You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
318 lines
8.8 KiB
318 lines
8.8 KiB
From 66a5b93dee386bc2f57033a150341752923b8b41 Mon Sep 17 00:00:00 2001 |
|
From: Gerard Garcia <ggarcia@deic.uab.cat> |
|
Date: Tue, 14 Jun 2016 16:45:44 +0200 |
|
Subject: [PATCH 13/13] Add printing support for vsockmon devices. |
|
|
|
Print Linux 4.12 vsockmon captures: |
|
|
|
# modprobe vsockmon |
|
# ip link add type vsockmon |
|
# ip link set vsockmon0 up |
|
# tcpdump -i vsockmon0 |
|
16:25:24.987917 VIRTIO 3.1025 > 2.1234 CONNECT, length 76 |
|
16:25:24.987963 VIRTIO 2.1234 > 3.1025 CONNECT, length 76 |
|
16:25:26.568271 VIRTIO 3.1025 > 2.1234 PAYLOAD, length 82 |
|
16:25:26.568512 VIRTIO 2.1234 > 3.1025 CONTROL, length 76 |
|
16:25:28.411335 VIRTIO 3.1025 > 2.1234 DISCONNECT, length 76 |
|
16:25:28.411628 VIRTIO 2.1234 > 3.1025 DISCONNECT, length 76 |
|
|
|
For more information about vsock see: |
|
http://wiki.qemu.org/Features/VirtioVsock |
|
--- |
|
Makefile.in | 1 + |
|
netdissect.h | 1 + |
|
print-vsock.c | 243 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ |
|
print.c | 3 + |
|
4 files changed, 248 insertions(+) |
|
create mode 100644 print-vsock.c |
|
|
|
diff --git a/Makefile.in b/Makefile.in |
|
index 0941f0e..a301878 100644 |
|
--- a/Makefile.in |
|
+++ b/Makefile.in |
|
@@ -226,6 +226,7 @@ LIBNETDISSECT_SRC=\ |
|
print-vjc.c \ |
|
print-vqp.c \ |
|
print-vrrp.c \ |
|
+ print-vsock.c \ |
|
print-vtp.c \ |
|
print-vxlan.c \ |
|
print-vxlan-gpe.c \ |
|
diff --git a/netdissect.h b/netdissect.h |
|
index 089b040..c89fcf1 100644 |
|
--- a/netdissect.h |
|
+++ b/netdissect.h |
|
@@ -444,6 +444,7 @@ extern u_int symantec_if_print IF_PRINTER_ARGS; |
|
extern u_int token_if_print IF_PRINTER_ARGS; |
|
extern u_int usb_linux_48_byte_print IF_PRINTER_ARGS; |
|
extern u_int usb_linux_64_byte_print IF_PRINTER_ARGS; |
|
+extern u_int vsock_print IF_PRINTER_ARGS; |
|
|
|
/* |
|
* Structure passed to some printers to allow them to print |
|
diff --git a/print-vsock.c b/print-vsock.c |
|
new file mode 100644 |
|
index 0000000..fc5694d |
|
--- /dev/null |
|
+++ b/print-vsock.c |
|
@@ -0,0 +1,243 @@ |
|
+/* |
|
+ * Copyright (c) 2016 Gerard Garcia <nouboh@gmail.com> |
|
+ * Copyright (c) 2017 Red Hat, Inc. |
|
+ * |
|
+ * Redistribution and use in source and binary forms, with or without |
|
+ * modification, are permitted provided that the following conditions |
|
+ * are met: |
|
+ * |
|
+ * 1. Redistributions of source code must retain the above copyright |
|
