[apple/xnu.git] / tools / cred_dump_creds.c

/* quick and dirty hack to grab all credentials in the cred hash table
 * from kernel via sysctl.
 * sysctl is only defined if xnu is built with DEBUG_CRED defined.
 */

#include <stdio.h>
#include <stdlib.h>
#include <fcntl.h>
#include <limits.h>
#include <string.h>
#include <errno.h>
#include <unistd.h>
#include <sys/stat.h>
#include <sys/types.h>
#include <sys/sysctl.h>
#include <bsm/audit.h>

/* bad!  this is replicated in kern_credential.c.  make sure they stay in sync!
 * Or better yet have commone header file? 
 */
struct debug_ucred {
	uint32_t	credp;
	uint32_t	cr_ref;				/* reference count */
	uid_t		cr_uid;				/* effective user id */
	uid_t		cr_ruid;			/* real user id */
	uid_t		cr_svuid;			/* saved user id */
	short		cr_ngroups;			/* number of groups in advisory list */
	gid_t		cr_groups[NGROUPS];	/* advisory group list */
	gid_t		cr_rgid;			/* real group id */
	gid_t		cr_svgid;			/* saved group id */
	uid_t		cr_gmuid;			/* UID for group membership purposes */
	struct auditinfo_addr cr_audit;			/* user auditing data */
	uint32_t	cr_label;			/* MACF label */
	int			cr_flags;			/* flags on credential */
};
typedef struct debug_ucred debug_ucred;

void dump_cred_hash_table( debug_ucred * credp, size_t buf_size );				
void dump_cred( debug_ucred * credp );


main( int argc, char *argv[] )
{
	int				err;
	size_t			len;
    char 			*my_bufferp = NULL;

	/* get size of buffer we will need */
	len = 0;
    err = sysctlbyname( "kern.dump_creds", NULL, &len, NULL, 0 );
	if ( err != 0 ) {
		printf( "sysctl failed  \n" );
		printf( "\terrno %d - \"%s\" \n", errno, strerror( errno ) );
		return;
	}
	
	/* get a buffer for our credentials.  need some spare room since table could have grown */
	my_bufferp = malloc( len );
	if ( my_bufferp == NULL ) {
		printf( "malloc error %d - \"%s\" \n", errno, strerror( errno ) );
		return;
	}
    err = sysctlbyname( "kern.dump_creds", my_bufferp, &len, NULL, 0 );
	if ( err != 0 ) {
		printf( "sysctl 2 failed  \n" );
		printf( "\terrno %d - \"%s\" \n", errno, strerror( errno ) );
		return;
	}
	dump_cred_hash_table( (debug_ucred *)my_bufferp, len );

	return;
}

void dump_cred_hash_table( debug_ucred * credp, size_t buf_size )
{
	int		i, my_count = (buf_size / sizeof(debug_ucred));
	
	printf("\n\t dumping credential hash table - total creds %d \n", 
			my_count);
	for (i = 0; i < my_count; i++) {
		printf("[%02d] ", i);
		dump_cred( credp );
		credp++;
	}
	return;
}

void dump_cred( debug_ucred * credp )
{
	int		i;
	printf("%p ", credp->credp);
	printf("%lu ", credp->cr_ref);
	printf("%d ", credp->cr_uid);
	printf("%d ", credp->cr_ruid);
	printf("%d ", credp->cr_svuid);
	printf("%d g[", credp->cr_ngroups);
	for (i = 0; i < credp->cr_ngroups; i++) {
		printf("%d", credp->cr_groups[i]);
		if ( (i + 1) < credp->cr_ngroups ) {
			printf(" ");
		}
	}
	printf("] %d ", credp->cr_rgid);
	printf("%d ", credp->cr_svgid);
	printf("%d ", credp->cr_gmuid);
	printf("a[%d ", credp->cr_audit.ai_auid);
	printf("%d ", credp->cr_audit.ai_mask.am_success);
	printf("%d ", credp->cr_audit.ai_mask.am_failure);
	printf("%d ", credp->cr_audit.ai_termid.at_port);
	printf("%d ", credp->cr_audit.ai_termid.at_addr[0]);
	printf("%d ", credp->cr_audit.ai_asid);
	printf("] ");
	printf("%p ", credp->cr_label);
	printf("0x%08x \n", credp->cr_flags);
	printf("\n");
	return;
}
Commit	Line	Data
2d21ac55 A	1	/* quick and dirty hack to grab all credentials in the cred hash table
	2	* from kernel via sysctl.
	3	* sysctl is only defined if xnu is built with DEBUG_CRED defined.
	4	*/
	5
	6	#include <stdio.h>
	7	#include <stdlib.h>
	8	#include <fcntl.h>
	9	#include <limits.h>
	10	#include <string.h>
	11	#include <errno.h>
	12	#include <unistd.h>
	13	#include <sys/stat.h>
	14	#include <sys/types.h>
	15	#include <sys/sysctl.h>
	16	#include <bsm/audit.h>
	17
	18	/* bad! this is replicated in kern_credential.c. make sure they stay in sync!
	19	* Or better yet have commone header file?
	20	*/
	21	struct debug_ucred {
	22	uint32_t credp;
	23	uint32_t cr_ref; /* reference count */
	24	uid_t cr_uid; /* effective user id */
	25	uid_t cr_ruid; /* real user id */
	26	uid_t cr_svuid; /* saved user id */
	27	short cr_ngroups; /* number of groups in advisory list */
	28	gid_t cr_groups[NGROUPS]; /* advisory group list */
	29	gid_t cr_rgid; /* real group id */
	30	gid_t cr_svgid; /* saved group id */
	31	uid_t cr_gmuid; /* UID for group membership purposes */
b0d623f7	32	struct auditinfo_addr cr_audit; /* user auditing data */
2d21ac55 A	33	uint32_t cr_label; /* MACF label */
	34	int cr_flags; /* flags on credential */
	35	};
	36	typedef struct debug_ucred debug_ucred;
	37
	38	void dump_cred_hash_table( debug_ucred * credp, size_t buf_size );
	39	void dump_cred( debug_ucred * credp );
	40
	41
	42	main( int argc, char *argv[] )
	43	{
	44	int err;
	45	size_t len;
	46	char *my_bufferp = NULL;
	47
	48	/* get size of buffer we will need */
	49	len = 0;
	50	err = sysctlbyname( "kern.dump_creds", NULL, &len, NULL, 0 );
	51	if ( err != 0 ) {
	52	printf( "sysctl failed \n" );
	53	printf( "\terrno %d - \"%s\" \n", errno, strerror( errno ) );
	54	return;
	55	}
	56
	57	/* get a buffer for our credentials. need some spare room since table could have grown */
	58	my_bufferp = malloc( len );
	59	if ( my_bufferp == NULL ) {
	60	printf( "malloc error %d - \"%s\" \n", errno, strerror( errno ) );
	61	return;
	62	}
	63	err = sysctlbyname( "kern.dump_creds", my_bufferp, &len, NULL, 0 );
	64	if ( err != 0 ) {
	65	printf( "sysctl 2 failed \n" );
	66	printf( "\terrno %d - \"%s\" \n", errno, strerror( errno ) );
	67	return;
	68	}
	69	dump_cred_hash_table( (debug_ucred *)my_bufferp, len );
	70
	71	return;
	72	}
	73
	74	void dump_cred_hash_table( debug_ucred * credp, size_t buf_size )
	75	{
	76	int i, my_count = (buf_size / sizeof(debug_ucred));
	77
	78	printf("\n\t dumping credential hash table - total creds %d \n",
	79	my_count);
	80	for (i = 0; i < my_count; i++) {
	81	printf("[%02d] ", i);
	82	dump_cred( credp );
	83	credp++;
	84	}
	85	return;
	86	}
	87
	88	void dump_cred( debug_ucred * credp )
	89	{
	90	int i;
	91	printf("%p ", credp->credp);
	92	printf("%lu ", credp->cr_ref);
	93	printf("%d ", credp->cr_uid);
	94	printf("%d ", credp->cr_ruid);
	95	printf("%d ", credp->cr_svuid);
	96	printf("%d g[", credp->cr_ngroups);
97	for (i = 0; i < credp->cr_ngroups; i++) {
98	printf("%d", credp->cr_groups[i]);
99	if ( (i + 1) < credp->cr_ngroups ) {
100	printf(" ");
101	}
102	}
103	printf("] %d ", credp->cr_rgid);
104	printf("%d ", credp->cr_svgid);
105	printf("%d ", credp->cr_gmuid);
b0d623f7 A	106	printf("a[%d ", credp->cr_audit.ai_auid);
	107	printf("%d ", credp->cr_audit.ai_mask.am_success);
	108	printf("%d ", credp->cr_audit.ai_mask.am_failure);
	109	printf("%d ", credp->cr_audit.ai_termid.at_port);
	110	printf("%d ", credp->cr_audit.ai_termid.at_addr[0]);
	111	printf("%d ", credp->cr_audit.ai_asid);
2d21ac55 A	112	printf("] ");
	113	printf("%p ", credp->cr_label);
	114	printf("0x%08x \n", credp->cr_flags);
	115	printf("\n");
	116	return;
	117	}