Home
QNX Software Development Platform
QNX SDP is a cross-compiling and debugging environment, including an IDE and command-line tools, for building binary images and programs for target boards running QNX Neutrino 7.1.
OS Components & Operations
Core Networking Stack User's Guide
This guide introduces you to the QNX Neutrino Core Networking stack and its manager, io-pkt.
Overview
Process manager abilities
The io-pkt manager uses process manager abilities to protect the privileged operations required by networking components.

QNX Momentics IDE User's Guide
This User's Guide describes version 7.1 of the Integrated Development Environment (IDE) that's part of the QNX Momentics tool suite.
QNX Software Development Platform
QNX SDP is a cross-compiling and debugging environment, including an IDE and command-line tools, for building binary images and programs for target boards running QNX Neutrino 7.1.
- Quickstart Guide
- OS Components & Operations
  - Adaptive Partitioning User's Guide
  - Boot Optimization Guide
    The Boot Optimization Guide describes techniques you can use to reduce the time from your board's initial power on until you have a fully functional QNX system running on the board.
  - Building Embedded Systems
    The Building Embedded Systems guide is intended for developers who are developing or building BSPs for QNX Neutrino RTOS embedded systems.
  - Core Networking Stack User's Guide
    This guide introduces you to the QNX Neutrino Core Networking stack and its manager, io-pkt.
    - Overview
      - Architecture of io-pkt
        The io-pkt stack is very similar in architecture to other component subsystems inside of the QNX Neutrino operating system.
      - Threading model
        The default mode of operation is for io-pkt to create one thread per CPU. The io-pkt stack is fully multi-threaded at layer 2.
      - Threading priorities
        There are a couple of ways that you can change the priority of the threads responsible for receiving packets from the hardware.
      - Components of core networking
        The io-pkt manager is the main component.
      - Process manager abilities
        The io-pkt manager uses process manager abilities to protect the privileged operations required by networking components.
    - Packet Filtering
    - IP Security and Hardware Encryption
      The io-pkt-v4-hc and io-pkt-v6-hc stack variants include full, built-in support for IPsec.
    - Wi-Fi Configuration
    - Transparent Distributed Processing
    - Network Drivers
    - Utilities, Managers, and Configuration Files
      The utilities, drivers, configuration files, and so on listed below are associated with io-pkt.
    - Writing Network Drivers for io-pkt
      This appendix is intended to help you understand and write network drivers for io-pkt.
    - A Hardware-Independent Sample Driver: sam.c
    - Additional information
    - Glossary
  - Customizing a BSP
    While QNX provides Board Support Packages (BSPs) for many common platforms and their individual variants, in some cases, you need a BSP for a board that QNX does not provide. If this is the case, you can modify a QNX BSP or develop your own.
  - Device Publishers Developer's Guide
  - High Availability Framework Developer's Guide
  - High-Performance Networking Stack (io-sock) User's Guide
    This guide contains instructions for implementing and using the QNX Neutrino High-Performance Networking Stack and its manager, io-sock.
  - Instant Device Activation
  - Migrating to QNX SDP 7.1
  - PCI Server User's Guide
  - Persistent Publish/Subscribe Developer's Guide
  - Platform-independent Publish/Subscribe Developer's Guide
    This guide is intended for application developers who want to use the Platform-independent Publish Subscribe (PiPS) framework to exchange information with other applications. First, the overall PiPS design and data-exchange model are explained. Then, tutorials on using PiPS are given. These tutorials cover key tasks such as selecting a publish-subscribe provider to use and writing plugins that read and write custom data types.
  - QDB Developer's Guide
  - QNX Helpers Developer's Guide
    These libraries provide QNX helpers, including helpers that assist with logging, string conversion, and number and type sizes.
  - SMMUMAN User's Guide
  - System Analysis Toolkit (SAT) User's Guide
  - System Architecture
    The System Architecture guide accompanies the QNX Neutrino RTOS and is intended for both application developers and end-users.
  - Technotes
  - User's Guide
    The QNX Neutrino User's Guide is intended for all users of a QNX Neutrino RTOS system, from system administrators to end users.
- Audio & Graphics API
- Multimedia
- Networking Middleware
- Programming
- Sensor Framework
- System Security Guide
  The QNX System Security Guide is intended for both system integrators who are responsible for the security of a QNX Neutrino RTOS system and developers who want to create a QNX Neutrino resource manager free from vulnerabilities.
- Utilities & Libraries
QNX Hypervisor
The QNX Hypervisor allows you to run multiple OSs on a target system so you can separate critical and non-critical functions, support a wide variety of applications, and reduce hardware costs.
QNX Software in the Cloud
QNX Software in the Cloud enables developers to use the QNX software in Amazon Web Services (AWS) and Microsoft Azure (Azure).
QNX Advanced Virtualization Frameworks User's Guide
This User's Guide is aimed at all systems integrators and developers who want to design and build embedded systems using the QNX Advanced Virtualization Frameworks.
Typographical Conventions, Support, and Licensing
This section describes the typographical conventions used throughout the documentation and explains how to obtain technical support.

Process manager abilities

The io-pkt manager uses process manager abilities to protect the privileged operations required by networking components.

For a list of these abilities, see Abilities in the Privilege control section of the System Security Guide.

For an overview of process manager abilities, see:

Process privileges in the Processes chapter of the QNX Neutrino Programmer's Guide
The entries for procmgr_ability() and iofunc_ability_check() in the C Library Reference

The following abilities govern which process operations io-pkt can do. Once io-pkt is up and running, you can use the qnx.kern.droproot sysctl command to tell it to stop running as root and run instead as the user that you specified with the -U option. At this point, io-pkt keeps the abilities that it needs and relinquishes the rest, but you can specify some additional abilities to retain if your networking driver needs them. On the command line, you can issue the sysctl command like this:

sysctl -w qnx.kern.droproot=value

The value is a hexadecimal number whose bits indicate which abilities io-pkt should keep, or 0 if you want io-pkt to continue to run as root. The QNX_DROPROOT_* flags are defined in <sys/iopkt_ability.h>:


Constant	Value	Keep this ability
QNX_DROPROOT_STD	0x0001	Drop root without keeping any additional abilities (keep the standard ones listed below)
QNX_DROPROOT_INTERRUPT	0x0002	PROCMGR_AID_INTERRUPT
QNX_DROPROOT_CONNECTION	0x0004	PROCMGR_AID_CONNECTION
QNX_DROPROOT_TIMER	0x0008	PROCMGR_AID_TIMER
QNX_DROPROOT_PROT_EXEC	0x0010	PROCMGR_AID_PROT_EXEC
QNX_DROPROOT_PATHSPACE	0x0020	Not used; io-pkt keeps PROCMGR_AID_PATHSPACE by default
QNX_DROPROOT_QNET	0x0040	PROCMGR_AID_QNET
QNX_DROPROOT_PUBLIC_CHANNEL	0x0080	PROCMGR_AID_PUBLIC_CHANNEL

By default, io-pkt retains the following abilities:

IOFUNC_ABILITY_DUP
IOFUNC_ABILITY_EXEC
IOFUNC_ABILITY_READ
PROCMGR_AID_KEYDATA
PROCMGR_AID_MEM_PHYS
PROCMGR_AID_PATHSPACE
PROCMGR_AID_PRIORITY

Page updated: March 12, 2026