site_archiver@lists.apple.com Delivered-To: Darwin-kernel@lists.apple.com Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; bh=VAmQs4Jvi0pF2hb8Lr36VcXmOwToUkZYmfhPg+eMd7w=; b=h7sQa3g8YsidaGYUxoIPiSoan79GtkzPFNLhmAqvgr4atMQB5g11mNxbTSx9GQ10APzMgU4DZZnM0cdnAjomE13vGsjReR8Y8AGNZdliODepem8Kn+DCv4G35BprZ4KXe7usA2lrUXNyz1c5/Q/rmBtn09MdDrE0ZY6C/rk3b5I= Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=Q6qiL3dUHScq/POJNZFOJxuzZBrc68JJb98Jw7ncMPT+K4qxOfHBpQDn+8+hkZQ9D/6g2S6qoBkFmxboMPtg589nzh56GRFYzwtKOx1GxgGeYonoUEqH89qjw2wNxyGpUf+GVDvV5osZkqydvk5dw/4hV64ZVelG65fGmEKfLzc= On Sat, Mar 22, 2008 at 12:27 AM, Rick Macklem <rmacklem@uoguelph.ca> wrote:
goes something like this... (untested, of course:-) struct vnode_attr vattr;
VATTR_INIT(&vattr); VATTR_WANTED(&vattr, va_mode); err = vnode_getattr(vp, &vattr, vfs_context_current());
Thanks. I figured it out also after reading the auditing related sources. I had some issues before I found out that you can couple multiple VATTR_WANTED calls :)
You'll find Darwin quite different than FreeBSD w.r.t. this. The doc is use is the kernel sources (xnu-1228.tar.gz found under "Get the Source" on http://developer.apple.com). Look in xnu-1228/bsd/nfs/nfs_serv.c for an example.
Right on, thanks again!
Don't know the answer to the others, although you can probably figure out what crypto functions are in the kernel by looking ay the above sources. (If you use anything that isn't a kpi in your kext, you'll be walking on thin ice like I do. I figure that's ok for an open source project, but probably unwize for something that might be shipped to customers. Others might elaborate on this.)
The BSD subsystem provides AES and SHA2 related functionality apparently, so I will stick to that instead of porting my existing crypto to kernel-land. I'm not sure on what's the best policy here, if I should start a new thread for some kauth related questions. I'm trying to implement a vnode scope listener that catches binary executions but so far I've only got a fileop scope listener to catch those properly. Maybe I'm simply doing something wrong. I was receiving NULL dvp (parent vnode) structures, which is impossible if we are executing a binary (ie. it must have a parent vnode, be it the root directory or the immediately top directory where the binary image / mach-o object is located). Cheers, -- John. _______________________________________________ Do not post admin requests to the list. They will be ignored. Darwin-kernel mailing list (Darwin-kernel@lists.apple.com) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/darwin-kernel/site_archiver%40lists.a... This email sent to site_archiver@lists.apple.com