macos - 如何从 Kext 访问未导出的符号？

问题描述

我尝试在运行 11.4 Beta (20F5046g) Big Sur 的 M1 机器上加载 kext 模块，并在加载 kext 模块时遇到一些错误消息。

访问从 Apple kext 模块导出的内核符号

首先，为了访问从苹果的 kext 模块 com.apple.kpi.unsupported 导出的内核函数，我使用了下面的 extern 声明。

extern int  cpu_number(void);

另外，我在 info.plist 上添加了 com.apple.kpi.unsupported

    <key>OSBundleLibraries</key>
    <dict>
            <key>com.apple.kpi.libkern</key>
            <string>20.5</string>
            <key>com.apple.kpi.unsupported</key>
            <string>20.5.0</string>
    </dict>

编译不会引发任何错误，但是当我尝试加载模块时，它会打印以下消息。

Error Domain=KMErrorDomain Code=31 "Error occurred while building a collection: 
    1: One or more binaries has an error which prevented linking.  See other errors.
    2: Could not use 'kext' because: Failed to bind '_cpu_number' in 'kext' (at offset 0x0 in __DATA_CONST, __got) as could not find a kext which exports this symbol
kext specific: 
    1: Failed to bind '_cpu_number' in 'kext' (at offset 0x0 in __DATA_CONST, __got) as could not find a kext which exports this symbol
" UserInfo={NSLocalizedDescription=Error occurred while building a collection: 
    1: One or more binaries has an error which prevented linking.  See other errors.
    2: Could not use 'kext' because: Failed to bind '_cpu_number' in 'kext' (at offset 0x0 in __DATA_CONST, __got) as could not find a kext which exports this symbol
kext specific: 
    1: Failed to bind '_cpu_number' in 'kext' (at offset 0x0 in __DATA_CONST, __got) as could not find a kext which exports this symbol

我可以访问内核符号列表中指定但未从苹果的 kext 模块导出的内核符号吗？

我还想访问名为SecureDTInitEntryIterator的内核函数。我发现这个符号列在 /System/Library/Kernels/kernel 中的内核符号上。但是， $kextfind -defines-symbol _SecureDTIterateEntries 不返回任何相应的 kext 模块名称。

作为一个 IOS 新手，我猜这个符号不是从任何苹果的 kexy 模块中导出的。有什么方法可以从我的 kext 模块访问此功能？我想我可以用函数原型输入符号在内核空间内的地址，但如果存在的话，我正在寻找一种系统的方法。

标签： macosapple-m1kernel-extensionxnu