Aug 08, 2013 The kernel itself has its own address space, called kernel space. In OS X, no application can directly modify the memory of the system software (the kernel). Although user processes do not share memory by default as in Mac OS 9, communication (and even memory sharing) between applications is still possible. Some antiviruses create a kernel file and hide them in Extensions folder is deep subfolders. Also, they protect kernel files from being deleted. If you try to remove such a file to Trash, you will face a situation when Finder ignores the removal command. Learn how to remove the kernel extensions (kext files) on Mac.
Boot ROM
The kernel framework is just a bunch of headers to allow for sensible communication with kernel and the ability to build kernel extensions There is are no libraries in it to link against a userspace application. If you are trying to use userspace IOKit functions to communicate with the kernel side of IOKit you should be using IOKit.framework.
When the power to a Macintosh computer is turned on, the BootROM firmware is activated. BootROM (which is part of the computer’s hardware) has two primary responsibilities: it initializes system hardware and it selects an operating system to run. BootROM has two components to help it carry out these functions:
POST (Power-On Self Test) initializes some hardware interfaces and verifies that sufficient memory is available and in a good state.
EFI does basic hardware initialization and selects which operating system to use.
If multiple installations of OS X are available, BootROM chooses the one that was last selected by the Startup Disk System Preference. The user can override this choice by holding down the Option key while the computer boots, which causes EFI to display a screen for choosing the boot volume.
The Boot Loader
Once BootROM is finished and an OS X partition has been selected, control passes to the boot.efi boot loader. The principal job of this boot loader is to load the kernel environment. As it does this, the boot loader draws the “booting” image on the screen.
If full-disk encryption is enabled, the boot loader is responsible for drawing the login UI and prompting for the user’s password, which needed to access the encrypted disk to boot from it. (This UI is drawn by loginwindow otherwise.)
In the simplest case, the boot loader can be found in the /System/Library/CoreServices directory on the root partition, in a file named boot.efi.
Note: Booting from a UFS volume is deprecated as of OS X v10.5.
In order to speed up boot time, the boot loader uses several caches. The contents and location of these caches varies between versions of OS X, but knowing some details about the caching may be helpful when debugging kernel extensions.
After you install or modify a kernel extension, touch the /System/Library/Extensions directory; the system rebuilds the caches automatically.
Important: You should not depend on the implementation details of the kernel caches in your software.
In OS X v10.7, the boot loader looks for the unified prelinked kernel. This cache contains all kernel extensions that may be needed to boot a Mac with any hardware configuration, with the extensions already linked against the kernel. It is located at /System/Library/Caches/com.apple.kext.caches/Startup/kernelcache.
In OS X v10.6 and earlier, the boot loader first looks for the prelinked kernel (also called the kernel cache). This cache contains exactly the set of kernel extensions that were needed during the previous system startup, already linked against the kernel. If the prelinked kernel is missing or unusable (for example, because a hardware configuration has changed), the booter looks for the mkext cache, which contains all kernel extensions that may be needed to boot the system. Using the mkext cache is much slower because the linker must be run. On OS X v10.5 and v10.6, these caches are located in /System/Library/Caches/com.apple.kext.caches/Startup/; on previous versions of OS X, it was located at /System/Library/Caches/com.apple.kernelcaches/.
Finally, if the caches cannot be used, the boot loader searches /System/Library/Extensions for drivers and other kernel extensions whose OSBundleRequired property is set to a value appropriate to the type of boot (for example, local or network boot). This process is very slow, because the Info.plist file of every kernel extension must be parsed, and then the linker must be run.
For more information on how drivers are loaded, see IOKit Fundamentals, the manual page for kextcache, and Kernel Extension Programming Topics.
Rooting
Once the kernel and all drivers necessary for booting are loaded, the boot loader starts the kernel’s initialization procedure. At this point, enough drivers are loaded for the kernel to find the root device.
The kernel initializes the Mach and BSD data structures and then initializes the I/O Kit. The I/O Kit links the loaded drivers into the kernel, using the device tree to determine which drivers to link. Once the kernel finds the root device, it roots(*) BSD off of it.
Note: As a terminology aside, the term “boot” was historically reserved for loading a bootstrap loader and kernel off of a disk or partition. In more recent years, the usage has evolved to allow a second meaning: the entire process from initial bootstrap until the OS is generally usable by an end user. In this case, the term is used according to the former meaning.
As used here, the term “root” refers to mounting a partition as the root, or top-level, filesystem. Thus, while the OS boots off of the root partition, the kernel roots the OS off of the partition before executing startup scripts from it.
Boot≠Root is a technology that allows the system to boot from a partition other than the root partition. This is used to boot systems where the root partition is encrypted using full-disk encryption, or where the root partition is located on a device which requires additional drivers (such as a RAID array). Boot≠Root uses a helper partition to store the files needed to boot, such as the kernel cache. For more information on how to set up the property in a filter-scheme driver, see Developing a Filter Scheme in Mass Storage Device Driver Programming Guide.
Copyright © 2002, 2013 Apple Inc. All Rights Reserved. Terms of Use | Privacy Policy | Updated: 2013-08-08
If you are here, because you wish to fix issues with your NVIDIA web driver, please head over to the new NVWebDriverLibValFix page. This software is obsolete for fixing NVIDIA web driver issues.
Beware: This software intentionally weakens the security of your Mac and may turn your machine into a fire-breathing dragon. You should not install it.
With that out of the way: This software installs a small kernel patch at boot-time, which disables Library Validation. Library Validation exists independently of SIP and cannot be disabled without a kernel patch.
You don't want Library Validation to be disabled on your Mac. However, if it were to be disabled:
Library Kernel Machine
- Processes can load arbitrary libraries
- root becomes more powerful (may load arbitrary libraries into any process depending on SIP status)
- Security is weakened, because some user processes could be fooled to run additional code without root's explicit request, which may grant access to daemons that depend on Library Validation for secure validation of code identity.
Installation
The latest release and installation instructions are available on the Releases Page.
All releases are unsigned and require kernel code signing to be disabled (csrutil enable --without kext).
Installation (from source)
Install Xcode, then ./install.sh.
On success, you should see a message from 'DisableLibraryValidation' in the output of sudo dmesg and find 'com.apple.kext.mologie.DisableLibraryValidation' in the output of kextstat.
The patches take effect immediately, but you might have to restart processes that are broken by Library Validation (such as iBooks with the NVIDIA Web Drivers.)
Intel Math Kernel Library Mac
Removal
sudo ./install.sh uninstall, which runs kextunload to unload the extension and deletes it from disk.
Bug Reports
This software comes with no support or implied warrenty. I do not accept bug reports, but I welcome pull requests that fix bugs should you have found any. You may also submit pull requests for adding information to this readme file, or contact my privately via the email address on my GitHub profile.
Library Kernel32 Methods
Legal
Library Kernel Mac Os
Copyright 2017 Oliver Kuckertz; released under the MIT license.