summaryrefslogtreecommitdiff
path: root/dissector.h
blob: 60bc429729418905b886a11a39313a7b918d993e (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91

/*
 * netsniff-ng - the packet sniffing beast
 * Copyright 2009 - 2013 Daniel Borkmann.
 * Subject to the GPL, version 2.
 */

#ifndef DISSECTOR_H
#define DISSECTOR_H

#include <stdlib.h>
#include <stdint.h>
#include <sys/socket.h>
#include <linux/if_packet.h>
#include <linux/if.h>

#include "ring.h"
#include "tprintf.h"
#include "pcap_io.h"
#include "built_in.h"

#define PRINT_NORM		0
#define PRINT_LESS		1
#define PRINT_HEX		2
#define PRINT_ASCII		3
#define PRINT_HEX_ASCII		4
#define PRINT_NONE		5

static const char * const packet_types[256]={
	"<", /* Incoming */
	"B", /* Broadcast */
	"M", /* Multicast */
	"P", /* Promisc */
	">", /* Outgoing */
	"?", /* Unknown */
};

extern char *if_indextoname(unsigned ifindex, char *ifname);

static inline const char *__show_ts_source(uint32_t status)
{
	if (status & TP_STATUS_TS_RAW_HARDWARE)
		return "(raw hw ts)";
	else if (status & TP_STATUS_TS_SYS_HARDWARE)
		return "(sys hw ts)";
	else if (status & TP_STATUS_TS_SOFTWARE)
		return "(sw ts)";
	else
		return "";
}

static inline void __show_frame_hdr(struct sockaddr_ll *s_ll,
				    void *raw, int mode, bool v3)
{
	char tmp[IFNAMSIZ];
	union tpacket_uhdr hdr;

	if (mode == PRINT_NONE)
		return;

	hdr.raw = raw;

	switch (mode) {
	case PRINT_LESS:
		tprintf("%s %s %u",
			packet_types[s_ll->sll_pkttype] ? : "?",
			if_indextoname(s_ll->sll_ifindex, tmp) ? : "?",
			v3 ? hdr.h3->tp_len : hdr.h2->tp_len);
		break;
	default:
		tprintf("%s %s %u %us.%uns %s\n",
			packet_types[s_ll->sll_pkttype] ? : "?",
			if_indextoname(s_ll->sll_ifindex, tmp) ? : "?",
			v3 ? hdr.h3->tp_len : hdr.h2->tp_len,
			v3 ? hdr.h3->tp_sec : hdr.h2->tp_sec,
			v3 ? hdr.h3->tp_nsec : hdr.h2->tp_nsec,
			v3 ? "" : __show_ts_source(hdr.h2->tp_status));
		break;
	}
}

static inline void show_frame_hdr(struct frame_map *hdr, int mode)
{
	__show_frame_hdr(&hdr->s_ll, &hdr->tp_h, mode, false);
}

extern void dissector_init_all(int fnttype);
extern void dissector_entry_point(uint8_t *packet, size_t len, int linktype, int mode);
extern void dissector_cleanup_all(void);
extern int dissector_set_print_type(void *ptr, int type);

#endif /* DISSECTOR_H */
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-09-19 17:39:04 +0000
l Borkmann <daniel@iogearbox.net> Cc: Shuah Khan <shuah@kernel.org> Signed-off-by: David S. Miller <davem@davemloft.net> 2017-02-10bpf: Use bpf_map_update_elem() from the libraryMickaël Salaün4-89/+97 Replace bpf_map_update() with bpf_map_update_elem() calls. Signed-off-by: Mickaël Salaün <mic@digikod.net> Cc: Alexei Starovoitov <ast@fb.com> Cc: Daniel Borkmann <daniel@iogearbox.net> Cc: Shuah Khan <shuah@kernel.org> Signed-off-by: David S. Miller <davem@davemloft.net> 2017-02-10bpf: Use bpf_load_program() from the libraryMickaël Salaün4-27/+12 Replace bpf_prog_load() with bpf_load_program() calls. Signed-off-by: Mickaël Salaün <mic@digikod.net> Cc: Alexei Starovoitov <ast@fb.com> Cc: Daniel Borkmann <daniel@iogearbox.net> Cc: Shuah Khan <shuah@kernel.org> Signed-off-by: David S. Miller <davem@davemloft.net> 2017-02-10bpf: Always test unprivileged programsMickaël Salaün2-6/+64 If selftests are run as root, then execute the unprivileged checks as well. This switch from 243 to 368 tests. The test numbers are suffixed with "/u" when executed as unprivileged or with "/p" when executed as privileged. The geteuid() check is replaced with a capability check. Handling capabilities requires the libcap dependency. Signed-off-by: Mickaël Salaün <mic@digikod.net> Acked-by: Alexei Starovoitov <ast@kernel.org> Acked-by: Daniel Borkmann <daniel@iogearbox.net> Cc: Shuah Khan <shuah@kernel.org> Signed-off-by: David S. Miller <davem@davemloft.net> 2017-02-10bpf: Change the include directory for selftestMickaël Salaün1-1/+1 Use the tools include directory instead of the installed one to allow builds from other kernels. Signed-off-by: Mickaël Salaün <mic@digikod.net> Cc: Alexei Starovoitov <ast@fb.com> Cc: Arnaldo Carvalho de Melo <acme@redhat.com> Cc: Daniel Borkmann <daniel@iogearbox.net> Cc: David S. Miller <davem@davemloft.net> Signed-off-by: David S. Miller <davem@davemloft.net> 2017-02-06bpf: enable verifier to add 0 to packet ptrWilliam Tu1-0/+23 The patch fixes the case when adding a zero value to the packet pointer. The zero value could come from src_reg equals type BPF_K or CONST_IMM. The patch fixes both, otherwise the verifer reports the following error: [...] R0=imm0,min_value=0,max_value=0 R1=pkt(id=0,off=0,r=4) R2=pkt_end R3=fp-12 R4=imm4,min_value=4,max_value=4 R5=pkt(id=0,off=4,r=4) 269: (bf) r2 = r0 // r2 becomes imm0 270: (77) r2 >>= 3 271: (bf) r4 = r1 // r4 becomes pkt ptr 272: (0f) r4 += r2 // r4 += 0 addition of negative constant to packet pointer is not allowed Signed-off-by: William Tu <u9012063@gmail.com> Signed-off-by: Mihai Budiu <mbudiu@vmware.com> Cc: Daniel Borkmann <daniel@iogearbox.net> Cc: Alexei Starovoitov <ast@kernel.org> Acked-by: Daniel Borkmann <daniel@iogearbox.net> Acked-by: Alexei Starovoitov <ast@kernel.org> Signed-off-by: David S. Miller <davem@davemloft.net> 2017-02-06bpf: test for AND edge casesJosef Bacik1-0/+55 These two tests are based on the work done for f23cc643f9ba. The first test is just a basic one to make sure we don't allow AND'ing negative values, even if it would result in a valid index for the array. The second is a cleaned up version of the original testcase provided by Jann Horn that resulted in the commit. Acked-by: Alexei Starovoitov <ast@kernel.org> Acked-by: Daniel Borkmann <daniel@iogearbox.net> Signed-off-by: Josef Bacik <jbacik@fb.com> Signed-off-by: David S. Miller <davem@davemloft.net>