From e4fc408e0e99fd2e009c8b3702d9637f5554fd5c Mon Sep 17 00:00:00 2001 From: Daniel Borkmann Date: Fri, 21 Jun 2013 19:38:08 +0200 Subject: packet: nlmon: virtual netlink monitoring device for packet sockets Currently, there is no good possibility to debug netlink traffic that is being exchanged between kernel and user space. Therefore, this patch implements a netlink virtual device, so that netlink messages will be made visible to PF_PACKET sockets. Once there was an approach with a similar idea [1], but it got forgotten somehow. I think it makes most sense to accept the "overhead" of an extra netlink net device over implementing the same functionality from PF_PACKET sockets once again into netlink sockets. We have BPF filters that can already be easily applied which even have netlink extensions, we have RX_RING zero-copy between kernel- and user space that can be reused, and much more features. So instead of re-implementing all of this, we simply pass the skb to a given PF_PACKET socket for further analysis. Another nice benefit that comes from that is that no code needs to be changed in user space packet analyzers (maybe adding a dissector, but not more), thus out of the box, we can already capture pcap files of netlink traffic to debug/troubleshoot netlink problems. Also thanks goes to Thomas Graf, Flavio Leitner, Jesper Dangaard Brouer. [1] http://marc.info/?l=linux-netdev&m=113813401516110 Signed-off-by: Daniel Borkmann Signed-off-by: David S. Miller --- drivers/net/nlmon.c | 170 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 170 insertions(+) create mode 100644 drivers/net/nlmon.c (limited to 'drivers/net/nlmon.c') diff --git a/drivers/net/nlmon.c b/drivers/net/nlmon.c new file mode 100644 index 000000000000..dc364be6e61e --- /dev/null +++ b/drivers/net/nlmon.c @@ -0,0 +1,170 @@ +#include +#include +#include +#include +#include +#include + +struct pcpu_lstats { + u64 packets; + u64 bytes; + struct u64_stats_sync syncp; +}; + +static netdev_tx_t nlmon_xmit(struct sk_buff *skb, struct net_device *dev) +{ + int len = skb->len; + struct pcpu_lstats *stats = this_cpu_ptr(dev->lstats); + + u64_stats_update_begin(&stats->syncp); + stats->bytes += len; + stats->packets++; + u64_stats_update_end(&stats->syncp); + + dev_kfree_skb(skb); + + return NETDEV_TX_OK; +} + +static int nlmon_is_valid_mtu(int new_mtu) +{ + return new_mtu >= sizeof(struct nlmsghdr) && new_mtu <= INT_MAX; +} + +static int nlmon_change_mtu(struct net_device *dev, int new_mtu) +{ + if (!nlmon_is_valid_mtu(new_mtu)) + return -EINVAL; + + dev->mtu = new_mtu; + return 0; +} + +static int nlmon_dev_init(struct net_device *dev) +{ + dev->lstats = alloc_percpu(struct pcpu_lstats); + + return dev->lstats == NULL ? -ENOMEM : 0; +} + +static void nlmon_dev_uninit(struct net_device *dev) +{ + free_percpu(dev->lstats); +} + +static struct netlink_tap nlmon_tap; + +static int nlmon_open(struct net_device *dev) +{ + return netlink_add_tap(&nlmon_tap); +} + +static int nlmon_close(struct net_device *dev) +{ + return netlink_remove_tap(&nlmon_tap); +} + +static struct rtnl_link_stats64 * +nlmon_get_stats64(struct net_device *dev, struct rtnl_link_stats64 *stats) +{ + int i; + u64 bytes = 0, packets = 0; + + for_each_possible_cpu(i) { + const struct pcpu_lstats *nl_stats; + u64 