Jailbreaking, in general, means breaking the device out of its "jail'." Apple devices (e.g., iPhone, iPad, Apple Watch) are the most famous "jail'' devices among the world. iOS, macOS, watchOS, and tvOS are operating systems developed by Apple Inc. and used in Apple devices. All systems deploy a same hybrid kernel structure called XNU. To jailbreak devices, attackers need to patch the kernel to disable corresponding security measures. An essential condition for a kernel patching is to gain a stable arbitrary kernel memory read and write ability through kernel vulnerabilities. But, it is a consensus in security that there is no system without flaws; therefore, the only thing Apple can do is add an increasing number of mitigations. However, "Villains can always outsmart," attackers can always find a way to bypass them.In this talk, we perform a systematic assessment of recently proposed mitigation strategies by Apple. We demonstrate that most of these defenses can be bypassed through corrupting unsafe kernel objects. We summarize this type of attack as ipc_port Kernel Object-Oriented Programming (PKOOP). More specifically, we show realistic attack scenarios to achieve full control of the latest XNU version. To defend against PKOOP attack, we propose XNU Kernel Object Protector (XKOP) to significantly reduce the number of possible targets for unprotected kernel objects. XKOP, a framework to hook related system, calls to check the integrity of risky kernel objects without system modification. We believe that our assessment and framework are curative contributions to the design and implementation of a secure XNU kernel.