{"id":13470423,"url":"https://github.com/apple/darwin-xnu","last_synced_at":"2025-09-29T00:32:15.151Z","repository":{"id":37396669,"uuid":"93205465","full_name":"apple/darwin-xnu","owner":"apple","description":"Legacy mirror of Darwin Kernel. Replaced by https://github.com/apple-oss-distributions/xnu","archived":true,"fork":false,"pushed_at":"2023-01-13T01:48:01.000Z","size":81924,"stargazers_count":11121,"open_issues_count":3,"forks_count":1661,"subscribers_count":563,"default_branch":"main","last_synced_at":"2025-05-03T20:02:42.349Z","etag":null,"topics":["kernel"],"latest_commit_sha":null,"homepage":"https://opensource.apple.com/","language":"C","has_issues":false,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/apple.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"security/Makefile","support":null}},"created_at":"2017-06-02T21:33:51.000Z","updated_at":"2025-05-03T13:29:36.000Z","dependencies_parsed_at":"2023-02-09T14:01:17.351Z","dependency_job_id":null,"html_url":"https://github.com/apple/darwin-xnu","commit_stats":null,"previous_names":[],"tags_count":123,"template":false,"template_full_name":null,"purl":"pkg:github/apple/darwin-xnu","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/apple%2Fdarwin-xnu","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/apple%2Fdarwin-xnu/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/apple%2Fdarwin-xnu/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/apple%2Fdarwin-xnu/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/apple","download_url":"https://codeload.github.com/apple/darwin-xnu/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/apple%2Fdarwin-xnu/sbom","scorecard":{"id":203697,"data":{"date":"2025-08-11","repo":{"name":"github.com/apple/darwin-xnu","commit":"2ff845c2e033bd0ff64b5b6aa6063a1f8f65aa32"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":3.5,"checks":[{"name":"Code-Review","score":0,"reason":"Found 0/30 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Maintained","score":0,"reason":"project is archived","details":["Warn: Repository is archived."],"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Token-Permissions","score":-1,"reason":"No tokens found","details":null,"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Dangerous-Workflow","score":-1,"reason":"no workflows found","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"License","score":9,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Warn: project license file does not contain an FSF or OSI license."],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"SAST","score":0,"reason":"no SAST tool detected","details":["Warn: no pull requests merged into dev branch"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Pinned-Dependencies","score":-1,"reason":"no dependencies found","details":null,"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}}]},"last_synced_at":"2025-08-16T23:16:03.618Z","repository_id":37396669,"created_at":"2025-08-16T23:16:03.619Z","updated_at":"2025-08-16T23:16:03.619Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":277450938,"owners_count":25819971,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-09-28T02:00:08.834Z","response_time":79,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["kernel"],"created_at":"2024-07-31T16:00:30.061Z","updated_at":"2025-09-29T00:32:10.128Z","avatar_url":"https://github.com/apple.png","language":"C","readme":"What is XNU?\n===========\n\nXNU kernel is part of the Darwin operating system for use in macOS and iOS operating systems. XNU is an acronym for X is Not Unix.\nXNU is a hybrid kernel combining the Mach kernel developed at Carnegie Mellon University with components from FreeBSD and a C++ API for writing drivers called IOKit.\nXNU runs on x86_64 for both single processor and multi-processor configurations.\n\nXNU Source Tree\n===============\n\n  * `config` - configurations for exported apis for supported architecture and platform\n  * `SETUP` - Basic set of tools used for configuring the kernel, versioning and kextsymbol management.