NetBSD/external/bsd/tcpdump/dist/print-vsock.c

263 lines
6.6 KiB
C
Raw Permalink Normal View History

Import tcpdump-4.99.4 (last was 4.9.3) Friday, April 7, 2023 / The Tcpdump Group Summary for 4.99.4 tcpdump release Source code: Fix spaces before tabs in indentation. Updated printers: LSP ping: Fix "Unused value" warnings from Coverity. CVE-2023-1801: Fix an out-of-bounds write in the SMB printer. DNS: sync resource types with IANA. ICMPv6: Update the output to show a RPL DAO field name. Geneve: Fix the Geneve UDP port test. Building and testing: Require at least autoconf 2.69. Don't check for strftime(), as it's in C90 and beyond. Update config.{guess,sub}, timestamps 2023-01-01,2023-01-21. Documentation: man: Document TCP flag names better. Thursday, January 12, 2023 / The Tcpdump Group Summary for 4.99.3 tcpdump release Updated printers: PTP: Use the proper values for the control field and print un-allocated values for the message field as "Reserved" instead of "none". Source code: smbutil.c: Replace obsolete function call (asctime) Building and testing: cmake: Update the minimum required version to 2.8.12 (except Windows). CI: Introduce and use TCPDUMP_CMAKE_TAINTED. Makefile.in: Add the releasecheck target. Makefile.in: Add "make -s install" in the releasecheck target. Cirrus CI: Run the "make releasecheck" command in the Linux task. Makefile.in: Add the whitespacecheck target. Cirrus CI: Run the "make whitespacecheck" command in the Linux task. Address all shellcheck warnings in update-test.sh. Makefile.in: Get rid of a remain of gnuc.h. Documentation: Reformat the installation notes (INSTALL.txt) in Markdown. Convert CONTRIBUTING to Markdown. CONTRIBUTING.md: Document the use of "protocol: " in a commit summary. Add a README file for NetBSD. Fix CMake build to set man page section numbers in tcpdump.1 Saturday, December 31, 2022 / The Tcpdump Group Summary for 4.99.2 tcpdump release Updated printers: BGP: Update cease notification decoding to RFC 9003. BGP: decode BGP link-bandwidth extended community properly. BGP: Fix parsing the AIGP attribute BGP: make sure the path attributes don't go past the end of the packet. BGP: Shutdown message can be up to 255 bytes length according to rfc9003 DSA: correctly determine VID. EAP: fix some length checks and output issues. 802.11: Fix the misleading comment regarding "From DS", "To DS" Frame Control Flags. 802.11: Fetch the CF and TIM IEs a field at a time. 802.15.4, BGP, LISP: fix some length checks, compiler warnings, and undefined behavior warnings. PFLOG: handle LINKTYPE_PFLOG/DLT_PFLOG files from all OSes on all OSes. RRCP: support more Realtek protocols than just RRCP. MPLS: show the EXP field as TC, as per RFC 5462. ICMP: redo MPLS Extension code as general ICMP Extension code. VQP: Do not print unknown error codes twice. Juniper: Add some bounds checks. Juniper: Don't treat known DLT_ types as "Unknown". lwres: Fix a length check, update a variable type. EAP: Fix some undefined behaviors at runtime. Ethernet: Rework the length checks, add a length check. IPX: Add two length checks. Zephyr: Avoid printing non-ASCII characters. VRRP: Print the protocol name before any GET_(). DCCP: Get rid of trailing commas in lists. Juniper: Report invalid packets as invalid, not truncated. IPv6: Remove an obsolete code in an always-false #if wrapper. ISAKMP: Use GET_U_1() to replace a direct dereference. RADIUS: Use GET_U_1() to replace a direct dereference. TCP: Fix an invalid check. RESP: Fix an invalid check. RESP: Remove an unnecessary test. Arista: Refine the output format and print HwInfo. sFlow: add support for IPv6 agent, add a length check. VRRP: add support for IPv6. OSPF: Update to match the Router Properties registry. OSPF: Remove two unnecessary dereferences. OSPF: Add support bit Nt RFC3101. OSPFv3: Remove two unnecessary dereferences. ICMPv6: Fix output for Router Renumbering messages. ICMPv6: Fix the Node Information flags. ICMPv6: Remove an unused macro and extra blank lines. ICMPv6: Add a length check in the rpl_dio_print() function. ICMPv6: Use GET_IP6ADDR_STRING() in the rpl_dio_print() function. IPv6: Add some