Mac kernel programming generic kernel extension prinf() not working

Question

I've followed the Creating a Generic Kernel Extension with Xcode tutorial.

MyKext.c:

#include <sys/systm.h>
#include <mach/mach_types.h>

kern_return_t MyKext_start (kmod_info_t * ki, void * d)
{
    printf("MyKext has started.\n");
    return KERN_SUCCESS;
}

kern_return_t MyKext_stop (kmod_info_t * ki, void * d)
{
    printf("MyKext has stopped.\n");
    return KERN_SUCCESS;
}

I've also disabled the csrutil, which allow me to load my own kext.

# csrutil disable

When I load my own kext into kernel

$ sudo kextload -v /tmp/MyKext.kext

The result of printf() not write into /var/log/system.log.

I've also set boot-args

$ sudo nvram boot-args="original_contents debug=0x4"

Can anyone help me out?

Answer 1

Apparently, since Sierra (10.12) at least, they reorganized the way the logs are written (iOS support?), so you cannot see it in system.log anymore. Still, in your Console application, you have in the sidebar a Devices section, where you can select your device (usually your Mac system) and see real-time log limited to "kernel" in the search box. So I can see these when using kext load/kextunload:

default 11:58:27.608228 +0200   kernel  MyKext has started.
default 11:58:34.446824 +0200   kernel  MyKext has stopped.
default 11:58:44.803350 +0200   kernel  MyKext has started.

There is no need for the csrutil and nvram changes.

Important For some freaky reason, I needed to restart the Console to reflect my messages changes, otherwise it has showing the ones (start & stop) from the previous build. Very strange indeed!

Later To recover old logs, try sudo log collect --last 1d and open the result with Console(more here).