Hi all,
I finally found this related mailing list to post the questions I have for Mac OS file system driver. I would like to give you some background about myself. I haven’t done any Mac OS app or driver development before, so I am a newbie here. I have a few years of Windows file system filter driver development experience. Recently my boss asked me to explore whether it is possible to port our Windows file system encryption driver to Mac OS. I have gone through Apple Developer guides and some sample codes such as KauthORama and Fuse4x, but I still have a few questions waiting for answer from the experts in this mailing list. The specific questions are:
1/ Is there any existing product in Mac that do transparent file encryption/decryption? I am not talking about disk based encryption such as FileVault or volume based encryption like TrueCrypt. The product can attach to existing file systems (at boot time) and transparently encrypt/decrypt files after user authentication?
2/ Can I use Kernel Authorization method to do this transparent encryption / decryption? Can I hook on vnode and file operations of kernel authorization for this project?
3/ Is the Kernel Authorization method specific to Mac OS or is it also supported in general Linux OS?
4/ Is there any sample code for user/kernel communication?
5/ Is it possible to block in kernel (e.g. file open) and let user mode to do processing and return the result to kernel and unblock kernel?
6/ Is there any file system reentrant problem, e.g. block ‘file open’ in kernel and let user mode opens the file like checking the file header? Will the kernel get another file open again from this user mode open? How to solve this reentrant problem in kernel?
7/ I know it is not recommended to do file IO operations in kernel, but I would prefer open/read/write operations in kernel so that my encryption driver do not require to do a lot of cross boundary to user mode for file operations, such as check/write header, check file size, etc. Is there any sample available for doing file IO in kernel?
8/ For the vnode operation of Kernel Authorization method, can I modify the read/write buffer (decryption/encryption) before passing the request to lower file system?
9/ Can I read the file with ‘No cache’ option so that the Cache Manager (exist in Mac?) will not store this encrypted data? Hope I can also do this ‘No Cache’ read operation in kernel.
10/ Any other methods to do this encryption driver other than kernel authorization?
11/ I also went through the sample ‘SampleFilterScheme’ driver to see if I can use it for my purpose. I made some modification to the code so that it can compile 64-bit KEXT in Xcode 4.3.1. I followed the readme file and tried to run it in Mac OS Lion (10.7.3), however, when I mounted the image ‘Apple_DTS_Filtered_Example.img’, it returned disk image error ‘No mountable file systems’. Hope someone can teach me how to run it in my environment . I am not too sure what this sample can do. Can I use SampleFilterScheme for my encryption project?
These are all the questions for now. If this is a wrong mailing list to post, please let me know the correct list.
I appreciate any suggestion from any of you! Thank you!
Regards,
Sinlam