General: DevForums subtopic: App & System Services > Core OS Core OS is a catch-all subtopic for low-level APIs that don’t fall into one of these more specific areas: Processes & Concurrency Resources Files and Storage Resources Networking Resources Network Extension Resources Security Resources Virtualization Resources Share and Enjoy — Quinn “The Eskimo!” @ Developer Technical Support @ Apple let myEmail = "eskimo" + "1" + "@" + "apple.com"

I'm scanning for peripherals, and keep references to multiple CBUUIDs - one for each peripheral. I then start a connection to the peripheral. I never get a callback to say the connection succeeded, failed, or disconnected. I have a Mini-Moreph Bluetooth sniffer. The sniffer shows that the iPhone never tried to connect to any of the peripherals. The iPhone HCI logs show that a create connection request was sent, but a cancel connection request was sent 0.018 seconds later. No feedback was given to my application through CoreBluetooth. I've filed this through Feedback Assistant, but expect nothing will come of the report.

If I'm in an enumerateDirectory call, I can very quickly fill in the fileID, parentID, and (maybe) the type attributes based on the directory entry I have loaded. That is, I can quickly fill in anything that is contained in the dirent structure in dirent.h, plus the parentID. However, if any other attributes are requested (say, flags), or if the file system doesn't store the filetype in the directory entry, then I need to do additional I/O and load an inode. If I have to load an inode, I might keep a reference to it and assume that I can clean it up later whenever there is a matching call to reclaimItem. But in the enumerateDirectory call, I never provide an FSItem to the system! By observation, I see that normally, a call to enumerateDirectory of this nature is followed up by a lookupItem call for every single fetched item, and then assumedly the system can later reclaim it if need be. At least, I tried various ways of listing directories, and each way I tried showed this behavior. If that's the case, then I can rely on a later reclaimItem call telling me when to clean up this cached data from memory. Is this guaranteed, however? I don't see a mention of this in the documentation, so I'm not sure if I can rely on this. Or, do I need to handle a case where, if I do additional I/O after enumerateDirectory, I might need to figure out when cached data should be cleaned up to avoid a "leak?" (Using the term "leak" loosely here, since in theory looking up the file later would make it reclaimable, but perhaps that might not happen.)

Given a directory path (or NSURL) I need to get the total number of files/documents in that directory - recursively - as fast and light as possible. I don't need to list the files, and not filter them. All the APIs I found so far (NSFileManger, NSURL, NSDirectoryEnumerator) collect too much information, and those who are recursive - are aggregating the whole hierarchy before returning. If applied to large directory - this both implies a high CPU peak and slow action, and a huge memory impact - even if transient. My question: What API is best to use to accomplish this count, must I scan recursively the hierarchy? Is there a "lower level" API I could use that is below NSFileManager that provides better performance? One time in the middle-ages, I used old MacOS 8 (before MacOS X) file-system APIs that were immensely fast and allowed doing this without aggregating anything. I write my code in Objective-C, using latest Xcode and MacOS and of course ARC.

Hello, I am working on a DLP solution for macOS that relies on the Network Extension (NETransparentProxyProvider) for network traffic analysis. Could you please clarify: is it technically possible and officially supported to use a LaunchAgent as the container app to install and manage the Network Extension? If not, what is the recommended approach in case of GUI less application? Thank you in advance.

我是开发者，日常工作会同时打开大量终端（tmux、多项目、自动化脚本、node‑pty 等）。在这种现代开发场景下，511 的 PTY 上限明显过低，而且这个默认值对顶配机器（128GB RAM）和低配机器是一样的，没有随硬件规格调整，这不合理。 我尝试过使用 tmux control mode 来减少 PTY 占用，但它会导致终端输出对齐错乱，影响可用性，所以必须继续使用 PTY 模式。这意味着只要终端数量稍多，就很容易触及 511 上限，导致系统层面无法创建新终端，影响全局稳定性。 总结： 511 作为默认值在过去或许合理，但对现代开发者明显不足； 顶配机器和低配机器同一上限不合理； control mode 有输出对齐问题，无法作为现实替代方案。 谢谢！ Apple 支持社区工作人员

