2016-07-06 18:49:22 +03:00
/*
* Copyright ( c ) 2016 Fabien Siron < fabien . siron @ epita . fr >
2016-07-08 19:01:49 +03:00
* Copyright ( c ) 2016 Dmitry V . Levin < ldv @ altlinux . org >
2017-05-22 20:14:52 +03:00
* Copyright ( c ) 2016 - 2017 The strace developers .
2016-07-06 18:49:22 +03:00
* All rights reserved .
*
* Redistribution and use in source and binary forms , with or without
* modification , are permitted provided that the following conditions
* are met :
* 1. Redistributions of source code must retain the above copyright
* notice , this list of conditions and the following disclaimer .
* 2. Redistributions in binary form must reproduce the above copyright
* notice , this list of conditions and the following disclaimer in the
* documentation and / or other materials provided with the distribution .
* 3. The name of the author may not be used to endorse or promote products
* derived from this software without specific prior written permission .
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ` ` AS IS ' ' AND ANY EXPRESS OR
* IMPLIED WARRANTIES , INCLUDING , BUT NOT LIMITED TO , THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED .
* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT , INDIRECT ,
* INCIDENTAL , SPECIAL , EXEMPLARY , OR CONSEQUENTIAL DAMAGES ( INCLUDING , BUT
* NOT LIMITED TO , PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES ; LOSS OF USE ,
* DATA , OR PROFITS ; OR BUSINESS INTERRUPTION ) HOWEVER CAUSED AND ON ANY
* THEORY OF LIABILITY , WHETHER IN CONTRACT , STRICT LIABILITY , OR TORT
* ( INCLUDING NEGLIGENCE OR OTHERWISE ) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE , EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE .
*/
# include "defs.h"
# include <sys/socket.h>
2017-06-04 17:53:22 +03:00
# include <linux/audit.h>
2016-07-06 18:49:22 +03:00
# include <linux/netlink.h>
2017-06-04 19:43:48 +03:00
# include <linux/rtnetlink.h>
2017-06-04 19:57:21 +03:00
# include <linux/xfrm.h>
2016-07-06 18:49:22 +03:00
# include "xlat/netlink_flags.h"
2017-06-04 20:03:44 +03:00
# include "xlat/netlink_protocols.h"
2016-07-06 18:49:22 +03:00
# include "xlat/netlink_types.h"
2017-06-04 17:53:22 +03:00
# include "xlat/nl_audit_types.h"
2017-06-04 21:14:50 +03:00
# include "xlat/nl_netfilter_msg_types.h"
# include "xlat/nl_netfilter_subsys_ids.h"
2017-06-04 19:43:48 +03:00
# include "xlat/nl_route_types.h"
2017-06-04 19:48:10 +03:00
# include "xlat/nl_selinux_types.h"
2017-06-04 02:19:49 +03:00
# include "xlat/nl_sock_diag_types.h"
2017-06-04 19:57:21 +03:00
# include "xlat/nl_xfrm_types.h"
2016-07-06 18:49:22 +03:00
2017-04-17 07:37:29 +03:00
# undef NLMSG_HDRLEN
# define NLMSG_HDRLEN NLMSG_ALIGN(sizeof(struct nlmsghdr))
2016-07-08 19:01:49 +03:00
/*
* Fetch a struct nlmsghdr from the given address .
