1/* 2 * Copyright (c) 2006 Paolo Abeni (Italy) 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 9 * 1. Redistributions of source code must retain the above copyright 10 * notice, this list of conditions and the following disclaimer. 11 * 2. Redistributions in binary form must reproduce the above copyright 12 * notice, this list of conditions and the following disclaimer in the 13 * documentation and/or other materials provided with the distribution. 14 * 3. The name of the author may not be used to endorse or promote 15 * products derived from this software without specific prior written 16 * permission. 17 * 18 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 19 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 20 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 21 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 22 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 23 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 24 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 25 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 26 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 27 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 28 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 29 * 30 * USB sniffing API implementation for Linux platform 31 * By Paolo Abeni <paolo.abeni@email.it> 32 * Modifications: Kris Katterjohn <katterjohn@gmail.com> 33 * 34 */ 35#ifndef lint 36static const char rcsid[] _U_ = 37 "@(#) $Header: /tcpdump/master/libpcap/pcap-usb-linux.c,v 1.33 2008-12-23 21:38:50 guy Exp $ (LBL)"; 38#endif 39 40#ifdef HAVE_CONFIG_H 41#include "config.h" 42#endif 43 44#include "pcap-int.h" 45#include "pcap-usb-linux.h" 46#include "pcap/usb.h" 47 48#ifdef NEED_STRERROR_H 49#include "strerror.h" 50#endif 51 52#include <ctype.h> 53#include <errno.h> 54#include <stdlib.h> 55#include <unistd.h> 56#include <fcntl.h> 57#include <string.h> 58#include <dirent.h> 59#include <byteswap.h> 60#include <netinet/in.h> 61#include <sys/ioctl.h> 62#include <sys/mman.h> 63#ifdef HAVE_LINUX_USBDEVICE_FS_H 64/* 65 * We might need <linux/compiler.h> to define __user for 66 * <linux/usbdevice_fs.h>. 67 */ 68#ifdef HAVE_LINUX_COMPILER_H 69#include <linux/compiler.h> 70#endif /* HAVE_LINUX_COMPILER_H */ 71#include <linux/usbdevice_fs.h> 72#endif /* HAVE_LINUX_USBDEVICE_FS_H */ 73 74#define USB_IFACE "usbmon" 75#define USB_TEXT_DIR_OLD "/sys/kernel/debug/usbmon" 76#define USB_TEXT_DIR "/sys/kernel/debug/usb/usbmon" 77#define SYS_USB_BUS_DIR "/sys/bus/usb/devices" 78#define PROC_USB_BUS_DIR "/proc/bus/usb" 79#define USB_LINE_LEN 4096 80 81#if __BYTE_ORDER == __LITTLE_ENDIAN 82#define htols(s) s 83#define htoll(l) l 84#define htol64(ll) ll 85#else 86#define htols(s) bswap_16(s) 87#define htoll(l) bswap_32(l) 88#define htol64(ll) bswap_64(ll) 89#endif 90 91struct mon_bin_stats { 92 u_int32_t queued; 93 u_int32_t dropped; 94}; 95 96struct mon_bin_get { 97 pcap_usb_header *hdr; 98 void *data; 99 size_t data_len; /* Length of data (can be zero) */ 100}; 101 102struct mon_bin_mfetch { 103 int32_t *offvec; /* Vector of events fetched */ 104 int32_t nfetch; /* Number of events to fetch (out: fetched) */ 105 int32_t nflush; /* Number of events to flush */ 106}; 107 108#define MON_IOC_MAGIC 0x92 109 110#define MON_IOCQ_URB_LEN _IO(MON_IOC_MAGIC, 1) 111#define MON_IOCX_URB _IOWR(MON_IOC_MAGIC, 2, struct mon_bin_hdr) 112#define MON_IOCG_STATS _IOR(MON_IOC_MAGIC, 3, struct mon_bin_stats) 113#define MON_IOCT_RING_SIZE _IO(MON_IOC_MAGIC, 4) 114#define MON_IOCQ_RING_SIZE _IO(MON_IOC_MAGIC, 5) 115#define MON_IOCX_GET _IOW(MON_IOC_MAGIC, 6, struct mon_bin_get) 116#define MON_IOCX_MFETCH _IOWR(MON_IOC_MAGIC, 7, struct mon_bin_mfetch) 117#define MON_IOCH_MFLUSH _IO(MON_IOC_MAGIC, 8) 118 119#define MON_BIN_SETUP 0x1 /* setup hdr is present*/ 120#define MON_BIN_SETUP_ZERO 0x2 /* setup buffer is not available */ 121#define MON_BIN_DATA_ZERO 0x4 /* data buffer is not available */ 122#define MON_BIN_ERROR 0x8 123 124/* forward declaration */ 125static int usb_activate(pcap_t *); 126static int usb_stats_linux(pcap_t *, struct pcap_stat *); 127static int usb_stats_linux_bin(pcap_t *, struct pcap_stat *); 128static int usb_read_linux(pcap_t *, int , pcap_handler , u_char *); 129static int usb_read_linux_bin(pcap_t *, int , pcap_handler , u_char *); 130static int usb_read_linux_mmap(pcap_t *, int , pcap_handler , u_char *); 131static int usb_inject_linux(pcap_t *, const void *, size_t); 132static int usb_setdirection_linux(pcap_t *, pcap_direction_t); 133static void usb_cleanup_linux_mmap(pcap_t *); 134 135/* facility to add an USB device to the device list*/ 136static int 137usb_dev_add(pcap_if_t** alldevsp, int n, char *err_str) 138{ 139 char dev_name[10]; 140 char dev_descr[30]; 141 snprintf(dev_name, 10, USB_IFACE"%d", n); 142 snprintf(dev_descr, 30, "USB bus number %d", n); 143 144 if (pcap_add_if(alldevsp, dev_name, 0, 145 dev_descr, err_str) < 0) 146 return -1; 147 return 0; 148} 149 150int 151usb_platform_finddevs(pcap_if_t **alldevsp, char *err_str) 152{ 153 struct dirent* data; 154 int ret = 0; 155 DIR* dir; 156 int n; 157 char* name; 158 size_t len; 159 160 /* try scanning sysfs usb bus directory */ 161 dir = opendir(SYS_USB_BUS_DIR); 162 if (dir != NULL) { 163 while ((ret == 0) && ((data = readdir(dir)) != 0)) { 164 name = data->d_name; 165 166 if (strncmp(name, "usb", 3) != 0) 167 continue; 168 169 if (sscanf(&name[3], "%d", &n) == 0) 170 continue; 171 172 ret = usb_dev_add(alldevsp, n, err_str); 173 } 174 175 closedir(dir); 176 return ret; 177 } 178 179 /* that didn't work; try scanning procfs usb bus directory */ 180 dir = opendir(PROC_USB_BUS_DIR); 181 if (dir != NULL) { 182 while ((ret == 0) && ((data = readdir(dir)) != 0)) { 183 name = data->d_name; 184 len = strlen(name); 185 186 /* if this file name does not end with a number it's not of our interest */ 187 if ((len < 1) || !isdigit(name[--len])) 188 continue; 189 while (isdigit(name[--len])); 190 if (sscanf(&name[len+1], "%d", &n) != 1) 191 continue; 192 193 ret = usb_dev_add(alldevsp, n, err_str); 194 } 195 196 closedir(dir); 197 return ret; 198 } 199 200 /* neither of them worked */ 201 return 0; 202} 203 204static 205int usb_mmap(pcap_t* handle) 206{ 207 int len = ioctl(handle->fd, MON_IOCQ_RING_SIZE); 208 if (len < 0) 209 return 0; 210 211 