I have the following code for port forwarding in mac os virtualization var ipAddr = in_addr() // 1. Convert String to in_addr inet_pton(AF_INET, guestIP, &ipAddr) let status = vmnet_network_configuration_add_port_forwarding_rule( config, UInt8(IPPROTO_TCP), // TCP protocol sa_family_t(AF_INET), // address family guestPort, // internal port (guest) externalPort, // external port (host) &ipAddr // internal address (guest IP) ) if status == .VMNET_SUCCESS { print("✅ Port Forwarding set: Mac:\(externalPort) -> VM(\(guestIP)):\(guestPort)") } else { print("❌ Port Forwarding failed for \(guestIP): \(status.rawValue)") } It is returning success but when i test it it does not work. Is there anything i am doing wrong? Please help me also in fixing this problem. Note: The app runs in sandbox i tried without sandboxing and it does not work either. Please refer to this link https://aninterestingwebsite.com/forums/thread/822025?login=true&page=1#884236022 how i am creating the VZVmnetNetworkDeviceAttachment

I'm writing a read-only filesystem extension. I see that the documentation for loadResource(resource:options:replyHandler:) claims that the --rdonly option is supported, which suggests that this should be possible. However, I have never seen this option provided to my filesystem extension, even if I return usableButLimited as a probe result (where it doesn't mount at all - FB19241327) or pass the -r or -o rdonly options to the mount(8) command. Instead I see those options on the volume's activate call. But other than saving that "readonly" state (which, in my case, is always the case) and then throwing on all write-related calls I'm not sure how to actually mark the filesystem as "read-only." Without such an indicator, the user is still offered the option to do things like trash items in Finder (although of course those operations do not succeed since I throw an EROFS error in the relevant calls). It also seems like the FSKit extensions that come with the system handle read-only strangely as well. For example, for a FAT32 filesystem, if I mount it like mount -r -F -t msdos /dev/disk15s1 /tmp/mnt Then it acts... weirdly. For example, Finder doesn't know that the volume is read-only, and lets me do some operations like making new folders, although they never actually get written to disk. Writing may or may not lead to errors and/or the change just disappearing immediately (or later), which is pretty much what I'm seeing in my own filesystem extension. If I remove the -F option (thus using the kernel extension version of msdos), this doesn't happen. Are read-only filesystems currently supported by FSKit? The fact that extensions like Apple's own msdos also seem to act weirdly makes me think this is just a current FSKit limitation, although maybe I'm missing something. It's not necessarily a hard blocker given that I can prevent writes from happening in my FSKit module code (or, in my case, just not implement such features at all), but it does make for a strange experience. (I reported this as FB21068845, although I'm mostly asking here because I'm not 100% sure this is not just me missing something.)

Hi everyone, I am developing a macOS virtualization manager (VirtualProg) using the Virtualization.framework. The application is distributed via the Mac App Store, so it operates strictly within the App Store Sandbox. I am looking for a reliable, programmatic way to discover the IP address assigned to a guest (both macOS and Linux). Is there a recommended "Sandbox-safe" API or pattern within the Virtualization framework—or a lower-level networking entitlement—that allows a host application to retrieve the guest's assigned IP address? Ideally, I am looking for a solution that does not require the user to manually install a non-sandboxed helper tool. Thanks in advance for any insights or guidance!

My enterprise app requires a launch daemon that provides services to support my Security agent plugin. I bundle everything in an App and install using AirWatch. This all used to work until something changed, either AirWatch or the MacOS version. Now the install fails because my SMAppService instance returns an error when .register is called: Error Domain=SMAppServiceErrorDomain Code=1 "Operation not permitted" UserInfo={NSLocalizedFailureReason=Operation not permitted} If I install by opening my installer package as a user, the install always succeeds. The app is an enterprise app and is not distributed through the App Store. The app also installs a security extension. The security extension is installed and activated before any calls to SMAppService. I can't figure out what has changed in the last few months that would cause the error, or how to fix this. Any help or pointers would be appreciated.

