为什么这个键盘拦截内核扩展不起作用?

时间:2010-01-11 15:35:06

标签: c++ macos keyboard kernel-extension

我的开发人员!我非常希望至少你们中的一些人不会被这个问题包含的文本数量所吓倒(我只是尽力做到人道可能的描述)。 :)

对于那些认为我已经问过这个问题来编写恶意软件或其他内容的人。我想编写一个应用程序,允许用户选择在操作系统完成启动后启动的应用程序。整个想法是允许用户在操作系统完成启动之前通过按下之前绑定到应用程序的热键来选择这些应用程序。例如,用户打开他的Mac,键入SMTV并消失,当系统完成启动我的应用程序恢复输入并启动Safari,Mail,Tweetie和Vuze。我是新手,但我尽力帮助别人回答他们的问题 - 我想我可以期待同样的回报。检查我的个人资料和我的活动,然后开始尖叫恶意软件。

此问题是问题Is it possible to recover keyboard input that was done while Mac OS was starting up?的后续问题。

Pekka's advice的指导下,我偶然发现了Christian Starkjohann的一篇文章Intercepting Keyboard Events,该文章描述了他和Objective Development team如何成功地将iBook的CDROM弹出键从F12重新分配到Shift + F12 。主要部分是他们实际上拦截了键盘事件,这正是我所需要的。最后,Christian完全为像我这样的开发人员写了这篇文章,将iJect的想法用作类似功能的原型。

首先,我决定创建一个简单的内核扩展,只需将用户的键盘输入记录到/var/log/kernel.log即可。我在XCode中启动了一个新的通用内核扩展项目,按照Hello Kernel: Creating a Kernel Extension With Xcode中的Mac Dev Center's Kernel Extension Concepts教程的说明创建了一个Hello World项目,然后用iJect源代码填充它。结果如下:

TestKEXT.c 

#include <sys/systm.h>
#include <mach/mach_types.h>


extern int HidHackLoad(void);
extern int HidHackUnload(void);


kern_return_t MacOSSCKEXT_start (kmod_info_t * ki, void * d) {
    return HidHackLoad() == 0 ? KERN_SUCCESS : KERN_FAILURE;
}


kern_return_t MacOSSCKEXT_stop (kmod_info_t * ki, void * d) {
    return HidHackUnload() == 0 ? KERN_SUCCESS : KERN_FAILURE;
}

HIDHack.h 

#ifdef __cplusplus
extern "C" {
#endif

#include <mach/mach_types.h>
#include <sys/systm.h>

 extern int HidHackLoad(void);
 extern int HidHackUnload(void);

#ifdef __cplusplus
}
#endif

#include <IOKit/system.h>
#include <IOKit/assert.h>
#include <IOKit/hidsystem/IOHIDSystem.h>


class HIDHack : public IOHIDSystem {
public:
 virtual void keyboardEvent(unsigned   eventType,
          /* flags */            unsigned   flags,
          /* keyCode */          unsigned   key,
          /* charCode */         unsigned   charCode,
          /* charSet */          unsigned   charSet,
          /* originalCharCode */ unsigned   origCharCode,
          /* originalCharSet */  unsigned   origCharSet,
          /* keyboardType */     unsigned   keyboardType,
          /* repeat */           bool       repeat,
          /* atTime */           AbsoluteTime ts);

 virtual void keyboardSpecialEvent(unsigned   eventType,
           /* flags */        unsigned   flags,
           /* keyCode  */     unsigned   key,
           /* specialty */    unsigned   flavor,
           /* guid */         UInt64     guid,
           /* repeat */       bool       repeat,
           /* atTime */       AbsoluteTime ts);
};

HIDHack.cpp 

#include "HIDHack.h"


static void *oldVtable = NULL;
static void *myVtable = NULL;


int HidHackLoad(void) {
 IOHIDSystem *p;
 HIDHack *sub;

 if (oldVtable != NULL) {
  printf("###0 KEXT is already loaded\n");
  return 1;
 }
 if (myVtable == NULL) {
  sub = new HIDHack();
  myVtable = *(void **)sub;
  sub->free();
 }
    p = IOHIDSystem::instance();
    oldVtable = *(void **)p;
    *(void **)p = myVtable;

 printf("###1 KEXT has been successfully loaded\n");

    return 0;
}

int HidHackUnload(void) {
 IOHIDSystem *p;

    if (oldVtable != NULL) {
        p = IOHIDSystem::instance();
  if (*(void **)p != myVtable) {
   printf("###2 KEXT is not loaded\n");

   return 1;
  }
        *(void **)p = oldVtable;
        oldVtable = NULL;
    }

 printf("###3 KEXT has been successfully unloaded\n");

 return 0;
}

void HIDHack::keyboardEvent(unsigned   eventType, unsigned   flags, unsigned   key, unsigned   charCode, unsigned   charSet, unsigned   origCharCode, unsigned   origCharSet, unsigned   keyboardType, bool repeat,
       AbsoluteTime ts) {
 printf("###4 hid event type %d flags 0x%x key %d kbdType %d\n", eventType, flags, key, keyboardType);

    IOHIDSystem::keyboardEvent(eventType, flags, key, charCode, charSet, origCharCode, origCharSet, keyboardType, repeat, ts);
}

void HIDHack::keyboardSpecialEvent(   unsigned   eventType,
          /* flags */        unsigned   flags,
          /* keyCode  */     unsigned   key,
          /* specialty */    unsigned   flavor,
          /* guid */         UInt64     guid,
          /* repeat */       bool       repeat,
          /* atTime */       AbsoluteTime ts) {
 printf("###5 special event type %d flags 0x%x key %d flavor %d\n", eventType, flags, key, flavor);

 IOHIDSystem::keyboardSpecialEvent(eventType, flags, key, flavor, guid, repeat, ts);
}

生成的内核扩展由kextload / kextunload程序成功加载/卸载,但实际上并不拦截任何键盘事件。我已经尝试过很多工作来使它工作,但没有任何错误或其他问题,我不能谷歌任何有用的东西,并请求你的帮助。

1 个答案:

答案 0 :(得分:2)

问题不在于如何覆盖现有的IOHIDSystem实例。这很好用。

问题在于,当打开IOHIKeyboard时,它会将回调函数传递给IOHIDSystem以处理事件。回调是IOHIDSystem的静态私有函数,称为_keyboardEvent:

    success = ((IOHIKeyboard*)source)->open(this, kIOServiceSeize,0,
                (KeyboardEventCallback)        _keyboardEvent, 
                (KeyboardSpecialEventCallback) _keyboardSpecialEvent,
                (UpdateEventFlagsCallback)     _updateEventFlags);

然后回调调用IOHIDSystem实例中的keyboardEvent函数:

    self->keyboardEvent(eventType, flags, key, charCode, charSet,
                            origCharCode, origCharSet, keyboardType, repeat, ts, sender);

它不会调用十个参数,即虚拟(以及您要覆盖的参数)。相反,所谓的是11参数非虚拟参数。因此,即使你试图覆盖11参数,它也不会起作用,因为调用永远不会通过vtable。

相关问题
最新问题