MacOS
XNU (acronym for "X is Not Unix") is a monolithic kernel used in macOS. It is based on OSF/MK, a derivative of Mach 3.0, and on 4.4BSD. It was developed for macOS as a work-alike to replace the the Mach 2.5-derived kernel used in NeXTStep operating system; when Apple purchased NeXT, they opted to use NeXTStep as a technological basis to replace the obsolete classic Mac OS (Mac OS 9 and older), which had poor memory protection and cooperative multitasking.
macOS is Apple's partly proprietary operating system for Macintosh computers, which can run on many modern x86-64 computers; it also has a mobile version, iOS, and other specialised editions: tvOS and watchOS.
Darwin is the term for the core BSD UNIX system which macOS builds atop.
Features
XNU as a derivative of 4.4BSD inherits most of its features, as well as some features imported from other BSD systems such as FreeBSD. Features of BSD heritage include:
- POSIX system calls and the various BSD extensions;
- the kqueue event multiplexing system, a later import from FreeBSD;
- Mandatory Access Control (MAC), developed through the TrustedBSD project in collaboration with FreeBSD.
And XNU and OS X introduce a lot of specific features, including:
- own sandboxing system;
- own file system hierarchy (with FHS preserved);
- Apple Events and FSEvents;
- OpenDirectory, an authentification system;
- SystemConfiguration, a modular configuration mechanism;
- Apple System Log (ASL);
- AppleScript;
- notifyd and distnoted, notification (IPC) mechanisms;
- launchd, a system initialisation and service management system'
- Mach APIs;
- the I/O Kit, an object-oriented drivers framework;
- and more.
OS X is a certified UNIX system.
Security
Code signing
OS X and iOS support code signing. In OS X it can be disabled, but in iOS it is a heavy protection mechanism, which allows only reviewed apps to be run. However, Apple sells developer and enterprise certificates which can be used to distribute malware; a user only needs to install a profile. There also were a vulnerability which allowed to install outdated profiles by resetting the date. Apple can easily block certificates.
Entitlements
An entitlement is simply a permission written for a binary; even with root access it is not possible to override them. For example, running a program which uses task_for_pid Mach call under root without the required entitlements will result in an error. Of course, entitlements are signed.
Sandboxing
This feature is present in both OS X and iOS, but in iOS it is much harder. In fact, it is a jail, which places applications inside their own environment, from which they can only access their own root. More about app sandbox here.
Kernel Design
macOS is derived from the OSF/MK kernel, a variant of Mach, and from 4.4BSD UNIX. Mach originated as a system which rearchitected the lowest levels of the BSD kernel [1] and initially retained most of the BSD kernel as a component layered on top of the Mach primitives, thus remaining a monolithic kernel. The primary inspiration for this redesign was the Accent kernel developed at Carnegie-Mellon University. Mach made several adaptations to the Accent model to better support UNIX compatibility. NeXTSTEP forked their variant of Mach from a version in which this was the case. Later versions of Mach from version 3.0 onwards, such as OSF/MK, were microkernel systems.
In order to maintain similar properties to the NeXTSTEP kernel, while avoiding the use of the then-encumbered 4.3BSD UNIX source tree, Apple developed XNU on the basis of the unencumbered OSF/MK and 4.4BSD-Lite2 codebases. The resulting kernel uses the core abstractions of the Mach kernel, which include tasks, threads, ports, port sets, messages, and memory objects, as a basis on which the adapted BSD kernel provides the higher-level BSD interfaces. As the 4.4BSD code runs as an integral part of the kernel, the result is a layered monolithic kernel, although the marketing term Hybrid Kernel is often used in reference to XNU.
See Also
External Links
- http://opensource.apple.com - here you can obtain sources of all open source components.
References
- ↑ Accetta et al. (1986). Mach: A New Kernel Foundation for UNIX Development. USENIX Summer Conference 1986. Retrieved June 25, 2024.