[PATCH v2 4/6] netlink: decode NETLINK_CRYPTO crypto_user_alg netlink attributes

JingPiao Chen chenjingpiao at gmail.com
Sun Jul 23 11:56:24 UTC 2017 

* configure.ac (AC_CHECK_TYPES): Add struct crypto_report_*.
* netlink_crypto.c (decode_crypto_report_generic,
decode_crypto_report_hash, decode_crypto_report_blkcipher,
decode_crypto_report_aead, decode_crypto_report_rng,
decode_crypto_report_cipher): New functions.
(crypto_user_alg_nla_decoders): New array.
(decode_crypto_user_alg): Use it.
* xlat/crypto_nl_attrs.in: New file.
* NEWS: Mention this.
---
 NEWS                    |   2 +
 configure.ac            |   8 +++
 netlink_crypto.c        | 164 ++++++++++++++++++++++++++++++++++++++++++++++++
 xlat/crypto_nl_attrs.in |  12 ++++
 4 files changed, 186 insertions(+)
 create mode 100644 xlat/crypto_nl_attrs.in

diff --git a/NEWS b/NEWS
index 9592753..ad237e2 100644
--- a/NEWS
+++ b/NEWS
@@ -19,6 +19,8 @@ Noteworthy changes in release ?.?? (????-??-??)
   * Implemented decoding of netlink message ack flags.
   * Implemented decoding of nlmsgerr netlink attributes.
   * Implemented basic protocol specific decoding of NETLINK_CRYPTO.
+  * Implemented decoding of crypto_user_alg netlink attributes
+    of NETLINK_CRYPTO.
   * Updated lists of BPF_*, KEY_*, RWF_*, SCM_*, SO_*, and *_MAGIC constants.
   * Added decoding of arch_prctl syscall on x86.
 
diff --git a/configure.ac b/configure.ac
index 4f5bc02..0d407af 100644
--- a/configure.ac
+++ b/configure.ac
@@ -320,6 +320,14 @@ AC_CHECK_TYPES(m4_normalize([
 [#include <sys/types.h>
 #include <linux/fcntl.h>])
 
+AC_CHECK_TYPES(m4_normalize([
+	struct crypto_report_aead,
+	struct crypto_report_blkcipher,
+	struct crypto_report_cipher,
+	struct crypto_report_hash,
+	struct crypto_report_rng
+]),,, [#include <linux/cryptouser.h>])
+
 AC_CHECK_MEMBERS([struct timex.tai],,, [#include <sys/timex.h>])
 
 AC_CHECK_MEMBERS([struct utsname.domainname],,, [#include <sys/utsname.h>])
diff --git a/netlink_crypto.c b/netlink_crypto.c
index cc573ff..6debc1b 100644
--- a/netlink_crypto.c
+++ b/netlink_crypto.c
@@ -36,6 +36,160 @@
 
