1 /* 2 * Copyright (c) 2018 Chen Jingpiao <chenjingpiao (at) gmail.com> 3 * Copyright (c) 2018 The strace developers. 4 * All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: 9 * 1. Redistributions of source code must retain the above copyright 10 * notice, this list of conditions and the following disclaimer. 11 * 2. Redistributions in binary form must reproduce the above copyright 12 * notice, this list of conditions and the following disclaimer in the 13 * documentation and/or other materials provided with the distribution. 14 * 3. The name of the author may not be used to endorse or promote products 15 * derived from this software without specific prior written permission. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 18 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 19 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 20 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 21 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 22 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 23 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 24 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 25 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 26 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 27 */ 28 29 #include "defs.h" 30 31 #ifdef HAVE_LINUX_NETFILTER_NFNETLINK_H 32 33 # include "print_fields.h" 34 # include "nlattr.h" 35 36 # include <netinet/in.h> 37 # include <arpa/inet.h> 38 # include "netlink.h" 39 # include <linux/netfilter/nfnetlink.h> 40 41 # include "xlat/netfilter_versions.h" 42 # include "xlat/nl_netfilter_msg_types.h" 43 # include "xlat/nl_netfilter_subsys_ids.h" 44 45 bool 46 decode_netlink_netfilter(struct tcb *const tcp, 47 const struct nlmsghdr *const nlmsghdr, 48 const kernel_ulong_t addr, 49 const unsigned int len) 50 { 51 if (nlmsghdr->nlmsg_type == NLMSG_DONE) 52 return false; 53 54 struct nfgenmsg nfmsg; 55 56 if (len < sizeof(nfmsg)) 57 printstr_ex(tcp, addr, len, QUOTE_FORCE_HEX); 58 else if (!umove_or_printaddr(tcp, addr, &nfmsg)) { 59 const uint8_t subsys_id = (uint8_t) (nlmsghdr->nlmsg_type >> 8); 60 uint16_t res_id = ntohs(nfmsg.res_id); 61 62 PRINT_FIELD_XVAL("{", nfmsg, nfgen_family, addrfams, "AF_???"); 63 PRINT_FIELD_XVAL(", ", nfmsg, version, netfilter_versions, 64 "NFNETLINK_???"); 65 66 /* 67 * Work around wrong endianness in res_id field, 68 * see linux commit v4.3-rc1~28^2~47^2~1 69 */ 70 tprints(", res_id="); 71 if (subsys_id == NFNL_SUBSYS_NFTABLES 72 && res_id == NFNL_SUBSYS_NFTABLES) { 73 print_xlat_ex(nfmsg.res_id, 74 "htons(NFNL_SUBSYS_NFTABLES)", 75 XLAT_STYLE_DEFAULT); 76 } else if (subsys_id == NFNL_SUBSYS_NFTABLES 77 && nfmsg.res_id == NFNL_SUBSYS_NFTABLES) { 78 print_xlat_ex(nfmsg.res_id, "NFNL_SUBSYS_NFTABLES", 79 XLAT_STYLE_DEFAULT); 80 } else { 81 tprintf("htons(%d)", res_id); 82 } 83 84 const size_t offset = NLMSG_ALIGN(sizeof(nfmsg)); 85 if (len > offset) { 86 tprints(", "); 87 if ((nlmsghdr->nlmsg_type >= NFNL_MSG_BATCH_BEGIN 88 && nlmsghdr->nlmsg_type <= NFNL_MSG_BATCH_END) 89 || nlmsghdr->nlmsg_type < NLMSG_MIN_TYPE) 90 printstr_ex(tcp, addr + offset, 91 len - offset, QUOTE_FORCE_HEX); 92 else 93 decode_nlattr(tcp, addr + offset, len - offset, 94 NULL, NULL, NULL, 0, NULL); 95 } 96 } 97 98 return true; 99 } 100 101 #endif /* HAVE_LINUX_NETFILTER_NFNETLINK_H */ 102