\n  * `EXTERNAL_HEADERS` - Headers sourced from other projects to avoid dependency cycles when building. These headers should be regularly synced when source is updated.\n  * `libkern` - C++ IOKit library code for handling of drivers and kexts.\n  * `libsa` -  kernel bootstrap code for startup\n  * `libsyscall` - syscall library interface for userspace programs\n  * `libkdd` - source for user library for parsing kernel data like kernel chunked data.\n  * `makedefs` - top level rules and defines for kernel build.\n  * `osfmk` - Mach kernel based subsystems\n  * `pexpert` - Platform specific code like interrupt handling, atomics etc.\n  * `security` - Mandatory Access Check policy interfaces and related implementation.\n  * `bsd` - BSD subsystems code\n  * `tools` - A set of utilities for testing, debugging and profiling kernel.\n\nHow to build XNU\n================\n\nBuilding `DEVELOPMENT` kernel\n-----------------------------\n\nThe xnu make system can build kernel based on `KERNEL_CONFIGS` \u0026 `ARCH_CONFIGS` variables as arguments.\nHere is the syntax:\n\n    make SDKROOT=\u003csdkroot\u003e ARCH_CONFIGS=\u003carch\u003e KERNEL_CONFIGS=\u003cvariant\u003e\n\nWhere:\n\n  * \\\u003csdkroot\u003e: path to macOS SDK on disk. (defaults to `/`)\n  * \\\u003cvariant\u003e: can be `debug`, `development`, `release`, `profile` and configures compilation flags and asserts throughout kernel code.\n  * \\\u003carch\u003e   : can be valid arch to build for. (E.g. `X86_64`)\n\nTo build a kernel for the same architecture as running OS, just type\n\n    $ make\n    $ make SDKROOT=macosx.internal\n\nAdditionally, there is support for configuring architectures through `ARCH_CONFIGS` and kernel configurations with `KERNEL_CONFIGS`.\n\n    $ make SDKROOT=macosx.internal ARCH_CONFIGS=X86_64 KERNEL_CONFIGS=DEVELOPMENT\n    $ make SDKROOT=macosx.internal ARCH_CONFIGS=X86_64 KERNEL_CONFIGS=\"RELEASE DEVELOPMENT DEBUG\"\n\n\nNote:\n  * By default, architecture is set to the build machine architecture, and the default kernel\n    config is set to build for DEVELOPMENT.\n\n\nThis will also create a bootable image, kernel.[config],  and a kernel binary\nwith symbols, kernel.[config].unstripped.\n\nTo intall the kernel into a DSTROOT, use the `install_kernels` target:\n\n    $ make install_kernels DSTROOT=/tmp/xnu-dst\n\nHint:\nFor a more satisfying kernel debugging experience, with access to all\nlocal variables and arguments, but without all the extra check of the\nDEBUG kernel, add something like:\n\tCFLAGS_DEVELOPMENTARM64=\"-O0 -g -DKERNEL_STACK_MULTIPLIER=2\"\n\tCXXFLAGS_DEVELOPMENTARM64=\"-O0 -g -DKERNEL_STACK_MULTIPLIER=2\"\nto your make command.\nReplace DEVELOPMENT and ARM64 with the appropriate build and platform.\n\n\n  * To build with RELEASE kernel configuration\n\n        make KERNEL_CONFIGS=RELEASE SDKROOT=/path/to/SDK\n\n\nBuilding FAT kernel binary\n--------------------------\n\nDefine architectures in your environment or when running a make command.\n\n    $ make ARCH_CONFIGS=\"X86_64\" exporthdrs all\n\nOther makefile options\n----------------------\n\n * $ make MAKEJOBS=-j8    # this will use 8 processes during the build. The default is 2x the number of active CPUS.\n * $ make -j8             # the standard command-line option is also accepted\n * $ make -w              # trace recursive make invocations. Useful in combination with VERBOSE=YES\n * $ make BUILD_LTO=0      # build without LLVM Link Time Optimization\n * $ make REMOTEBUILD=user@remotehost # perform build on remote host\n * $ make BUILD_JSON_COMPILATION_DATABASE=1 # Build Clang JSON Compilation Database\n\nThe XNU build system can optionally output color-formatted build output. To enable this, you can either\nset the `XNU_LOGCOLORS` environment variable to `y`, or you can pass `LOGCOLORS=y` to the make command.