1/*
2 * dccp_probe - Observe the DCCP flow with kprobes.
3 *
4 * The idea for this came from Werner Almesberger's umlsim
5 * Copyright (C) 2004, Stephen Hemminger <shemminger@osdl.org>
6 *
7 * Modified for DCCP from Stephen Hemminger's code
8 * Copyright (C) 2006, Ian McDonald <ian.mcdonald@jandi.co.nz>
9 *
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License as published by
12 * the Free Software Foundation; either version 2 of the License, or
13 * (at your option) any later version.
14 *
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
18 * GNU General Public License for more details.
19 *
20 * You should have received a copy of the GNU General Public License
21 * along with this program; if not, write to the Free Software
22 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
23 */
24
25#include <linux/kernel.h>
26#include <linux/kprobes.h>
27#include <linux/socket.h>
28#include <linux/dccp.h>
29#include <linux/proc_fs.h>
30#include <linux/module.h>
31#include <linux/kfifo.h>
32#include <linux/vmalloc.h>
33#include <linux/time64.h>
34#include <linux/gfp.h>
35#include <net/net_namespace.h>
36
37#include "dccp.h"
38#include "ccid.h"
39#include "ccids/ccid3.h"
40
41static int port;
42
43static int bufsize = 64 * 1024;
44
45static const char procname[] = "dccpprobe";
46
47static struct {
48	struct kfifo	  fifo;
49	spinlock_t	  lock;
50	wait_queue_head_t wait;
51	struct timespec64 tstart;
52} dccpw;
53
54static void printl(const char *fmt, ...)
55{
56	va_list args;
57	int len;
58	struct timespec64 now;
59	char tbuf[256];
60
61	va_start(args, fmt);
62	getnstimeofday64(&now);
63
64	now = timespec64_sub(now, dccpw.tstart);
65
66	len = sprintf(tbuf, "%lu.%06lu ",
67		      (unsigned long) now.tv_sec,
68		      (unsigned long) now.tv_nsec / NSEC_PER_USEC);
69	len += vscnprintf(tbuf+len, sizeof(tbuf)-len, fmt, args);
70	va_end(args);
71
72	kfifo_in_locked(&dccpw.fifo, tbuf, len, &dccpw.lock);
73	wake_up(&dccpw.wait);
74}
75
76static int jdccp_sendmsg(struct sock *sk, struct msghdr *msg, size_t size)
77{
78	const struct inet_sock *inet = inet_sk(sk);
79	struct ccid3_hc_tx_sock *hc = NULL;
80
81	if (ccid_get_current_tx_ccid(dccp_sk(sk)) == DCCPC_CCID3)
82		hc = ccid3_hc_tx_sk(sk);
83
84	if (port == 0 || ntohs(inet->inet_dport) == port ||
85	    ntohs(inet->inet_sport) == port) {
86		if (hc)
87			printl("%pI4:%u %pI4:%u %d %d %d %d %u %llu %llu %d\n",
88			       &inet->inet_saddr, ntohs(inet->inet_sport),
89			       &inet->inet_daddr, ntohs(inet->inet_dport), size,
90			       hc->tx_s, hc->tx_rtt, hc->tx_p,
91			       hc->tx_x_calc, hc->tx_x_recv >> 6,
92			       hc->tx_x >> 6, hc->tx_t_ipi);
93		else
94			printl("%pI4:%u %pI4:%u %d\n",
95			       &inet->inet_saddr, ntohs(inet->inet_sport),
96			       &inet->inet_daddr, ntohs(inet->inet_dport),
97			       size);
98	}
99
100	jprobe_return();
101	return 0;
102}
103
104static struct jprobe dccp_send_probe = {
105	.kp	= {
106		.symbol_name = "dccp_sendmsg",
107	},
108	.entry	= jdccp_sendmsg,
109};
110
111static int dccpprobe_open(struct inode *inode, struct file *file)
112{
113	kfifo_reset(&dccpw.fifo);
114	getnstimeofday64(&dccpw.tstart);
115	return 0;
116}
117
118static ssize_t dccpprobe_read(struct file *file, char __user *buf,
119			      size_t len, loff_t *ppos)
120{
121	int error = 0, cnt = 0;
122	unsigned char *tbuf;
123
124	if (!buf)
125		return -EINVAL;
126
127	if (len == 0)
128		return 0;
129
130	tbuf = vmalloc(len);
131	if (!tbuf)
132		return -ENOMEM;
133
134	error = wait_event_interruptible(dccpw.wait,
135					 kfifo_len(&dccpw.fifo) != 0);
136	if (error)
137		goto out_free;
138
139	cnt = kfifo_out_locked(&dccpw.fifo, tbuf, len, &dccpw.lock);
140	error = copy_to_user(buf, tbuf, cnt) ? -EFAULT : 0;
141
142out_free:
143	vfree(tbuf);
144
145	return error ? error : cnt;
146}
147
148static const struct file_operations dccpprobe_fops = {
149	.owner	 = THIS_MODULE,
150	.open	 = dccpprobe_open,
151	.read    = dccpprobe_read,
152	.llseek  = noop_llseek,
153};
154
155static __init int dccpprobe_init(void)
156{
157	int ret = -ENOMEM;
158
159	init_waitqueue_head(&dccpw.wait);
160	spin_lock_init(&dccpw.lock);
161	if (kfifo_alloc(&dccpw.fifo, bufsize, GFP_KERNEL))
162		return ret;
163	if (!proc_create(procname, S_IRUSR, init_net.proc_net, &dccpprobe_fops))
164		goto err0;
165
166	ret = register_jprobe(&dccp_send_probe);
167	if (ret) {
168		ret = request_module("dccp");
169		if (!ret)
170			ret = register_jprobe(&dccp_send_probe);
171	}
172
173	if (ret)
174		goto err1;
175
176	pr_info("DCCP watch registered (port=%d)\n", port);
177	return 0;
178err1:
179	remove_proc_entry(procname, init_net.proc_net);
180err0:
181	kfifo_free(&dccpw.fifo);
182	return ret;
183}
184module_init(dccpprobe_init);
185
186static __exit void dccpprobe_exit(void)
187{
188	kfifo_free(&dccpw.fifo);
189	remove_proc_entry(procname, init_net.proc_net);
190	unregister_jprobe(&dccp_send_probe);
191
192}
193module_exit(dccpprobe_exit);
194
195MODULE_PARM_DESC(port, "Port to match (0=all)");
196module_param(port, int, 0);
197
198MODULE_PARM_DESC(bufsize, "Log buffer size (default 64k)");
199module_param(bufsize, int, 0);
200
201MODULE_AUTHOR("Ian McDonald <ian.mcdonald@jandi.co.nz>");
202MODULE_DESCRIPTION("DCCP snooper");
203MODULE_LICENSE("GPL");
204