/* * netsniff-ng - the packet sniffing beast * Copyright 2012 Markus Amend , Deutsche Flugsicherung GmbH * Subject to the GPL, version 2. * * IPv6 Routing Header described in RFC2460 */ #include #include #include /* for ntohs() and "struct in6_addr" */ #include /* for inet_ntop() */ #include "proto.h" #include "protos.h" #include "dissector_eth.h" #include "built_in.h" #include "pkt_buff.h" #define ROUTING_HEADER_TYPE_0 0x00 struct routinghdr { uint8_t h_next_header; uint8_t h_hdr_ext_len; uint8_t h_routing_type; uint8_t h_segments_left; } __packed; struct routinghdr_0 { uint32_t reserved; uint32_t addresses[0]; } __packed; static void dissect_routinghdr_type_0(struct pkt_buff *pkt, ssize_t *data_len, int less) { uint8_t num_addr; char address[INET6_ADDRSTRLEN]; struct in6_addr *addr; struct routinghdr_0 *routing_0; routing_0 = (struct routinghdr_0 *) pkt_pull(pkt, sizeof(*routing_0)); *data_len -= sizeof(*routing_0); if (routing_0 == NULL || *data_len > pkt_len(pkt) || *data_len < 0) return; if (less) { tprintf("Addresses (%lu)", *data_len / sizeof(struct in6_addr)); return; } tprintf("Res (0x%x)", routing_0->reserved); num_addr = *data_len / sizeof(*addr); while (num_addr--) { addr = (struct in6_addr *) pkt_pull(pkt, sizeof(*addr)); *data_len -= sizeof(*addr); if (addr == NULL || *data_len > pkt_len(pkt) || *data_len < 0) return; tprintf("\n\t Address: %s", inet_ntop(AF_INET6, addr, address, sizeof(address))); } } static inline void dissect_routinghdr_type_0_norm(struct pkt_buff *pkt, ssize_t *data_len) { dissect_routinghdr_type_0(pkt, data_len, 0); } static inline void dissect_routinghdr_type_0_less(struct pkt_buff *pkt, ssize_t *data_len) { dissect_routinghdr_type_0(pkt, data_len, 1); } static void routing(struct pkt_buff *pkt) { uint16_t hdr_ext_len; ssize_t data_len; struct routinghdr *routing; routing = (struct routinghdr *) pkt_pull(pkt, sizeof(*routing)); if (routing == NULL) return; /* Total Header Length in Bytes */ hdr_ext_len = (routing->h_hdr_ext_len + 1) * 8; /* Data length in Bytes */ data_len = hdr_ext_len - sizeof(*routing); tprintf("\t [ Routing "); tprintf("NextHdr (%u), ", routing->h_next_header); if (data_len > pkt_len(pkt) || data_len < 0){ tprintf("HdrExtLen (%u, %u Bytes %s), ", routing->h_hdr_ext_len, hdr_ext_len, colorize_start_full(black, red) "invalid" colorize_end()); return; } tprintf("HdrExtLen (%u, %u Bytes), ", routing->h_hdr_ext_len, hdr_ext_len); tprintf("Type (%u), ", routing->h_routing_type); tprintf("Left (%u), ", routing->h_segments_left); switch (routing->h_routing_type) { case ROUTING_HEADER_TYPE_0: dissect_routinghdr_type_0_norm(pkt, &data_len); break; default: tprintf("Type %u is unknown", routing->h_routing_type); } tprintf(" ]\n"); if (data_len > pkt_len(pkt) || data_len < 0) return; pkt_pull(pkt, data_len); pkt_set_proto(pkt, ð_lay3, routing->h_next_header); } static void routing_less(struct pkt_buff *pkt) { uint16_t hdr_ext_len; ssize_t data_len; struct routinghdr *routing; routing = (struct routinghdr *) pkt_pull(pkt, sizeof(*routing)); if (routing == NULL) return; /* Total Header Length in Bytes */ hdr_ext_len = (routing->h_hdr_ext_len + 1) * 8; /* Data length in Bytes */ data_len = hdr_ext_len - sizeof(*routing); if (data_len > pkt_len(pkt) || data_len < 0) return; tprintf(" Routing "); switch (routing->h_routing_type) { case ROUTING_HEADER_TYPE_0: dissect_routinghdr_type_0_less(pkt, &data_len); break; default: tprintf("Type %u is unknown", routing->h_routing_type); } if (data_len > pkt_len(pkt) || data_len < 0) return; pkt_pull(pkt, data_len); pkt_set_proto(pkt, ð_lay3, routing->h_next_header); } struct protocol ipv6_routing_ops = { .key = 0x2B, .print_full = routing, .print_less = routing_less, }; r>space:mode:
authorLinus Torvalds <torvalds@linux-foundation.org>2016-07-29 17:38:46 -0700
committerLinus Torvalds <torvalds@linux-foundation.org>2016-07-29 17:38:46 -0700
commit7a1e8b80fb1e8ead4cec15d1fc494ed290e4d2e9 (patch)
tree55a36d4256f1ae793b5c8e88c0f158737447193f /Documentation
parenta867d7349e94b6409b08629886a819f802377e91 (diff)
parent7616ac70d1bb4f2e9d25c1a82d283f3368a7b632 (diff)
Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
Pull security subsystem updates from James Morris: "Highlights: - TPM core and driver updates/fixes - IPv6 security labeling (CALIPSO) - Lots of Apparmor fixes - Seccomp: remove 2-phase API, close hole where ptrace can change syscall #" * 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: (156 commits) apparmor: fix SECURITY_APPARMOR_HASH_DEFAULT parameter handling tpm: Add TPM 2.0 support to the Nuvoton i2c driver (NPCT6xx family) tpm: Factor out common startup code tpm: use devm_add_action_or_reset tpm2_i2c_nuvoton: add irq validity check tpm: read burstcount from TPM_STS in one 32-bit transaction tpm: fix byte-order for the value read by tpm2_get_tpm_pt tpm_tis_core: convert max timeouts from msec to jiffies apparmor: fix arg_size computation for when setprocattr is null terminated apparmor: fix oops, validate buffer size in apparmor_setprocattr() apparmor: do not expose kernel stack apparmor: fix module parameters can be changed after policy is locked apparmor: fix oops in profile_unpack() when policy_db is not present apparmor: don't check for vmalloc_addr if kvzalloc() failed apparmor: add missing id bounds check on dfa verification apparmor: allow SYS_CAP_RESOURCE to be sufficient to prlimit another task apparmor: use list_next_entry instead of list_entry_next apparmor: fix refcount race when finding a child profile apparmor: fix ref count leak when profile sha1 hash is read apparmor: check that xindex is in trans_table bounds ...
Diffstat (limited to 'Documentation')