Friday, 20 November 2020

macOS 11 Big Sur and Kernel Extensions - down the rabbit hole I go ....

I've been having a few discussions with colleagues as we get to grips with the new macOS 11 Big Sur release, especially with regard to the slow evolution away from Kernel Extensions ( aka KExts ).

One particular thread led me here: -

How to configure Kernel Extension settings for Mac

and, specifically this: -

sudo sqlite3 /var/db/SystemPolicyConfiguration/KextPolicy

Password:

]SQLite version 3.32.3 2020-06-18 14:16:19

Enter ".help" for usage hints.

sqlite> SELECT * FROM kext_policy; 

QED4VVPZWA|com.logitech.manager.kernel.driver|1|Logitech Inc.|5

6HB5Y2QTA3|com.hp.kext.io.enabler.compound|1|HP Inc.|0

Z2SG5H3HC8|net.tunnelblick.tun|1|Jonathan Bullard|5

Z2SG5H3HC8|net.tunnelblick.tap|1|Jonathan Bullard|5

sqlite> ^D

Why did I not know this before ?

There's a whole SQLite database infrastructure inside my Mac ? Wow, who knew ?

A colleague then pointed out that macOS also has kextstat which allows me to show which kernel extensions are loaded and, via this: -

kextstat | grep -v com.apple

Executing: /usr/bin/kmutil showloaded
No variant specified, falling back to release
Index Refs Address            Size       Wired      Name (Version) UUID <Linked Against>

the non-Apple extensions that are loaded or, in my case, NOT !

So, whilst the SQLite database has kexts from Logitech, HP and Tunnelblick listed, none appear to be loaded ...

Which is nice!

No comments:

Yay, VMware Fusion and macOS Big Sur - no longer "NAT good friends" - forgive the double negative and the terrible pun ...

After macOS 11 Big Sur was released in 2020, VMware updated their Fusion product to v12 and, sadly, managed to break Network Address Trans...