[PATCH v3 2/7] Add a general netlink socket parser

Fabien Siron fabien.siron at epita.fr
Wed Jun 15 12:43:00 UTC 2016


This commit introduces a general socket netlink parser which prints
the header and a string for the remaining part of the buffer. It doesn't
handle all the netlink flags and types because the parser needs more
information. It will be done soon.

* net.c (printsock): Return family.
(do_msghdr): Call decode_netlink_iov().
(send, sendto, recv, recvfrom): Call printsockbuf().
* netlink.c: New file.
(decode_netlink): New function.
(_decode_netlink): New static function.
(decode_iov_netlink): New function.
* defs.h (decode_netlink, decode_netlink_iov, getfdproto): Add.
(printsock): Change return type.
* util.c (getfdproto): Remove the static keyword to the function.
* Makefile.am (strace_SOURCES): Add netlink.c.
* xlat/netlink_flags.in: New file.
* xlat/netlink_types.in: New file.
---
 Makefile.am           |  1 +
 defs.h                |  5 ++-
 net.c                 | 55 ++++++++++++++++++++++++-------
 netlink.c             | 90 +++++++++++++++++++++++++++++++++++++++++++++++++++
 util.c                |  2 +-
 xlat/netlink_flags.in |  6 ++++
 xlat/netlink_types.in |  4 +++
 7 files changed, 149 insertions(+), 14 deletions(-)
 create mode 100644 netlink.c
 create mode 100644 xlat/netlink_flags.in
 create mode 100644 xlat/netlink_types.in

diff --git a/Makefile.am b/Makefile.am
index 77e0cc8..ab0e200 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -156,6 +156,7 @@ strace_SOURCES =	\
 	mtd.c		\
 	native_defs.h	\
 	net.c		\
+	netlink.c	\
 	numa.c		\
 	open.c		\
 	or1k_atomic.c	\
diff --git a/defs.h b/defs.h
index ab06921..ee35dab 100644
--- a/defs.h
+++ b/defs.h
@@ -552,6 +552,7 @@ extern const char *signame(const int);
 extern void pathtrace_select(const char *);
 extern int pathtrace_match(struct tcb *);
 extern int getfdpath(struct tcb *, int, char *, unsigned);
+extern enum sock_proto getfdproto(struct tcb *, int);
 
 extern const char *xlookup(const struct xlat *, const uint64_t);
 extern const char *xlat_search(const struct xlat *, const size_t, const uint64_t);
@@ -644,7 +645,7 @@ extern void printfd(struct tcb *, int);
 extern bool print_sockaddr_by_inode(const unsigned long, const enum sock_proto);
 extern bool print_sockaddr_by_inode_cached(const unsigned long);
 extern void print_dirfd(struct tcb *, int);
-extern void printsock(struct tcb *, long, int);
+extern int printsock(struct tcb *, long, int);
 extern void print_sock_optmgmt(struct tcb *, long, int);
 #ifdef ALPHA
 extern void printrusage32(struct tcb *, long);
@@ -661,6 +662,8 @@ extern const char *sprintsigmask_n(const char *, const void *, unsigned int);
 extern void printsignal(int);
 extern void tprint_iov(struct tcb *, unsigned long, unsigned long, int decode_iov);
 extern void tprint_iov_upto(struct tcb *, unsigned long, unsigned long, int decode_iov, unsigned long);
+extern void decode_netlink_iov(struct tcb *, unsigned long, unsigned long, unsigned long);
+extern void decode_netlink(struct tcb *, unsigned long, unsigned long);
 extern void tprint_open_modes(unsigned int);
 extern const char *sprint_open_modes(unsigned int);
 extern void print_seccomp_filter(struct tcb *, unsigned long);
diff --git a/net.c b/net.c
index 8cc97da..b1251f6 100644
--- a/net.c
+++ b/net.c
@@ -276,14 +276,14 @@ print_sockaddr(struct tcb *tcp, const sockaddr_buf_t *addr, const int addrlen)
 	tprints("}");
 }
 