+ * notice, this list of conditions and the following disclaimer. |
|
+ * 2. Redistributions in binary form must reproduce the above copyright |
|
+ * notice, this list of conditions and the following disclaimer in |
|
+ * the documentation and/or other materials provided with the |
|
+ * distribution. |
|
+ * 3. The names of the authors may not be used to endorse or promote |
|
+ * products derived from this software without specific prior |
|
+ * written permission. |
|
+ * |
|
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR |
|
+ * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED |
|
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. |
|
+ */ |
|
+ |
|
+/* \summary: Linux vsock printer */ |
|
+ |
|
+#ifdef HAVE_CONFIG_H |
|
+#include "config.h" |
|
+#endif |
|
+ |
|
+#include <netdissect-stdinc.h> |
|
+#include <stddef.h> |
|
+ |
|
+#include "netdissect.h" |
|
+#include "extract.h" |
|
+ |
|
+static const char tstr[] = " [|vsock]"; |
|
+ |
|
+enum af_vsockmon_transport { |
|
+ AF_VSOCK_TRANSPORT_UNKNOWN = 0, |
|
+ AF_VSOCK_TRANSPORT_NO_INFO = 1, /* No transport information */ |
|
+ AF_VSOCK_TRANSPORT_VIRTIO = 2, /* Virtio transport header */ |
|
+}; |
|
+ |
|
+static const struct tok vsock_transport[] = { |
|
+ {AF_VSOCK_TRANSPORT_UNKNOWN, "UNKNOWN"}, |
|
+ {AF_VSOCK_TRANSPORT_NO_INFO, "NO_INFO"}, |
|
+ {AF_VSOCK_TRANSPORT_VIRTIO, "VIRTIO"}, |
|
+ { 0, NULL } |
|
+}; |
|
+ |
|
+enum af_vsockmon_op { |
|
+ AF_VSOCK_OP_UNKNOWN = 0, |
|
+ AF_VSOCK_OP_CONNECT = 1, |
|
+ AF_VSOCK_OP_DISCONNECT = 2, |
|
+ AF_VSOCK_OP_CONTROL = 3, |
|
+ AF_VSOCK_OP_PAYLOAD = 4, |
|
+}; |
|
+ |
|
+static const struct tok vsock_op[] = { |
|
+ {AF_VSOCK_OP_UNKNOWN, "UNKNOWN"}, |
|
+ {AF_VSOCK_OP_CONNECT, "CONNECT"}, |
|
+ {AF_VSOCK_OP_DISCONNECT, "DISCONNECT"}, |
|
+ {AF_VSOCK_OP_CONTROL, "CONTROL"}, |
|
+ {AF_VSOCK_OP_PAYLOAD, "PAYLOAD"}, |
|
+ { 0, NULL } |
|
+}; |
|
+ |
|
+enum virtio_vsock_type { |
|
+ VIRTIO_VSOCK_TYPE_STREAM = 1, |
|
+}; |
|
+ |
|
+static const struct tok virtio_type[] = { |
|
+ {VIRTIO_VSOCK_TYPE_STREAM, "STREAM"}, |
|
+ { 0, NULL } |
|
+}; |
|
+ |
|
+enum virtio_vsock_op { |
|
+ VIRTIO_VSOCK_OP_INVALID = 0, |
|
+ VIRTIO_VSOCK_OP_REQUEST = 1, |
|
+ VIRTIO_VSOCK_OP_RESPONSE = 2, |
|
+ VIRTIO_VSOCK_OP_RST = 3, |
|
+ VIRTIO_VSOCK_OP_SHUTDOWN = 4, |
|
+ VIRTIO_VSOCK_OP_RW = 5, |
|
+ VIRTIO_VSOCK_OP_CREDIT_UPDATE = 6, |
|
+ VIRTIO_VSOCK_OP_CREDIT_REQUEST = 7, |
|
+}; |
|
+ |
|
+static const struct tok virtio_op[] = { |
|
+ {VIRTIO_VSOCK_OP_INVALID, "INVALID"}, |
|
