About the author

E-moss, a programmer who reads and wanks dogs, works on iOS development. Major share and write technical articles, not on a regular basis to share reading notes, can also access to "the best" Git address: https://github.com/knowtheroot/KnowTheRoot_iOS, welcome to ask questions and discussion.Copy the code

Git address: github.com/knowtheroot…

One, foreword

What is the BSD layer?

The BSD layer is built on top of Mach and is an integral part of XNU. BSD is responsible for providing a reliable, modern API. Its contents include:

  • UNIX process model
  • POSIX threading model and associated synchronization primitives
  • UNIX users and groups
  • Network protocol stack
  • File access system
  • Device access

Ii. BSD related features

Although The absolute core of XUN is Mach, the main interface that XUN provides to the user state is the BSD interface.

1.sysctl

The sysctl command is used to configure kernel parameters at runtime. These parameters are located in the /proc/sys directory. The openBSD description is:

The sysctl utility retrieves kernel state and allows processes with appropriate privilege to set kernel state. The state To be retrieved or set is described using a Management Information Base (MIB) style name, using a dotted set of components.

The sysctl(8) command is a standard way of accessing the internal state of the kernel.

role

By using this command, the system administrator can directly query the values of kernel variables to obtain important runtime diagnostic information. Ps: Only a very small number of variables are exported this way. Kernel components can register additional SYSCTL variable values at run time, or even increase the entire namespace.

2.kqueue

Definition:

Kqueue is the kernel event notification mechanism used in BSD.

Function:

A kqueue is a descriptor that blocks and waits until a particular type and kind of event occurs.

Function:

User-mode or kernel processes can wait for this descriptor, so kQueue provides a simple and efficient way to synchronize one or more processes.

Kqueue and KEvent (data structures representing events) form the basis of asynchronous I/O in the kernel.

3. Audit (OS X)

OS X implements the most basic security module, BSM. The audit subsystem is most valuable to OS X, but not to iOS, where auditing is not enabled. Ps: Because auditing is a security-related operation, it must be performed at the kernel level.

4. Enforce access Control (MAC)

MAC: Mandatory Access Control.

A key concept

The key concept in the MAC is the label, which refers to a predefined category that can be applied to a collection of files or other objects in the system.

Imagine spy movies with “secret” or “top secret” labels on documents

Match the label

If the requested object does not provide a matching label, the MAC rejects the access request. Each system call must first be authenticated by the MAC before it can actually process requests from the user mode.

use

The MAC is the basis for OS X’s isolation mechanism, the “sandbox mechanism.”