• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: NKE: priv and non-priv access
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: NKE: priv and non-priv access

  • Subject: Re: NKE: priv and non-priv access
  • From: Josh Graessley <email@hidden>
  • Date: Fri, 28 Oct 2005 17:16:50 -0700

On Oct 28, 2005, at 5:11 PM, Arno Hautala wrote:

Sheesh, thanks for the quick response.

On 28 Oct 2005, at 19:37, Josh Graessley wrote:


1) Register two kernel controls, one that requires root and one that doesn't.


Mmm, I was hoping to avoid that. Er, by two controls do you mean within the same NKE or register two NKEs? If it's within the same NKE (I'm just getting started with the whole NKE thing so bear with me) how do I assign different functions to different priv levels? Or would I just check what the passed in control reference refers to?

Same NKE. Call the function twice with different parameters each time. The first time, don't set the flag requiring priv and specify function pointers for non-priv operations. The second time, register again and specify the flag and use function pointers for the priv operations. You will need a different kernel control name for each time you register.

2) Check for root before performing an operation that requires root.

proc_t    current_p = proc_self();
int    result;

result = proc_suser(current_p);
proc_rele(current_p);
if (result != 0) {
    return EPERM;
}


This check is in the userland app, not the NKE?

This is in the NKE, in the function that handles data from the user land app to the NKE. I think it's called the send function, which is strange since it's a function your kext specifies to handle data that the user land process is sending. It's more of a receive function from the perspective of a kext.

Would I be able to get the id of the user running the userland app from the NKE? That would be more in line with my goal.

Yes. Check out sys/proc.h in the Kernel Framework for a list of the relevant functions.

-josh

Attachment: smime.p7s
Description: S/MIME cryptographic signature

 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Darwin-kernel mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden
  • Follow-Ups:
    • Re: NKE: priv and non-priv access
      • From: Arno Hautala <email@hidden>
References: 
 >NKE: priv and non-priv access (From: Arno Hautala <email@hidden>)
 >Re: NKE: priv and non-priv access (From: Josh Graessley <email@hidden>)
 >Re: NKE: priv and non-priv access (From: Arno Hautala <email@hidden>)

  • Prev by Date: Re: NKE: priv and non-priv access
  • Next by Date: Re: NKE: priv and non-priv access
  • Previous by thread: Re: NKE: priv and non-priv access
  • Next by thread: Re: NKE: priv and non-priv access
  • Index(es):
    • Date
    • Thread