checks for the Hop-by-Hop Options header IPv6: Add a check for the Jumbo Payload Hop-by-Hop option. NFS: Fix the format for printing an unsigned int PTP: fix printing of the correction fields PTP: Use ND_LCHECK_U for checking invalid length. WHOIS: Add its own printer source file and printer function MPTCP: print length before subtype inside MPTCP options ESP: Add a workaround to a "use-of-uninitialized-value". PPP: Add tests to avoid incorrectly re-entering ppp_hdlc(). PPP: Don't process further if protocol is unknown (-e option). PPP: Change the pointer to packet data. ZEP: Add three length checks. Add some const qualifiers. Building and testing: Update config.guess and config.sub. Use AS_HELP_STRING macro instead of AC_HELP_STRING. Handle some Autoconf/make errors better. Fix an error when cross-compiling. Use "git archive" for the "make releasetar" process. Remove the release candidate rcX targets. Mend "make check" on Solaris 9 with Autoconf. Address assorted compiler warnings. Fix auto-enabling of Capsicum on FreeBSD with Autoconf. Treat "msys" as Windows for test exit statuses. Clean up some help messages in configure. Use unified diff by default. Remove awk code from mkdep. Fix configure test errors with Clang 15 CMake: Prevent stripping of the RPATH on installation. AppVeyor CI: update Npcap site, update to 1.12 SDK. Cirrus CI: Use the same configuration as for the main branch. CI: Add back running tcpdump -J/-L and capture, now with Cirrus VMs. Remove four test files (They are now in the libpcap tests directory). On Solaris, for 64-bit builds, use the 64-bit pcap-config. Tell CMake not to check for a C++ compiler. CMake: Add a way to request -Werror and equivalents. configure: Special-case macOS /usr/bin/pcap-config as we do in CMake. configure: Use pcap-config --static-pcap-only if available. configure: Use ac_c_werror_flag to force unknown compiler flags to fail. configure: Use AC_COMPILE_IFELSE() and AC_LANG_SOURCE() for testing flags. Run the test that fails on OpenBSD only if we're not on OpenBSD. Source code: Fix some snapend-changing routines to protect against pointer underflow. Use __func__ from C99 in some function calls. Memory allocator: Update nd_add_alloc_list() to a static function. addrtoname.c: Fix two invalid tests. Use more S_SUCCESS and S_ERR_HOST_PROGRAM in main(). Add some comments about "don't use GET_IP6ADDR_STRING()". Assign ndo->ndo_packetp in pretty_print_packet(). Add ND_LCHECKMSG_U, ND_LCHECK_U, ND_LCHECKMSG_ZU and ND_LCHECK_ZU macros. Update tok2strbuf() to a static function. netdissect.h: Keep the link-layer dissectors names sorted. setsignal(): Set SA_RESTART on non-lethal signals (REQ_INFO, FLUSH_PCAP) to avoid corrupting binary pcap output. Use __builtin_unreachable(). Fail if nd_push_buffer() or nd_push_snaplen() fails. Improve code style and fix many typos. Documentation: Some man page cleanups. Update the print interface for the packet count to stdout. Note that we require compilers to support at least some of C99. Update AIX and Solaris-related specifics. INSTALL.txt: Add doc/README.*, delete the deleted win32 directory. Update README.md and README.Win32.md. Update some comments with new RFC numbers. Wednesday, June 9, 2021 by gharris Summary for 4.99.1 tcpdump release Source code: Squelch some compiler warnings ICMP: Update the snapend for some nested IP packets. MACsec: Update the snapend thus the ICV field is not payload for the caller. EIGRP: Fix packet header fields SMB: Disable printer by default in CMake builds OLSR: Print the protocol name even if the packet is invalid MSDP: Print ": " before the protocol name ESP: Remove padding, padding length and next header from the buffer DHCPv6: Update the snapend for nested DHCPv6 packets OpenFlow 1.0: Get snapend right for nested frames. TCP: Update the snapend before decoding a MPTCP option Ethernet, IEEE 802.15.4, IP, L2TP, TCP, ZEP: Add bounds checks ForCES: Refine SPARSEDATA-TLV length check. ASCII/hex: Use nd_trunc_longjmp() in truncation cases GeoNet: Add a ND_TCHECK_LEN() call Replace ND_TCHECK_/memcpy() pairs with GET_CPY_BYTES(). BGP: Fix overwrites of global 'astostr' temporary