2 * Copyright (c) 2014 Zubin Mithra <zubin.mithra@gmail.com>
3 * Copyright (c) 2014-2016 Dmitry V. Levin <ldv@altlinux.org>
4 * Copyright (c) 2014-2017 The strace developers.
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 * 3. The name of the author may not be used to endorse or promote products
16 * derived from this software without specific prior written permission.
18 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
19 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
20 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
21 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
22 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
23 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
24 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
25 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
26 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
27 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
31 #include <netinet/in.h>
32 #include <sys/socket.h>
33 #include <arpa/inet.h>
34 #include <linux/netlink.h>
35 #include <linux/sock_diag.h>
36 #include <linux/inet_diag.h>
37 #include <linux/unix_diag.h>
38 #include <linux/netlink_diag.h>
39 #include <linux/rtnetlink.h>
40 #if HAVE_LINUX_GENETLINK_H
41 #include <linux/genetlink.h>
46 # define UNIX_PATH_MAX sizeof(((struct sockaddr_un *) 0)->sun_path)
49 #ifndef NETLINK_SOCK_DIAG
50 # define NETLINK_SOCK_DIAG 4
58 #define CACHE_SIZE 1024U
59 static cache_entry cache[CACHE_SIZE];
60 #define CACHE_MASK (CACHE_SIZE - 1)
63 cache_inode_details(const unsigned long inode, char *const details)
65 cache_entry *e = &cache[inode & CACHE_MASK];
74 get_sockaddr_by_inode_cached(const unsigned long inode)
76 const cache_entry *const e = &cache[inode & CACHE_MASK];
77 return (e && inode == e->inode) ? e->details : NULL;
81 print_sockaddr_by_inode_cached(const unsigned long inode)
83 const char *const details = get_sockaddr_by_inode_cached(inode);
92 send_query(const int fd, void *req, size_t req_size)
94 struct sockaddr_nl nladdr = {
95 .nl_family = AF_NETLINK
101 const struct msghdr msg = {
103 .msg_namelen = sizeof(nladdr),
109 if (sendmsg(fd, &msg, 0) < 0) {
119 inet_send_query(const int fd, const int family, const int proto)
122 const struct nlmsghdr nlh;
123 const struct inet_diag_req_v2 idr;
126 .nlmsg_len = sizeof(req),
127 .nlmsg_type = SOCK_DIAG_BY_FAMILY,
128 .nlmsg_flags = NLM_F_DUMP | NLM_F_REQUEST
131 .sdiag_family = family,
132 .sdiag_protocol = proto,
136 return send_query(fd, &req, sizeof(req));
140 inet_parse_response(const void *const data, const int data_len,
141 const unsigned long inode, void *opaque_data)
143 const char *const proto_name = opaque_data;
144 const struct inet_diag_msg *const diag_msg = data;
145 static const char zero_addr[sizeof(struct in6_addr)];
146 socklen_t addr_size, text_size;
148 if (data_len < (int) NLMSG_LENGTH(sizeof(*diag_msg)))
150 if (diag_msg->idiag_inode != inode)
153 switch (diag_msg->idiag_family) {
155 addr_size = sizeof(struct in_addr);
156 text_size = INET_ADDRSTRLEN;
159 addr_size = sizeof(struct in6_addr);
160 text_size = INET6_ADDRSTRLEN;
166 char src_buf[text_size];
