19 Commits

Author SHA1 Message Date
10c61e3b22 Change unix_diag requests back to use full dump instead of exact match
Unfortunately, 64-bit linux kernel has a bug in matching inode numbers
greater than INT_MAX, so unix_diag exact match is not reliable.

This partially reverts commit 69bfc89770152033d4aa0bc5673fc46e65d89838.

* socketutils.c (unix_send_query): Add NLM_F_DUMP to nlmsg_flags,
remove initialization of udiag_cookie.
* tests/netlink_unix_diag.c (send_query): Remove "inode" argument,
add NLM_F_DUMP to nlmsg_flags, remove initialization of udiag_ino
and udiag_cookie.
(check_responses): Remove "inode" argument and its use.
(main): Remove invocation of inode_of_sockfd and passing of listening
socket inode to send_query and check_responses.
2016-02-19 01:44:33 +00:00
ea21823d27 socketutils: add const qualifier to variables
* socketutils.c (cache_and_print_inode_details): Make "details"
parameter const.
(print_sockaddr_by_inode_cached): Make "e" variable const.
(inet_send_query): Make struct nlmsghdr and struct inet_diag_req_v2
members const.  Make "msg" variable const.
(inet_parse_response): Make "data" parameter and diag_msg variable const.
(receive_responses): Make "h" and "rc" variables const.
(unix_send_query): Make struct nlmsghdr and struct unix_diag_req
members const.  Make "msg" variable const.
(unix_print): Make all parameters const.
(print_sockaddr_by_inode): Make proto_name parameter const.
2016-02-11 03:06:17 +00:00
bcf5975a3e print_sockaddr_by_inode: cleanup protocol lookup
* socketutils.c (tcp_v4_print, udp_v4_print, tcp_v6_print,
udp_v6_print): New functions.
(print_sockaddr_by_inode): Make "protocols" array static, replace
"family" and "protocol" members with "print" in its underlying
structure.  Iterate through protocols array when the protocol name
is specified.
2016-02-11 03:06:17 +00:00
3c17d1b5e1 Implement caching of print_sockaddr_by_inode
As -yy parser, compared to -y, needs to do at least 5 extra syscalls
(getxattr, socket, sendmsg, recvmsg, close) to print socket details,
caching results of netlink conversations between strace and kernel
noticeably reduces amount of system time spent by strace.

The caching is safe since sockets do not change their addresses after
successful bind or connect syscall.

* defs.h (string_quote, print_sockaddr_by_inode_cached): New prototypes.
* socketutils.c (cache_entry): New type.
(CACHE_SIZE, CACHE_MASK): New macros.
(cache): New static array.
(cache_and_print_inode_details): New static function.
(print_sockaddr_by_inode_cached): New function.
(inet_parse_response, unix_parse_response): Use
cache_and_print_inode_details.
* util.c (printfd): Use string_quote and print_sockaddr_by_inode_cached.
(string_quote): Remove static qualifier.
* NEWS: Mention this improvement.
* tests/unix-yy.c (main): Update.
2016-02-03 12:43:22 +00:00
69bfc89770 Change unix_diag requests to use exact match instead of full dump
* socketutils.c (unix_send_query): Remove NLM_F_DUMP from nlmsg_flags,
initialize udiag_cookie.
* tests/netlink_unix_diag.c (send_query): Remove "family" and "proto"
arguments, add "inode" argument, remove NLM_F_DUMP from nlmsg_flags,
initialize udiag_ino and udiag_cookie.
(check_responses): Add "inode" argument, check inode match.
(main): Pass listening socket inode to send_query and check_responses.
2016-02-03 12:43:22 +00:00
3c86e0ea5d Robustify netlink response parsers
* socketutils.c (inet_parse_response, unix_parse_response): Change
return type from bool to int, return -1 on all parse errors except
inode mismatch.
(receive_responses): Stop on the first nlmsg_type that is not
SOCK_DIAG_BY_FAMILY, also stop when the parser returns -1.
* tests/netlink_inet_diag.c (check_responses): Stop on short messages,
on first nlmsg_type that is not SOCK_DIAG_BY_FAMILY, print more verbose
diagnostics for NLMSG_ERROR.
* tests/netlink_unix_diag.c (check_responses): Likewise.
2016-02-03 12:43:17 +00:00
cc09ba1a84 inet_parse_response: add a safety check
* socketutils.c (inet_parse_response): Check that netlink message
is large enough to contain a inet_diag_msg structure.
2016-02-03 12:42:20 +00:00
2215c3e352 receive_responses: avoid potential hangup
* socketutils.c (receive_responses): Pass MSG_DONTWAIT to recvmsg after
the first recvmsg call to avoid potential hangup.
2016-02-03 12:42:20 +00:00
3d0f55e419 unix_parse_response: add a safety check
* socketutils.c (unix_parse_response): Check that netlink message
is large enough to contain a unix_diag_msg structure.
2016-02-02 00:24:46 +00:00
ea8b8e3152 Move fallback -yy socket print from printfd to print_sockaddr_by_inode
* util.c (printfd): In -yy mode, move fallback print of proto:[inode] ...
* socketutils.c (to print_sockaddr_by_inode): ... here.
2016-01-23 16:35:02 +00:00
38a34c9349 Add copyright headers to some files which lack them
Before this change, all files that exist since 20th century had
copyright headers, while most files that appeared later didn't.  This
change fixes the inconsistency by adding missing copyright headers.