 # include <linux/cryptouser.h>
 
+# include "xlat/crypto_nl_attrs.h"
+
+static bool
+decode_crypto_report_generic(struct tcb *const tcp,
+			     const kernel_ulong_t addr,
+			     const unsigned int len,
+			     const void *const opaque_data)
+{
+	tprints("{type=");
+	printstr_ex(tcp, addr, len, QUOTE_0_TERMINATED);
+	tprints("}");
+
+	return true;
+}
+
+static bool
+decode_crypto_report_hash(struct tcb *const tcp,
+			  const kernel_ulong_t addr,
+			  const unsigned int len,
+			  const void *const opaque_data)
+{
+# ifdef HAVE_STRUCT_CRYPTO_REPORT_HASH
+	struct crypto_report_hash rhash;
+
+	if (len < sizeof(rhash))
+		printstrn(tcp, addr, len);
+	else if (!umove_or_printaddr(tcp, addr, &rhash)) {
+		PRINT_FIELD_CSTRING("{", rhash, type);
+		PRINT_FIELD_U(", ", rhash, blocksize);
+		PRINT_FIELD_U(", ", rhash, digestsize);
+		tprints("}");
+	}
+# else
+	printstrn(tcp, addr, len);
+# endif
+
+	return true;
+}
+
+static bool
+decode_crypto_report_blkcipher(struct tcb *const tcp,
+			       const kernel_ulong_t addr,
+			       const unsigned int len,
+			       const void *const opaque_data)
+{
+# ifdef HAVE_STRUCT_CRYPTO_REPORT_BLKCIPHER
+	struct crypto_report_blkcipher rblkcipher;
+
+	if (len < sizeof(rblkcipher))
+		printstrn(tcp, addr, len);
+	else if (!umove_or_printaddr(tcp, addr, &rblkcipher)) {
+		PRINT_FIELD_CSTRING("{", rblkcipher, type);
+		PRINT_FIELD_CSTRING(", ", rblkcipher, geniv);
+		PRINT_FIELD_U(", ", rblkcipher, blocksize);
+		PRINT_FIELD_U(", ", rblkcipher, min_keysize);
+		PRINT_FIELD_U(", ", rblkcipher, max_keysize);
+		PRINT_FIELD_U(", ", rblkcipher, ivsize);
+		tprints("}");
+	}
+# else
+	printstrn(tcp, addr, len);
+# endif
+
+	return true;
+}
+
+static bool
+decode_crypto_report_aead(struct tcb *const tcp,
+			  const kernel_ulong_t addr,
+			  const unsigned int len,
+			  const void *const opaque_data)
+{
+# ifdef HAVE_STRUCT_CRYPTO_REPORT_AEAD
+	struct crypto_report_aead raead;
+
+	if (len < sizeof(raead))
+		printstrn(tcp, addr, len);
+	else if (!umove_or_printaddr(tcp, addr, &raead)) {
+		PRINT_FIELD_CSTRING("{", raead, type);
+		PRINT_FIELD_CSTRING(", ", raead, geniv);
+		PRINT_FIELD_U(", ", raead, blocksize);
+		PRINT_FIELD_U(", ", raead, maxauthsize);
+		PRINT_FIELD_U(", ", raead, ivsize);
+		tprints("}");
+	}
+# else
+	printstrn(tcp, addr, len);
+# endif
+
+	return true;
+}
+
+static bool
+decode_crypto_report_rng(struct tcb *const tcp,
+			 const kernel_ulong_t addr,
+			 const unsigned int len,
+			 const void *const opaque_data)
+{
+# ifdef HAVE_STRUCT_CRYPTO_REPORT_RNG
+	struct crypto_report_rng rrng;
+
+	if (len < sizeof(rrng))
+		printstrn(tcp, addr, len);
+	else if (!umove_or_printaddr(tcp, addr, &rrng)) {
+		PRINT_FIELD_CSTRING("{", rrng, type);
+		PRINT_FIELD_U(", ", rrng, seedsize);
+		tprints("}");
+	}
+# else
+	printstrn(tcp, addr, len);
+# endif
+
+	return true;
+}
+
+static bool
+decode_crypto_report_cipher(struct tcb *const tcp,
+			    const kernel_ulong_t addr,
+			    const unsigned int len,
+			    const void *const opaque_data)
+{
+# ifdef HAVE_STRUCT_CRYPTO_REPORT_CIPHER
+	struct crypto_report_cipher rcipher;
+
+	if (len < sizeof(rcipher))
+		printstrn(tcp, addr, len);
+	else if (!umove_or_printaddr(tcp, addr, &rcipher)) {
+		PRINT_FIELD_CSTRING("{", rcipher, type);
+		PRINT_FIELD_U(", ", rcipher, blocksize);
+		PRINT_FIELD_U(", ", rcipher, min_keysize);
+		PRINT_FIELD_U(", ", rcipher, max_keysize);
+		tprints("}");
+	}
+# else
+	printstrn(tcp, addr, len);
+# endif
+
+	return true;
+}
+
+static const nla_decoder_t crypto_user_alg_nla_decoders[] = {
+	[CRYPTOCFGA_PRIORITY_VAL]	= decode_nla_u32,
+	[CRYPTOCFGA_REPORT_LARVAL]	= decode_crypto_report_generic,
+	[CRYPTOCFGA_REPORT_HASH]	= decode_crypto_report_hash,
+	[CRYPTOCFGA_REPORT_BLKCIPHER]	= decode_crypto_report_blkcipher,
+	[CRYPTOCFGA_REPORT_AEAD]	= decode_crypto_report_aead,
+	[CRYPTOCFGA_REPORT_COMPRESS]	= decode_crypto_report_generic,
+	[CRYPTOCFGA_REPORT_RNG]		= decode_crypto_report_rng,
+	[CRYPTOCFGA_REPORT_CIPHER]	= decode_crypto_report_cipher,
+	[CRYPTOCFGA_REPORT_AKCIPHER]	= decode_crypto_report_generic,
+	[CRYPTOCFGA_REPORT_KPP]		= decode_crypto_report_generic,
+	[CRYPTOCFGA_REPORT_ACOMP]	= decode_crypto_report_generic
+};
+
 static void
 decode_crypto_user_alg(struct tcb *const tcp,
 		       const kernel_ulong_t addr,
@@ -54,6 +208,16 @@ decode_crypto_user_alg(struct tcb *const tcp,
 		PRINT_FIELD_U(", ", alg, cru_refcnt);
 		PRINT_FIELD_X(", ", alg, cru_flags);
 		tprints("}");
+
+		const size_t offset = NLMSG_ALIGN(sizeof(alg));
+		if (len > offset) {
+			tprints(", ");
+			decode_nlattr(tcp, addr + offset, len - offset,
+				      crypto_nl_attrs, "CRYPTOCFGA_???",
+				      crypto_user_alg_nla_decoders,
+				      ARRAY_SIZE(crypto_user_alg_nla_decoders),
+				      NULL);
+		}
 	}
 }
 
diff --git a/xlat/crypto_nl_attrs.in b/xlat/crypto_nl_attrs.in
new file mode 100644
index 0000000..02b3662
--- /dev/null
+++ b/xlat/crypto_nl_attrs.in
@@ -0,0 +1,12 @@
+CRYPTOCFGA_UNSPEC		0
+CRYPTOCFGA_PRIORITY_VAL		1
+CRYPTOCFGA_REPORT_LARVAL	2
+CRYPTOCFGA_REPORT_HASH		3
+CRYPTOCFGA_REPORT_BLKCIPHER	4
+CRYPTOCFGA_REPORT_AEAD		5
+CRYPTOCFGA_REPORT_COMPRESS	6
+CRYPTOCFGA_REPORT_RNG		7
+CRYPTOCFGA_REPORT_CIPHER	8
+CRYPTOCFGA_REPORT_AKCIPHER	9
+CRYPTOCFGA_REPORT_KPP		10
+CRYPTOCFGA_REPORT_ACOMP		11
-- 
2.7.4

More information about the Strace-devel mailing list