]> git.saurik.com Git - apple/xnu.git/blob - tools/cred_dump_creds.c
projects / apple / xnu.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
xnu-6153.141.1.tar.gz
[apple/xnu.git] / tools / cred_dump_creds.c
1 /* quick and dirty hack to grab all credentials in the cred hash table
2 * from kernel via sysctl.
3 * sysctl is only defined if xnu is built with DEBUG_CRED defined.
4 */
5
6 #include <stdio.h>
7 #include <stdlib.h>
8 #include <fcntl.h>
9 #include <limits.h>
10 #include <string.h>
11 #include <errno.h>
12 #include <unistd.h>
13 #include <sys/stat.h>
14 #include <sys/types.h>
15 #include <sys/sysctl.h>
16 #include <bsm/audit.h>
17
18 /* bad! this is replicated in kern_credential.c. make sure they stay in sync!
19 * Or better yet have commone header file?
20 */
21 struct debug_ucred {
22 uint32_t credp;
23 uint32_t cr_ref; /* reference count */
24 uid_t cr_uid; /* effective user id */
25 uid_t cr_ruid; /* real user id */
26 uid_t cr_svuid; /* saved user id */
27 short cr_ngroups; /* number of groups in advisory list */
28 gid_t cr_groups[NGROUPS]; /* advisory group list */
29 gid_t cr_rgid; /* real group id */
30 gid_t cr_svgid; /* saved group id */
31 uid_t cr_gmuid; /* UID for group membership purposes */
32 struct auditinfo_addr cr_audit; /* user auditing data */
33 uint32_t cr_label; /* MACF label */
34 int cr_flags; /* flags on credential */
35 };
36 typedef struct debug_ucred debug_ucred;
37
38 void dump_cred_hash_table( debug_ucred * credp, size_t buf_size );
39 void dump_cred( debug_ucred * credp );
40
41
42 main( int argc, char *argv[] )
43 {
44 int err;
45 size_t len;
46 char *my_bufferp = NULL;
47
48 /* get size of buffer we will need */
49 len = 0;
50 err = sysctlbyname( "kern.dump_creds", NULL, &len, NULL, 0 );
51 if (err != 0) {
52 printf( "sysctl failed \n" );
53 printf( "\terrno %d - \"%s\" \n", errno, strerror( errno ));
54 return;
55 }
56
57 /* get a buffer for our credentials. need some spare room since table could have grown */
58 my_bufferp = malloc( len );
59 if (my_bufferp == NULL) {
60 printf( "malloc error %d - \"%s\" \n", errno, strerror( errno ));
61 return;
62 }
63 err = sysctlbyname( "kern.dump_creds", my_bufferp, &len, NULL, 0 );
64 if (err != 0) {
65 printf( "sysctl 2 failed \n" );
66 printf( "\terrno %d - \"%s\" \n", errno, strerror( errno ));
67 return;
68 }
69 dump_cred_hash_table((debug_ucred *)my_bufferp, len );
70
71 return;
72 }
73
74 void
75 dump_cred_hash_table( debug_ucred * credp, size_t buf_size )
76 {
77 int i, my_count = (buf_size / sizeof(debug_ucred));
78
79 printf("\n\t dumping credential hash table - total creds %d \n",
80 my_count);
81 for (i = 0; i < my_count; i++) {
82 printf("[%02d] ", i);
83 dump_cred( credp );
84 credp++;
85 }
86 return;
87 }
88
89 void
90 dump_cred( debug_ucred * credp )
91 {
92 int i;
93 printf("%p ", credp->credp);
94 printf("%lu ", credp->cr_ref);
95 printf("%d ", credp->cr_uid);
96 printf("%d ", credp->cr_ruid);
97 printf("%d ", credp->cr_svuid);
98 printf("%d g[", credp->cr_ngroups);
99 for (i = 0; i < credp->cr_ngroups; i++) {
100 printf("%d", credp->cr_groups[i]);
101 if ((i + 1) < credp->cr_ngroups) {
102 printf(" ");
103 }
104 }
105 printf("] %d ", credp->cr_rgid);
106 printf("%d ", credp->cr_svgid);
107 printf("%d ", credp->cr_gmuid);
108 printf("a[%d ", credp->cr_audit.ai_auid);
109 printf("%d ", credp->cr_audit.ai_mask.am_success);
110 printf("%d ", credp->cr_audit.ai_mask.am_failure);
111 printf("%d ", credp->cr_audit.ai_termid.at_port);
112 printf("%d ", credp->cr_audit.ai_termid.at_addr[0]);
113 printf("%d ", credp->cr_audit.ai_asid);
114 printf("] ");
115 printf("%p ", credp->cr_label);
116 printf("0x%08x \n", credp->cr_flags);
117 printf("\n");
118 return;
119 }
mirror of XNU