2 * Copyright (c) 2016 Fabien Siron <fabien.siron@epita.fr>
3 * Copyright (c) 2016 Dmitry V. Levin <ldv@altlinux.org>
4 * Copyright (c) 2016-2017 The strace developers.
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 * 3. The name of the author may not be used to endorse or promote products
16 * derived from this software without specific prior written permission.
18 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
19 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
20 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
21 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
22 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
23 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
24 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
25 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
26 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
27 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
33 #include <linux/audit.h>
34 #include <linux/rtnetlink.h>
35 #include <linux/xfrm.h>
36 #include "xlat/netlink_ack_flags.h"
37 #include "xlat/netlink_flags.h"
38 #include "xlat/netlink_get_flags.h"
39 #include "xlat/netlink_new_flags.h"
40 #include "xlat/netlink_protocols.h"
41 #include "xlat/netlink_types.h"
42 #include "xlat/nl_audit_types.h"
43 #include "xlat/nl_crypto_types.h"
44 #include "xlat/nl_netfilter_msg_types.h"
45 #include "xlat/nl_netfilter_subsys_ids.h"
46 #include "xlat/nl_route_types.h"
47 #include "xlat/nl_selinux_types.h"
48 #include "xlat/nl_sock_diag_types.h"
49 #include "xlat/nl_xfrm_types.h"
50 #include "xlat/nlmsgerr_attrs.h"
53 * Fetch a struct nlmsghdr from the given address.
56 fetch_nlmsghdr(struct tcb *const tcp, struct nlmsghdr *const nlmsghdr,
57 const kernel_ulong_t addr, const kernel_ulong_t len)
59 if (len < sizeof(struct nlmsghdr)) {
60 printstr_ex(tcp, addr, len, QUOTE_FORCE_HEX);
64 if (umove_or_printaddr(tcp, addr, nlmsghdr))
71 get_fd_nl_family(struct tcb *const tcp, const int fd)
73 const unsigned long inode = getfdinode(tcp, fd);
77 const char *const details = get_sockaddr_by_inode(tcp, fd, inode);
81 const char *const nl_details = STR_STRIP_PREFIX(details, "NETLINK:[");
82 if (nl_details == details)
85 const struct xlat *xlats = netlink_protocols;
86 for (; xlats->str; ++xlats) {
87 const char *name = STR_STRIP_PREFIX(xlats->str, "NETLINK_");
88 if (!strncmp(nl_details, name, strlen(name)))
92 if (*nl_details >= '0' && *nl_details <= '9')
93 return atoi(nl_details);
99 decode_nlmsg_type_default(const struct xlat *const xlat,
101 const char *const dflt)
103 printxval(xlat, type, dflt);
107 decode_nlmsg_type_generic(const struct xlat *const xlat,
109 const char *const dflt)
111 printxval(genl_families_xlat(), type, dflt);
115 decode_nlmsg_type_netfilter(const struct xlat *const xlat,
117 const char *const dflt)
119 /* Reserved control nfnetlink messages first. */
120 const char *const text = xlookup(nl_netfilter_msg_types, type);
127 * Other netfilter message types are split
128 * in two pieces: 8 bits subsystem and 8 bits type.
130 const uint8_t subsys_id = (uint8_t) (type >> 8);
131 const uint8_t msg_type = (uint8_t) type;
133 printxval(xlat, subsys_id, dflt);
136 * The type is subsystem specific,
137 * print it in numeric format for now.
139 tprintf("<<8|%#x", msg_type);
142 typedef void (*nlmsg_types_decoder_t)(const struct xlat *,
146 static const struct {
147 const nlmsg_types_decoder_t decoder;
148 const struct xlat *const xlat;
149 const char *const dflt;
151 [NETLINK_AUDIT] = { NULL, nl_audit_types, "AUDIT_???" },
152 [NETLINK_CRYPTO] = { NULL, nl_crypto_types, "CRYPTO_MSG_???" },
153 [NETLINK_GENERIC] = {
154 decode_nlmsg_type_generic,
158 [NETLINK_NETFILTER] = {
159 decode_nlmsg_type_netfilter,
160 nl_netfilter_subsys_ids,
163 [NETLINK_ROUTE] = { NULL, nl_route_types, "RTM_???" },
164 [NETLINK_SELINUX] = { NULL, nl_selinux_types, "SELNL_MSG_???" },
165 [NETLINK_SOCK_DIAG] = { NULL, nl_sock_diag_types, "SOCK_DIAG_???" },
166 [NETLINK_XFRM] = { NULL, nl_xfrm_types, "XFRM_MSG_???" }
170 * As all valid netlink families are positive integers, use unsigned int
171 * for family here to filter out -1.
