Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

codesigned kext But why not load in Yosemite(10.10)

Tags:

macos

codesign

kernel-extension

I had a code signing on kext in Yosemite. But kextload is failed.
It was version2 codesign. codesign --verify is true.
But kextload is failed. Why not load in Yosemite?

Here is my log.

I have checked with codesign -dvvv ./myKext.kext And It's all right.

codesign -dvvv ./myKext.kext returned following:

Executable=/Path/to/myKext
Identifier=com.myKext.kext.Firewall
Format=bundle with Mach-O thin (x86_64)
CodeDirectory v=20100 size=317 flags=0x0(none) hashes=9+3 location=embedded
Hash type=sha1 size=20
CDHash=d0ff68bd8b49c650f45349c2d1570d45a8c1f148
Signature size=8544
Authority=Developer ID Application: My Kext Co., Ltd. (R2PBZJ465V)
Authority=Developer ID Certification Authority
Authority=Apple Root CA
Timestamp=2014. 10. 31. 오전 11:09:35
Info.plist entries=18
TeamIdentifier=not set
Sealed Resources version=2 rules=12 files=1
Internal requirements count=1 size=188

It shows that the version 2.
But sudo kextload ./myKext.kext is returning the following:

/Path/to/myKext.kext failed to load - (libkern/kext) not loadable (reason unspecified); check the system/kernel logs for errors or try kextutil(8).

cat /var/log/system.log returns:

com.apple.kextd[19]: ERROR: invalid signature for com.myKext.kext.Firewall, will not load

sudo kextutil -l ./myKext.kext returns:

Diagnostics for ./myKext.kext:
Code Signing Failure: code signature is invalid
ERROR: invalid signature for com.myKext.kext.Firewall, will not load

Why are invalid signature?!
I have signed with version2 codesign in Yosemite.
What I did wrong sign? Somebody teach me please.

like image 838
나승훈 Avatar asked Oct 31 '14 09:10

나승훈

1 Answers

I had the same problem too. And I got the solution sharing with you.

Apple changed the Mac Developer Program, and removed certification for kext from it. So even you are member of Mac Developer Program, you will not get certification for kext development unless you request it at Developer ID and Gatekeeper.

BTW, Apples says,

"KEXT signing is intended for signing commercially shipping kexts or projects broadly distributed in a large organization."

So what we can do is run our Kext on the KEXT Development Mode by adding the "kext-dev- mode=1" boot-arg. Like,

sudo nvram boot-args="debug=0x146 kext-dev-mode=1"

And reboot.

I wish this will be helpful for you.

like image 121
DDDrop Avatar answered Nov 11 '22 15:11

DDDrop
Sign in to Comment

Related questions

rJava on MacOS Sierra 10.12.15: unsupported option fopenmp
How to get the Objective-C class name corresponding to an AXUIElement?
Does the installation of Jekyll need GCC on OSX?
Docker Mac alternative to --net=host
what is Intel MKL FATAL ERROR: Cannot load libmkl_core.dylib. while running pyspark in MacOs?
Tkinter crashes computer after MacOS 10.14.6 update
App Store Connect Operation Error resource download failed : com.apple.transporter.mediatoolkit/2.2.0
D programming & iPhone
Replacement for chmod --reference on OS X?
Get path for NSFileWrapper
Updating OpenSSL version on OSX
Most efficient way to copy a file with GCD?
How to encode the executable location in a Linux rpath?
What is a standard way to add a ViewController in a Mac OS X Cocoa app? (or is it required?)
Which library to link (OSX)
CATransition push without fade
Editing files using editors in Docker with Vagrant (on Mac)
Mac: Send key event to background Window
Accessibility settings for non-GUI apps using AppleScript in OSX Mavericks?
Use GUI Emacs on OS X when opening files with emacsclient

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!