-void
+int
 printsock(struct tcb *tcp, long addr, int addrlen)
 {
 	sockaddr_buf_t addrbuf;
 
 	if (addrlen < 2) {
 		printaddr(addr);
-		return;
+		return -1;
 	}
 
 	if (addrlen > (int) sizeof(addrbuf))
@@ -291,10 +291,30 @@ printsock(struct tcb *tcp, long addr, int addrlen)
 
 	memset(&addrbuf, 0, sizeof(addrbuf));
 	if (umoven_or_printaddr(tcp, addr, addrlen, addrbuf.pad))
-		return;
+		return -1;
 	addrbuf.pad[sizeof(addrbuf.pad) - 1] = '\0';
 
 	print_sockaddr(tcp, &addrbuf, addrlen);
+
+	return addrbuf.sa.sa_family;
+}
+
+static void
+printsockbuf(struct tcb *tcp, int fd, long addr, long addrlen)
+{
+	enum sock_proto proto;
+	if (show_fd_path > 1)
+		proto = getfdproto(tcp, fd);
+	else
+		proto = SOCK_PROTO_UNKNOWN;
+
+	switch (proto) {
+	case SOCK_PROTO_NETLINK:
+		decode_netlink(tcp, addr, addrlen);
+		break;
+	default:
+		printstr(tcp, addr, addrlen);
+	}
 }
 
 #include "xlat/scmvals.h"
@@ -594,12 +614,20 @@ printcmsghdr(struct tcb *tcp, unsigned long addr, size_t len)
 static void
 do_msghdr(struct tcb *tcp, struct msghdr *msg, unsigned long data_size)
 {
+	int family;
+
 	tprintf("{msg_name(%d)=", msg->msg_namelen);
-	printsock(tcp, (long)msg->msg_name, msg->msg_namelen);
+	family = printsock(tcp, (long)msg->msg_name, msg->msg_namelen);
 
 	tprintf(", msg_iov(%lu)=", (unsigned long)msg->msg_iovlen);
-	tprint_iov_upto(tcp, (unsigned long)msg->msg_iovlen,
-		   (unsigned long)msg->msg_iov, 1, data_size);
+#ifdef AF_NETLINK
+	if (family == AF_NETLINK)
+		decode_netlink_iov(tcp, (unsigned long) msg->msg_iovlen,
+				(unsigned long) msg->msg_iov, data_size);
+	else
+#endif
+		tprint_iov_upto(tcp, (unsigned long)msg->msg_iovlen,
+				(unsigned long)msg->msg_iov, 1, data_size);
 
 #ifdef HAVE_STRUCT_MSGHDR_MSG_CONTROL
 	tprintf(", msg_controllen=%lu", (unsigned long)msg->msg_controllen);
@@ -886,7 +914,7 @@ SYS_FUNC(send)
 {
 	printfd(tcp, tcp->u_arg[0]);
 	tprints(", ");
-	printstr(tcp, tcp->u_arg[1], tcp->u_arg[2]);
+	printsockbuf(tcp, tcp->u_arg[0], tcp->u_arg[1], tcp->u_arg[2]);
 	tprintf(", %lu, ", tcp->u_arg[2]);
 	/* flags */
 	printflags(msg_flags, tcp->u_arg[3], "MSG_???");
@@ -898,7 +926,7 @@ SYS_FUNC(sendto)
 {
 	printfd(tcp, tcp->u_arg[0]);
 	tprints(", ");
-	printstr(tcp, tcp->u_arg[1], tcp->u_arg[2]);
+	printsockbuf(tcp, tcp->u_arg[0], tcp->u_arg[1], tcp->u_arg[2]);
 	tprintf(", %lu, ", tcp->u_arg[2]);
 	/* flags */
 	printflags(msg_flags, tcp->u_arg[3], "MSG_???");
@@ -947,10 +975,11 @@ SYS_FUNC(recv)
 		printfd(tcp, tcp->u_arg[0]);
 		tprints(", ");
 	} else {
-		if (syserror(tcp))
+		if (syserror(tcp)) {
 			printaddr(tcp->u_arg[1]);
-		else
-			printstr(tcp, tcp->u_arg[1], tcp->u_rval);
+		} else
+			printsockbuf(tcp, tcp->u_arg[0], tcp->u_arg[1],
+				tcp->u_rval);
 