174 decode_nlmsg_type(const uint16_t type, const unsigned int family)
176 nlmsg_types_decoder_t decoder = decode_nlmsg_type_default;
177 const struct xlat *xlat = netlink_types;
178 const char *dflt = "NLMSG_???";
181 * type < NLMSG_MIN_TYPE are reserved control messages
182 * that need no family-specific decoding.
184 if (type >= NLMSG_MIN_TYPE && family < ARRAY_SIZE(nlmsg_types)) {
185 if (nlmsg_types[family].decoder)
186 decoder = nlmsg_types[family].decoder;
187 if (nlmsg_types[family].xlat)
188 xlat = nlmsg_types[family].xlat;
189 if (nlmsg_types[family].dflt)
190 dflt = nlmsg_types[family].dflt;
193 decoder(xlat, type, dflt);
197 decode_nlmsg_flags(const uint16_t flags, const uint16_t type, const int family)
199 const struct xlat *table = NULL;
201 if (type < NLMSG_MIN_TYPE) {
202 if (type == NLMSG_ERROR)
203 table = netlink_ack_flags;
210 case CRYPTO_MSG_NEWALG:
211 table = netlink_new_flags;
213 case CRYPTO_MSG_GETALG:
214 table = netlink_get_flags;
218 case NETLINK_SOCK_DIAG:
219 table = netlink_get_flags;
222 if (type == RTM_DELACTION) {
223 table = netlink_get_flags;
228 table = netlink_new_flags;
231 table = netlink_get_flags;
238 case XFRM_MSG_NEWPOLICY:
240 case XFRM_MSG_NEWSADINFO:
241 case XFRM_MSG_NEWSPDINFO:
242 table = netlink_new_flags;
246 case XFRM_MSG_GETPOLICY:
248 case XFRM_MSG_GETSADINFO:
249 case XFRM_MSG_GETSPDINFO:
250 table = netlink_get_flags;
257 printflags_ex(flags, "NLM_F_???", netlink_flags, table, NULL);
261 print_nlmsghdr(struct tcb *tcp,
264 const struct nlmsghdr *const nlmsghdr)
266 /* print the whole structure regardless of its nlmsg_len */
268 tprintf("{len=%u, type=", nlmsghdr->nlmsg_len);
270 decode_nlmsg_type(nlmsghdr->nlmsg_type, family);
273 decode_nlmsg_flags(nlmsghdr->nlmsg_flags,
274 nlmsghdr->nlmsg_type, family);
276 tprintf(", seq=%u, pid=%u}", nlmsghdr->nlmsg_seq,
277 nlmsghdr->nlmsg_pid);
281 print_cookie(struct tcb *const tcp, void *const elem_buf,
282 const size_t elem_size, void *const opaque_data)
284 tprintf("%" PRIu8, *(uint8_t *) elem_buf);
290 decode_nlmsgerr_attr_cookie(struct tcb *const tcp,
291 const kernel_ulong_t addr,
292 const unsigned int len,
293 const void *const opaque_data)
296 const size_t nmemb = len / sizeof(cookie);
298 print_array(tcp, addr, nmemb, &cookie, sizeof(cookie),
299 umoven_or_printaddr, print_cookie, 0);
304 static const nla_decoder_t nlmsgerr_nla_decoders[] = {
305 [NLMSGERR_ATTR_MSG] = decode_nla_str,
306 [NLMSGERR_ATTR_OFFS] = decode_nla_u32,
307 [NLMSGERR_ATTR_COOKIE] = decode_nlmsgerr_attr_cookie
311 decode_nlmsghdr_with_payload(struct tcb *const tcp,
314 const struct nlmsghdr *const nlmsghdr,
315 const kernel_ulong_t addr,
316 const kernel_ulong_t len);
319 decode_nlmsgerr(struct tcb *const tcp,
328 if (len < sizeof(err.error)) {
329 printstr_ex(tcp, addr, len, QUOTE_FORCE_HEX);
333 if (umove_or_printaddr(tcp, addr, &err.error))
337 if (err.error < 0 && (unsigned) -err.error < nerrnos) {
338 tprintf("-%s", errnoent[-err.error]);