169 if (!inet_ntop(diag_msg->idiag_family, diag_msg->id.idiag_src,
173 if (diag_msg->id.idiag_dport ||
174 memcmp(zero_addr, diag_msg->id.idiag_dst, addr_size)) {
175 char dst_buf[text_size];
177 if (!inet_ntop(diag_msg->idiag_family, diag_msg->id.idiag_dst,
181 if (asprintf(&details, "%s:[%s:%u->%s:%u]", proto_name,
182 src_buf, ntohs(diag_msg->id.idiag_sport),
183 dst_buf, ntohs(diag_msg->id.idiag_dport)) < 0)
186 if (asprintf(&details, "%s:[%s:%u]", proto_name, src_buf,
187 ntohs(diag_msg->id.idiag_sport)) < 0)
191 return cache_inode_details(inode, details);
195 receive_responses(const int fd, const unsigned long inode,
196 const unsigned long expected_msg_type,
197 int (*parser)(const void *, int,
198 unsigned long, void *),
203 long buf[8192 / sizeof(long)];
206 struct sockaddr_nl nladdr = {
207 .nl_family = AF_NETLINK
210 .iov_base = hdr_buf.buf,
211 .iov_len = sizeof(hdr_buf.buf)
216 struct msghdr msg = {
218 .msg_namelen = sizeof(nladdr),
223 ssize_t ret = recvmsg(fd, &msg, flags);
230 const struct nlmsghdr *h = &hdr_buf.hdr;
231 if (!NLMSG_OK(h, ret))
233 for (; NLMSG_OK(h, ret); h = NLMSG_NEXT(h, ret)) {
234 if (h->nlmsg_type != expected_msg_type)
236 const int rc = parser(NLMSG_DATA(h),
237 h->nlmsg_len, inode, opaque_data);
243 flags = MSG_DONTWAIT;
248 unix_send_query(const int fd, const unsigned long inode)
251 const struct nlmsghdr nlh;
252 const struct unix_diag_req udr;
255 .nlmsg_len = sizeof(req),
256 .nlmsg_type = SOCK_DIAG_BY_FAMILY,
257 .nlmsg_flags = NLM_F_DUMP | NLM_F_REQUEST
260 .sdiag_family = AF_UNIX,
263 .udiag_show = UDIAG_SHOW_NAME | UDIAG_SHOW_PEER
266 return send_query(fd, &req, sizeof(req));
270 unix_parse_response(const void *data, const int data_len,
271 const unsigned long inode, void *opaque_data)
273 const char *proto_name = opaque_data;
274 const struct unix_diag_msg *diag_msg = data;
276 int rta_len = data_len - NLMSG_LENGTH(sizeof(*diag_msg));
279 char path[UNIX_PATH_MAX + 1];
283 if (diag_msg->udiag_ino != inode)
285 if (diag_msg->udiag_family != AF_UNIX)
288 for (attr = (struct rtattr *) (diag_msg + 1);
289 RTA_OK(attr, rta_len);
290 attr = RTA_NEXT(attr, rta_len)) {
291 switch (attr->rta_type) {
294 path_len = RTA_PAYLOAD(attr);
295 if (path_len > UNIX_PATH_MAX)
296 path_len = UNIX_PATH_MAX;
297 memcpy(path, RTA_DATA(attr), path_len);
298 path[path_len] = '\0';
302 if (RTA_PAYLOAD(attr) >= 4)
303 peer = *(uint32_t *) RTA_DATA(attr);
309 * print obtained information in the following format:
310 * "UNIX:[" SELF_INODE [ "->" PEER_INODE ][ "," SOCKET_FILE ] "]"
312 if (!peer && !path_len)
315 char peer_str[3 + sizeof(peer) * 3];
317 snprintf(peer_str, sizeof(peer_str), "->%u", peer);
321 const char *path_str;
323 char *outstr = alloca(4 * path_len + 4);
326 if (path[0] == '\0') {
328 string_quote(path + 1, outstr + 2,
329 path_len - 1, QUOTE_0_TERMINATED);
331 string_quote(path, outstr + 1,
332 path_len, QUOTE_0_TERMINATED);
340 if (asprintf(&details, "%s:[%lu%s%s]", proto_name, inode,
341 peer_str, path_str) < 0)
344 return cache_inode_details(inode, details);
348 netlink_send_query(const int fd, const unsigned long inode)
351 const struct nlmsghdr nlh;
352 const struct netlink_diag_req ndr;