tbytes, tpackets; + unsigned int start; + + nl_stats = per_cpu_ptr(dev->lstats, i); + + do { + start = u64_stats_fetch_begin_bh(&nl_stats->syncp); + tbytes = nl_stats->bytes; + tpackets = nl_stats->packets; + } while (u64_stats_fetch_retry_bh(&nl_stats->syncp, start)); + + packets += tpackets; + bytes += tbytes; + } + + stats->rx_packets = packets; + stats->tx_packets = 0; + + stats->rx_bytes = bytes; + stats->tx_bytes = 0; + + return stats; +} + +static u32 always_on(struct net_device *dev) +{ + return 1; +} + +static const struct ethtool_ops nlmon_ethtool_ops = { + .get_link = always_on, +}; + +static const struct net_device_ops nlmon_ops = { + .ndo_init = nlmon_dev_init, + .ndo_uninit = nlmon_dev_uninit, + .ndo_open = nlmon_open, + .ndo_stop = nlmon_close, + .ndo_start_xmit = nlmon_xmit, + .ndo_get_stats64 = nlmon_get_stats64, + .ndo_change_mtu = nlmon_change_mtu, +}; + +static struct netlink_tap nlmon_tap __read_mostly = { + .module = THIS_MODULE, +}; + +static void nlmon_setup(struct net_device *dev) +{ + dev->type = ARPHRD_NETLINK; + dev->tx_queue_len = 0; + + dev->netdev_ops = &nlmon_ops; + dev->ethtool_ops = &nlmon_ethtool_ops; + dev->destructor = free_netdev; + + dev->features = NETIF_F_FRAGLIST | NETIF_F_HIGHDMA; + dev->flags = IFF_NOARP; + + /* That's rather a softlimit here, which, of course, + * can be altered. Not a real MTU, but what is to be + * expected in most cases. + */ + dev->mtu = NLMSG_GOODSIZE; +} + +static __init int nlmon_register(void) +{ + int err; + struct net_device *nldev; + + nldev = nlmon_tap.dev = alloc_netdev(0, "netlink", nlmon_setup); + if (unlikely(nldev == NULL)) + return -ENOMEM; + + err = register_netdev(nldev); + if (unlikely(err)) + free_netdev(nldev); + + return err; +} + +static __exit void nlmon_unregister(void) +{ + struct net_device *nldev = nlmon_tap.dev; + + unregister_netdev(nldev); +} + +module_init(nlmon_register); +module_exit(nlmon_unregister); + +MODULE_LICENSE("GPL v2"); +MODULE_AUTHOR("Daniel Borkmann "); +MODULE_AUTHOR("Mathieu Geli "); +MODULE_DESCRIPTION("Netlink monitoring device"); -- cgit v1.2.3 From 3b233fe0435518169af03027aedc83d42eb28ac4 Mon Sep 17 00:00:00 2001 From: Daniel Borkmann Date: Thu, 27 Jun 2013 13:44:26 +0200 Subject: nlmon: fix comparison in nlmon_is_valid_mtu This patch fixes the following warning introduced in e4fc408e0e99 ("packet: nlmon: virtual netlink monitoring device for packet sockets") reported by Dan Carpenter: warning: "drivers/net/nlmon.c:31 nlmon_is_valid_mtu() warn: always true condition '(new_mtu <= ((~0 >> 1))) => (s32min-s32max <= s32max)'" Thus, we should simply remove the test against INT_MAX. Next to that we also need to explicitly cast the sizeof() case as the comparison is type promoted to unsigned long so negative values are then valid instead of invalid. While at it, this also adds a comment about Netlink and MTUs. Reported-by: Dan Carpenter Signed-off-by: Daniel Borkmann Signed-off-by: David S. Miller --- drivers/net/nlmon.