buffer ARP: fix overwrites of static buffer in q922_string(). Frame Relay: have q922_string() handle errors better. Building and testing: Rebuild configure script when building release Fix "make clean" for out-of-tree autotools builds CMake: add stuff from CMAKE_PREFIX_PATH to PKG_CONFIG_PATH. Documentation: man: Update a reference as www.cifs.org is gone. [skip ci] man: Update DNS sections Solaris: Fix a compile error with Sun C Wednesday, December 30, 2020, by mcr@sandelman.ca, denis and fxl. Summary for 4.99.0 tcpdump release CVE-2018-16301: For the -F option handle large input files safely. Improve the contents, wording and formatting of the man page. Print unsupported link-layer protocol packets in hex. Add support for new network protocols and DLTs: Arista, Autosar SOME/IP, Broadcom LI and Ethernet switches tag, IEEE 802.15.9, IP-over-InfiniBand (IPoIB), Linux SLL2, Linux vsockmon, MACsec, Marvell Distributed Switch Architecture, OpenFlow 1.3, Precision Time Protocol (PTP), SSH, WHOIS, ZigBee Encapsulation Protocol (ZEP). Make protocol-specific updates for: AH, DHCP, DNS, ESP, FRF.16, HNCP, ICMP6, IEEE 802.15.4, IPv6, IS-IS, Linux SLL, LLDP, LSP ping, MPTCP, NFS, NSH, NTP, OSPF, OSPF6, PGM, PIM, PPTP, RADIUS, RSVP, Rx, SMB, UDLD, VXLAN-GPE. User interface: Make SLL2 the default for Linux "any" pseudo-device. Add --micro and --nano shorthands. Add --count to print a counter only instead of decoding. Add --print, to cause packet printing even with -w. Add support for remote capture if libpcap supports it. Display the "wireless" flag and connection status. Flush the output packet buffer on a SIGUSR2. Add the snapshot length to the "reading from file ..." message. Fix local time printing (DST offset in timestamps). Allow -C arguments > 2^31-1 GB if they can fit into a long. Handle very large -f files by rejecting them. Report periodic stats only when safe to do so. Print the number of packets captured only as often as necessary. With no -s, or with -s 0, don't specify the snapshot length with newer versions of libpcap. Improve version and usage message printing. Building and testing: Install into bindir, not sbindir. autoconf: replace --with-system-libpcap with --disable-local-libpcap. Require the compiler to support C99. Better detect and use various C compilers and their features. Add CMake as the second build system. Make out-of-tree builds more reliable. Use pkg-config to detect libpcap if available. Improve Windows support. Add more tests and improve the scripts that run them. Test both with "normal" and "x87" floating-point. Eliminate dependency on libdnet. FreeBSD: Print a proper error message about monitor mode VAP. Use libcasper if available. Fix failure to capture on RDMA device. Include the correct capsicum header. Source code: Start the transition to longjmp() for packet truncation handling. Introduce new helper functions, including GET_*(), nd_print_protocol(), nd_print_invalid(), nd_print_trunc(), nd_trunc_longjmp() and others. Put integer signedness right in many cases. Introduce nd_uint*, nd_mac_addr, nd_ipv4 and nd_ipv6 types to fix alignment issues, especially on SPARC. Fix many C compiler, Coverity, UBSan and cppcheck warnings. Fix issues detected with AddressSanitizer. Remove many workarounds for older compilers and OSes. Add a sanity check on packet header length. Add and remove plenty of bounds checks. Clean up pcap_findalldevs() call to find the first interface. Use a short timeout, rather than immediate mode, for text output. Handle DLT_ENC files *not* written on the same OS and byte-order host. Add, and use, macros to do locale-independent case mapping. Use a table instead of getprotobynumber(). Get rid of ND_UNALIGNED and ND_TCHECK(). Make roundup2() generally available. Resync SMI list against Wireshark. Fix many typos.
2023-08-17 18:57:10 +03:00
/*
* Copyright (c) 2016 Gerard Garcia <nouboh@gmail.com>
* Copyright (c) 2017 Red Hat, Inc.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
* 3. The names of the authors may not be used to endorse or promote
* products derived from this software without specific prior
* written permission.
