Glossary
Darwin has plenty of its own vocabulary. This page defines the terms that show up across the docs, grouped by the subsystem where they matter most.
Kernel
- XNU
- The darwinOS kernel. An acronym for "X is Not Unix." A hybrid of a Mach microkernel core and a BSD personality, running in a single address space.
- Mach
- A microkernel originally developed at CMU in the 1980s. Provides tasks, threads, virtual memory, and message-passing IPC. Forms the low-level core of XNU.
- Mach port
- A kernel-managed capability that names a destination for a Mach message. Ports have send rights and receive rights; holding the right is what lets you do the operation. Conceptually similar to a file descriptor, but for message-passing.
- Mach message
- The unit of communication between tasks. A header plus a descriptor list, delivered via a Mach port. Supports out-of-line memory, port rights, and audit tokens as first-class message parts.
- Mach task
- A container for one or more threads and the address space they share. Roughly what other systems call a process, though Darwin also has a separate BSD "proc" concept layered on top.
- Mach thread
- A schedulable execution context within a Mach task. Threads have priorities, run queues, and individual kernel-stack state.
- BSD personality
- The Unix-compatibility layer on top of Mach — signals, process groups, sockets, a VFS, and a BSD-style syscall table. Runs in the same kernel address space as Mach; the two are linked, not isolated.
- KPI
- Kernel Programming Interface. The stable symbol set that kexts are allowed to call. XNU exposes KPIs under `com.apple.kpi.iokit`, `com.apple.kpi.libkern`, etc. Drivers that only use KPIs survive across kernel updates; drivers that reach into private symbols don't.
- Syscall
- A transition from userland to kernel via the architectural trap instruction. Darwin carries both Mach traps (negative numbers) and BSD syscalls (positive numbers) on the same boundary.
IOKit and drivers
- IOKit
- The object-oriented driver framework. Written in Embedded C++. Handles device discovery, driver-to-driver matching, and the lifecycle of every hardware-facing service in the kernel.
- IOService
- The root class of the IOKit object model. Every driver (and most IOKit internals) inherit from `IOService` and implement its `start` / `stop` lifecycle methods.
- Family
- A group of related driver classes covering one hardware category — `IOEthernetController`, `IOBlockStorageDriver`, `IOHIDDevice`, etc. Each family defines the abstract contract every driver in it must satisfy.
- Nub
- An IOKit object that represents a hardware parent in the registry. Drivers attach to nubs; a PCI driver's nub is the PCI controller, a USB driver's nub is the USB host.
- Matching
- The process by which IOKit picks a driver for a nub. The kernel compares each driver's personality (from its `IOKitPersonalities` plist) against the nub's properties and loads the highest-scoring match.
- Personality
- A dictionary of match criteria inside a kext's Info.plist that tells IOKit when to instantiate the driver. Multiple personalities per kext is normal — one kext can drive several related devices.
- Embedded C++ (eC++)
- The restricted C++ dialect IOKit uses. No exceptions, no RTTI (IOKit provides its own), no templates in public APIs, careful multiple-inheritance rules. Keeps driver code bounded so the kernel stays predictable.
- Kext
- Kernel extension. A bundle (directory) containing a compiled kernel-space driver plus its `Info.plist`. Loaded with `kextload`, unloaded with `kextunload`.
- DriverKit
- A subset of IOKit that runs in userspace as a sandboxed process, with a controlled IPC surface back into the kernel. The path Apple pushes modern drivers onto. darwinOS supports both DriverKit and traditional kexts.
Userland
- launchd
- The service manager. PID 1 on every darwinOS system. Reads launchd jobs, starts services on boot or on demand, restarts them when they exit if policy requires.
- launchd job
- A property-list file describing one service — its binary, its arguments, its environment, its activation triggers (socket, Mach port, calendar, on-boot), and its owning user.
- XPC
- Cross Process Communication. Apple's higher-level IPC layer on top of Mach messaging. Services expose named endpoints; clients connect, send dictionaries, and receive dictionaries back. Used pervasively for privilege-separated daemons.
- dyld
- The dynamic linker. Reads each binary's load commands, maps its dependent libraries, and resolves symbols at first use. Runs in every userland process's address space. Fully open-sourced.
