The kext should verify the identity of the userspace process attaching to /dev/xnumon based on its code signature and refuse attaching if the code is unsigned or signed by the wrong team.
This seems not to be easily possible with the current cdev interface and using supported KPIs only, because the KPIs in bsd/sys/codesign.h are private.
The kext should verify the identity of the userspace process attaching to
/dev/xnumon
based on its code signature and refuse attaching if the code is unsigned or signed by the wrong team.