It doesn't mean that copyright headers became maintained.  In my view,
git history provides much better information on this subject and is much
more accurate than copyright headers.
2015-12-17 17:56:48 +00:00
301c65cbf0 alpha: fix -yy decoding
* socketutils.c (receive_responses): Align buffer on a sizeof(long) boundary.

Reported-and-tested-by: Mike Frysinger <vapier@gentoo.org>
2015-03-02 23:39:41 +00:00
513e96eb94 Rework string_quote API
string_quote() has proven to be too hard to use, replace it with
print_quoted_string() that does memory allocation and prints the result.

* defs.h (string_quote): Remove.
(QUOTE_0_TERMINATED, QUOTE_OMIT_LEADING_TRAILING_QUOTES): New macros.
(print_quoted_string): New prototype.
* util.c (string_quote): Make static; take "style" flags instead
of "len", treat QUOTE_0_TERMINATED style flag as former (len == -1);
add QUOTE_OMIT_LEADING_TRAILING_QUOTES style flag support.
(ALLOCA_CUTOFF, use_alloca): New macros.
(print_quoted_string): New function.
(printpathn, printstr): Update to new API.
* loop.c (loop_ioctl): Likewise.
* mtd.c (ubi_ioctl): Likewise.
* net.c (print_scm_security): Likewise.
* socketutils.c (unix_parse_response): Likewise.
2015-01-26 15:58:18 +00:00
d9f7e7a439 Fix build on systems that lack NETLINK_SOCK_DIAG definition
NETLINK_INET_DIAG was introduced in linux v2.6.14,
NETLINK_SOCK_DIAG was added much later in linux v3.3.

* net.c [!NETLINK_SOCK_DIAG && NETLINK_INET_DIAG]
(NETLINK_SOCK_DIAG): Define.
* socketutils.c: Likewise.
* tests/netlink_unix_diag.c: Likewise.
2015-01-09 03:05:56 +00:00
959205c2a8 Make -yy output for inet sockets consistent with unix domain sockets
Prepend -yy output generated for INET/INET6 TCP/UDP sockets with their
protocol name obtained using getxattr.

* socketutils.c (inet_parse_response): Add proto_name argument.
Print proto_name for connected and unconnected sockets.
(receive_responses): Add proto_name argument, pass it to the parser.
(inet_print): Add proto_name argument, pass it to receive_responses.
(unix_parse_response): Add proto_name argument.
(print_sockaddr_by_inode): Pass protocol name to inet_print calls.
* tests/net-yy-accept.awk: Update to match new output format.
* tests/net-yy-connect.awk: Likewise.
2014-12-26 23:29:26 +00:00
Masatake YAMATO
120e5dbcac Support unix domain sockets in -yy option
This change extends -yy option to handle unix domain sockets:
their peer addresses will be printed, similar to inet sockets.

For a listening socket, its socket inode and socket path are printed.
For an accepted socket, its socket inode, the peer inode, and the
socket path are printed.
For a client socket, its socket inode and the peer inode are printed.

