Lists

Terms and Conditions
Lists hosted on this site
Email the Postmaster
Tips for posting to public mailing lists

Re: clonefile and kauth

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: clonefile and kauth

Subject: Re: clonefile and kauth
From: Craig Davison <email@hidden>
Date: Wed, 24 Oct 2018 11:45:40 -0600

Thank you, Slava. That is very helpful

--
Craig Davison
On Wed, Oct 24, 2018 at 2:05 AM Slava Imameev <email@hidden> wrote:
>
> Hi,
>
> Instead of a KAUTH_SCOPE_FILEOP callback you need a KAUTH_SCOPE_VNODE
> callback.
> Registered KAUTH_SCOPE_VNODE callbacks are called with KAUTH_VNODE_ADD_FILE
> and KAUTH_VNODE_ADD_SUBDIRECTORY from the clonefile system call.
> Though it is not possible to distinguish clonefile inside KAUTH callback from
> operations with the same KAUTH_VNODE_* operations.
> You either need to backtrace a callstack from KAUTH callback or use an
> undocumented option of registering MAC vnode_check_clone callback.
>
> Regards,
> Slava Imameev
>
> On Wed, Oct 24, 2018 at 10:40 AM Craig Davison <email@hidden> wrote:
>>
>> Hello,
>>
>> Is there a way to monitor clonefile operations with the kauth kpi? I
>> don't see any relevant KAUTH_FILEOP_* in sys/kauth.h.
>>
>> Thank you,
>> --
>> Craig Davison
>>  _______________________________________________
>> Do not post admin requests to the list. They will be ignored.
>> Darwin-kernel mailing list      (email@hidden)
>> Help/Unsubscribe/Update your Subscription:
>>
>> This email sent to email@hidden
 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Darwin-kernel mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden

References:
	>clonefile and kauth (From: Craig Davison <email@hidden>)
	>Re: clonefile and kauth (From: Slava Imameev <email@hidden>)

Prev by Date: Re: clonefile and kauth
Previous by thread: Re: clonefile and kauth
Index(es):
- Date
- Thread