1 /*
2 * dccp_probe - Observe the DCCP flow with kprobes.
3 *
4 * The idea for this came from Werner Almesberger's umlsim
5 * Copyright (C) 2004, Stephen Hemminger <shemminger@osdl.org>
6 *
7 * Modified for DCCP from Stephen Hemminger's code
8 * Copyright (C) 2006, Ian McDonald <ian.mcdonald@jandi.co.nz>
9 *
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License as published by
12 * the Free Software Foundation; either version 2 of the License, or
13 * (at your option) any later version.
14 *
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 * GNU General Public License for more details.
19 *
20 * You should have received a copy of the GNU General Public License
21 * along with this program; if not, write to the Free Software
22 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
23 */
24
25 #include <linux/kernel.h>
26 #include <linux/kprobes.h>
27 #include <linux/socket.h>
28 #include <linux/dccp.h>
29 #include <linux/proc_fs.h>
30 #include <linux/module.h>
31 #include <linux/kfifo.h>
32 #include <linux/vmalloc.h>
33 #include <linux/gfp.h>
34 #include <net/net_namespace.h>
35
36 #include "dccp.h"
37 #include "ccid.h"
38 #include "ccids/ccid3.h"
39
40 static int port;
41
42 static int bufsize = 64 * 1024;
43
44 static const char procname[] = "dccpprobe";
45
46 static struct {
47 struct kfifo fifo;
48 spinlock_t lock;
49 wait_queue_head_t wait;
50 struct timespec tstart;
51 } dccpw;
52
53 static void printl(const char *fmt, ...)
54 {
55 va_list args;
56 int len;
57 struct timespec now;
58 char tbuf[256];
59
60 va_start(args, fmt);
61 getnstimeofday(&now);
62
63 now = timespec_sub(now, dccpw.tstart);
64
65 len = sprintf(tbuf, "%lu.%06lu ",
66 (unsigned long) now.tv_sec,
67 (unsigned long) now.tv_nsec / NSEC_PER_USEC);
68 len += vscnprintf(tbuf+len, sizeof(tbuf)-len, fmt, args);
69 va_end(args);
70
71 kfifo_in_locked(&dccpw.fifo, tbuf, len, &dccpw.lock);
72 wake_up(&dccpw.wait);
73 }
74
75 static int jdccp_sendmsg(struct kiocb *iocb, struct sock *sk,
76 struct msghdr *msg, size_t size)
77 {
78 const struct inet_sock *inet = inet_sk(sk);
79 struct ccid3_hc_tx_sock *hc = NULL;
80
81 if (ccid_get_current_tx_ccid(dccp_sk(sk)) == DCCPC_CCID3)
82 hc = ccid3_hc_tx_sk(sk);
83
84 if (port == 0 || ntohs(inet->inet_dport) == port ||
85 ntohs(inet->inet_sport) == port) {
86 if (hc)
87 printl("%pI4:%u %pI4:%u %d %d %d %d %u %llu %llu %d\n",
88 &inet->inet_saddr, ntohs(inet->inet_sport),
89 &inet->inet_daddr, ntohs(inet->inet_dport), size,
90 hc->tx_s, hc->tx_rtt, hc->tx_p,
91 hc->tx_x_calc, hc->tx_x_recv >> 6,
92 hc->tx_x >> 6, hc->tx_t_ipi);
93 else
94 printl("%pI4:%u %pI4:%u %d\n",
95 &inet->inet_saddr, ntohs(inet->inet_sport),
96 &inet->inet_daddr, ntohs(inet->inet_dport),
97 size);
98 }
99
100 jprobe_return();
101 return 0;
102 }
103
104 static struct jprobe dccp_send_probe = {
105 .kp = {
106 .symbol_name = "dccp_sendmsg",
107 },
108 .entry = jdccp_sendmsg,
109 };
110
111 static int dccpprobe_open(struct inode *inode, struct file *file)
112 {
113 kfifo_reset(&dccpw.fifo);
114 getnstimeofday(&dccpw.tstart);
115 return 0;
116 }
117
118 static ssize_t dccpprobe_read(struct file *file, char __user *buf,
119 size_t len, loff_t *ppos)
120 {
121 int error = 0, cnt = 0;
122 unsigned char *tbuf;
123
124 if (!buf)
125 return -EINVAL;
126
127 if (len == 0)
128 return 0;
129
130 tbuf = vmalloc(len);
131 if (!tbuf)
132 return -ENOMEM;
133
134 error = wait_event_interruptible(dccpw.wait,
135 kfifo_len(&dccpw.fifo) != 0);
136 if (error)
137 goto out_free;
138
139 cnt = kfifo_out_locked(&dccpw.fifo, tbuf, len, &dccpw.lock);
140 error = copy_to_user(buf, tbuf, cnt) ? -EFAULT : 0;
141
142 out_free:
143 vfree(tbuf);
144
145 return error ? error : cnt;
146 }
147
148 static const struct file_operations dccpprobe_fops = {
149 .owner = THIS_MODULE,
150 .open = dccpprobe_open,
151 .read = dccpprobe_read,
152 .llseek = noop_llseek,
153 };
154
155 static __init int setup_jprobe(void)
156 {
157 int ret = register_jprobe(&dccp_send_probe);
158
159 if (ret) {
160 request_module("dccp");
161 ret = register_jprobe(&dccp_send_probe);
162 }
163 return ret;
164 }
165
166 static __init int dccpprobe_init(void)
167 {
168 int ret = -ENOMEM;
169
170 init_waitqueue_head(&dccpw.wait);
171 spin_lock_init(&dccpw.lock);
172 if (kfifo_alloc(&dccpw.fifo, bufsize, GFP_KERNEL))
173 return ret;
174 if (!proc_create(procname, S_IRUSR, init_net.proc_net, &dccpprobe_fops))
175 goto err0;
176
177 ret = setup_jprobe();
178 if (ret)
179 goto err1;
180
181 pr_info("DCCP watch registered (port=%d)\n", port);
182 return 0;
183 err1:
184 remove_proc_entry(procname, init_net.proc_net);
185 err0:
186 kfifo_free(&dccpw.fifo);
187 return ret;
188 }
189 module_init(dccpprobe_init);
190
191 static __exit void dccpprobe_exit(void)
192 {
193 kfifo_free(&dccpw.fifo);
194 remove_proc_entry(procname, init_net.proc_net);
195 unregister_jprobe(&dccp_send_probe);
196
197 }
198 module_exit(dccpprobe_exit);
199
200 MODULE_PARM_DESC(port, "Port to match (0=all)");
201 module_param(port, int, 0);
202
203 MODULE_PARM_DESC(bufsize, "Log buffer size (default 64k)");
204 module_param(bufsize, int, 0);
205
206 MODULE_AUTHOR("Ian McDonald <ian.mcdonald@jandi.co.nz>");
207 MODULE_DESCRIPTION("DCCP snooper");
208 MODULE_LICENSE("GPL");
209
Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.