1/*
2 * dccp_probe - Observe the DCCP flow with kprobes.
3 *
4 * The idea for this came from Werner Almesberger's umlsim
5 * Copyright (C) 2004, Stephen Hemminger <shemminger@osdl.org>
6 *
7 * Modified for DCCP from Stephen Hemminger's code
8 * Copyright (C) 2006, Ian McDonald <ian.mcdonald@jandi.co.nz>
9 *
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License as published by
12 * the Free Software Foundation; either version 2 of the License, or
13 * (at your option) any later version.
14 *
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
18 * GNU General Public License for more details.
19 *
20 * You should have received a copy of the GNU General Public License
21 * along with this program; if not, write to the Free Software
22 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
23 */
24
25#include <linux/kernel.h>
26#include <linux/kprobes.h>
27#include <linux/socket.h>
28#include <linux/dccp.h>
29#include <linux/proc_fs.h>
30#include <linux/module.h>
31#include <linux/kfifo.h>
32#include <linux/vmalloc.h>
33
34#include "dccp.h"
35#include "ccid.h"
36#include "ccids/ccid3.h"
37
38static int port;
39
40static int bufsize = 64 * 1024;
41
42static const char procname[] = "dccpprobe";
43
44struct {
45	struct kfifo	  *fifo;
46	spinlock_t	  lock;
47	wait_queue_head_t wait;
48	struct timeval	  tstart;
49} dccpw;
50
51static void printl(const char *fmt, ...)
52{
53	va_list args;
54	int len;
55	struct timeval now;
56	char tbuf[256];
57
58	va_start(args, fmt);
59	do_gettimeofday(&now);
60
61	now.tv_sec -= dccpw.tstart.tv_sec;
62	now.tv_usec -= dccpw.tstart.tv_usec;
63	if (now.tv_usec < 0) {
64		--now.tv_sec;
65		now.tv_usec += 1000000;
66	}
67
68	len = sprintf(tbuf, "%lu.%06lu ",
69		      (unsigned long) now.tv_sec,
70		      (unsigned long) now.tv_usec);
71	len += vscnprintf(tbuf+len, sizeof(tbuf)-len, fmt, args);
72	va_end(args);
73
74	kfifo_put(dccpw.fifo, tbuf, len);
75	wake_up(&dccpw.wait);
76}
77
78static int jdccp_sendmsg(struct kiocb *iocb, struct sock *sk,
79			 struct msghdr *msg, size_t size)
80{
81	const struct dccp_minisock *dmsk = dccp_msk(sk);
82	const struct inet_sock *inet = inet_sk(sk);
83	const struct ccid3_hc_tx_sock *hctx;
84
85	if (dmsk->dccpms_tx_ccid == DCCPC_CCID3)
86		hctx = ccid3_hc_tx_sk(sk);
87	else
88		hctx = NULL;
89
90	if (port == 0 || ntohs(inet->dport) == port ||
91	    ntohs(inet->sport) == port) {
92		if (hctx)
93			printl("%d.%d.%d.%d:%u %d.%d.%d.%d:%u %d %d %d %d %u "
94			       "%llu %llu %d\n",
95			       NIPQUAD(inet->saddr), ntohs(inet->sport),
96			       NIPQUAD(inet->daddr), ntohs(inet->dport), size,
97			       hctx->ccid3hctx_s, hctx->ccid3hctx_rtt,
98			       hctx->ccid3hctx_p, hctx->ccid3hctx_x_calc,
99			       hctx->ccid3hctx_x_recv >> 6,
100			       hctx->ccid3hctx_x >> 6, hctx->ccid3hctx_t_ipi);
101		else
102			printl("%d.%d.%d.%d:%u %d.%d.%d.%d:%u %d\n",
103			       NIPQUAD(inet->saddr), ntohs(inet->sport),
104			       NIPQUAD(inet->daddr), ntohs(inet->dport), size);
105	}
106
107	jprobe_return();
108	return 0;
109}
110
111static struct jprobe dccp_send_probe = {
112	.kp	= {
113		.symbol_name = "dccp_sendmsg",
114	},
115	.entry	= JPROBE_ENTRY(jdccp_sendmsg),
116};
117
118static int dccpprobe_open(struct inode *inode, struct file *file)
119{
120	kfifo_reset(dccpw.fifo);
121	do_gettimeofday(&dccpw.tstart);
122	return 0;
123}
124
125static ssize_t dccpprobe_read(struct file *file, char __user *buf,
126			      size_t len, loff_t *ppos)
127{
128	int error = 0, cnt = 0;
129	unsigned char *tbuf;
130
131	if (!buf)
132		return -EINVAL;
133
134	if (len == 0)
135		return 0;
136
137	tbuf = vmalloc(len);
138	if (!tbuf)
139		return -ENOMEM;
140
141	error = wait_event_interruptible(dccpw.wait,
142					 __kfifo_len(dccpw.fifo) != 0);
143	if (error)
144		goto out_free;
145
146	cnt = kfifo_get(dccpw.fifo, tbuf, len);
147	error = copy_to_user(buf, tbuf, cnt);
148
149out_free:
150	vfree(tbuf);
151
152	return error ? error : cnt;
153}
154
155static const struct file_operations dccpprobe_fops = {
156	.owner	 = THIS_MODULE,
157	.open	 = dccpprobe_open,
158	.read    = dccpprobe_read,
159};
160
161static __init int dccpprobe_init(void)
162{
163	int ret = -ENOMEM;
164
165	init_waitqueue_head(&dccpw.wait);
166	spin_lock_init(&dccpw.lock);
167	dccpw.fifo = kfifo_alloc(bufsize, GFP_KERNEL, &dccpw.lock);
168	if (IS_ERR(dccpw.fifo))
169		return PTR_ERR(dccpw.fifo);
170
171	if (!proc_net_fops_create(procname, S_IRUSR, &dccpprobe_fops))
172		goto err0;
173
174	ret = register_jprobe(&dccp_send_probe);
175	if (ret)
176		goto err1;
177
178	pr_info("DCCP watch registered (port=%d)\n", port);
179	return 0;
180err1:
181	proc_net_remove(procname);
182err0:
183	kfifo_free(dccpw.fifo);
184	return ret;
185}
186module_init(dccpprobe_init);
187
188static __exit void dccpprobe_exit(void)
189{
190	kfifo_free(dccpw.fifo);
191	proc_net_remove(procname);
192	unregister_jprobe(&dccp_send_probe);
193
194}
195module_exit(dccpprobe_exit);
196
197MODULE_PARM_DESC(port, "Port to match (0=all)");
198module_param(port, int, 0);
199
200MODULE_PARM_DESC(bufsize, "Log buffer size (default 64k)");
201module_param(bufsize, int, 0);
202
203MODULE_AUTHOR("Ian McDonald <ian.mcdonald@jandi.co.nz>");
204MODULE_DESCRIPTION("DCCP snooper");
205MODULE_LICENSE("GPL");
206