Skip to content

Glossary

DriverKit

Apple's framework for writing drivers as userspace processes. Same IOKit object model as kernel kexts; crashes can't take down the system.

DriverKit is the framework Apple introduced in macOS 10.15 (Catalina) for writing device drivers that run as userspace processes instead of as kernel extensions. The driver still subclasses IOService, still has matching personalities, still appears in the IORegistry — but the actual class instance lives in a sandboxed user-mode process.

apple-oss-distributions/xnuiokit/Kernel/IOUserServer.cppThe kernel side of DriverKit — how a userland IOService is proxied into the kernel's IORegistry.View on GitHub(line )

The trade-off:

  • A crash in a DriverKit driver (a "dext") kills the dext process, not the kernel. The kernel terminates and respawns the dext; the rest of the system continues.
  • IPC over Mach messages adds latency vs. in-kernel calls. Acceptable for USB peripherals; sometimes a problem for high-end audio interfaces.
  • The driver runs sandboxed with only the entitlements it declares.

DriverKit supports USB, PCI, network, audio, HID, SCSI, and serial classes. SoC-level drivers (interrupt controllers, system management) remain in-kernel.

Since macOS 11+, third-party kexts require booting into Reduced Security mode and explicit user approval — Apple's pushing every third-party driver to DriverKit.

See also: IOKit, kext, and the DriverKit article.