\n\n\nDebug information formats\n=========================\n\nBy default, a DWARF debug information repository is created during the install phase; this is a \"bundle\" named kernel.development.\\\u003cvariant\u003e.dSYM\nTo select the older STABS debug information format (where debug information is embedded in the kernel.development.unstripped image), set the BUILD_STABS environment variable.\n\n    $ export BUILD_STABS=1\n    $ make\n\n\nBuilding KernelCaches\n=====================\n\nTo test the xnu kernel, you need to build a kernelcache that links the kexts and\nkernel together into a single bootable image.\nTo build a kernelcache you can use the following mechanisms:\n\n  * Using automatic kernelcache generation with `kextd`.\n    The kextd daemon keeps watching for changing in `/System/Library/Extensions` directory.\n    So you can setup new kernel as\n\n        $ cp BUILD/obj/DEVELOPMENT/X86_64/kernel.development /System/Library/Kernels/\n        $ touch /System/Library/Extensions\n        $ ps -e | grep kextd\n\n  * Manually invoking `kextcache` to build new kernelcache.\n\n        $ kextcache -q -z -a x86_64 -l -n -c /var/tmp/kernelcache.test -K /var/tmp/kernel.test /System/Library/Extensions\n\n\n\nRunning KernelCache on Target machine\n=====================================\n\nThe development kernel and iBoot supports configuring boot arguments so that we can safely boot into test kernel and, if things go wrong, safely fall back to previously used kernelcache.\nFollowing are the steps to get such a setup:\n\n  1. Create kernel cache using the kextcache command as `/kernelcache.test`\n  2. Copy exiting boot configurations to alternate file\n\n         $ cp /Library/Preferences/SystemConfiguration/com.apple.Boot.plist /next_boot.plist\n\n  3. Update the kernelcache and boot-args for your setup\n\n         $ plutil -insert \"Kernel Cache\" -string \"kernelcache.test\" /next_boot.plist\n         $ plutil -replace \"Kernel Flags\" -string \"debug=0x144 -v kernelsuffix=test \" /next_boot.plist\n\n  4. Copy the new config to `/Library/Preferences/SystemConfiguration/`\n\n         $ cp /next_boot.plist /Library/Preferences/SystemConfiguration/boot.plist\n\n  5. Bless the volume with new configs.\n\n         $ sudo -n bless  --mount / --setBoot --nextonly --options \"config=boot\"\n\n     The `--nextonly` flag specifies that use the `boot.plist` configs only for one boot.\n     So if the kernel panic's you can easily power reboot and recover back to original kernel.\n\n\n\n\nCreating tags and cscope\n========================\n\nSet up your build environment and from the top directory, run:\n\n    $ make tags     # this will build ctags and etags on a case-sensitive volume, only ctags on case-insensitive\n    $ make TAGS     # this will build etags\n    $ make cscope   # this will build cscope database\n\n\nHow to install a new header file from XNU\n=========================================\n\nTo install IOKit headers, see additional comments in [iokit/IOKit/Makefile]().\n\nXNU installs header files at the following locations -\n\n    a. $(DSTROOT)/System/Library/Frameworks/Kernel.framework/Headers\n    b. $(DSTROOT)/System/Library/Frameworks/Kernel.framework/PrivateHeaders\n    c. $(DSTROOT)/usr/include/\n    d. $(DSTROOT)/System/DriverKit/usr/include/\n    e. $(DSTROOT)/System/Library/Frameworks/System.framework/PrivateHeaders\n\n`Kernel.framework` is used by kernel extensions.\\\nThe `System.framework` and `/usr/include` are used by user level applications. \\\n`/System/DriverKit/usr/include` is used by userspace drivers. \\\nThe header files in framework's `PrivateHeaders` are only available for ** Apple Internal Development **.\n\nThe directory containing the header file should have a Makefile that\ncreates the list of files that should be installed at different locations.\nIf you are adding the first header file in a directory, you will need to\ncreate Makefile similar to `xnu/bsd/sys/Makefile`.