XNU (acronym for "X is Not Unix") is a hybrid kernel based on Mach 2.5, a hybrid kernel derived from BSD and the Accent kernel, which is used in macOS. It was developed for the NeXTStep operating system; when Apple purchased NeXT, they opted to use NeXTStep to replace the obsolete classic Mac OS (Mac OS 9 and older), which had poor memory protection and cooperative multitasking.
macOS is Apple's partly proprietary operating system for Macintosh computers, which is, in fact, able to be run on any modern x86-64 computer; it also has a mobile version, iOS, and other specialised editions: tvOS and watchOS.
Darwin is the term for the core BSD UNIX system which macOS builds atop.
XNU as a direct derivative from 4.3BSD inherits most of its features, as well as some features imported from other BSD systems such as FreeBSD. Features of BSD heritage include:
- POSIX system calls and the various BSD extensions;
- the kqueue event multiplexing system;
- Mandatory Access Control (MAC).
And XNU and OS X introduce a lot of specific features, including:
- own sandboxing system;
- own file system hierarchy (with FHS preserved);
- Apple Events and FSEvents;
- OpenDirectory, an authentification system;
- SystemConfiguration, a modular configuration mechanism;
- Apple System Log (ASL);
- notifyd and distnoted, notification (IPC) mechanisms;
- launchd, a system initialisation and service management system'
- Mach APIs;
- the I/O Kit, an object-oriented drivers framework;
- and more.
OS X is a certified UNIX system.
OS X and iOS support code signing. In OS X it can be disabled, but in iOS it is a heavy protection mechanism, which allows only reviewed apps to be run. However, Apple sells developer and enterprise certificates which can be used to distribute malware; a user only needs to install a profile. There also were a vulnerability which allowed to install outdated profiles by resetting the date. Apple can easily block certificates.
An entitlement is simply a permission written for a binary; even with root access it is not possible to override them. For example, running a program which uses task_for_pid Mach call under root without the required entitlements will result in an error. Of course, entitlements are signed.
This feature is present in both OS X and iOS, but in iOS it is much harder. In fact, it is a jail, which places applications inside their own environment, from which they can only access their own root. More about app sandbox here.
Hybrid Kernel Design
macOS is derived from the Mach 2.5 operating system, a derivative of the 4.3BSD UNIX system which rearchitected the lowest levels of the BSD kernel. The primary inspiration for this redesign was the Accent kernel developed at Carnegie-Mellon University. Mach made several adaptations to the Accent model to better support UNIX compatibility.
The core abstractions of the Mach kernel are four: tasks, threads, ports, port sets, messages, and memory objects. The BSD kernel is adapted to use these underlying Mach abstractions to provide a complete higher-level BSD UNIX system.
A later version of Mach, version 3.0, was able to detach the new low-level abstraction layer from the BSD kernel, yielding a Microkernel, where the BSD kernel was replaced with userland servers carved out from the BSD kernel code. XNU, however, was forked from Mach 2.5, which had not yet done so. While some improvements were imported from Mach 3.0, Apple opted not to separate the BSD kernel into userland servers. Thus XNU represents the Hybrid Kernel approach.
- http://opensource.apple.com - here you can obtain sources of all open source components.