]> git.saurik.com Git - apple/xnu.git/blob - tools/cred_dump_creds.c
xnu-1228.0.2.tar.gz
[apple/xnu.git] / tools / cred_dump_creds.c
1 /* quick and dirty hack to grab all credentials in the cred hash table
2 * from kernel via sysctl.
3 * sysctl is only defined if xnu is built with DEBUG_CRED defined.
4 */
5
6 #include <stdio.h>
7 #include <stdlib.h>
8 #include <fcntl.h>
9 #include <limits.h>
10 #include <string.h>
11 #include <errno.h>
12 #include <unistd.h>
13 #include <sys/stat.h>
14 #include <sys/types.h>
15 #include <sys/sysctl.h>
16 #include <bsm/audit.h>
17
18 /* bad! this is replicated in kern_credential.c. make sure they stay in sync!
19 * Or better yet have commone header file?
20 */
21 struct debug_ucred {
22 uint32_t credp;
23 uint32_t cr_ref; /* reference count */
24 uid_t cr_uid; /* effective user id */
25 uid_t cr_ruid; /* real user id */
26 uid_t cr_svuid; /* saved user id */
27 short cr_ngroups; /* number of groups in advisory list */
28 gid_t cr_groups[NGROUPS]; /* advisory group list */
29 gid_t cr_rgid; /* real group id */
30 gid_t cr_svgid; /* saved group id */
31 uid_t cr_gmuid; /* UID for group membership purposes */
32 struct auditinfo cr_au; /* user auditing data */
33 uint32_t cr_label; /* MACF label */
34 int cr_flags; /* flags on credential */
35 };
36 typedef struct debug_ucred debug_ucred;
37
38 void dump_cred_hash_table( debug_ucred * credp, size_t buf_size );
39 void dump_cred( debug_ucred * credp );
40
41
42 main( int argc, char *argv[] )
43 {
44 int err;
45 size_t len;
46 char *my_bufferp = NULL;
47
48 /* get size of buffer we will need */
49 len = 0;
50 err = sysctlbyname( "kern.dump_creds", NULL, &len, NULL, 0 );
51 if ( err != 0 ) {
52 printf( "sysctl failed \n" );
53 printf( "\terrno %d - \"%s\" \n", errno, strerror( errno ) );
54 return;
55 }
56
57 /* get a buffer for our credentials. need some spare room since table could have grown */
58 my_bufferp = malloc( len );
59 if ( my_bufferp == NULL ) {
60 printf( "malloc error %d - \"%s\" \n", errno, strerror( errno ) );
61 return;
62 }
63 err = sysctlbyname( "kern.dump_creds", my_bufferp, &len, NULL, 0 );
64 if ( err != 0 ) {
65 printf( "sysctl 2 failed \n" );
66 printf( "\terrno %d - \"%s\" \n", errno, strerror( errno ) );
67 return;
68 }
69 dump_cred_hash_table( (debug_ucred *)my_bufferp, len );
70
71 return;
72 }
73
74 void dump_cred_hash_table( debug_ucred * credp, size_t buf_size )
75 {
76 int i, my_count = (buf_size / sizeof(debug_ucred));
77
78 printf("\n\t dumping credential hash table - total creds %d \n",
79 my_count);
80 for (i = 0; i < my_count; i++) {
81 printf("[%02d] ", i);
82 dump_cred( credp );
83 credp++;
84 }
85 return;
86 }
87
88 void dump_cred( debug_ucred * credp )
89 {
90 int i;
91 printf("%p ", credp->credp);
92 printf("%lu ", credp->cr_ref);
93 printf("%d ", credp->cr_uid);
94 printf("%d ", credp->cr_ruid);
95 printf("%d ", credp->cr_svuid);
96 printf("%d g[", credp->cr_ngroups);
97 for (i = 0; i < credp->cr_ngroups; i++) {
98 printf("%d", credp->cr_groups[i]);
99 if ( (i + 1) < credp->cr_ngroups ) {
100 printf(" ");
101 }
102 }
103 printf("] %d ", credp->cr_rgid);
104 printf("%d ", credp->cr_svgid);
105 printf("%d ", credp->cr_gmuid);
106 printf("a[%d ", credp->cr_au.ai_auid);
107 printf("%d ", credp->cr_au.ai_mask.am_success);
108 printf("%d ", credp->cr_au.ai_mask.am_failure);
109 printf("%d ", credp->cr_au.ai_termid.port);
110 printf("%d ", credp->cr_au.ai_termid.machine);
111 printf("%d ", credp->cr_au.ai_asid);
112 printf("] ");
113 printf("%p ", credp->cr_label);
114 printf("0x%08x \n", credp->cr_flags);
115 printf("\n");
116 return;
117 }