*/
static bool
2016-12-21 02:16:25 +03:00
fetch_nlmsghdr ( struct tcb * const tcp , struct nlmsghdr * const nlmsghdr ,
2016-12-26 13:26:03 +03:00
const kernel_ulong_t addr , const kernel_ulong_t len )
2016-07-06 18:49:22 +03:00
{
2016-07-08 19:01:49 +03:00
if ( len < sizeof ( struct nlmsghdr ) ) {
2016-12-20 19:43:26 +03:00
printstrn ( tcp , addr , len ) ;
2016-07-08 19:01:49 +03:00
return false ;
2016-07-06 18:49:22 +03:00
}
2016-07-08 19:01:49 +03:00
if ( umove_or_printaddr ( tcp , addr , nlmsghdr ) )
return false ;
return true ;
}
2017-06-04 01:56:32 +03:00
enum {
NL_FAMILY_ERROR = - 1 ,
NL_FAMILY_DEFAULT = - 2
} ;
2017-06-04 02:19:49 +03:00
static int
get_fd_nl_family ( struct tcb * const tcp , const int fd )
{
const unsigned long inode = getfdinode ( tcp , fd ) ;
if ( ! inode )
return NL_FAMILY_ERROR ;
const char * const details = get_sockaddr_by_inode ( tcp , fd , inode ) ;
if ( ! details )
return NL_FAMILY_ERROR ;
const char * const nl_details = STR_STRIP_PREFIX ( details , " NETLINK:[ " ) ;
if ( nl_details = = details )
return NL_FAMILY_ERROR ;
const struct xlat * xlats = netlink_protocols ;
for ( ; xlats - > str ; + + xlats ) {
const char * name = STR_STRIP_PREFIX ( xlats - > str , " NETLINK_ " ) ;
if ( ! strncmp ( nl_details , name , strlen ( name ) ) )
return xlats - > val ;
}
if ( * nl_details > = ' 0 ' & & * nl_details < = ' 9 ' )
return atoi ( nl_details ) ;
return NL_FAMILY_ERROR ;
}
static const struct {
const struct xlat * const xlat ;
const char * const dflt ;
} nlmsg_types [ ] = {
2017-06-04 17:53:22 +03:00
[ NETLINK_AUDIT ] = { nl_audit_types , " AUDIT_??? " } ,
2017-06-04 21:14:50 +03:00
[ NETLINK_NETFILTER ] = { nl_netfilter_subsys_ids , " NFNL_SUBSYS_??? " } ,
2017-06-04 19:43:48 +03:00
[ NETLINK_ROUTE ] = { nl_route_types , " RTM_??? " } ,
2017-06-04 19:48:10 +03:00
[ NETLINK_SELINUX ] = { nl_selinux_types , " SELNL_MSG_??? " } ,
2017-06-04 19:57:21 +03:00
[ NETLINK_SOCK_DIAG ] = { nl_sock_diag_types , " SOCK_DIAG_??? " } ,
[ NETLINK_XFRM ] = { nl_xfrm_types , " XFRM_MSG_??? " }
2017-06-04 02:19:49 +03:00
} ;
/*
* As all valid netlink families are positive integers , use unsigned int
* for family here to filter out NL_FAMILY_ERROR and NL_FAMILY_DEFAULT .
*/
static void
decode_nlmsg_type ( const uint16_t type , const unsigned int family )
{
if ( family < ARRAY_SIZE ( nlmsg_types )
& & nlmsg_types [ family ] . xlat ) {
2017-06-04 21:14:50 +03:00
if ( family = = NETLINK_NETFILTER ) {
/* Reserved control nfnetlink messages first. */
const char * text = xlookup ( nl_netfilter_msg_types ,
type ) ;
if ( text ) {
tprints ( text ) ;
return ;
}
/*
* Other netfilter message types are split
* in two pieces : 8 bits subsystem and 8 bits type .
*/
const uint8_t subsys_id = ( uint8_t ) ( type > > 8 ) ;
const uint8_t msg_type = ( uint8_t ) type ;
printxval ( nlmsg_types [ family ] . xlat , subsys_id ,
nlmsg_types [ family ] . dflt ) ;
/*
* The type is subsystem specific ,
* print it in numeric format for now .