handle->md.mmapbuflen = len; 212 handle->md.mmapbuf = mmap(0, handle->md.mmapbuflen, PROT_READ, 213 MAP_SHARED, handle->fd, 0); 214 return handle->md.mmapbuf != MAP_FAILED; 215} 216 217#define CTRL_TIMEOUT (5*1000) /* milliseconds */ 218 219#define USB_DIR_IN 0x80 220#define USB_TYPE_STANDARD 0x00 221#define USB_RECIP_DEVICE 0x00 222 223#define USB_REQ_GET_DESCRIPTOR 6 224 225#define USB_DT_DEVICE 1 226 227/* probe the descriptors of the devices attached to the bus */ 228/* the descriptors will end up in the captured packet stream */ 229/* and be decoded by external apps like wireshark */ 230/* without these identifying probes packet data can't be fully decoded */ 231static void 232probe_devices(int bus) 233{ 234 struct usbdevfs_ctrltransfer ctrl; 235 struct dirent* data; 236 int ret = 0; 237 char buf[40]; 238 DIR* dir; 239 240 /* scan usb bus directories for device nodes */ 241 snprintf(buf, sizeof(buf), "/dev/bus/usb/%03d", bus); 242 dir = opendir(buf); 243 if (!dir) 244 return; 245 246 while ((ret >= 0) && ((data = readdir(dir)) != 0)) { 247 int fd; 248 char* name = data->d_name; 249 250 if (name[0] == '.') 251 continue; 252 253 snprintf(buf, sizeof(buf), "/dev/bus/usb/%03d/%s", bus, data->d_name); 254 255 fd = open(buf, O_RDWR); 256 if (fd == -1) 257 continue; 258 259 /* 260 * Sigh. Different kernels have different member names 261 * for this structure. 262 */ 263#ifdef HAVE_USBDEVFS_CTRLTRANSFER_BREQUESTTYPE 264 ctrl.bRequestType = USB_DIR_IN | USB_TYPE_STANDARD | USB_RECIP_DEVICE; 265 ctrl.bRequest = USB_REQ_GET_DESCRIPTOR; 266 ctrl.wValue = USB_DT_DEVICE << 8; 267 ctrl.wIndex = 0; 268 ctrl.wLength = sizeof(buf); 269#else 270 ctrl.requesttype = USB_DIR_IN | USB_TYPE_STANDARD | USB_RECIP_DEVICE; 271 ctrl.request = USB_REQ_GET_DESCRIPTOR; 272 ctrl.value = USB_DT_DEVICE << 8; 273 ctrl.index = 0; 274 ctrl.length = sizeof(buf); 275#endif 276 ctrl.data = buf; 277 ctrl.timeout = CTRL_TIMEOUT; 278 279 ret = ioctl(fd, USBDEVFS_CONTROL, &ctrl); 280 281 close(fd); 282 } 283 closedir(dir); 284} 285 286pcap_t * 287usb_create(const char *device, char *ebuf) 288{ 289 pcap_t *p; 290 291 p = pcap_create_common(device, ebuf); 292 if (p == NULL) 293 return (NULL); 294 295 p->activate_op = usb_activate; 296 return (p); 297} 298 299static int 300usb_activate(pcap_t* handle) 301{ 302 char full_path[USB_LINE_LEN]; 303 304 /* Initialize some components of the pcap structure. */ 305 handle->bufsize = handle->snapshot; 306 handle->offset = 0; 307 handle->linktype = DLT_USB_LINUX; 308 309 handle->inject_op = usb_inject_linux; 310 handle->setfilter_op = install_bpf_program; /* no kernel filtering */ 311 handle->setdirection_op = usb_setdirection_linux; 312 handle->set_datalink_op = NULL; /* can't change data link type */ 313 handle->getnonblock_op = pcap_getnonblock_fd; 314 handle->setnonblock_op = pcap_setnonblock_fd; 315 316 /*get usb bus index from device name */ 317 if (sscanf(handle->opt.source, USB_IFACE"%d", &handle->md.ifindex) != 1) 318 { 319 snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, 320 "Can't get USB bus index from %s", handle->opt.source); 321 return PCAP_ERROR; 322 } 323 324 /*now select the read method: try to open binary interface */ 325 snprintf(full_path, USB_LINE_LEN, LINUX_USB_MON_DEV"%d", handle->md.ifindex); 326 handle->fd = open(full_path, O_RDONLY, 0); 327 if (handle->fd >= 0) 328 { 329 if (handle->opt.rfmon) { 330 /* 331 * Monitor mode doesn't apply to USB devices. 