the system at all. In the Kernel, however, a single transgression causes a system panic.
In this module, we show the dos and don'ts of Kernel programming, focusing on the APIs available for kernel developers, as well as common tasks in the Kernel.
- Kernel programming constraints
- LibKern and other APIs available
- Threading and synchronization
- Atomic operations
- IOLog and output to dmesg
|
5. |
Kernel/User Mode APIs |
|
2 (3) hours |
|
Sooner or later, Kernel code needs to communicate with user space. This is usually because the Kernel is meant to serve user mode requests.
In this module, we explore the various models of User-Kernel mode communication OS X has to offer, including:
- System calls, both Mach and BSD
- The Kernel implementation of System Calls
- SysCTLs
- IOCTLs
- OS X's Kernel-User Notification (KUNC)
Exercises include:
|
|
The I/O Kit is a complete driver runtime environment contained in XNU. I/O Kit is object oriented, and makes the development of drivers easier and, in many ways safer, by relying on object oriented concepts such as inheritance and overloading.
In this module, we investigate the I/O Kit in depth, and create a sample I/O Kit driver
- Introducing I/O Kit
- The I/O Kit base classes
- IOService and your driver
- The IOWorkLoop
- Interrupt Sources
- Timer Sources
- Command Gates
- Creating your sample driver
- The Entry and exit
- The Info.plist
- Driver personalities
- Handling dependencies
Exercises include:
- Creating a sample I/O Kit driver for a virtual device
|
7. |
Memory Management and Synchronization |
|
2 hours |
|
Allocating memory in kernel mode, and specifically using IOMemory APIs
Kernel Zones
Kalloc
IOMalloc
Synchronization and threading
- Responding to device addition & removal
- Responding to power management events
|
8. |
Plug & Play |
|
2 (4) hours |
|
Advanced features of I/O Kit drivers, including:
- Responding to device addition & removal
- Responding to power management events
Exercises include:
- Extending the I/O Kit driver to support PnP
|
9. |
Specific Drivers |
|
2 (4) hours |
|
Brief of specific IO Families
- Serial Port Drivers
- PCI Express
- Thunderbolt
- Networking
Exercises include:
|
10. |
Kernel Debugging Techniques |
|
2 (4) hours |
|
Handling the ugly side of kernel programming - when bugs and panics occur
- The Kernel Debug Kit
- Debugging over Serial or FireWire
- KDP
- Panics and dumps
- The KDebug facility
- Various kernel debug flags
Exercises include:
- Debugging the Mac OS X Kernel
|