*/
tprintf ( " <<8|%#x " , msg_type ) ;
} else {
printxval ( nlmsg_types [ family ] . xlat , type ,
nlmsg_types [ family ] . dflt ) ;
}
2017-06-04 02:19:49 +03:00
} else {
printxval ( netlink_types , type , " NLMSG_??? " ) ;
}
}
2017-06-04 01:56:32 +03:00
static int
2016-07-11 15:54:59 +03:00
print_nlmsghdr ( struct tcb * tcp ,
const int fd ,
2017-06-04 01:56:32 +03:00
int family ,
2016-07-11 15:54:59 +03:00
const struct nlmsghdr * const nlmsghdr )
2016-07-08 19:01:49 +03:00
{
/* print the whole structure regardless of its nlmsg_len */
tprintf ( " {len=%u, type= " , nlmsghdr - > nlmsg_len ) ;
2016-07-06 18:49:22 +03:00
2017-06-04 02:19:49 +03:00
const int hdr_family = ( nlmsghdr - > nlmsg_type < NLMSG_MIN_TYPE )
? NL_FAMILY_DEFAULT
: ( family ! = NL_FAMILY_DEFAULT
? family : get_fd_nl_family ( tcp , fd ) ) ;
decode_nlmsg_type ( nlmsghdr - > nlmsg_type , hdr_family ) ;
2016-07-06 18:49:22 +03:00
tprints ( " , flags= " ) ;
2016-07-08 19:01:49 +03:00
printflags ( netlink_flags , nlmsghdr - > nlmsg_flags , " NLM_F_??? " ) ;
tprintf ( " , seq=%u, pid=%u} " , nlmsghdr - > nlmsg_seq ,
nlmsghdr - > nlmsg_pid ) ;
2017-06-04 01:56:32 +03:00
2017-06-04 02:19:49 +03:00
return family ! = NL_FAMILY_DEFAULT ? family : hdr_family ;
2016-07-08 19:01:49 +03:00
}
2016-07-06 18:49:22 +03:00
2017-04-17 07:37:41 +03:00
static void
decode_nlmsghdr_with_payload ( struct tcb * const tcp ,
2016-07-11 15:54:59 +03:00
const int fd ,
2017-06-04 01:56:32 +03:00
int family ,
2017-04-17 07:37:41 +03:00
const struct nlmsghdr * const nlmsghdr ,
const kernel_ulong_t addr ,
const kernel_ulong_t len ) ;
static void
decode_nlmsgerr ( struct tcb * const tcp ,
2016-07-11 15:54:59 +03:00
const int fd ,
2017-06-04 01:56:32 +03:00
const int family ,
2016-07-11 15:54:59 +03:00
kernel_ulong_t addr ,
kernel_ulong_t len )
2017-04-17 07:37:41 +03:00
{
struct nlmsgerr err ;
2017-06-03 01:22:22 +03:00
if ( len < sizeof ( err . error ) ) {
printstrn ( tcp , addr , len ) ;
return ;
}
2017-04-17 07:37:41 +03:00
if ( umove_or_printaddr ( tcp , addr , & err . error ) )
return ;
tprints ( " {error= " ) ;
if ( err . error < 0 & & ( unsigned ) - err . error < nerrnos ) {
tprintf ( " -%s " , errnoent [ - err . error ] ) ;
} else {
tprintf ( " %d " , err . error ) ;
}
addr + = offsetof ( struct nlmsgerr , msg ) ;
len - = offsetof ( struct nlmsgerr , msg ) ;
if ( len ) {
tprints ( " , msg= " ) ;
if ( fetch_nlmsghdr ( tcp , & err . msg , addr , len ) ) {
2017-06-04 01:56:32 +03:00
decode_nlmsghdr_with_payload ( tcp , fd , family ,
& err . msg , addr , len ) ;
2017-04-17 07:37:41 +03:00
}
}
tprints ( " } " ) ;
}
static void
decode_payload ( struct tcb * const tcp ,
2016-07-11 15:54:59 +03:00
const int fd ,
2017-06-04 01:56:32 +03:00
const int family ,
2017-04-17 07:37:41 +03:00
