Lists

Terms and Conditions
Lists hosted on this site
Email the Postmaster
Tips for posting to public mailing lists

Re: clonefile and kauth

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: clonefile and kauth

Subject: Re: clonefile and kauth
From: Slava Imameev <email@hidden>
Date: Wed, 24 Oct 2018 19:05:16 +1100

Hi,

Instead of a KAUTH_SCOPE_FILEOP callback you need a KAUTH_SCOPE_VNODE
callback.
Registered KAUTH_SCOPE_VNODE callbacks are called with KAUTH_VNODE_ADD_FILE
and KAUTH_VNODE_ADD_SUBDIRECTORY from the clonefile system call.
Though it is not possible to distinguish clonefile inside KAUTH callback
from operations with the same KAUTH_VNODE_* operations.
You either need to backtrace a callstack from KAUTH callback or use an
undocumented option of registering MAC vnode_check_clone callback.

Regards,
Slava Imameev

On Wed, Oct 24, 2018 at 10:40 AM Craig Davison <email@hidden> wrote:

> Hello,
>
> Is there a way to monitor clonefile operations with the kauth kpi? I
> don't see any relevant KAUTH_FILEOP_* in sys/kauth.h.
>
> Thank you,
> --
> Craig Davison
>  _______________________________________________
> Do not post admin requests to the list. They will be ignored.
> Darwin-kernel mailing list      (email@hidden)
> Help/Unsubscribe/Update your Subscription:
>
>
> This email sent to email@hidden
>

 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Darwin-kernel mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden

Follow-Ups:
- Re: clonefile and kauth
  - From: Craig Davison <email@hidden>

References:
	>clonefile and kauth (From: Craig Davison <email@hidden>)

Prev by Date: clonefile and kauth
Next by Date: Re: clonefile and kauth
Previous by thread: clonefile and kauth
Next by thread: Re: clonefile and kauth
Index(es):
- Date
- Thread