332 */ 333 close(handle->fd); 334 return PCAP_ERROR_RFMON_NOTSUP; 335 } 336 337 /* binary api is available, try to use fast mmap access */ 338 if (usb_mmap(handle)) { 339 handle->linktype = DLT_USB_LINUX_MMAPPED; 340 handle->stats_op = usb_stats_linux_bin; 341 handle->read_op = usb_read_linux_mmap; 342 handle->cleanup_op = usb_cleanup_linux_mmap; 343 probe_devices(handle->md.ifindex); 344 345 /* 346 * "handle->fd" is a real file, so "select()" and 347 * "poll()" work on it. 348 */ 349 handle->selectable_fd = handle->fd; 350 return 0; 351 } 352 353 /* can't mmap, use plain binary interface access */ 354 handle->stats_op = usb_stats_linux_bin; 355 handle->read_op = usb_read_linux_bin; 356 probe_devices(handle->md.ifindex); 357 } 358 else { 359 /*Binary interface not available, try open text interface */ 360 snprintf(full_path, USB_LINE_LEN, USB_TEXT_DIR"/%dt", handle->md.ifindex); 361 handle->fd = open(full_path, O_RDONLY, 0); 362 if (handle->fd < 0) 363 { 364 if (errno == ENOENT) 365 { 366 /* 367 * Not found at the new location; try 368 * the old location. 369 */ 370 snprintf(full_path, USB_LINE_LEN, USB_TEXT_DIR_OLD"/%dt", handle->md.ifindex); 371 handle->fd = open(full_path, O_RDONLY, 0); 372 } 373 if (handle->fd < 0) { 374 /* no more fallback, give it up*/ 375 snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, 376 "Can't open USB bus file %s: %s", full_path, strerror(errno)); 377 return PCAP_ERROR; 378 } 379 } 380 381 if (handle->opt.rfmon) { 382 /* 383 * Monitor mode doesn't apply to USB devices. 384 */ 385 close(handle->fd); 386 return PCAP_ERROR_RFMON_NOTSUP; 387 } 388 389 handle->stats_op = usb_stats_linux; 390 handle->read_op = usb_read_linux; 391 } 392 393 /* 394 * "handle->fd" is a real file, so "select()" and "poll()" 395 * work on it. 396 */ 397 handle->selectable_fd = handle->fd; 398 399 /* for plain binary access and text access we need to allocate the read 400 * buffer */ 401 handle->buffer = malloc(handle->bufsize); 402 if (!handle->buffer) { 403 snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, 404 "malloc: %s", pcap_strerror(errno)); 405 close(handle->fd); 406 return PCAP_ERROR; 407 } 408 return 0; 409} 410 411static inline int 412ascii_to_int(char c) 413{ 414 return c < 'A' ? c- '0': ((c<'a') ? c - 'A' + 10: c-'a'+10); 415} 416 417/* 418 * see <linux-kernel-source>/Documentation/usb/usbmon.txt and 419 * <linux-kernel-source>/drivers/usb/mon/mon_text.c for urb string 420 * format description 421 */ 422static int 423usb_read_linux(pcap_t *handle, int max_packets, pcap_handler callback, u_char *user) 424{ 425 /* see: 426 * /usr/src/linux/Documentation/usb/usbmon.txt 427 * for message format 428 */ 429 unsigned timestamp; 430 int tag, cnt, ep_num, dev_addr, dummy, ret, urb_len, data_len; 431 char etype, pipeid1, pipeid2, status[16], urb_tag, line[USB_LINE_LEN]; 432 char *string = line; 433 u_char * rawdata = handle->buffer; 434 struct pcap_pkthdr pkth; 435 pcap_usb_header* uhdr = (pcap_usb_header*)handle->buffer; 436 u_char urb_transfer=0; 437 int incoming=0; 438 439 /* ignore interrupt system call errors */ 440 do { 441 ret = read(handle->fd, line, USB_LINE_LEN - 1); 442 if (handle->break_loop) 443 { 444 handle->break_loop = 0; 445 return -2; 446 } 447 } while ((ret == -1) && (errno == EINTR)); 448 if (ret < 0) 449 { 450 if (errno == EAGAIN) 451 return 0; /* no data there */ 452 453 snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, 454 "Can't read from fd %d: %s", handle->fd, strerror(errno)); 455 return -1; 456 } 457 458 /* read urb header; %n argument may increment return value, but it's 459 * not mandatory, so does not count on it*/ 460 string[ret] = 0; 461 ret = sscanf(string, "%x %d %c %c%c:%d:%d %s%n", &tag, ×tamp, &etype, 462 &pipeid1, &pipeid2, &dev_addr, &ep_num, status, 463 &cnt); 464 if (ret < 8) 465 { 466 snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, 467 "Can't parse USB bus message '%s', too few tokens (expected 8 got %d)", 468 string, ret); 469 return -1; 470 } 471 uhdr->id = tag; 472 uhdr->device_address = dev_addr; 473 uhdr->bus_id = handle->md.ifindex; 474 uhdr->status = 0; 475 string += cnt; 476 477 /* don't use usbmon provided timestamp, since it have low precision*/ 478 if (gettimeofday(&pkth.ts, NULL) < 0) 479 { 480 snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, 481 "Can't get timestamp for message '%s' %d:%s", 482 string, errno, strerror(errno)); 483 return -1; 484 } 485 uhdr->ts_sec = pkth.ts.tv_sec; 486 uhdr->ts_usec = pkth.ts.tv_usec; 487 488 /* parse endpoint information */ 489 if (pipeid1 == 'C') 490 urb_transfer = URB_CONTROL; 491 else if (pipeid1 == 'Z') 492 urb_transfer = URB_ISOCHRONOUS; 493 else if (pipeid1 == 'I') 494 urb_transfer = URB_INTERRUPT; 495 else if (pipeid1 == 'B') 496 urb_transfer = URB_BULK; 497 if (pipeid2 == 'i') { 498 ep_num |= URB_TRANSFER_IN; 499 incoming = 1; 500 } 501 if (etype == 'C') 502 incoming = !incoming; 503 504 /* direction check*/ 505 if (incoming) 506 { 507 if (handle->direction == PCAP_D_OUT) 508 return 0; 509 } 510 else 511 if (handle->direction == PCAP_D_IN) 512 return 0; 513 uhdr->event_type = etype; 514 uhdr->transfer_type = urb_transfer; 515 uhdr->endpoint_number = ep_num; 516 pkth.caplen = sizeof(pcap_usb_header); 517 rawdata += sizeof(pcap_usb_header); 518 519 /* check if this is a setup packet */ 520 ret = sscanf(status, "%d", &dummy); 521 if (ret != 1) 522 { 523 /* this a setup packet, setup data can be filled with underscore if 524 * usbmon has not been able to read them, so we must parse this fields as 525 * strings */ 526 pcap_usb_setup* shdr; 527 char str1[3], str2[3], str3[5], str4[5], str5[5]; 528 ret = sscanf(string, "%s %s %s %s %s%n", str1, str2, str3, str4, 529 str5, &cnt); 530 if (ret < 5) 531 { 532 snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, 533 "Can't parse USB bus message '%s', too few tokens (expected 5 got %d)", 534 string, ret); 535 return -1; 536 } 537 string += cnt; 538 539 /* try to convert to corresponding integer */ 540 shdr = &uhdr->setup; 541 shdr->bmRequestType = strtoul(str1, 