macOS 26.4 Beta appears to have changed how built-in MacBook keyboard events are routed through IOHIDSystem. Third-party virtual HID devices loaded via DriverKit no longer receive events from the built-in keyboard. External keyboards are unaffected. This is already confirmed across multiple users: https://github.com/pqrs-org/Karabiner-Elements/issues/4402 One possible lead (from LLM-assisted code analysis, not independently verified): this could be related to a security policy referred to as com.apple.iohid.protectedDeviceAccess, which may block IOHIDDeviceOpen for the Apple Internal Keyboard via SPI transport (AppleHIDTransportHIDDevice). A "GamePolicy" check in IOHIDDeviceClass.m that gates HID device access could be involved. This is a hint, not a confirmed root cause. The impact goes well beyond a single project. Keyboard remapping on macOS is a thriving ecosystem — used for accessibility, ergonomics, developer productivity, and multilingual input. This is one of macOS's strengths as a platform. Many professionals specifically choose Mac because this level of customization is possible. If this capability is being removed without an alternative, it would significantly diminish what makes macOS attractive for power users and developers. Is this an intentional architectural change to the input event pipeline for built-in keyboards, or a beta regression? If intentional, what is the recommended alternative for developers?

Hi all, I'm building an iOS app extension using ExtensionKit that works exclusively with its containing host app, presenting UI via EXHostViewController. I'd like the extension to have read-only access to the host's task for process introspection purposes. I'm aware this would almost certainly require a special entitlement. I know get-task-allow and the debugger entitlement exist, but those aren't shippable to the App Store. I'm looking for something that could realistically be distributed to end users. My questions: Does an entitlement exist (or is one planned) that would grant an extension limited, read-only access to its host's task—given the extension is already tightly coupled to the host? If not, is this something Apple would consider adding? The use case is an extension that needs to inspect host process state without the ability to modify it. Is there a path to request such an entitlement through the provisioning profile process, or is this fundamentally off the table for App Store distribution? It seems like a reasonable trust boundary given the extension already lives inside the host's app bundle, but I understand the security implications. Any insight appreciated. Thanks!

Hello, For the past few days I have been working on integrating a Crash Reporter called "BugSplat" to our macOS desktop app and it got me thinking, how do crash reporters work on macOS ? After days of trial and error (and claude's help) I managed to integrate it but with a different behavior than windows. On Windows: When the app crashes, the BugSplat crash report window opens and allows you to write your details and message to be sent with the crash report (along with a log file) On macOS: It displays the normal macOS' "App exit unexpectedly", to which I click dismiss. But then when I re-open the app the BugSplat crash report window appears. I asked claude if I can avoid the normal macOS dialog entirely, to which it replied: "This is by design — BugSplat macOS is a next-launch crash reporter, not an in-process one. Here's why that's intentional and unavoidable: When a process crashes (SIGSEGV, SIGBUS, etc.), macOS's ReportCrash daemon independently monitors all processes and shows the "quit unexpectedly" dialog — there's no API to suppress it. Meanwhile, BugSplat's Mach exception handler captures the crash data to disk. On the next launch, BugSplat finds that crash data and shows its dialog. This is the same model used by every macOS crash reporter (PLCrashReporter, Firebase Crashlytics on macOS, etc.). The process heap is in a corrupted state at crash time, so showing UI from inside the crashed process is unreliable." LLMs sometimes speak confidently even when they're wrong so that's why I'm asking: Is it really true that that's the normal behavior for every crash reporter? And is it really that huge of a change to overwrite the macOS dialog entirely ? Thank you in advance and sorry for the long paragraph

I have this code in my Virutalization application let process = Process() process.executableURL = URL(fileURLWithPath: "/usr/sbin/diskutil") process.arguments = ["image", "create", "blank", "--fs", "none", "--format", "ASIF", "--size", "2GiB", url.path ] try process.run() process.waitUntilExit() if process.terminationStatus == 0 { print("✅ Disk image creation succeeded.") } else { print("❌ Disk image creation failed with exit code \(process.terminationStatus)") } } catch { print("Process failed to launch: \(error.localizedDescription)") return } this code was working fine until Tahoe 26.2. with the update of 26.3 the system freezes at process.waitUntilExit() The code never exits and i get beech balls. This is working fine with intel macs. i am getting the problem in apple silicon m4 mac mini. Any help would be appreciated.

When a File Provider extension (NSFileProviderReplicatedExtension) mounts a Linux server via SFTP, remote directories containing files that differ only in case (e.g., "README" and "readme") are not represented correctly. The framework silently renames one file locally via the before-bounce mechanism, even though the extension reports both items with distinct identifiers and correct filenames. NSFileProviderActions.h states: "Collision checks should be case insensitive even if the filesystem or file provider might allow two coexisting filenames differing only by their case." This check runs in the framework before writing to disk. Placing the domain on a case-sensitive APFS volume via NSFileProviderDomain(displayName:userInfo:volumeURL:) does not help — the volume passes eligibility but the collision check still applies. This breaks any File Provider extension that mounts case-sensitive filesystems where case-variant filenames are common (especially git repositories). Is there any way to opt out of the case-insensitive collision check per domain? A supportsCaseSensitiveNames property on NSFileProviderDomain would solve this.