 		tprintf(", %lu, ", tcp->u_arg[2]);
 		printflags(msg_flags, tcp->u_arg[3], "MSG_???");
@@ -966,11 +995,13 @@ SYS_FUNC(recvfrom)
 		printfd(tcp, tcp->u_arg[0]);
 		tprints(", ");
 	} else {
+
 		/* buf */
 		if (syserror(tcp)) {
 			printaddr(tcp->u_arg[1]);
 		} else {
-			printstr(tcp, tcp->u_arg[1], tcp->u_rval);
+			printsockbuf(tcp, tcp->u_arg[0], tcp->u_arg[1],
+				tcp->u_rval);
 		}
 		/* len */
 		tprintf(", %lu, ", tcp->u_arg[2]);
diff --git a/netlink.c b/netlink.c
new file mode 100644
index 0000000..30116dd
--- /dev/null
+++ b/netlink.c
@@ -0,0 +1,90 @@
+/*
+ * Copyright (c) 2016 Fabien Siron <fabien.siron at epita.fr>
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the author may not be used to endorse or promote products
+ *    derived from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "defs.h"
+#include <sys/socket.h>
+#include <linux/netlink.h>
+#include "xlat/netlink_flags.h"
+#include "xlat/netlink_types.h"
+
+void
+decode_netlink(struct tcb *tcp, unsigned long addr, unsigned long size)
+{
+	struct nlmsghdr nlmsghdr;
+
+	if (size < sizeof(struct nlmsghdr)) {
+		printaddr((unsigned long)addr);
+		return;
+	}
+	if (umove_or_printaddr(tcp, (unsigned long)addr, &nlmsghdr))
+		return;
+
+	tprintf("{{len=%u, type=", nlmsghdr.nlmsg_len);
+
+	printxval(netlink_types, nlmsghdr.nlmsg_type, "NLMSG_???");
+
+	tprints(", flags=");
+	printflags(netlink_flags, nlmsghdr.nlmsg_flags, "NLM_F_???");
+	/* manage get/new requests */
+
+	tprintf(", seq=%u, pid=%u}", nlmsghdr.nlmsg_seq,
+		nlmsghdr.nlmsg_pid);
+
+	if (size - sizeof(struct nlmsghdr) > 0) {
+		tprints(", ");
+		printstr(tcp, (unsigned long)addr + sizeof(struct nlmsghdr),
+			 size - sizeof(struct nlmsghdr));
+	}
+
+	tprints("}");
+}
+
+static bool
+_decode_netlink(struct tcb *tcp, void *elem_buf, size_t elem_size,
+		void *opaque_data) {
+	const unsigned long *iov;
+	unsigned long addr, size;
+
+	iov = elem_buf;
+
+	addr = iov[0];
+	size = iov[1];
+
+	decode_netlink(tcp, addr, size);
+
+	return true;
+}
+
+void
+decode_netlink_iov(struct tcb *tcp, unsigned long len, unsigned long addr,
+		   unsigned long data_size)
+{
+	unsigned long iov[2];
+
+	print_array(tcp, addr, len, iov, current_wordsize * 2,
+		    umoven_or_printaddr, _decode_netlink, 0);
+}
diff --git a/util.c b/util.c
index d6956bc..c3bcaba 100644
--- a/util.c
+++ b/util.c
@@ -472,7 +472,7 @@ sprinttime(time_t t)
 	return buf;
 }
 
-static enum sock_proto
+enum sock_proto
 getfdproto(struct tcb *tcp, int fd)
 {
 #ifdef HAVE_SYS_XATTR_H
diff --git a/xlat/netlink_flags.in b/xlat/netlink_flags.in
new file mode 100644
index 0000000..1354506
--- /dev/null
+++ b/xlat/netlink_flags.in
@@ -0,0 +1,6 @@
+NLM_F_REQUEST		0x1
+NLM_F_MULTI		0x2
+NLM_F_ACK		0x4
+NLM_F_ECHO		0x8
+NLM_F_DUMP_INTR		0x10
+NLM_F_DUMP_FILTERED	0x20
diff --git a/xlat/netlink_types.in b/xlat/netlink_types.in
new file mode 100644
index 0000000..05eb076
--- /dev/null
+++ b/xlat/netlink_types.in
@@ -0,0 +1,4 @@
+NLMSG_NOOP		0x1
+NLMSG_ERROR		0x2
+NLMSG_DONE		0x3
+NLMSG_OVERRUN		0x4
-- 
2.8.3





More information about the Strace-devel mailing list