340 tprintf("%d", err.error);
343 addr += offsetof(struct nlmsgerr, msg);
344 len -= offsetof(struct nlmsgerr, msg);
348 if (fetch_nlmsghdr(tcp, &err.msg, addr, len)) {
349 unsigned int payload =
350 capped ? sizeof(err.msg) : err.msg.nlmsg_len;
354 decode_nlmsghdr_with_payload(tcp, fd, family,
355 &err.msg, addr, payload);
358 decode_nlattr(tcp, addr + payload,
359 len - payload, nlmsgerr_attrs,
361 nlmsgerr_nla_decoders,
362 ARRAY_SIZE(nlmsgerr_nla_decoders),
371 static const netlink_decoder_t netlink_decoders[] = {
372 #ifdef HAVE_LINUX_CRYPTOUSER_H
373 [NETLINK_CRYPTO] = decode_netlink_crypto,
375 [NETLINK_ROUTE] = decode_netlink_route,
376 [NETLINK_SELINUX] = decode_netlink_selinux,
377 [NETLINK_SOCK_DIAG] = decode_netlink_sock_diag
381 decode_payload(struct tcb *const tcp,
384 const struct nlmsghdr *const nlmsghdr,
385 const kernel_ulong_t addr,
386 const unsigned int len)
388 if (nlmsghdr->nlmsg_type == NLMSG_ERROR) {
389 decode_nlmsgerr(tcp, fd, family, addr, len,
390 nlmsghdr->nlmsg_flags & NLM_F_CAPPED);
395 * While most of NLMSG_DONE messages indeed have payloads
396 * containing just a single integer, there are few exceptions,
397 * so pass payloads of NLMSG_DONE messages to family-specific
398 * netlink payload decoders.
400 * Other types of reserved control messages need no family-specific
401 * netlink payload decoding.
403 if ((nlmsghdr->nlmsg_type >= NLMSG_MIN_TYPE
404 || nlmsghdr->nlmsg_type == NLMSG_DONE)
405 && (unsigned int) family < ARRAY_SIZE(netlink_decoders)
406 && netlink_decoders[family]
407 && netlink_decoders[family](tcp, nlmsghdr, addr, len)) {
411 if (nlmsghdr->nlmsg_type == NLMSG_DONE && len == sizeof(int)) {
414 if (!umove_or_printaddr(tcp, addr, &num))
419 printstr_ex(tcp, addr, len, QUOTE_FORCE_HEX);
423 decode_nlmsghdr_with_payload(struct tcb *const tcp,
426 const struct nlmsghdr *const nlmsghdr,
427 const kernel_ulong_t addr,
428 const kernel_ulong_t len)
430 const unsigned int nlmsg_len =
431 nlmsghdr->nlmsg_len > len ? len : nlmsghdr->nlmsg_len;
433 if (nlmsg_len > NLMSG_HDRLEN)
436 print_nlmsghdr(tcp, fd, family, nlmsghdr);
438 if (nlmsg_len > NLMSG_HDRLEN) {
440 decode_payload(tcp, fd, family, nlmsghdr, addr + NLMSG_HDRLEN,
441 nlmsg_len - NLMSG_HDRLEN);
447 decode_netlink(struct tcb *const tcp,
452 const int family = get_fd_nl_family(tcp, fd);
454 if (family == NETLINK_KOBJECT_UEVENT) {
455 printstrn(tcp, addr, len);
459 struct nlmsghdr nlmsghdr;
460 bool print_array = false;
463 for (elt = 0; fetch_nlmsghdr(tcp, &nlmsghdr, addr, len); elt++) {
464 if (abbrev(tcp) && elt == max_strlen) {
469 unsigned int nlmsg_len = NLMSG_ALIGN(nlmsghdr.nlmsg_len);
470 kernel_ulong_t next_addr = 0;
471 kernel_ulong_t next_len = 0;
473 if (nlmsghdr.nlmsg_len >= NLMSG_HDRLEN) {
474 next_len = (len >= nlmsg_len) ? len - nlmsg_len : 0;
476 if (next_len && addr + nlmsg_len > addr)
477 next_addr = addr + nlmsg_len;
480 if (!print_array && next_addr) {
485 decode_nlmsghdr_with_payload(tcp, fd, family,
486 &nlmsghdr, addr, len);