0, 16); 542 shdr->bRequest = strtoul(str2, 0, 16); 543 shdr->wValue = htols(strtoul(str3, 0, 16)); 544 shdr->wIndex = htols(strtoul(str4, 0, 16)); 545 shdr->wLength = htols(strtoul(str5, 0, 16)); 546 547 uhdr->setup_flag = 0; 548 } 549 else 550 uhdr->setup_flag = 1; 551 552 /* read urb data */ 553 ret = sscanf(string, " %d%n", &urb_len, &cnt); 554 if (ret < 1) 555 { 556 snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, 557 "Can't parse urb length from '%s'", string); 558 return -1; 559 } 560 string += cnt; 561 562 /* urb tag is not present if urb length is 0, so we can stop here 563 * text parsing */ 564 pkth.len = urb_len+pkth.caplen; 565 uhdr->urb_len = urb_len; 566 uhdr->data_flag = 1; 567 data_len = 0; 568 if (uhdr->urb_len == 0) 569 goto got; 570 571 /* check for data presence; data is present if and only if urb tag is '=' */ 572 if (sscanf(string, " %c", &urb_tag) != 1) 573 { 574 snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, 575 "Can't parse urb tag from '%s'", string); 576 return -1; 577 } 578 579 if (urb_tag != '=') 580 goto got; 581 582 /* skip urb tag and following space */ 583 string += 3; 584 585 /* if we reach this point we got some urb data*/ 586 uhdr->data_flag = 0; 587 588 /* read all urb data; if urb length is greater then the usbmon internal 589 * buffer length used by the kernel to spool the URB, we get only 590 * a partial information. 591 * At least until linux 2.6.17 there is no way to set usbmon intenal buffer 592 * length and default value is 130. */ 593 while ((string[0] != 0) && (string[1] != 0) && (pkth.caplen < handle->snapshot)) 594 { 595 rawdata[0] = ascii_to_int(string[0]) * 16 + ascii_to_int(string[1]); 596 rawdata++; 597 string+=2; 598 if (string[0] == ' ') 599 string++; 600 pkth.caplen++; 601 data_len++; 602 } 603 604got: 605 uhdr->data_len = data_len; 606 if (pkth.caplen > handle->snapshot) 607 pkth.caplen = handle->snapshot; 608 609 if (handle->fcode.bf_insns == NULL || 610 bpf_filter(handle->fcode.bf_insns, handle->buffer, 611 pkth.len, pkth.caplen)) { 612 handle->md.packets_read++; 613 callback(user, &pkth, handle->buffer); 614 return 1; 615 } 616 return 0; /* didn't pass filter */ 617} 618 619static int 620usb_inject_linux(pcap_t *handle, const void *buf, size_t size) 621{ 622 snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, "inject not supported on " 623 "USB devices"); 624 return (-1); 625} 626 627static int 628usb_stats_linux(pcap_t *handle, struct pcap_stat *stats) 629{ 630 int dummy, ret, consumed, cnt; 631 char string[USB_LINE_LEN]; 632 char token[USB_LINE_LEN]; 633 char * ptr = string; 634 int fd; 635 636 snprintf(string, USB_LINE_LEN, USB_TEXT_DIR"/%ds", handle->md.ifindex); 637 fd = open(string, O_RDONLY, 0); 638 if (fd < 0) 639 { 640 if (errno == ENOENT) 641 { 642 /* 643 * Not found at the new location; try the old 644 * location. 