const struct nlmsghdr * const nlmsghdr ,
const kernel_ulong_t addr ,
const kernel_ulong_t len )
{
2017-06-03 01:22:22 +03:00
if ( nlmsghdr - > nlmsg_type = = NLMSG_ERROR ) {
2017-06-04 01:56:32 +03:00
decode_nlmsgerr ( tcp , fd , family , addr , len ) ;
2017-06-03 01:22:22 +03:00
return ;
2017-05-05 13:21:17 +03:00
} else if ( nlmsghdr - > nlmsg_type = = NLMSG_DONE & & len = = sizeof ( int ) ) {
int num ;
if ( ! umove_or_printaddr ( tcp , addr , & num ) )
tprintf ( " %d " , num ) ;
return ;
2017-04-17 07:37:41 +03:00
}
2017-06-03 01:22:22 +03:00
printstrn ( tcp , addr , len ) ;
2017-04-17 07:37:41 +03:00
}
2016-07-08 19:01:49 +03:00
static void
2016-12-21 02:16:25 +03:00
decode_nlmsghdr_with_payload ( struct tcb * const tcp ,
2016-07-11 15:54:59 +03:00
const int fd ,
2017-06-04 01:56:32 +03:00
int family ,
2016-07-08 19:01:49 +03:00
const struct nlmsghdr * const nlmsghdr ,
2016-12-26 13:26:03 +03:00
const kernel_ulong_t addr ,
const kernel_ulong_t len )
2016-07-08 19:01:49 +03:00
{
tprints ( " { " ) ;
2017-06-04 01:56:32 +03:00
family = print_nlmsghdr ( tcp , fd , family , nlmsghdr ) ;
2016-07-06 18:49:22 +03:00
2016-12-25 04:31:49 +03:00
unsigned int nlmsg_len =
2016-07-08 19:01:49 +03:00
nlmsghdr - > nlmsg_len > len ? len : nlmsghdr - > nlmsg_len ;
2017-04-17 07:37:29 +03:00
if ( nlmsg_len > NLMSG_HDRLEN ) {
2016-07-06 18:49:22 +03:00
tprints ( " , " ) ;
2017-06-04 01:56:32 +03:00
decode_payload ( tcp , fd , family , nlmsghdr , addr + NLMSG_HDRLEN ,
nlmsg_len - NLMSG_HDRLEN ) ;
2016-07-06 18:49:22 +03:00
}
tprints ( " } " ) ;
}
2016-07-08 19:01:49 +03:00
void
2016-07-11 15:54:59 +03:00
decode_netlink ( struct tcb * const tcp ,
const int fd ,
kernel_ulong_t addr ,
kernel_ulong_t len )
2016-07-08 19:01:49 +03:00
{
struct nlmsghdr nlmsghdr ;
bool print_array = false ;
unsigned int elt ;
for ( elt = 0 ; fetch_nlmsghdr ( tcp , & nlmsghdr , addr , len ) ; elt + + ) {
if ( abbrev ( tcp ) & & elt = = max_strlen ) {
tprints ( " ... " ) ;
break ;
}
2016-12-25 04:31:49 +03:00
unsigned int nlmsg_len = NLMSG_ALIGN ( nlmsghdr . nlmsg_len ) ;
2016-12-26 13:26:03 +03:00
kernel_ulong_t next_addr = 0 ;
kernel_ulong_t next_len = 0 ;
2016-07-08 19:01:49 +03:00
2017-04-17 07:37:29 +03:00
if ( nlmsghdr . nlmsg_len > = NLMSG_HDRLEN ) {
2016-07-08 19:01:49 +03:00
next_len = ( len > = nlmsg_len ) ? len - nlmsg_len : 0 ;
if ( next_len & & addr + nlmsg_len > addr )
next_addr = addr + nlmsg_len ;
}
if ( ! print_array & & next_addr ) {
tprints ( " [ " ) ;
print_array = true ;
}
2017-06-04 01:56:32 +03:00
decode_nlmsghdr_with_payload ( tcp , fd , NL_FAMILY_DEFAULT ,
& nlmsghdr , addr , len ) ;
2016-07-08 19:01:49 +03:00
if ( ! next_addr )
break ;
tprints ( " , " ) ;
addr = next_addr ;
len = next_len ;
}
if ( print_array ) {
tprints ( " ] " ) ;
}
}