1 /*
2 * Copyright (c) 2018 Chen Jingpiao <chenjingpiao@gmail.com>
3 * Copyright (c) 2018 The strace developers.
4 * All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in the
13 * documentation and/or other materials provided with the distribution.
14 * 3. The name of the author may not be used to endorse or promote products
15 * derived from this software without specific prior written permission.
16 *
17 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
18 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
19 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
20 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
21 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
22 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
23 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
24 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
25 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
26 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
27 */
28
29 #include "defs.h"
30
31 #ifdef HAVE_LINUX_NETFILTER_NFNETLINK_H
32
33 # include "print_fields.h"
34 # include "nlattr.h"
35
36 # include <netinet/in.h>
37 # include <arpa/inet.h>
38 # include "netlink.h"
39 # include <linux/netfilter/nfnetlink.h>
40
41 # include "xlat/netfilter_versions.h"
42 # include "xlat/nl_netfilter_msg_types.h"
43 # include "xlat/nl_netfilter_subsys_ids.h"
44
45 bool
decode_netlink_netfilter(struct tcb * const tcp,const struct nlmsghdr * const nlmsghdr,const kernel_ulong_t addr,const unsigned int len)46 decode_netlink_netfilter(struct tcb *const tcp,
47 const struct nlmsghdr *const nlmsghdr,
48 const kernel_ulong_t addr,
49 const unsigned int len)
50 {
51 if (nlmsghdr->nlmsg_type == NLMSG_DONE)
52 return false;
53
54 struct nfgenmsg nfmsg;
55
56 if (len < sizeof(nfmsg))
57 printstr_ex(tcp, addr, len, QUOTE_FORCE_HEX);
58 else if (!umove_or_printaddr(tcp, addr, &nfmsg)) {
59 const uint8_t subsys_id = (uint8_t) (nlmsghdr->nlmsg_type >> 8);
60 uint16_t res_id = ntohs(nfmsg.res_id);
61
62 PRINT_FIELD_XVAL("{", nfmsg, nfgen_family, addrfams, "AF_???");
63 PRINT_FIELD_XVAL(", ", nfmsg, version, netfilter_versions,
64 "NFNETLINK_???");
65
66 /*
67 * Work around wrong endianness in res_id field,
68 * see linux commit v4.3-rc1~28^2~47^2~1
69 */
70 tprints(", res_id=");
71 if (subsys_id == NFNL_SUBSYS_NFTABLES
72 && res_id == NFNL_SUBSYS_NFTABLES) {
73 print_xlat_ex(nfmsg.res_id,
74 "htons(NFNL_SUBSYS_NFTABLES)",
75 XLAT_STYLE_DEFAULT);
76 } else if (subsys_id == NFNL_SUBSYS_NFTABLES
77 && nfmsg.res_id == NFNL_SUBSYS_NFTABLES) {
78 print_xlat_ex(nfmsg.res_id, "NFNL_SUBSYS_NFTABLES",
79 XLAT_STYLE_DEFAULT);
80 } else {
81 tprintf("htons(%d)", res_id);
82 }
83
84 const size_t offset = NLMSG_ALIGN(sizeof(nfmsg));
85 if (len > offset) {
86 tprints(", ");
87 if ((nlmsghdr->nlmsg_type >= NFNL_MSG_BATCH_BEGIN
88 && nlmsghdr->nlmsg_type <= NFNL_MSG_BATCH_END)
89 || nlmsghdr->nlmsg_type < NLMSG_MIN_TYPE)
90 printstr_ex(tcp, addr + offset,
91 len - offset, QUOTE_FORCE_HEX);
92 else
93 decode_nlattr(tcp, addr + offset, len - offset,
94 NULL, NULL, NULL, 0, NULL);
95 }
96 }
97
98 return true;
99 }
100
101 #endif /* HAVE_LINUX_NETFILTER_NFNETLINK_H */
102