- A giant pre-linked blob containing every system library, relocated once at install time and then mapped into every process unmodified. Shaves seconds off process startup. Lives under `/System/Library/dyld/`.
- Lazy binding
- Resolving an external function's address the first time it's called, not at load time. Implemented via a stub that calls back into dyld on first use and patches the GOT entry so later calls jump directly.
- libSystem
- The umbrella C library. Re-exports libc, libpthread, libm, libdispatch, and the syscall stubs under a single dylib identifier. The one thing every darwinOS program links against.
- libdispatch
- Also known as Grand Central Dispatch or GCD. A library for queue-based concurrency: serial queues, concurrent queues, timers, sources for file descriptors and Mach ports. Part of libSystem.
Binaries and linking
- Mach-O
- The executable format used on every Darwin system. A header plus a series of load commands describing segments, sections, and dependent libraries. Replaces ELF in most Darwin tooling, though clang speaks both.
- Load command
- One entry in a Mach-O header describing what to do when loading the binary — "map this segment," "load this dylib," "run this entry point," "here's the dyld info." The kernel and dyld walk the load command list at startup.
- Fat binary
- A Mach-O container holding multiple architecture-specific Mach-O files (e.g. arm64 + x86_64) under one file. The kernel picks the slice matching the host at load time.
- Interposing
- A dyld feature that lets a library transparently replace another library's symbols at runtime. Used for debugging, tracing, and sandbox enforcement.
Boot and platform
- Boot args
- A string of space-separated flags the bootloader hands to the kernel. Controls verbose mode, debug ports, SIP-equivalent state, and countless other early-init knobs.
- Device tree
- A tree-structured description of the hardware — CPUs, memory, peripherals — handed to the kernel at boot. On ARM platforms it's a flattened DTB; on some Apple platforms a proprietary variant is used.
- Platform expert
- The kernel module that knows how to initialise a specific family of hardware. Inherits from `IOPlatformExpert`. First driver IOKit instantiates at boot. Your entry point when porting darwinOS to a new board.
- IMG4
- Apple's signed-image format for firmware and kernel payloads on their production hardware. darwinOS documents the public parts of the format; the signing side requires Apple's keys and is out of scope.
- iBoot
- Apple's proprietary second-stage bootloader on their production platforms. Not open source. darwinOS uses community-built UEFI loaders instead and documents only publicly-disclosed information about iBoot.
Security
- Code signing
- Cryptographic signing of every executable and library. Signed binaries carry a blob inside the Mach-O describing their entitlements and identity; the kernel verifies the signature at load time.
- AMFI
- Apple Mobile File Integrity. The kernel extension that enforces code-signing policy — who can run, what entitlements are granted, when to reject a binary. darwinOS has a compatible implementation with development knobs to relax enforcement.
- Entitlement
- A small dictionary baked into a binary's signature granting access to a privileged resource (a Mach service, a file path, a syscall). Entitlements are checked by the services they grant access to, not by the kernel broadly.
- Sandbox
- A kernel-enforced mandatory-access-control layer that filters syscalls against a profile written in a Scheme-dialect DSL. Applied per process via the `sandbox_init` API or launchd-job plist.
- SIP
- System Integrity Protection. A kernel-level policy that prevents even root from modifying core system directories and loading unsigned kexts. darwinOS carries an equivalent with a development-mode override.
Filesystems
- VFS
- Virtual File System. The kernel abstraction layer that lets multiple concrete filesystems expose a single namespace. VFS dispatches read, write, lookup, and friends to filesystem-specific vnodes.
- Vnode
- A per-file in-memory object maintained by VFS. Each vnode points at a filesystem-specific inode and carries the operation vector for its filesystem.
- APFS
- Apple File System. The modern copy-on-write, snapshot-capable filesystem. Not open source, but the on-disk format is documented; darwinOS ships a clean-room read/write implementation.
- HFS+
- The older Apple filesystem that predates APFS. Carried in darwinOS as read-only for migration purposes. Not recommended for new installations.
Keep reading
- Architecture
How the concepts defined here fit together.
Read the overview - Reference
Component-level reference docs — the formal definitions.
Browse the reference - Guides
Task-oriented walkthroughs that use this vocabulary.
Read the guides - Contribute
Spot a missing term? Glossary PRs are welcome.
Find your lane