*
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
* IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
* WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
*/
/* \summary: Linux vsock printer */
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include "netdissect-stdinc.h"
#include <stddef.h>
#include "netdissect.h"
#include "extract.h"
enum af_vsockmon_transport {
AF_VSOCK_TRANSPORT_UNKNOWN = 0,
AF_VSOCK_TRANSPORT_NO_INFO = 1, /* No transport information */
AF_VSOCK_TRANSPORT_VIRTIO = 2, /* Virtio transport header */
};
static const struct tok vsock_transport[] = {
{AF_VSOCK_TRANSPORT_UNKNOWN, "UNKNOWN"},
{AF_VSOCK_TRANSPORT_NO_INFO, "NO_INFO"},
{AF_VSOCK_TRANSPORT_VIRTIO, "VIRTIO"},
{ 0, NULL }
};
enum af_vsockmon_op {
AF_VSOCK_OP_UNKNOWN = 0,
AF_VSOCK_OP_CONNECT = 1,
AF_VSOCK_OP_DISCONNECT = 2,
AF_VSOCK_OP_CONTROL = 3,
AF_VSOCK_OP_PAYLOAD = 4,
};
static const struct tok vsock_op[] = {
{AF_VSOCK_OP_UNKNOWN, "UNKNOWN"},
{AF_VSOCK_OP_CONNECT, "CONNECT"},
{AF_VSOCK_OP_DISCONNECT, "DISCONNECT"},
{AF_VSOCK_OP_CONTROL, "CONTROL"},
{AF_VSOCK_OP_PAYLOAD, "PAYLOAD"},
{ 0, NULL }
};
enum virtio_vsock_type {
VIRTIO_VSOCK_TYPE_STREAM = 1,
};
static const struct tok virtio_type[] = {
{VIRTIO_VSOCK_TYPE_STREAM, "STREAM"},
{ 0, NULL }
};
enum virtio_vsock_op {
VIRTIO_VSOCK_OP_INVALID = 0,
VIRTIO_VSOCK_OP_REQUEST = 1,
VIRTIO_VSOCK_OP_RESPONSE = 2,
VIRTIO_VSOCK_OP_RST = 3,
VIRTIO_VSOCK_OP_SHUTDOWN = 4,
VIRTIO_VSOCK_OP_RW = 5,
VIRTIO_VSOCK_OP_CREDIT_UPDATE = 6,
VIRTIO_VSOCK_OP_CREDIT_REQUEST = 7,
};
static const struct tok virtio_op[] = {
{VIRTIO_VSOCK_OP_INVALID, "INVALID"},
{VIRTIO_VSOCK_OP_REQUEST, "REQUEST"},
{VIRTIO_VSOCK_OP_RESPONSE, "RESPONSE"},
{VIRTIO_VSOCK_OP_RST, "RST"},
{VIRTIO_VSOCK_OP_SHUTDOWN, "SHUTDOWN"},
{VIRTIO_VSOCK_OP_RW, "RW"},
{VIRTIO_VSOCK_OP_CREDIT_UPDATE, "CREDIT UPDATE"},
{VIRTIO_VSOCK_OP_CREDIT_REQUEST, "CREDIT REQUEST"},
{ 0, NULL }
};
/* All fields are little-endian */
struct virtio_vsock_hdr {
nd_uint64_t src_cid;
nd_uint64_t dst_cid;
nd_uint32_t src_port;
nd_uint32_t dst_port;
nd_uint32_t len;
nd_uint16_t type; /* enum virtio_vsock_type */
nd_uint16_t op; /* enum virtio_vsock_op */
nd_uint32_t flags;
nd_uint32_t buf_alloc;
nd_uint32_t fwd_cnt;
};
struct af_vsockmon_hdr {
nd_uint64_t src_cid;
nd_uint64_t dst_cid;
nd_uint32_t src_port;
nd_uint32_t dst_port;
nd_uint16_t op; /* enum af_vsockmon_op */
nd_uint16_t transport; /* enum af_vosckmon_transport */
nd_uint16_t len; /* size of transport header */
nd_uint8_t reserved[2];
};
static void
vsock_virtio_hdr_print(netdissect_options *ndo, const struct virtio_vsock_hdr *hdr)
{
uint16_t u16_v;
uint32_t u32_v;
u32_v = GET_LE_U_4(hdr->len);
ND_PRINT("len %u", u32_v);
u16_v = GET_LE_U_2(hdr->type);
ND_PRINT(", type %s",
tok2str(virtio_type, "Invalid type (%hu)", u16_v));
u16_v = GET_LE_U_2(hdr->op);
ND_PRINT(", op %s",
tok2str(virtio_op, "Invalid op (%hu)", u16_v));
u32_v = GET_LE_U_4(hdr->flags);
ND_PRINT(", flags %x", u32_v);
u32_v = GET_LE_U_4(hdr->buf_alloc);
ND_PRINT(", buf_alloc %u", u32_v);
u32_v = GET_LE_U_4(hdr->fwd_cnt);
ND_PRINT(", fwd_cnt %u", u32_v);
}
/*
* This size had better fit in a u_int.
