#! /usr/sbin/dtrace -C -s
/* Copyright 2007 Apple Inc. All rights reserved. */
inline int KAUTH_EXTLOOKUP_REGISTER = 0;
inline int KAUTH_EXTLOOKUP_RESULT = (1<<0);
inline int KAUTH_EXTLOOKUP_WORKER = (1<<1);
inline int KAUTH_EXTLOOKUP_SUCCESS = 0; /* results here are good */
inline int KAUTH_EXTLOOKUP_BADRQ = 1; /* request badly formatted */
inline int KAUTH_EXTLOOKUP_FAILURE = 2; /* transient failure during lookup */
inline int KAUTH_EXTLOOKUP_FATAL = 3; /* permanent failure during lookup */
inline int KAUTH_EXTLOOKUP_INPROG = 100; /* request in progress */
inline int KAUTH_EXTLOOKUP_VALID_UID = (1<<0);
inline int KAUTH_EXTLOOKUP_VALID_UGUID = (1<<1);
inline int KAUTH_EXTLOOKUP_VALID_USID = (1<<2);
inline int KAUTH_EXTLOOKUP_VALID_GID = (1<<3);
inline int KAUTH_EXTLOOKUP_VALID_GGUID = (1<<4);
inline int KAUTH_EXTLOOKUP_VALID_GSID = (1<<5);
inline int KAUTH_EXTLOOKUP_WANT_UID = (1<<6);
inline int KAUTH_EXTLOOKUP_WANT_UGUID = (1<<7);
inline int KAUTH_EXTLOOKUP_WANT_USID = (1<<8);
inline int KAUTH_EXTLOOKUP_WANT_GID = (1<<9);
inline int KAUTH_EXTLOOKUP_WANT_GGUID = (1<<10);
inline int KAUTH_EXTLOOKUP_WANT_GSID = (1<<11);
inline int KAUTH_EXTLOOKUP_WANT_MEMBERSHIP = (1<<12);
inline int KAUTH_EXTLOOKUP_VALID_MEMBERSHIP = (1<<13);
inline int KAUTH_EXTLOOKUP_ISMEMBER = (1<<14);
#define GET_WORK_ITEM(from) \
(struct kauth_identity_extlookup *)copyin((from), \
sizeof(struct kauth_identity_extlookup));
#define KAUTH_OPCODE_STRING(opcode) \
(int)opcode == KAUTH_EXTLOOKUP_REGISTER ? "KAUTH_EXTLOOKUP_REGISTER" : \
(int)opcode == KAUTH_EXTLOOKUP_RESULT ? "KAUTH_EXTLOOKUP_RESULT" : \
(int)opcode == KAUTH_EXTLOOKUP_WORKER ? "KAUTH_EXTLOOKUP_WORKER" : \
stringof(opcode)
#define KAUTH_RESULT_STRING(res) \
(int)res == KAUTH_EXTLOOKUP_SUCCESS ? "KAUTH_EXTLOOKUP_SUCCESS" : \
(int)res == KAUTH_EXTLOOKUP_BADRQ ? "KAUTH_EXTLOOKUP_BADRQ" : \
(int)res == KAUTH_EXTLOOKUP_FAILURE ? "KAUTH_EXTLOOKUP_FAILURE" : \
(int)res == KAUTH_EXTLOOKUP_FATAL ? "KAUTH_EXTLOOKUP_FATAL" : \
(int)res == KAUTH_EXTLOOKUP_INPROG ? "KAUTH_EXTLOOKUP_INPROG" : \
stringof(res)
#define APPEND_FLAG(string, flagset, flag) \
(string) = strjoin((string), (int)(flagset) & (flag) ? \
strjoin((string) == "" ? "" : "|", #flag) : "")
#define KAUTH_FLAGS_STRING(string, flagset) \
APPEND_FLAG(string, flagset, KAUTH_EXTLOOKUP_VALID_UID);\
APPEND_FLAG(string, flagset, KAUTH_EXTLOOKUP_VALID_UGUID);\
APPEND_FLAG(string, flagset, KAUTH_EXTLOOKUP_VALID_USID);\
APPEND_FLAG(string, flagset, KAUTH_EXTLOOKUP_VALID_GID);\
APPEND_FLAG(string, flagset, KAUTH_EXTLOOKUP_VALID_GGUID);\
APPEND_FLAG(string, flagset, KAUTH_EXTLOOKUP_VALID_GSID);\
APPEND_FLAG(string, flagset, KAUTH_EXTLOOKUP_WANT_UID);\
APPEND_FLAG(string, flagset, KAUTH_EXTLOOKUP_WANT_UGUID);\
APPEND_FLAG(string, flagset, KAUTH_EXTLOOKUP_WANT_USID);\
APPEND_FLAG(string, flagset, KAUTH_EXTLOOKUP_WANT_GID);\
APPEND_FLAG(string, flagset, KAUTH_EXTLOOKUP_WANT_GGUID);\
APPEND_FLAG(string, flagset, KAUTH_EXTLOOKUP_WANT_GSID);\
APPEND_FLAG(string, flagset, KAUTH_EXTLOOKUP_WANT_MEMBERSHIP);\
APPEND_FLAG(string, flagset, KAUTH_EXTLOOKUP_VALID_MEMBERSHIP);\
APPEND_FLAG(string, flagset, KAUTH_EXTLOOKUP_ISMEMBER)
#define PRINTIT(value) \
printf("%s=%d\n", #value, (int)(value))
#define TRACE_EXTLOOKUP(ext) \
this->temp = ""; \
printf("el_result=%s\n", KAUTH_RESULT_STRING(ext->el_result)); \
KAUTH_FLAGS_STRING(this->temp, ext->el_flags); \
printf("el_flags=%s\n", this->temp); \
PRINTIT(ext->el_uguid_valid); \
PRINTIT(ext->el_usid_valid); \
PRINTIT(ext->el_gguid_valid); \
PRINTIT(ext->el_gsid_valid); \
PRINTIT(ext->el_member_valid)
syscall::identitysvc:entry
{
self->arg1 = arg1;
printf("opcode %s", KAUTH_OPCODE_STRING(arg0));
}
/* Directory service is giving a result to the kernel. */
syscall::identitysvc:entry
/ (int)arg0 == KAUTH_EXTLOOKUP_RESULT && self->arg1 != 0 /
{
this->work = GET_WORK_ITEM(self->arg1);
TRACE_EXTLOOKUP(this->work);
}
/* Kernel is giving a work request to the directory service. */
syscall::identitysvc:return
/ (int)arg0 == KAUTH_EXTLOOKUP_WORKER && self->arg1 != 0 /
{
this->work = GET_WORK_ITEM(self->arg1);
TRACE_EXTLOOKUP(this->work);
}