+ {VIRTIO_VSOCK_OP_REQUEST, "REQUEST"}, |
|
+ {VIRTIO_VSOCK_OP_RESPONSE, "RESPONSE"}, |
|
+ {VIRTIO_VSOCK_OP_RST, "RST"}, |
|
+ {VIRTIO_VSOCK_OP_SHUTDOWN, "SHUTDOWN"}, |
|
+ {VIRTIO_VSOCK_OP_RW, "RW"}, |
|
+ {VIRTIO_VSOCK_OP_CREDIT_UPDATE, "CREDIT UPDATE"}, |
|
+ {VIRTIO_VSOCK_OP_CREDIT_REQUEST, "CREDIT REQUEST"}, |
|
+ { 0, NULL } |
|
+}; |
|
+ |
|
+/* All fields are little-endian */ |
|
+ |
|
+struct virtio_vsock_hdr { |
|
+ uint64_t src_cid; |
|
+ uint64_t dst_cid; |
|
+ uint32_t src_port; |
|
+ uint32_t dst_port; |
|
+ uint32_t len; |
|
+ uint16_t type; /* enum virtio_vsock_type */ |
|
+ uint16_t op; /* enum virtio_vsock_op */ |
|
+ uint32_t flags; |
|
+ uint32_t buf_alloc; |
|
+ uint32_t fwd_cnt; |
|
+} UNALIGNED; |
|
+ |
|
+struct af_vsockmon_hdr { |
|
+ uint64_t src_cid; |
|
+ uint64_t dst_cid; |
|
+ uint32_t src_port; |
|
+ uint32_t dst_port; |
|
+ uint16_t op; /* enum af_vsockmon_op */ |
|
+ uint16_t transport; /* enum af_vosckmon_transport */ |
|
+ uint16_t len; /* size of transport header */ |
|
+ uint8_t reserved[2]; |
|
+}; |
|
+ |
|
+static void |
|
+vsock_virtio_hdr_print(netdissect_options *ndo, const struct virtio_vsock_hdr *hdr) |
|
+{ |
|
+ uint16_t u16_v; |
|
+ uint32_t u32_v; |
|
+ |
|
+ u32_v = EXTRACT_LE_32BITS(&hdr->len); |
|
+ ND_PRINT((ndo, "len %u", u32_v)); |
|
+ |
|
+ u16_v = EXTRACT_LE_16BITS(&hdr->type); |
|
+ ND_PRINT((ndo, ", type %s", |
|
+ tok2str(virtio_type, "Invalid type (%hu)", u16_v))); |
|
+ |
|
+ u16_v = EXTRACT_LE_16BITS(&hdr->op); |
|
+ ND_PRINT((ndo, ", op %s", |
|
+ tok2str(virtio_op, "Invalid op (%hu)", u16_v))); |
|
+ |
|
+ u32_v = EXTRACT_LE_32BITS(&hdr->flags); |
|
+ ND_PRINT((ndo, ", flags %x", u32_v)); |
|
+ |
|
+ u32_v = EXTRACT_LE_32BITS(&hdr->buf_alloc); |
|
+ ND_PRINT((ndo, ", buf_alloc %u", u32_v)); |
|
+ |
|
+ u32_v = EXTRACT_LE_32BITS(&hdr->fwd_cnt); |
|
+ ND_PRINT((ndo, ", fwd_cnt %u", u32_v)); |
|
+} |
|
+ |
|
+static size_t |
|
+vsock_transport_hdr_size(uint16_t transport) |
|
+{ |
|
+ switch (transport) { |
|
+ case AF_VSOCK_TRANSPORT_VIRTIO: |
|
+ return sizeof(struct virtio_vsock_hdr); |
|
+ default: |
|
+ return 0; |
|
+ } |
|
+} |
|
+ |
|
+static void |
|
+vsock_transport_hdr_print(netdissect_options *ndo, uint16_t transport, |
|
+ const u_char *p, const u_int len) |
|
+{ |
|
+ size_t transport_size = vsock_transport_hdr_size(transport); |
|
+ const void *hdr; |
|
+ |
|
+ if (len < sizeof(struct af_vsockmon_hdr) + transport_size) |
|
+ return; |
|
+ |
|
+ hdr = p + sizeof(struct af_vsockmon_hdr); |
|
+ switch (transport) { |