*/
static u_int
vsock_transport_hdr_size(uint16_t transport)
{
switch (transport) {
case AF_VSOCK_TRANSPORT_VIRTIO:
return (u_int)sizeof(struct virtio_vsock_hdr);
default:
return 0;
}
}
/* Returns 0 on success, -1 on truncation */
static int
vsock_transport_hdr_print(netdissect_options *ndo, uint16_t transport,
const u_char *p, const u_int caplen)
{
u_int transport_size = vsock_transport_hdr_size(transport);
const void *hdr;
if (caplen < sizeof(struct af_vsockmon_hdr) + transport_size) {
return -1;
}
hdr = p + sizeof(struct af_vsockmon_hdr);
switch (transport) {
case AF_VSOCK_TRANSPORT_VIRTIO:
ND_PRINT(" (");
vsock_virtio_hdr_print(ndo, hdr);
ND_PRINT(")");
break;
default:
break;
}
return 0;
}
static void
vsock_hdr_print(netdissect_options *ndo, const u_char *p, const u_int caplen)
{
const struct af_vsockmon_hdr *hdr = (const struct af_vsockmon_hdr *)p;
uint16_t hdr_transport, hdr_op;
uint32_t hdr_src_port, hdr_dst_port;
uint64_t hdr_src_cid, hdr_dst_cid;
u_int total_hdr_size;
int ret = 0;
hdr_transport = GET_LE_U_2(hdr->transport);
ND_PRINT("%s",
tok2str(vsock_transport, "Invalid transport (%u)",
hdr_transport));
/* If verbose level is more than 0 print transport details */
if (ndo->ndo_vflag) {
ret = vsock_transport_hdr_print(ndo, hdr_transport, p, caplen);
if (ret == 0)
ND_PRINT("\n\t");
} else
ND_PRINT(" ");
hdr_src_cid = GET_LE_U_8(hdr->src_cid);
hdr_dst_cid = GET_LE_U_8(hdr->dst_cid);
hdr_src_port = GET_LE_U_4(hdr->src_port);
hdr_dst_port = GET_LE_U_4(hdr->dst_port);
hdr_op = GET_LE_U_2(hdr->op);
ND_PRINT("%" PRIu64 ".%u > %" PRIu64 ".%u %s, length %u",
hdr_src_cid, hdr_src_port,
hdr_dst_cid, hdr_dst_port,
tok2str(vsock_op, " invalid op (%u)", hdr_op),
caplen);
if (ret < 0)
goto trunc;
/* If debug level is more than 1 print payload contents */
/* This size had better fit in a u_int */
total_hdr_size = (u_int)sizeof(struct af_vsockmon_hdr) +
vsock_transport_hdr_size(hdr_transport);
if (ndo->ndo_vflag > 1 && hdr_op == AF_VSOCK_OP_PAYLOAD) {
if (caplen > total_hdr_size) {
const u_char *payload = p + total_hdr_size;
ND_PRINT("\n");
print_unknown_data(ndo, payload, "\t",
caplen - total_hdr_size);
} else
goto trunc;
}
return;
trunc:
nd_print_trunc(ndo);
}
void
vsock_if_print(netdissect_options *ndo, const struct pcap_pkthdr *h,
const u_char *cp)
{
u_int caplen = h->caplen;
ndo->ndo_protocol = "vsock";
if (caplen < sizeof(struct af_vsockmon_hdr)) {
nd_print_trunc(ndo);
ndo->ndo_ll_hdr_len += caplen;
return;
}
ndo->ndo_ll_hdr_len += sizeof(struct af_vsockmon_hdr);
vsock_hdr_print(ndo, cp, caplen);
}