Create a hard link to a vnode from the kernel
Evgeny Yakovlev
I am writing a solution that intercepts file deletion and securely
deletes it by wiping file contents according to user configuration.
Currently i plan to achieve this by having a kauth kext that
intercepts KAUTH_VNODE_DELETE and a user space deamon that does actual
wiping. Somewhere, either in kext or in user space daemon, i want to
create a new hard link to the to-be-deleted vnode in a special folder
for each mount point, queue this file for wiping using this new link
and return from kauth callback. I can think of creating a new hard
link either in kernel (directly in kauth callback) or by notifying my
user space daemon and blocking until it creates the link (otherwise
there is a race condition between vnode deletion in kernel and link
call from user space daemon).
In the first case (create a hard link from kernel) i can't seem to
figure out how to do this because VNOP_LINK is private and probably
for good reason. In the second case (notifying the user space daemon)
i need to synchronize properly, i.e. to wait until user space daemon
creates a new hard link and then exit from kauth callback, which is
not that good since i need to share some kind of a semaphore and
actually block the kernel waiting for a user space event to occur.
I would prefere creating a hard link from kernel, but my question is
is it possible in the first case and if not what would have been a
better workaround?
Thanks
Evgeny
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Darwin-kernel mailing list (Darwin...@lists.apple.com)
Help/Unsubscribe/Update your Subscription:
https://lists.apple.com/mailman/options/darwin-kernel/darwin-kernel-garchive-95844%40googlegroups.com
This email sent to darwin-kernel-...@googlegroups.com