On smbfs Kauth vnode authorizer is called after the file is truncated when open filesystem call is made with O_TRUNC

Hi,

I am using Kauth KAUTH_VNODE_WRITE_DATA to perform validations before a file is opened.

However, in case of smb shares the file is already truncated by the time I try to access it during vnode authorization callback when overwriting with O_TRUNC.

I can reproduce the issue using cp or creating a simple program that uses open(..., O_TRUNC) call on the smbfs destination path.


Looking at smbfs source code (https://opensource.apple.com/source/smb/smb-759.40.1/kernel/smbfs/smbfs_vnops.c)

Although I might be wrong, it seems that at least in one of the places the authorizer is called after open

authorizer is called at line

1725 error = ap->a_open_existing_authorizer(vp, cnp, fmode, context, NULL);

the file however was already opened at (not sure if truncation is handled here)

1701 error = smbfs_create_open(share, dvp, cnp, vap, open_disp, fmode, &fid, fap, &vp, context);


Has anyone seen similar issue? Is this behavior by design or is it a bug?

I am using 10.10.5/10.11.6 for testing.

Up vote post of Vishal S Down vote post of Vishal S
455 views
Posted by
Vishal S
Reply
Add a Comment

Replies

Is this behavior by design or is it a bug?

I don’t know but IMO it doesn’t really matter: if it’s causing you problems, you should file a bug about it.

Please post your bug number, just for the record.

Share and Enjoy

Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware 

let myEmail = "eskimo" + "1" + "@apple.com"
Posted by
eskimo
Up vote reply of eskimo Down vote reply of eskimo
Add a Comment

Thanks. I have filed a bug, ID 28275988.

Posted by
Vishal S
Up vote reply of Vishal S Down vote reply of Vishal S
Add a Comment