An example of a server side communication using netcat:

	$ ./strace -yy -e network nc -l -U /tmp/example.sock
	socket(PF_LOCAL, SOCK_STREAM, 0)        = 3
	setsockopt(3<UNIX:[14728348]>, SOL_SOCKET, SO_REUSEADDR, [1], 4) = 0
	bind(3<UNIX:[14728348]>, {sa_family=AF_LOCAL, sun_path="/tmp/example.sock"}, 19) = 0
	listen(3<UNIX:[14728348,"/tmp/example.sock"]>, 10) = 0
	accept(3<UNIX:[14728348,"/tmp/example.sock"]>, {sa_family=AF_LOCAL, NULL}, [2]) = 4<UNIX:[14727246->14727245,"/tmp/example.sock"]>
	recvfrom(4<UNIX:[14727246->14727245,"/tmp/example.sock"]>, "INPUT\n", 8192, 0, NULL, NULL) = 6
	INPUT

An example of a client side communication using netcat:

	$ ./strace -yy -e network nc -U /tmp/example.sock
	socket(PF_LOCAL, SOCK_STREAM, 0)        = 3
	connect(3<UNIX:[14727245]>, {sa_family=AF_LOCAL, sun_path="/tmp/example.sock"}, 19) = 0
	getsockopt(3<UNIX:[14727245]>, SOL_SOCKET, SO_ERROR, [0], [4]) = 0
	INPUT
	...
	sendto(3<UNIX:[14727245->14727246]>, "INPUT\n", 6, 0, NULL, 0) = 6

* linux/unix_diag.h: New file.
* socketutils.c (send_query): Rename to inet_send_query.
(parse_response): Rename to inet_parse_response.
(unix_print, unix_send_query, unix_parse_response): New functions.
(receive_responses): Add a new argument named parser: a function for
handling protocol specific data parts of diag messages.
(print_sockaddr_by_inode): Call unix_print.
Replace NETLINK_INET_DIAG with NETLINK_SOCK_DIAG, they are equal
but NETLINK_SOCK_DIAG looks more generic.

Signed-off-by: Masatake YAMATO <yamato@redhat.com>
Signed-off-by: Dmitry V. Levin <ldv@altlinux.org>
2014-12-25 01:00:48 +00:00
Masatake YAMATO
f605e92365 Use the protocol name of a socket as a hint for peer address resolution
To resolve the peer address of socket, all combinations of families
(AF_INET, AF_INET6) and protocols(IPPROTO_TCP, IPPROTO_UDP) were tried.
This change utilizes the protocol name obtained via getxattr to specify
the right combination.

* socketutils.c (inet_print): New helper function.
(print_sockaddr_by_inode): Use it.  Utilize the protocol name
associated with the given inode for resolving the peer socket
address.  If the protocol name is NULL, resolve the address
by trying combinations of families and protocols as before.
* defs.h (print_sockaddr_by_inode): Update prototype.
* util.c (printfd): Pass the protocol name associated with
the given path to print_sockaddr_by_inode as the 2nd argument.

Signed-off-by: Masatake YAMATO <yamato@redhat.com>
Signed-off-by: Dmitry V. Levin <ldv@altlinux.org>
2014-12-16 04:08:20 +00:00
af534b8d7a Consistently use C99 designated initializers in the new netlink code
* socketutils.c (send_query, receive_responses): Use designated
initializers for sockaddr_nl, nlmsghdr, and inet_diag_req_v2 structures.
* tests/netlink_inet_diag.c (send_query, check_responses): Likewise.
2014-11-21 19:59:16 +00:00
2f6510c8a6 Add -yy option: print ip and port associated with socket descriptors
When two ore more -y options are given, print local and remote ip:port
pairs associated with socket descriptors.  This implementation uses
NETLINK_INET_DIAG for sockaddr lookup; it's based on the patch
prepared by Zubin Mithra as a part of his GSoC 2014 strace project.

* Makefile.am (strace_SOURCES): Add socketutils.c
(EXTRA_DIST): Add linux/inet_diag.h and linux/sock_diag.h.
* defs.h (print_sockaddr_by_inode): New prototype.
* linux/inet_diag.h: New file.
* linux/sock_diag.h: Likewise.
* socketutils.c: Likewise.
* strace.1: Document -yy option.
* strace.c (usage): Likewise.
* util.c (printfd): Use print_sockaddr_by_inode.
2014-09-17 20:03:38 +00:00