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'drivers/net/nlmon.c') diff --git a/drivers/net/nlmon.c b/drivers/net/nlmon.c index dc364be6e61e..a0baf56f5826 100644 --- a/drivers/net/nlmon.c +++ b/drivers/net/nlmon.c @@ -28,7 +28,11 @@ static netdev_tx_t nlmon_xmit(struct sk_buff *skb, struct net_device *dev) static int nlmon_is_valid_mtu(int new_mtu) { - return new_mtu >= sizeof(struct nlmsghdr) && new_mtu <= INT_MAX; + /* Note that in netlink we do not really have an upper limit. On + * default, we use NLMSG_GOODSIZE. Here at least we should make + * sure that it's at least the header size. + */ + return new_mtu >= (int) sizeof(struct nlmsghdr); } static int nlmon_change_mtu(struct net_device *dev, int new_mtu) -- cgit v1.2.3 From 7e6d4da837385d9aa2e5fd84e0a6042cddc9e708 Mon Sep 17 00:00:00 2001 From: Jiri Pirko Date: Tue, 2 Jul 2013 10:55:31 +0200 Subject: nlmon: use standard rtnetlink link api for add/del devices It is not nice when netdev is created right after module load and with some implicit name. So rather change nlmon to use standard rtnl link API. Signed-off-by: Jiri Pirko Acked-by: Daniel Borkmann Signed-off-by: David S. Miller --- drivers/net/nlmon.c | 49 ++++++++++++++++++++++++++++--------------------- 1 file changed, 28 insertions(+), 21 deletions(-) (limited to 'drivers/net/nlmon.c') diff --git a/drivers/net/nlmon.c b/drivers/net/nlmon.c index a0baf56f5826..b57ce5f48962 100644 --- a/drivers/net/nlmon.c +++ b/drivers/net/nlmon.c @@ -4,6 +4,7 @@ #include #include #include +#include struct pcpu_lstats { u64 packets; @@ -56,16 +57,24 @@ static void nlmon_dev_uninit(struct net_device *dev) free_percpu(dev->lstats); } -static struct netlink_tap nlmon_tap; +struct nlmon { + struct netlink_tap nt; +}; static int nlmon_open(struct net_device *dev) { - return netlink_add_tap(&nlmon_tap); + struct nlmon *nlmon = netdev_priv(dev); + + nlmon->nt.dev = dev; + nlmon->nt.module = THIS_MODULE; + return netlink_add_tap(&nlmon->nt); } static int nlmon_close(struct net_device *dev) { - return netlink_remove_tap(&nlmon_tap); + struct nlmon *nlmon = netdev_priv(dev); + + return netlink_remove_tap(&nlmon->nt); } static struct rtnl_link_stats64 * @@ -119,10 +128,6 @@ static const struct net_device_ops nlmon_ops = { .ndo_change_mtu = nlmon_change_mtu, }; -static struct netlink_tap nlmon_tap __read_mostly = { - .module = THIS_MODULE, -}; - static void nlmon_setup(struct net_device *dev) { dev->type = ARPHRD_NETLINK; @@ -142,27 +147,28 @@ static void nlmon_setup(struct net_device *dev) dev->mtu = NLMSG_GOODSIZE; } -static __init int nlmon_register(void) +static int nlmon_validate(struct nlattr *tb[], struct nlattr *data[]) { - int err; - struct net_device *nldev; - - nldev = nlmon_tap.dev = alloc_netdev(0, "netlink", nlmon_setup); - if (unlikely(nldev == NULL)) - return -ENOMEM; + if (tb[IFLA_ADDRESS]) + return -EINVAL; + return 0; +} - err = register_netdev(nldev); - if (unlikely(err)) - free_netdev(nldev); +static struct rtnl_link_ops nlmon_link_ops __read_mostly = { + .kind = "nlmon", + .priv_size = sizeof(struct nlmon), + .setup = nlmon_setup, + .validate = nlmon_validate, +}; - return err; +static __init int nlmon_register(void) +{ + return rtnl_link_register(&nlmon_link_ops); } static __exit void nlmon_unregister(void) { - struct net_device *nldev = nlmon_tap.dev; - - unregister_netdev(nldev); + rtnl_link_unregister(&nlmon_link_ops); } module_init(nlmon_register); @@ -172,3 +178,4 @@ MODULE_LICENSE("GPL v2"); MODULE_AUTHOR("Daniel Borkmann "); MODULE_AUTHOR("Mathieu Geli "); MODULE_DESCRIPTION("Netlink monitoring device"); +MODULE_ALIAS_RTNL_LINK("nlmon"); -- cgit v1.2.3