Hi, I have two issues going on: Creation of macOS VMs requires autologin is enabled: Mon Apr 13 11:27:18 20 anka.log (ankahv) 511: pid 511: installing /Users/veertu/Library/Application Support/Veertu/Anka/img_lib/UniversalMac_15.6.1_24G90_Restore.ipsw... Mon Apr 13 11:27:20 40 anka.log (install) 511: (null): installation failed: Error Domain=VZErrorDomain Code=10007 "The virtual machine failed to start." UserInfo={NSLocalizedFailure=An error occurred during installation., NSLocalizedFailureReason=The virtual machine failed to start., NSUnderlyingError=0xca2c0ced0 {Error Domain=VZErrorDomain Code=-9 "The virtual machine encountered a security error." UserInfo={NSLocalizedFailure=Unable to access security information., NSLocalizedFailureReason=The virtual machine encountered a security error., NSUnderlyingError=0xca3029320 {Error Domain=NSPOSIXErrorDomain Code=22 "Invalid argument" UserInfo={NSLocalizedFailureReason=Failed to get current host key., NSUnderlyingError=0xca30292f0 {Error Domain=NSPOSIXErrorDomain Code=22 "Invalid argument" UserInfo=0xca2a88040 (not displayed)}}}}}} Mon Apr 13 11:27:20 40 anka.log (install) 511: (null): virtual machine stopped with error: Error Domain=VZErrorDomain Code=4 "Transition from state “error” to state “stopping” is invalid." UserInfo={NSLocalizedFailure=Invalid virtual machine state transition., NSLocalizedFailureReason=Transition from state “error” to state “stopping” is invalid.} Mon Apr 13 11:27:20 40 anka.log (install) 511: failed to install macOS: Error Domain=VZErrorDomain Code=10007 "The virtual machine failed to start." UserInfo={NSLocalizedFailure=An error occurred during installation., NSLocalizedFailureReason=The virtual machine failed to start., NSUnderlyingError=0xca2c0ced0 {Error Domain=VZErrorDomain Code=-9 "The virtual machine encountered a security error." UserInfo={NSLocalizedFailure=Unable to access security information., NSLocalizedFailureReason=The virtual machine encountered a security error., NSUnderlyingError=0xca3029320 {Error Domain=NSPOSIXErrorDomain Code=22 "Invalid argument" UserInfo={NSLocalizedFailureReason=Failed to get current host key., NSUnderlyingError=0xca30292f0 {Error Domain=NSPOSIXErrorDomain Code=22 "Invalid argument" UserInfo=0xca2a88040 (not displayed)}}}}}} Running a macOS 26.x VM fails for similar reasons, yet running a 15.x VM works fine: Mon Apr 13 11:20:10 20 0f5d4fe7-edac-4f6d-aebb-f185702f2c25.log (ankahv) 474: pid 474: session started on host 26.4.1 Mon Apr 13 11:20:10 40 0f5d4fe7-edac-4f6d-aebb-f185702f2c25.log (ankahv) 474: 0f5d4fe7-edac-4f6d-aebb-f185702f2c25: failed to start: Error Domain=VZErrorDomain Code=-9 "The virtual machine encountered a security error." UserInfo={NSLocalizedFailure=Unable to access security information., NSLocalizedFailureReason=The virtual machine encountered a security error., NSUnderlyingError=0x76f049e00 {Error Domain=NSPOSIXErrorDomain Code=22 "Invalid argument" UserInfo={NSLocalizedFailureReason=Failed to get current host key., NSUnderlyingError=0x76f049e60 {Error Domain=NSPOSIXErrorDomain Code=22 "Invalid argument" UserInfo={NSLocalizedFailureReason=Failed to create new HostKey., NSUnderlyingError=0x76f049dd0 {Error Domain=NSPOSIXErrorDomain Code=22 "Invalid argument" UserInfo=0x76ec49d60 (not displayed)}}}}}} Mon Apr 13 11:20:10 40 0f5d4fe7-edac-4f6d-aebb-f185702f2c25.log (ankanet) 474: failed to receive packets: Connection reset by peer This is super painful for us to manage since some of our users can't have autologin enabled (like major banks under strict MDM requirements). Or, AWS EC2 Macs which have no VNC enabled at all by default. What's the trick here to make sure we can consistently use virtualization without autologin?