355 .nlmsg_len = sizeof(req),
356 .nlmsg_type = SOCK_DIAG_BY_FAMILY,
357 .nlmsg_flags = NLM_F_DUMP | NLM_F_REQUEST
360 .sdiag_family = AF_NETLINK,
361 .sdiag_protocol = NDIAG_PROTO_ALL,
362 .ndiag_show = NDIAG_SHOW_MEMINFO
365 return send_query(fd, &req, sizeof(req));
369 netlink_parse_response(const void *data, const int data_len,
370 const unsigned long inode, void *opaque_data)
372 const char *proto_name = opaque_data;
373 const struct netlink_diag_msg *const diag_msg = data;
374 const char *netlink_proto;
377 if (data_len < (int) NLMSG_LENGTH(sizeof(*diag_msg)))
379 if (diag_msg->ndiag_ino != inode)
382 if (diag_msg->ndiag_family != AF_NETLINK)
385 netlink_proto = xlookup(netlink_protocols,
386 diag_msg->ndiag_protocol);
389 netlink_proto = STR_STRIP_PREFIX(netlink_proto, "NETLINK_");
390 if (asprintf(&details, "%s:[%s:%u]", proto_name,
391 netlink_proto, diag_msg->ndiag_portid) < 0)
394 if (asprintf(&details, "%s:[%u]", proto_name,
395 (unsigned) diag_msg->ndiag_protocol) < 0)
399 return cache_inode_details(inode, details);
403 unix_get(const int fd, const unsigned long inode)
405 return unix_send_query(fd, inode)
406 && receive_responses(fd, inode, SOCK_DIAG_BY_FAMILY,
407 unix_parse_response, (void *) "UNIX")
408 ? get_sockaddr_by_inode_cached(inode) : NULL;
412 inet_get(const int fd, const int family, const int protocol,
413 const unsigned long inode, const char *proto_name)
415 return inet_send_query(fd, family, protocol)
416 && receive_responses(fd, inode, SOCK_DIAG_BY_FAMILY,
417 inet_parse_response, (void *) proto_name)
418 ? get_sockaddr_by_inode_cached(inode) : NULL;
422 tcp_v4_get(const int fd, const unsigned long inode)
424 return inet_get(fd, AF_INET, IPPROTO_TCP, inode, "TCP");
428 udp_v4_get(const int fd, const unsigned long inode)
430 return inet_get(fd, AF_INET, IPPROTO_UDP, inode, "UDP");
434 tcp_v6_get(const int fd, const unsigned long inode)
436 return inet_get(fd, AF_INET6, IPPROTO_TCP, inode, "TCPv6");
440 udp_v6_get(const int fd, const unsigned long inode)
442 return inet_get(fd, AF_INET6, IPPROTO_UDP, inode, "UDPv6");
446 netlink_get(const int fd, const unsigned long inode)
448 return netlink_send_query(fd, inode)
449 && receive_responses(fd, inode, SOCK_DIAG_BY_FAMILY,
450 netlink_parse_response, (void *) "NETLINK")
451 ? get_sockaddr_by_inode_cached(inode) : NULL;
454 static const struct {
455 const char *const name;
456 const char * (*const get)(int, unsigned long);
458 [SOCK_PROTO_UNIX] = { "UNIX", unix_get },
459 [SOCK_PROTO_TCP] = { "TCP", tcp_v4_get },
460 [SOCK_PROTO_UDP] = { "UDP", udp_v4_get },
461 [SOCK_PROTO_TCPv6] = { "TCPv6", tcp_v6_get },
462 [SOCK_PROTO_UDPv6] = { "UDPv6", udp_v6_get },
463 [SOCK_PROTO_NETLINK] = { "NETLINK", netlink_get }
467 get_proto_by_name(const char *const name)
470 for (i = (unsigned int) SOCK_PROTO_UNKNOWN + 1;
471 i < ARRAY_SIZE(protocols); ++i) {
472 if (protocols[i].name && !strcmp(name, protocols[i].name))
473 return (enum sock_proto) i;
475 return SOCK_PROTO_UNKNOWN;
479 get_sockaddr_by_inode_uncached(const unsigned long inode,
480 const enum sock_proto proto)
482 if ((unsigned int) proto >= ARRAY_SIZE(protocols) ||