|
+ case AF_VSOCK_TRANSPORT_VIRTIO: |
|
+ ND_PRINT((ndo, " (")); |
|
+ vsock_virtio_hdr_print(ndo, hdr); |
|
+ ND_PRINT((ndo, ")")); |
|
+ break; |
|
+ default: |
|
+ break; |
|
+ } |
|
+} |
|
+ |
|
+static void |
|
+vsock_hdr_print(netdissect_options *ndo, const u_char *p, const u_int len) |
|
+{ |
|
+ uint16_t hdr_transport, hdr_op; |
|
+ uint32_t hdr_src_port, hdr_dst_port; |
|
+ uint64_t hdr_src_cid, hdr_dst_cid; |
|
+ size_t total_hdr_size; |
|
+ |
|
+ const struct af_vsockmon_hdr *hdr = (struct af_vsockmon_hdr *)p; |
|
+ |
|
+ hdr_transport = EXTRACT_LE_16BITS(&hdr->transport); |
|
+ ND_PRINT((ndo, "%s", |
|
+ tok2str(vsock_transport, "Invalid transport (%u)", |
|
+ hdr_transport))); |
|
+ |
|
+ /* If verbose level is more than 0 print transport details */ |
|
+ if (ndo->ndo_vflag) { |
|
+ vsock_transport_hdr_print(ndo, hdr_transport, p, len); |
|
+ ND_PRINT((ndo, "\n\t")); |
|
+ } else |
|
+ ND_PRINT((ndo, " ")); |
|
+ |
|
+ hdr_src_cid = EXTRACT_LE_64BITS(&hdr->src_cid); |
|
+ hdr_dst_cid = EXTRACT_LE_64BITS(&hdr->dst_cid); |
|
+ hdr_src_port = EXTRACT_LE_32BITS(&hdr->src_port); |
|
+ hdr_dst_port = EXTRACT_LE_32BITS(&hdr->dst_port); |
|
+ hdr_op = EXTRACT_LE_16BITS(&hdr->op); |
|
+ ND_PRINT((ndo, "%lu.%hu > %lu.%hu %s, length %u", |
|
+ hdr_src_cid, hdr_src_port, |
|
+ hdr_dst_cid, hdr_dst_port, |
|
+ tok2str(vsock_op, " invalid op (%u)", hdr_op), |
|
+ len)); |
|
+ |
|
+ /* If debug level is more than 1 print payload contents */ |
|
+ total_hdr_size = sizeof(struct af_vsockmon_hdr) + |
|
+ vsock_transport_hdr_size(hdr_transport); |
|
+ if (ndo->ndo_vflag > 1 && |
|
+ hdr_op == AF_VSOCK_OP_PAYLOAD && |
|
+ len > total_hdr_size) { |
|
+ const u_char *payload = p + total_hdr_size; |
|
+ |
|
+ ND_PRINT((ndo, "\n")); |
|
+ print_unknown_data(ndo, payload, "\t", len - total_hdr_size); |
|
+ } |
|
+} |
|
+ |
|
+u_int |
|
+vsock_print(netdissect_options *ndo, const struct pcap_pkthdr *h, const u_char *cp) |
|
+{ |
|
+ u_int len = h->len; |
|
+ |
|
+ if (len < sizeof(struct af_vsockmon_hdr)) |
|
+ ND_PRINT((ndo, "%s", tstr)); |
|
+ else |
|
+ vsock_hdr_print(ndo, cp, len); |
|
+ |
|
+ return len; |
|
+} |
|
diff --git a/print.c b/print.c |
|
index c76f344..1945cfd 100644 |
|
--- a/print.c |
|
+++ b/print.c |
|
@@ -220,6 +220,9 @@ static const struct printer printers[] = { |
|
#ifdef DLT_PPP_SERIAL |
|
{ ppp_hdlc_if_print, DLT_PPP_SERIAL }, |
|
#endif |
|
+#ifdef DLT_VSOCK |
|
+ { vsock_print, DLT_VSOCK }, |
|
+#endif |
|
{ NULL, 0 }, |
|
}; |
|
|
|
-- |
|
2.13.5 |
|
|
|
|