645 */ 646 snprintf(string, USB_LINE_LEN, USB_TEXT_DIR_OLD"/%ds", handle->md.ifindex); 647 fd = open(string, O_RDONLY, 0); 648 } 649 if (fd < 0) { 650 snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, 651 "Can't open USB stats file %s: %s", 652 string, strerror(errno)); 653 return -1; 654 } 655 } 656 657 /* read stats line */ 658 do { 659 ret = read(fd, string, USB_LINE_LEN-1); 660 } while ((ret == -1) && (errno == EINTR)); 661 close(fd); 662 663 if (ret < 0) 664 { 665 snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, 666 "Can't read stats from fd %d ", fd); 667 return -1; 668 } 669 string[ret] = 0; 670 671 /* extract info on dropped urbs */ 672 for (consumed=0; consumed < ret; ) { 673 /* from the sscanf man page: 674 * The C standard says: "Execution of a %n directive does 675 * not increment the assignment count returned at the completion 676 * of execution" but the Corrigendum seems to contradict this. 677 * Do not make any assumptions on the effect of %n conversions 678 * on the return value and explicitly check for cnt assignmet*/ 679 int ntok; 680 681 cnt = -1; 682 ntok = sscanf(ptr, "%s%n", token, &cnt); 683 if ((ntok < 1) || (cnt < 0)) 684 break; 685 consumed += cnt; 686 ptr += cnt; 687 if (strcmp(token, "nreaders") == 0) 688 ret = sscanf(ptr, "%d", &stats->ps_drop); 689 else 690 ret = sscanf(ptr, "%d", &dummy); 691 if (ntok != 1) 692 break; 693 consumed += cnt; 694 ptr += cnt; 695 } 696 697 stats->ps_recv = handle->md.packets_read; 698 stats->ps_ifdrop = 0; 699 return 0; 700} 701 702static int 703usb_setdirection_linux(pcap_t *p, pcap_direction_t d) 704{ 705 p->direction = d; 706 return 0; 707} 708 709 710static int 711usb_stats_linux_bin(pcap_t *handle, struct pcap_stat *stats) 712{ 713 int ret; 714 struct mon_bin_stats st; 715 ret = ioctl(handle->fd, MON_IOCG_STATS, &st); 716 if (ret < 0) 717 { 718 snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, 719 "Can't read stats from fd %d:%s ", handle->fd, strerror(errno)); 720 return -1; 721 } 722 723 stats->ps_recv = handle->md.packets_read + st.queued; 724 stats->ps_drop = st.dropped; 725 stats->ps_ifdrop = 0; 726 return 0; 727} 728 729/* 730 * see <linux-kernel-source>/Documentation/usb/usbmon.txt and 731 * <linux-kernel-source>/drivers/usb/mon/mon_bin.c binary ABI 732 */ 733static int 734usb_read_linux_bin(pcap_t *handle, int max_packets, pcap_handler callback, u_char *user) 735{ 736 struct mon_bin_get info; 737 int ret; 738 struct pcap_pkthdr pkth; 739 int clen = handle->snapshot - sizeof(pcap_usb_header); 740 741 /* the usb header is going to be part of 'packet' data*/ 742 info.hdr = (pcap_usb_header*) handle->buffer; 743 info.data = handle->buffer + sizeof(pcap_usb_header); 744 info.data_len = clen; 745 746 /* ignore interrupt system call errors */ 747 do { 748 ret = ioctl(handle->fd, MON_IOCX_GET, &info); 749 if (handle->break_loop) 750 { 751 handle->break_loop = 0; 752 return -2; 753 } 754 } while ((ret == -1) && (errno == EINTR)); 755 if (ret < 0) 756 { 757 if (errno == EAGAIN) 758 return 0; /* no data there */ 759 760 snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, 761 "Can't read from fd %d: %s", handle->fd, strerror(errno)); 762 return -1; 763 } 764 765 /* we can get less that than really captured from kernel, depending on 766 * snaplen, so adjust header accordingly */ 767 if (info.hdr->data_len < clen) 768 clen = info.hdr->data_len; 769 info.hdr->data_len = clen; 770 pkth.caplen = clen + sizeof(pcap_usb_header); 771 