The file ~/.CFUserTextEncoding contained a string which I can't understand. It's recreated when a user log in. I had found that the result of CoreFoundation.CFStringGetSystemEncoding() is affected by the content of this file. What is this file used for?

Hi, I am developing instant snapshot backup solution for macOS using Endpoint Security. We have stumbled upon a Kernel Panic when using "fclonefileat" API. We are catching a kernel panic on customer machines when attempting to clone the file during ES sync callback: panic(cpu 0 caller 0xfffffe002c495508): "apfs_io_lock_exclusive : Recursive exclusive lock attempt" @fs_utils.c:435 I have symbolized the backtrace to know it is related to clone operation with the following backtrace: apfs_io_lock_exclusive apfs_clone_internal apfs_vnop_clonefile I made a minimal repro that boils down to the following operations: apfs_crash_stress - launch thread to do rsrc writes static void *rsrc_write_worker(void *arg) { int id = (int)(long)arg; char buf[8192]; long n = 0; fill_pattern(buf, sizeof(buf), 'W' + id); while (n < ITERATION_LIMIT) { int file_idx = n % NUM_SOURCE_FILES; int fd = open(g_src_rsrc[file_idx], O_WRONLY | O_CREAT, 0644); if (fd >= 0) { off_t off = ((n * 4096) % RSRC_DATA_SIZE); pwrite(fd, buf, sizeof(buf), off); if ((n & 0x7) == 0) fsync(fd); close(fd); } else { setxattr(g_src[file_idx], "com.apple.ResourceFork", buf, sizeof(buf), 0, 0); } n++; } printf("[rsrc_wr_%d] done (%ld ops)\n", id, n); return NULL; } apfs_crash_es - simple ES client that is cloning the file (error checking omitted for brevity) static std::string volfsPath(uint64_t devId, uint64_t vnodeId) { return "/.vol/" + std::to_string(devId) + "/" + std::to_string(vnodeId); } static void cloneAndScheduleDelete(const std::string& sourcePath, dispatch_queue_t queue, uint64_t devId, uint64_t vnodeId) { struct stat st; if (stat(sourcePath.c_str(), &st) != 0 || !S_ISREG(st.st_mode)) return; int srcFd = open(sourcePath.c_str(), O_RDONLY); const char* cloneDir = "/Users/admin/Downloads/_clone"; mkdir(cloneDir, 0755); const char* filename = strrchr(sourcePath.c_str(), '/'); filename = filename ? filename + 1 : sourcePath.c_str(); std::string cloneFilename = std::string(filename) + ".clone." + std::to_string(time(nullptr)) + "." + std::to_string(getpid()); std::string clonePath = std::string(cloneDir) + "/" + cloneFilename; fclonefileat(srcFd, AT_FDCWD, clonePath.c_str(), 0); { dispatch_after(dispatch_time(DISPATCH_TIME_NOW, 1 * NSEC_PER_SEC), queue, ^{ if (unlink(clonePath.c_str()) == 0) { LOG("Deleted clone: %s", clonePath.c_str()); } else { LOG("Failed to delete clone: %s", clonePath.c_str()); } }); } close(srcFd); } static const es_file_t* file(const es_message_t* msg) { switch (msg->event_type) { case ES_EVENT_TYPE_AUTH_OPEN: return msg->event.open.file; case ES_EVENT_TYPE_AUTH_EXEC: return msg->event.exec.target->executable; case ES_EVENT_TYPE_AUTH_RENAME: return msg->event.rename.source; } return nullptr; } int main(void) { es_client_t* cli; auto ret = es_new_client(&cli, ^(es_client_t* client, const es_message_t * msgc) { if (msgc->process->is_es_client) { es_mute_process(client, &msgc->process->audit_token); return respond(client, msgc, true); } dispatch_async(esQueue, ^{ bool shouldClone = false; if (msgc->event_type == ES_EVENT_TYPE_AUTH_OPEN) { auto& ev = msgc->event.open; if (ev.fflag & (FWRITE | O_RDWR | O_WRONLY | O_TRUNC | O_APPEND)) { shouldClone = true; } } else if (msgc->event_type == ES_EVENT_TYPE_AUTH_UNLINK || msgc->event_type == ES_EVENT_TYPE_AUTH_RENAME) { shouldClone = true; } if (shouldClone) { if (auto f = ::file(msgc)) cloneAndScheduleDelete(f->path.data, cloneQueue, f->stat.st_dev, f->stat.st_ino); } respond(client, msgc, true); }); }); LOG("es_new_client -> %d", ret); es_event_type_t events[] = { ES_EVENT_TYPE_AUTH_OPEN, ES_EVENT_TYPE_AUTH_EXEC, ES_EVENT_TYPE_AUTH_RENAME, ES_EVENT_TYPE_AUTH_UNLINK, }; es_subscribe(cli, events, sizeof(events) / sizeof(*events)); } Create 2 terminal sessions and run the following commands: % sudo ./apfs_crash_es % sudo ./apfs_crash_stress ~/Downloads/test/ Machine will very quickly panic due to APFS deadlock. I expect that no userspace syscall should be able to cause kernel panic. It looks like a bug in APFS implementation and requires fix on XNU/kext side. We were able to reproduce this issue on macOS 26.3.1/15.6.1 on Intel/ARM machines. Here is the panic string: panic_string.txt Source code without XCode project: apfs_crash_es.cpp apfs_crash_stress.cpp Full XCode project + full panic is available at https://www.icloud.com/iclouddrive/0f215KkZffPOTLpETPo-LdaXw#apfs%5Fcrash%5Fes

