The iPhone Wiki is no longer updated. Visit this article on The Apple Wiki for current information. |
Difference between revisions of "Kernel Task"
Line 3: | Line 3: | ||
The kernel_task is accessible by a variety of means in OS X's XNU. In iOS, however, Apple do their damnedest to keep anyone from obtaining the task port. This is because, given the kernel_task, various task APIs can be called to manipulate it. Chief amongst those would be virtual memory APIs (e.g. mach_vm_read and mach_vm_write) which compromise system security and allow various forms of injection. Whereas in OS X the processor set APIs can list all tasks, the same APIs in iOS leave out the kernel task. |
The kernel_task is accessible by a variety of means in OS X's XNU. In iOS, however, Apple do their damnedest to keep anyone from obtaining the task port. This is because, given the kernel_task, various task APIs can be called to manipulate it. Chief amongst those would be virtual memory APIs (e.g. mach_vm_read and mach_vm_write) which compromise system security and allow various forms of injection. Whereas in OS X the processor set APIs can list all tasks, the same APIs in iOS leave out the kernel task. |
||
− | Using /usr/libexec/stackshot (with the -i command line switch) it is possible to get a snapshot of all tasks on the system, including the kernel_task. Apple is well aware of this, which is likely why the daemon has disappeared from iOS 5. It is possible, however, to copy the iOS 4 daemon to an iOS 5 system, or simply compile stackshot |
+ | Using /usr/libexec/stackshot (with the -i command line switch) it is possible to get a snapshot of all tasks on the system, including the kernel_task. Apple is well aware of this, which is likely why the daemon has disappeared from iOS 5. It is possible, however, to copy the iOS 4 daemon to an iOS 5 system, or simply compile stackshot from an open source file floating around the Internet. The output of the latter is similar to the following: |
<pre> |
<pre> |
Latest revision as of 01:39, 25 February 2012
The kernel_task is XNU's task object which abstracts the kernel itself. As a task object, it contains the ports used by the kernel: threads, virtual memory, exception and others. Unlike other task objects, however, it does not have a mapping to a BSD process. Thus, the corresponding PID for the kernel is PID 0.
The kernel_task is accessible by a variety of means in OS X's XNU. In iOS, however, Apple do their damnedest to keep anyone from obtaining the task port. This is because, given the kernel_task, various task APIs can be called to manipulate it. Chief amongst those would be virtual memory APIs (e.g. mach_vm_read and mach_vm_write) which compromise system security and allow various forms of injection. Whereas in OS X the processor set APIs can list all tasks, the same APIs in iOS leave out the kernel task.
Using /usr/libexec/stackshot (with the -i command line switch) it is possible to get a snapshot of all tasks on the system, including the kernel_task. Apple is well aware of this, which is likely why the daemon has disappeared from iOS 5. It is possible, however, to copy the iOS 4 daemon to an iOS 5 system, or simply compile stackshot from an open source file floating around the Internet. The output of the latter is similar to the following:
PID: 0 (kernel_task) Thread ID: 0x1 State: 9 - waiting Uninterruptible Continuation: 0x8005aa29 (vm_pageout_continue...) Thread ID: 0x2 State: 132 - running Idling processor Continuation: 0x800228d5 Thread ID: 0x3 State: 9 - waiting Uninterruptible Continuation: 0x8001f3f9 Thread ID: 0x4 State: 9 - waiting Uninterruptible Continuation: 0x80029c9d Thread ID: 0x5 State: 9 - waiting Uninterruptible Continuation: 0x80029e6d Thread ID: 0x6 State: 9 - waiting Uninterruptible Continuation: 0x8002c2c9 Thread ID: 0x7 State: 9 - waiting Uninterruptible Frames: 4 kernel 0 user Return Addr Frame Ptr 0x80021f61 0xc5a83f48 0x80021623 0xc5a83f70 0x8002eef1 0xc5a83fa8 0x8007b37c 0x0 ...