Figuring out context of file in an IOFilterScheme driver
Figuring out context of file in an IOFilterScheme driver
- Subject: Figuring out context of file in an IOFilterScheme driver
- From: Misha Pak <email@hidden>
- Date: Tue, 16 Jul 2013 19:27:29 +0300
Hi all
I've been trying to figure out a way to write a file-based encryption driver, which is oblivious to any particular file system and works transparently. The system has to encrypt some files on a given volume while leaving others totally intact, depending on a list provided by some user-mode controlling process.
Now I know that it is next to impossible to write a proper file filter driver that "will sit" on top (just below VFS) and intercept all IO operations on a specific file (like I can easily do on Windows)
On the other hand, using KAUTH (which does have info about files), I have no access to the actual data...
So I decided to try my luck with a block level filter driver, using IOFilterScheme.
However at this level, I cannot easily figure out which block corresponds to which file, since there is no concept of "file" at this level.
Is there still a way to obtain that information via some other, "side" information? Like, for example: checking which process owns the current write (or read) request and via some "proc" structure mangling figure out which file are working on?
There just HAS to be a way to do some sort of file-based filtering in the kernel... :-)
Thanks a lot!
Misha.
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Darwin-kernel mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden