]>
git.saurik.com Git - apple/xnu.git/blob - tools/cred_dump_creds.c
1 /* quick and dirty hack to grab all credentials in the cred hash table
2 * from kernel via sysctl.
3 * sysctl is only defined if xnu is built with DEBUG_CRED defined.
14 #include <sys/types.h>
15 #include <sys/sysctl.h>
16 #include <bsm/audit.h>
18 /* bad! this is replicated in kern_credential.c. make sure they stay in sync!
19 * Or better yet have commone header file?
23 uint32_t cr_ref
; /* reference count */
24 uid_t cr_uid
; /* effective user id */
25 uid_t cr_ruid
; /* real user id */
26 uid_t cr_svuid
; /* saved user id */
27 short cr_ngroups
; /* number of groups in advisory list */
28 gid_t cr_groups
[NGROUPS
]; /* advisory group list */
29 gid_t cr_rgid
; /* real group id */
30 gid_t cr_svgid
; /* saved group id */
31 uid_t cr_gmuid
; /* UID for group membership purposes */
32 struct auditinfo cr_au
; /* user auditing data */
33 uint32_t cr_label
; /* MACF label */
34 int cr_flags
; /* flags on credential */
36 typedef struct debug_ucred debug_ucred
;
38 void dump_cred_hash_table( debug_ucred
* credp
, size_t buf_size
);
39 void dump_cred( debug_ucred
* credp
);
42 main( int argc
, char *argv
[] )
46 char *my_bufferp
= NULL
;
48 /* get size of buffer we will need */
50 err
= sysctlbyname( "kern.dump_creds", NULL
, &len
, NULL
, 0 );
52 printf( "sysctl failed \n" );
53 printf( "\terrno %d - \"%s\" \n", errno
, strerror( errno
) );
57 /* get a buffer for our credentials. need some spare room since table could have grown */
58 my_bufferp
= malloc( len
);
59 if ( my_bufferp
== NULL
) {
60 printf( "malloc error %d - \"%s\" \n", errno
, strerror( errno
) );
63 err
= sysctlbyname( "kern.dump_creds", my_bufferp
, &len
, NULL
, 0 );
65 printf( "sysctl 2 failed \n" );
66 printf( "\terrno %d - \"%s\" \n", errno
, strerror( errno
) );
69 dump_cred_hash_table( (debug_ucred
*)my_bufferp
, len
);
74 void dump_cred_hash_table( debug_ucred
* credp
, size_t buf_size
)
76 int i
, my_count
= (buf_size
/ sizeof(debug_ucred
));
78 printf("\n\t dumping credential hash table - total creds %d \n",
80 for (i
= 0; i
< my_count
; i
++) {
88 void dump_cred( debug_ucred
* credp
)
91 printf("%p ", credp
->credp
);
92 printf("%lu ", credp
->cr_ref
);
93 printf("%d ", credp
->cr_uid
);
94 printf("%d ", credp
->cr_ruid
);
95 printf("%d ", credp
->cr_svuid
);
96 printf("%d g[", credp
->cr_ngroups
);
97 for (i
= 0; i
< credp
->cr_ngroups
; i
++) {
98 printf("%d", credp
->cr_groups
[i
]);
99 if ( (i
+ 1) < credp
->cr_ngroups
) {
103 printf("] %d ", credp
->cr_rgid
);
104 printf("%d ", credp
->cr_svgid
);
105 printf("%d ", credp
->cr_gmuid
);
106 printf("a[%d ", credp
->cr_au
.ai_auid
);
107 printf("%d ", credp
->cr_au
.ai_mask
.am_success
);
108 printf("%d ", credp
->cr_au
.ai_mask
.am_failure
);
109 printf("%d ", credp
->cr_au
.ai_termid
.port
);
110 printf("%d ", credp
->cr_au
.ai_termid
.machine
);
111 printf("%d ", credp
->cr_au
.ai_asid
);
113 printf("%p ", credp
->cr_label
);
114 printf("0x%08x \n", credp
->cr_flags
);