pkth.len = info.hdr->data_len + sizeof(pcap_usb_header); 772 pkth.ts.tv_sec = info.hdr->ts_sec; 773 pkth.ts.tv_usec = info.hdr->ts_usec; 774 775 if (handle->fcode.bf_insns == NULL || 776 bpf_filter(handle->fcode.bf_insns, handle->buffer, 777 pkth.len, pkth.caplen)) { 778 handle->md.packets_read++; 779 callback(user, &pkth, handle->buffer); 780 return 1; 781 } 782 783 return 0; /* didn't pass filter */ 784} 785 786/* 787 * see <linux-kernel-source>/Documentation/usb/usbmon.txt and 788 * <linux-kernel-source>/drivers/usb/mon/mon_bin.c binary ABI 789 */ 790#define VEC_SIZE 32 791static int 792usb_read_linux_mmap(pcap_t *handle, int max_packets, pcap_handler callback, u_char *user) 793{ 794 struct mon_bin_mfetch fetch; 795 int32_t vec[VEC_SIZE]; 796 struct pcap_pkthdr pkth; 797 pcap_usb_header* hdr; 798 int nflush = 0; 799 int packets = 0; 800 int clen, max_clen; 801 802 max_clen = handle->snapshot - sizeof(pcap_usb_header); 803 804 for (;;) { 805 int i, ret; 806 int limit = max_packets - packets; 807 if (limit <= 0) 808 limit = VEC_SIZE; 809 if (limit > VEC_SIZE) 810 limit = VEC_SIZE; 811 812 /* try to fetch as many events as possible*/ 813 fetch.offvec = vec; 814 fetch.nfetch = limit; 815 fetch.nflush = nflush; 816 /* ignore interrupt system call errors */ 817 do { 818 ret = ioctl(handle->fd, MON_IOCX_MFETCH, &fetch); 819 if (handle->break_loop) 820 { 821 handle->break_loop = 0; 822 return -2; 823 } 824 } while ((ret == -1) && (errno == EINTR)); 825 if (ret < 0) 826 { 827 if (errno == EAGAIN) 828 return 0; /* no data there */ 829 830 snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, 831 "Can't mfetch fd %d: %s", handle->fd, strerror(errno)); 832 return -1; 833 } 834 835 /* keep track of processed events, we will flush them later */ 836 nflush = fetch.nfetch; 837 for (i=0; i<fetch.nfetch; ++i) { 838 /* discard filler */ 839 hdr = (pcap_usb_header*) &handle->md.mmapbuf[vec[i]]; 840 if (hdr->event_type == '@') 841 continue; 842 843 /* we can get less that than really captured from kernel, depending on 844 * snaplen, so adjust header accordingly */ 845 clen = max_clen; 846 if (hdr->data_len < clen) 847 clen = hdr->data_len; 848 849 /* get packet info from header*/ 850 pkth.caplen = clen + sizeof(pcap_usb_header_mmapped); 851 pkth.len = hdr->data_len + sizeof(pcap_usb_header_mmapped); 852 pkth.ts.tv_sec = hdr->ts_sec; 853 pkth.ts.tv_usec = hdr->ts_usec; 854 855 if (handle->fcode.bf_insns == NULL || 856 bpf_filter(handle->fcode.bf_insns, (u_char*) hdr, 857 pkth.len, pkth.caplen)) { 858 handle->md.packets_read++; 859 callback(user, &pkth, (u_char*) hdr); 860 packets++; 861 } 862 } 863 864 /* with max_packets <= 0 we stop afer the first chunk*/ 865 if ((max_packets <= 0) || (packets == max_packets)) 866 break; 867 } 868 869 /* flush pending events*/ 870 ioctl(handle->fd, MON_IOCH_MFLUSH, nflush); 871 return packets; 872} 873 874static void 875usb_cleanup_linux_mmap(pcap_t* handle) 876{ 877 /* if we have a memory-mapped buffer, unmap it */ 878 if (handle->md.mmapbuf != NULL) { 879 munmap(handle->md.mmapbuf, handle->md.mmapbuflen); 880 handle->md.mmapbuf = NULL; 881 } 882 pcap_cleanup_live_common(handle); 883} 884