NAME

openat_authenticated_np — open files with authenticated volume verification

SYNOPSIS

#include <fcntl.h>

int
openat_authenticated_np(int fd, const char *path, int flags, int authfd);

DESCRIPTION

The openat_authenticated_np() function is a non-portable extension to the standard openat(2) system call that provides authenticated volume verification capabilities.

openat_authenticated_np() opens a file specified by path relative to the directory fd, ensuring it resides within an authenticated volume. The optional authfd parameter, when provided, ensures that the target file resides in the same authenticated volume as the file referenced by that file descriptor.

The flags parameter has the same meaning as in openat(2), with the restriction that file creation is not supported. If O_CREAT is specified in flags, the function will fail with EINVAL.

If fd is AT_FDCWD, the current working directory is used and the behavior is similar to open(2).

If authfd is AUTH_OPEN_NOAUTHFD, no authentication file descriptor is used and the function operates without volume authentication constraints. Otherwise, authfd must be a valid file descriptor that serves as the authentication reference for volume verification.

RETURN VALUES

Upon successful completion, openat_authenticated_np() returns a non-negative file descriptor. Otherwise, it returns -1 and sets errno to indicate the error.

ERRORS

In addition to the errors returned by openat(2), openat_authenticated_np() may fail with:

[EINVAL]

O_CREAT was specified in flags.

[EBADF]

authfd is not AUTH_OPEN_NOAUTHFD and is not a valid file descriptor.

[EPERM]

The calling process does not have permission to perform authenticated volume access.

[ENOTSUP]

The underlying file system does not support authenticated volume verification.

EXAMPLES

Open a file ensuring it resides in the same authenticated volume as another file:

int dirfd = open("/some/directory", O_RDONLY);
int authfd = open("/path/to/auth/file", O_RDONLY);
int fd = openat_authenticated_np(dirfd, "filename",
                                O_RDONLY, authfd);
if (fd == -1) {
    perror("openat_authenticated_np");
    exit(1);
}
close(authfd);
close(dirfd);

Open a file without volume authentication constraints:

int dirfd = open("/some/directory", O_RDONLY);
int fd = openat_authenticated_np(dirfd, "filename",
                                O_RDONLY, AUTH_OPEN_NOAUTHFD);
if (fd == -1) {
    perror("openat_authenticated_np");
    exit(1);
}
close(dirfd);

COMPATIBILITY

This function is a non-portable Apple extension and is not available on other operating systems. Code using this function should include appropriate conditional compilation directives for portability.

The _DARWIN_C_SOURCE feature test macro must be defined to access the authentication constants.

SEE ALSO

open(2), openat(2), close(2), fcntl(2)

HISTORY

The openat_authenticated_np() function was introduced in macOS 13.0 to provide authenticated file access capabilities for system frameworks requiring volume authentication verification.

NOTES

This function is primarily intended for use by system frameworks and applications that need authenticated volume verification. Most applications should use the standard open(2) and openat(2) functions unless specific authentication features are required.

The function operates in read-only mode for authentication purposes and does not support file creation. Applications should create files using standard functions and then open them with authentication if needed.