\n\nAdd your header file to the correct file list depending on where you want\nto install it. The default locations where the header files are installed\nfrom each file list are -\n\n    a. `DATAFILES` : To make header file available in user level -\n       `$(DSTROOT)/usr/include`\n\n    b. `DRIVERKIT_DATAFILES` : To make header file available to DriverKit userspace drivers -\n       `$(DSTROOT)/System/DriverKit/usr/include`\n\n    c. `PRIVATE_DATAFILES` : To make header file available to Apple internal in\n       user level -\n       `$(DSTROOT)/System/Library/Frameworks/System.framework/PrivateHeaders`\n\n    d. `KERNELFILES` : To make header file available in kernel level -\n       `$(DSTROOT)/System/Library/Frameworks/Kernel.framework/Headers`\n       `$(DSTROOT)/System/Library/Frameworks/Kernel.framework/PrivateHeaders`\n\n    e. `PRIVATE_KERNELFILES` : To make header file available to Apple internal\n       for kernel extensions -\n       `$(DSTROOT)/System/Library/Frameworks/Kernel.framework/PrivateHeaders`\n\nThe Makefile combines the file lists mentioned above into different\ninstall lists which are used by build system to install the header files. There\nare two types of install lists: machine-dependent and machine-independent.\nThese lists are indicated by the presence of `MD` and `MI` in the build\nsetting, respectively. If your header is architecture-specific, then you should\nuse a machine-dependent install list (e.g. `INSTALL_MD_LIST`). If your header\nshould be installed for all architectures, then you should use a\nmachine-independent install list (e.g. `INSTALL_MI_LIST`).\n\nIf the install list that you are interested does not exist, create it\nby adding the appropriate file lists.  The default install lists, its\nmember file lists and their default location are described below -\n\n    a. `INSTALL_MI_LIST` : Installs header file to a location that is available to everyone in user level.\n        Locations -\n           $(DSTROOT)/usr/include\n       Definition -\n           INSTALL_MI_LIST = ${DATAFILES}\n\n    b. `INSTALL_DRIVERKIT_MI_LIST` : Installs header file to a location that is\n        available to DriverKit userspace drivers.\n        Locations -\n           $(DSTROOT)/System/DriverKit/usr/include\n       Definition -\n           INSTALL_DRIVERKIT_MI_LIST = ${DRIVERKIT_DATAFILES}\n\n    c.  `INSTALL_MI_LCL_LIST` : Installs header file to a location that is available\n       for Apple internal in user level.\n       Locations -\n           $(DSTROOT)/System/Library/Frameworks/System.framework/PrivateHeaders\n       Definition -\n           INSTALL_MI_LCL_LIST = ${PRIVATE_DATAFILES}\n\n    d. `INSTALL_KF_MI_LIST` : Installs header file to location that is available\n       to everyone for kernel extensions.\n       Locations -\n            $(DSTROOT)/System/Library/Frameworks/Kernel.framework/Headers\n       Definition -\n            INSTALL_KF_MI_LIST = ${KERNELFILES}\n\n    e. `INSTALL_KF_MI_LCL_LIST` : Installs header file to location that is\n       available for Apple internal for kernel extensions.\n       Locations -\n            $(DSTROOT)/System/Library/Frameworks/Kernel.framework/PrivateHeaders\n       Definition -\n            INSTALL_KF_MI_LCL_LIST = ${KERNELFILES} ${PRIVATE_KERNELFILES}\n\n    f. `EXPORT_MI_LIST` : Exports header file to all of xnu (bsd/, osfmk/, etc.)\n       for compilation only. Does not install anything into the SDK.\n       Definition -\n            EXPORT_MI_LIST = ${KERNELFILES} ${PRIVATE_KERNELFILES}\n\n    g. `INSTALL_MODULEMAP_INCDIR_MI_LIST` : Installs module map file to a\n       location that is available to everyone in user level, installing at the\n       root of INCDIR.