The lack of a stackable file system support by Mac OS X VFS required to find a way to place a filter between VFS invoking vnode operations via VNOP_* functions and a file system driver implementing these vnode operations. To summarize the above, there is no official support from Apple if you need to filter read or/and write requests, filter and modify VFS vnode operation. They are called from system calls and other kernel subsystems, so MAC doesn't provide a consistent interface for VFS filter and if I remember correctly MAC was declared as deprecated for usage by third party developers. Instead of being called by VFS layer MAC registered callbacks are scattered through the kernel code. But MAC has limited functionality and not consistent in relation to file system filtering as it was not designed as a file system filter layer. The filtering can also be implemented by registering MAC ( Mandatory Access Control ) layer. In Windows parlance a kauth callback is a postoperation callback for create/open request ( IRP_MJ_CREATE for Windows ), that is all you have for Mac OS X. It doesn't allow filtering read and write operations and provides a limited control over file system operations as a vnode is already created at the moment of kauth callback invoking. The available kernel authorization subsystem ( kauth ) allows only filtering open requests and a limited number of operations on file/directory. Mac OS X doesn't support a full fledged file system filtering like Windows as Apple believes that BSD stackable file system doesn't fit Mac OS X. The project uses the distorm disassembler which is now released under BSD license. This is a non-viral license, only asking that if you use it, you acknowledge the authors, in this case Slava Imameev. The license model is a BSD Open Source License. A file system filter for Mac OS X License
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
January 2023
Categories |