def calculate(self):
common.set_plugin_members(self)
mounts = mac_mount.mac_mount(self._config).calculate()
for mount in mounts:
vnode = mount.mnt_vnodelist.tqh_first
while vnode:
path = vnode.full_path()
yield vnode, path
vnode = vnode.v_mntvnodes.tqe_next
def calculate(self):
common.set_plugin_members(self)
mounts = mac_mount.mac_mount(self._config).calculate()
seen = {}
paths = {}
for mount in mounts:
vnode = mount.mnt_vnodelist.tqh_first
while vnode:
if vnode.v() in seen:
break
seen[vnode.v()] = 1
if vnode.v_flag.v() & 0x000001 != 0:
yield vnode, vnode.full_path()
fname = ""
parent_vnode = None
else:
fname = str(vnode.v_name.dereference() or '')
parent_vnode = vnode.v_parent
if parent_vnode != None and fname != "":
parent_key = parent_vnode.v()
# if not then calc full path and store in cache
if not parent_key in paths:
paths[parent_key] = parent_vnode.full_path()
if paths[parent_key] == "/":
sep = ""
else:
sep = "/"
# figure out our full path and store it
path = paths[parent_key] + sep + fname
paths[vnode.v()] = path
yield vnode, path
vnode = vnode.v_mntvnodes.tqe_next
def calculate(self):
common.set_plugin_members(self)
mounts = mac_mount.mac_mount(self._config).calculate()
seen = {}
paths = {}
for mount in mounts:
vnode = mount.mnt_vnodelist.tqh_first
while vnode:
if vnode.v() in seen:
break
seen[vnode.v()] = 1
if vnode.v_flag.v() & 0x000001 != 0:
yield vnode, vnode.full_path()
fname = ""
parent_vnode = None
else:
fname = str(vnode.v_name.dereference() or '')
parent_vnode = vnode.v_parent
if parent_vnode != None and fname != "":
parent_key = parent_vnode.v()
# if not then calc full path and store in cache
if not parent_key in paths:
paths[parent_key] = parent_vnode.full_path()
if paths[parent_key] == "/":
sep = ""
else:
sep = "/"
# figure out our full path and store it
path = paths[parent_key] + sep + fname
paths[vnode.v()] = path
yield vnode, path
vnode = vnode.v_mntvnodes.tqe_next
def list_files(config):
plugin = mac_mount.mac_mount(config)
mounts = plugin.calculate()
joiner = os.path.join
vnodes = {}
parent_vnodes = {}
## build an initial table of all vnodes
for mount in mounts:
vnode = mount.mnt_vnodelist.tqh_first.dereference()
while vnode:
## abort here to prevent going in a loop
if vnode.obj_offset in vnodes:
break
## its ok to call the slower full_path()
## here because its only done for root
## nodes which is only a couple per system
if int(vnode.v_flag) & 1:
name = vnode.full_path()
entry = [name, None, vnode]
vnodes[vnode.obj_offset] = entry
else:
name = vnode.v_name.dereference()
parent = vnode.v_parent.dereference()
if parent:
par_offset = parent.obj_offset
else:
if config.SHOW_ORPHANS:
par_offset = None
else:
vnode = vnode.v_mntvnodes.tqe_next.dereference()
continue
entry = [name, par_offset, vnode]
vnodes[vnode.obj_offset] = entry
vnode = vnode.v_mntvnodes.tqe_next.dereference()
## account for vnodes that aren't in the list but are
## referenced from other vnode's v_parent pointers
for key, val in vnodes.items():
name, parent, vnode = val
if not name or not parent:
continue
parent = obj.Object("vnode",
offset = parent,
vm = vnode.obj_vm)
while parent:
if parent.obj_offset in vnodes:
break
name = parent.v_name.dereference()
next_parent = parent.v_parent.dereference()
if next_parent:
par_offset = next_parent.obj_offset
else:
par_offset = None
entry = [name, par_offset, parent]
vnodes[parent.obj_offset] = entry
parent = next_parent
## build the full paths for all directories
for key, val in vnodes.items():
name, parent, vnode = val
## we can't have unnamed files or directories
if not name:
continue
if not vnode.is_dir():
continue
if parent in parent_vnodes:
full_path = joiner(parent_vnodes[parent], name)
else:
paths = [str(name)]
while parent:
entry = vnodes.get(parent)
## a vnode's parent wasn't found or
## we reached the root directory
if not entry:
break
name, parent, _vnode = entry
if not name:
break
paths.append(str(name))
## build the path in reverse order
full_path = "/".join(reversed(paths))
parent_vnodes[key] = full_path
## link everything up with their parents
for val in vnodes.values():
name, parent, vnode = val
if not name:
continue
entry = parent_vnodes.get(parent)
if not entry:
yield vnode, name
else:
full_path = joiner(entry, name)
## add a leading slash if one doesn't exist
if full_path[0] != "/":
full_path = "/" + full_path
## otherwise in some cases we may have double
## slashes so reduce that down to just one
elif full_path[0:2] == "//":
full_path = full_path[1:]
yield vnode, full_path
def list_files(config):
plugin = mac_mount.mac_mount(config)
mounts = plugin.calculate()
vnodes = {}
parent_vnodes = {}
loop_vnodes = set()
seen = set()