\n       Locations -\n           $(DSTROOT)/usr/include\n       Definition -\n           INSTALL_MODULEMAP_INCDIR_MI_LIST = ${MODULEMAP_INCDIR_FILES}\n\nIf you want to install the header file in a sub-directory of the paths\ndescribed in (1), specify the directory name using two variables\n`INSTALL_MI_DIR` and `EXPORT_MI_DIR` as follows -\n\n    INSTALL_MI_DIR = dirname\n    EXPORT_MI_DIR = dirname\n\nA single header file can exist at different locations using the steps\nmentioned above.  However it might not be desirable to make all the code\nin the header file available at all the locations.  For example, you\nwant to export a function only to kernel level but not user level.\n\n You can use C language's pre-processor directive (#ifdef, #endif, #ifndef)\n to control the text generated before a header file is installed.  The kernel\n only includes the code if the conditional macro is TRUE and strips out\n code for FALSE conditions from the header file.\n\n Some pre-defined macros and their descriptions are -\n\n    a. `PRIVATE` : If defined, enclosed definitions are considered System\n\tPrivate Interfaces. These are visible within xnu and\n\texposed in user/kernel headers installed within the AppleInternal\n\t\"PrivateHeaders\" sections of the System and Kernel frameworks.\n    b. `KERNEL_PRIVATE` : If defined, enclosed code is available to all of xnu\n\tkernel and Apple internal kernel extensions and omitted from user\n\theaders.\n    c. `BSD_KERNEL_PRIVATE` : If defined, enclosed code is visible exclusively\n\twithin the xnu/bsd module.\n    d. `MACH_KERNEL_PRIVATE`: If defined, enclosed code is visible exclusively\n\twithin the xnu/osfmk module.\n    e. `XNU_KERNEL_PRIVATE`: If defined, enclosed code is visible exclusively\n\twithin xnu.\n    f. `KERNEL` :  If defined, enclosed code is available within xnu and kernel\n       extensions and is not visible in user level header files.  Only the\n       header files installed in following paths will have the code -\n\n            $(DSTROOT)/System/Library/Frameworks/Kernel.framework/Headers\n            $(DSTROOT)/System/Library/Frameworks/Kernel.framework/PrivateHeaders\n    g. `DRIVERKIT`: If defined, enclosed code is visible exclusively in the\n    DriverKit SDK headers used by userspace drivers.\n\nConditional compilation\n=======================\n\n`xnu` offers the following mechanisms for conditionally compiling code:\n\n    a. *CPU Characteristics* If the code you are guarding has specific\n    characterstics that will vary only based on the CPU architecture being\n    targeted, use this option. Prefer checking for features of the\n    architecture (e.g. `__LP64__`, `__LITTLE_ENDIAN__`, etc.).\n    b. *New Features* If the code you are guarding, when taken together,\n    implements a feature, you should define a new feature in `config/MASTER`\n    and use the resulting `CONFIG` preprocessor token (e.g. for a feature\n    named `config_virtual_memory`, check for `#if CONFIG_VIRTUAL_MEMORY`).\n    This practice ensures that existing features may be brought to other\n    platforms by simply changing a feature switch.\n    c. *Existing Features* You can use existing features if your code is\n    strongly tied to them (e.g. use `SECURE_KERNEL` if your code implements\n    new functionality that is exclusively relevant to the trusted kernel and\n    updates the definition/understanding of what being a trusted kernel means).\n\nIt is recommended that you avoid compiling based on the target platform. `xnu`\ndoes not define the platform macros from `TargetConditionals.h`\n(`TARGET_OS_OSX`, `TARGET_OS_IOS`, etc.).\n\n\nThere is a deprecated `TARGET_OS_EMBEDDED` macro, but this should be avoided\nas it is in general too broad a definition for most functionality.\nPlease refer to TargetConditionals.h for a full picture.\n\nHow to add a new syscall\n========================\n\n\n\n\nTesting the kernel\n==================\n\nXNU kernel has multiple mechanisms for testing.\n\n  * Assertions - The DEVELOPMENT and DEBUG kernel configs are compiled with assertions enabled. This allows developers to easily\n    test invariants and conditions.