483 (proto != SOCK_PROTO_UNKNOWN && !protocols[proto].get))
486 const int fd = socket(AF_NETLINK, SOCK_RAW, NETLINK_SOCK_DIAG);
489 const char *details = NULL;
491 if (proto != SOCK_PROTO_UNKNOWN) {
492 details = protocols[proto].get(fd, inode);
495 for (i = (unsigned int) SOCK_PROTO_UNKNOWN + 1;
496 i < ARRAY_SIZE(protocols); ++i) {
497 if (!protocols[i].get)
499 details = protocols[i].get(fd, inode);
510 print_sockaddr_by_inode_uncached(const unsigned long inode,
511 const enum sock_proto proto)
513 const char *details = get_sockaddr_by_inode_uncached(inode, proto);
520 if ((unsigned int) proto < ARRAY_SIZE(protocols) &&
521 protocols[proto].name) {
522 tprintf("%s:[%lu]", protocols[proto].name, inode);
529 /* Given an inode number of a socket, return its protocol details. */
531 get_sockaddr_by_inode(struct tcb *const tcp, const int fd,
532 const unsigned long inode)
534 const char *details = get_sockaddr_by_inode_cached(inode);
535 return details ? details :
536 get_sockaddr_by_inode_uncached(inode, getfdproto(tcp, fd));
539 /* Given an inode number of a socket, print out its protocol details. */
541 print_sockaddr_by_inode(struct tcb *const tcp, const int fd,
542 const unsigned long inode)
544 return print_sockaddr_by_inode_cached(inode) ? true :
545 print_sockaddr_by_inode_uncached(inode, getfdproto(tcp, fd));
548 #ifdef HAVE_LINUX_GENETLINK_H
550 * Managing the cache for decoding communications of Netlink GENERIC protocol
552 * As name shown Netlink GENERIC protocol is generic protocol. The
553 * numbers of msg types used in the protocol are not defined
554 * statically. Kernel defines them on demand. So the xlat converted
555 * from header files doesn't help for decoding the protocol. Following
556 * codes are building xlat(dyxlat) at runtime.
559 genl_send_dump_families(const int fd)
562 const struct nlmsghdr nlh;
563 struct genlmsghdr gnlh;
566 .nlmsg_len = sizeof(req),
567 .nlmsg_type = GENL_ID_CTRL,
568 .nlmsg_flags = NLM_F_DUMP | NLM_F_REQUEST,
571 .cmd = CTRL_CMD_GETFAMILY,
574 return send_query(fd, &req, sizeof(req));
578 genl_parse_families_response(const void *const data,
579 const int data_len, const unsigned long inode,
582 struct dyxlat *const dyxlat = opaque_data;
583 const struct genlmsghdr *const gnlh = data;
585 int rta_len = data_len - NLMSG_LENGTH(sizeof(*gnlh));
588 unsigned int name_len = 0;
593 if (gnlh->cmd != CTRL_CMD_NEWFAMILY)
595 if (gnlh->version != 2)
598 for (attr = (struct rtattr *) (gnlh + 1);
599 RTA_OK(attr, rta_len);
600 attr = RTA_NEXT(attr, rta_len)) {
601 switch (attr->rta_type) {
602 case CTRL_ATTR_FAMILY_NAME:
604 name = RTA_DATA(attr);
605 name_len = RTA_PAYLOAD(attr);
608 case CTRL_ATTR_FAMILY_ID:
609 if (!id && RTA_PAYLOAD(attr) == sizeof(*id))
615 dyxlat_add_pair(dyxlat, *id, name, name_len);
625 genl_families_xlat(void)
627 static struct dyxlat *dyxlat;
630 dyxlat = dyxlat_alloc(32);
632 int fd = socket(AF_NETLINK, SOCK_RAW, NETLINK_GENERIC);
636 if (genl_send_dump_families(fd))
637 receive_responses(fd, 0, GENL_ID_CTRL,
638 genl_parse_families_response, dyxlat);
643 return dyxlat_get(dyxlat);
646 #else /* !HAVE_LINUX_GENETLINK_H */
649 genl_families_xlat(void)