Function

vnode_authorize

Authorize a kauth-style action on a vnode.

Declaration

int vnode_authorize(vnode_t vp, vnode_t dvp, kauth_action_t action, vfs_context_t ctx);

Parameters

vp

Vnode on which to authorize action.

dvp

Parent of "vp," can be NULL.

action

Action to authorize, e.g. KAUTH_VNODE_READ_DATA. See bsd/sys/kauth.h.

ctx

Context for which to authorize actions.

Return Value

EACCESS if permission is denied. 0 if operation allowed. Various errors from lower layers.

Discussion

Operations on dead vnodes are always allowed (though never do anything).