Hi everyone, I'm looking for clarity on the NFC HCE entitlement process for third-party apps in the EEA. I've built an alternative client for Milan's public transport app (ATM Milano) on Android by reverse engineering the original app. It offers the same core functionality(users still need a valid transit subscription) just with a different UI and better UX. I'd now like to port it to iOS. According to Apple's documentation, NFC HCE was opened to third parties in the EEA starting with iOS 17.4. However, the API requires an entitlement from Apple. I have a few questions: Is the entitlement required regardless of distribution method? Even if I distribute through a third-party marketplace like AltStore PAL rather than the App Store, do I still need Apple to grant the HCE entitlement? Are third-party/alternative clients eligible for the entitlement? My app isn't a competing transit provider, it's an alternative frontend for an existing service. Users must hold a valid subscription with the official provider. Is there anything in the entitlement criteria that would disqualify this kind of app? What's the correct process to apply?Developer Support directed me here, so I'm hoping someone from Apple engineering or someone who has gone through the process can share the steps. Thanks!

The most recent KDK for MacOS Sequoia that appears in the Downloads is for MacOS 15.5 (24F74), but the current version of MacOS Sequoia is 15.6 (24G84) and 15.7 (24G207) is in RC. Is there an ETA for the KDKs for 15.6 (24G84) and 15.7 (24G207) to be made available to download? Many thanks for any help.

I'm developing a spatial tracking app using a Qorvo DWM3001CDK (MFi-certified UWB accessory) with NINearbyAccessoryConfiguration. On iPhone 15 (iOS 26.3.1, second-generation UWB chip): supportsDirectionMeasurement = false NINearbyObject.direction is always nil NINearbyObject.distance works correctly (~63Hz) Camera Assistance (isCameraAssistanceEnabled=true) provides horizontalAngle only after ARKit convergence (~10s), and only while the phone is moving On iPhone 12/13 (first-generation UWB chip), direction works correctly with the same accessory. My questions: Is the removal of instantaneous direction measurement for third-party accessories on second-generation UWB devices intentional? Or is this a regression that will be fixed in a future iOS update? If intentional, what is the recommended approach for apps that need real-time direction to a UWB accessory on iPhone 15/16? Camera Assistance requires phone movement and only works with stationary targets, which doesn't work for our use case (tracking a moving object with the phone mounted on a gimbal). Are there any plans to provide instantaneous direction measurement for NINearbyAccessoryConfiguration on second-generation UWB devices? Environment: iPhone 15, iOS 26.3.1 Qorvo DWM3001CDK (FiRa + MFi certified) NINearbyAccessoryConfiguration with isCameraAssistanceEnabled=true Shared ARSession Thank you.