## build an initial table of all vnodes
for mount in mounts:
loop_vnodes = mac_list_files.walk_vnodelist(
mount.mnt_vnodelist, loop_vnodes)
loop_vnodes = mac_list_files.walk_vnodelist(
mount.mnt_workerqueue, loop_vnodes)
loop_vnodes = mac_list_files.walk_vnodelist(
mount.mnt_newvnodes, loop_vnodes)
loop_vnodes.add(mount.mnt_vnodecovered)
loop_vnodes.add(mount.mnt_realrootvp)
loop_vnodes.add(mount.mnt_devvp)
for vnode in loop_vnodes:
while vnode:
## abort here to prevent going in a loop
if vnode.obj_offset in vnodes:
break
## its ok to call the slower full_path()
## here because its only done for root
## nodes which is only a couple per system
if int(vnode.v_flag) & 1:
name = vnode.full_path()
entry = [name, None, vnode]
vnodes[vnode.obj_offset] = entry
else:
name = vnode.v_name.dereference()
parent = vnode.v_parent.dereference()
if parent:
par_offset = parent.obj_offset
else:
if config.SHOW_ORPHANS:
par_offset = None
else:
vnode = vnode.v_mntvnodes.tqe_next.dereference()
vnodes[vnode.obj_offset] = [None, None, vnode]
continue
entry = [name, par_offset, vnode]
vnodes[vnode.obj_offset] = entry
vnode = vnode.v_mntvnodes.tqe_next.dereference()
## account for vnodes that aren't in the list but are
## referenced from other vnode's v_parent pointers
for key, val in list(vnodes.items()):
name, parent, vnode = val
if not name or not parent:
continue
parent = obj.Object("vnode", offset=parent, vm=vnode.obj_vm)
while parent:
if parent.obj_offset in vnodes:
break
name = parent.v_name.dereference()
next_parent = parent.v_parent.dereference()
if next_parent:
par_offset = next_parent.obj_offset
else:
par_offset = None
entry = [str(name), par_offset, parent]
vnodes[parent.obj_offset] = entry
parent = next_parent
## build the full paths for all directories
for key, val in list(vnodes.items()):
name, parent, vnode = val
## we can't have unnamed files or directories
if not name:
continue
if not vnode.is_dir():
continue
name = str(name)
if parent in parent_vnodes:
full_path = parent_vnodes[parent] + "/" + name
else:
paths = [name]
seen_subs = set()
while parent and parent not in seen_subs:
seen_subs.add(parent)
entry = vnodes.get(parent)
## a vnode's parent wasn't found or
## we reached the root directory
if not entry:
break
name, parent, _vnode = entry
if not name:
break
paths.append(str(name))
## build the path in reverse order
full_path = "/".join(reversed(paths))
parent_vnodes[key] = full_path
## link everything up with their parents
for val in list(vnodes.values()):
name, parent, vnode = val
if not name:
continue
name = str(name)
entry = parent_vnodes.get(parent)
if not entry:
yield vnode, name
else:
full_path = entry + "/" + name
## add a leading slash if one doesn't exist
if full_path[0] != "/":
full_path = "/" + full_path
## otherwise in some cases we may have double
## slashes so reduce that down to just one
elif full_path[0:2] == "//":
full_path = full_path[1:]
yield vnode, full_path
def calculate(self):
common.set_plugin_members(self)
plugin = mac_mount.mac_mount(self._config)
mounts = plugin.calculate()
joiner = os.path.join
vnodes = {}
parent_vnodes = {}
## build an initial table of all vnodes
for mount in mounts:
vnode = mount.mnt_vnodelist.tqh_first.dereference()
while vnode:
## abort here to prevent going in a loop
if vnode.obj_offset in vnodes:
break
## its ok to call the slower full_path()
## here because its only done for root
## nodes which is only a couple per system
if int(vnode.v_flag) & 1:
name = vnode.full_path()
entry = [name, None, vnode]
vnodes[vnode.obj_offset] = entry
else:
name = vnode.v_name.dereference()
parent = vnode.v_parent.dereference()
if parent:
par_offset = parent.obj_offset
else:
par_offset = None
entry = [name, par_offset, vnode]
vnodes[vnode.obj_offset] = entry
vnode = vnode.v_mntvnodes.tqe_next.dereference()
## build the full paths for all directories
for key, val in vnodes.items():
name, parent, vnode = val
## we can't have unnamed files or directories
if not name:
continue
if not vnode.is_dir():
continue
if parent in parent_vnodes:
full_path = joiner(parent_vnodes[parent], name)
else:
paths = [str(name)]
while parent:
entry = vnodes.get(parent)
## a vnode's parent wasn't found or
## we reached the root directory
if not entry:
break
name, parent, _vnode = entry
if not name:
break
paths.append(str(name))
## build the path in reverse order
full_path = "/".join(reversed(paths))
parent_vnodes[key] = full_path
## link everything up with their parents
for val in vnodes.values():
name, parent, vnode = val
if not name:
continue
entry = parent_vnodes.get(parent)
if not entry:
yield vnode, name
else:
full_path = joiner(entry, name)
if full_path[0:2] == "//":
full_path = full_path[1:]
yield vnode, full_path