\n\n  * XNU Power On Self Tests (`XNUPOST`): The XNUPOST config allows for building the kernel with basic set of test functions\n    that are run before first user space process is launched. Since XNU is hybrid between MACH and BSD, we have two locations where\n    tests can be added.\n\n        xnu/osfmk/tests/     # For testing mach based kernel structures and apis.\n        bsd/tests/           # For testing BSD interfaces.\n    Please follow the documentation at [osfmk/tests/README.md](osfmk/tests/README.md)\n\n  * User level tests: The `tools/tests/` directory holds all the tests that verify syscalls and other features of the xnu kernel.\n    The make target `xnu_tests` can be used to build all the tests supported.\n\n        $ make RC_ProjectName=xnu_tests SDKROOT=/path/to/SDK\n\n    These tests are individual programs that can be run from Terminal and report tests status by means of std posix exit codes (0 -\u003e success) and/or stdout.\n    Please read detailed documentation in [tools/tests/unit_tests/README.md](tools/tests/unit_tests/README.md)\n\n\nKernel data descriptors\n=======================\n\nXNU uses different data formats for passing data in its api. The most standard way is using syscall arguments. But for complex data\nit often relies of sending memory saved by C structs. This packaged data transport mechanism is fragile and leads to broken interfaces\nbetween user space programs and kernel apis. `libkdd` directory holds user space library that can parse custom data provided by the\nsame version of kernel. The kernel chunked data format is described in detail at [libkdd/README.md](libkdd/README.md).\n\n\nDebugging the kernel\n====================\n\nThe xnu kernel supports debugging with a remote kernel debugging protocol (kdp). Please refer documentation at [technical note] [TN2063]\nBy default the kernel is setup to reboot on a panic. To debug a live kernel, the kdp server is setup to listen for UDP connections\nover ethernet. For machines without ethernet port, this behavior can be altered with use of kernel boot-args. Following are some\ncommon options.\n\n  * `debug=0x144` - setups debug variables to start kdp debugserver on panic\n  * `-v` - print kernel logs on screen. By default XNU only shows grey screen with boot art.\n  * `kdp_match_name=en1` - Override default port selection for kdp. Supported for ethernet, thunderbolt and serial debugging.\n\nTo debug a panic'ed kernel, use llvm debugger (lldb) along with unstripped symbol rich kernel binary.\n\n    sh$ lldb kernel.development.unstripped\n\nAnd then you can connect to panic'ed machine with `kdp_remote [ip addr]` or `gdb_remote [hostip : port]` commands.\n\nEach kernel is packaged with kernel specific debug scripts as part of the build process. For security reasons these special commands\nand scripts do not get loaded automatically when lldb is connected to machine. Please add the following setting to your `~/.lldbinit`\nif you wish to always load these macros.\n\n    settings set target.load-script-from-symbol-file true\n\nThe `tools/lldbmacros` directory contains the source for each of these commands. Please follow the [README.md](tools/lldbmacros/README.md)\nfor detailed explanation of commands and their usage.\n\n[TN2118]: https://developer.apple.com/library/mac/technotes/tn2004/tn2118.html#//apple_ref/doc/uid/DTS10003352 \"Kernel Core Dumps\"\n[TN2063]: https://developer.apple.com/library/mac/technotes/tn2063/_index.html \"Understanding and Debugging Kernel Panics\"\n[Kernel Programming Guide]: https://developer.apple.com/library/mac/documentation/Darwin/Conceptual/KernelProgramming/build/build.html#//apple_ref/doc/uid/TP30000905-CH221-BABDGEGF\n","funding_links":[],"categories":["C","C (61)"],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fapple%2Fdarwin-xnu","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fapple%2Fdarwin-xnu","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fapple%2Fdarwin-xnu/lists"}