Network Architecture
OS X kernel extensions (KEXTs) provide mechanisms to extend and modify the networking infrastructure of OS X dynamically, without recompiling or relinking the kernel. The effect is immediate and does not require rebooting the system.
Networking KEXTs can be used to
monitor network traffic
modify network traffic
receive notification of asynchronous events from the driver layer
In the last case, such events are received by the data link and network layers. Examples of these events include power management events and interface status changes.
Specifically, KEXTs allow you to
create protocol stacks that can be loaded and unloaded dynamically and configured automatically
create modules that can be loaded and unloaded dynamically at specific positions in the network hierarchy.
The Kernel Extension Manager dynamically adds KEXTs to the running OS X kernel inside the kernel’s address space. An installed and enabled network-related KEXT is invoked automatically, depending on its position in the sequence of protocol components, to process an incoming or outgoing packet.
All KEXTs provide initialization and termination routines
that the Kernel Extension Manager invokes when it loads or unloads
the KEXT. The initialization routine handles any operations that
are needed to complete the incorporation of the KEXT into the kernel, such
as updating protosw
and domain
structures
(through programmatic interfaces). Similarly, the termination routine
must remove references to the NKE from these structures to unload
itself successfully. NKEs must provide a mechanism, such as a reference
count, to ensure that the NKE can terminate without leaving dangling
pointers.
For additional information on the networking portions of the OS X kernel, you should read the document Network Kernel Extensions Programming Guide.
Copyright © 2002, 2013 Apple Inc. All Rights Reserved. Terms of Use | Privacy Policy | Updated: 2013-08-08