lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-Id: <20190528122618.30769-6-idosch@idosch.org> Date: Tue, 28 May 2019 15:26:18 +0300 From: Ido Schimmel <idosch@...sch.org> To: netdev@...r.kernel.org Cc: davem@...emloft.net, jiri@...lanox.com, mlxsw@...lanox.com, dsahern@...il.com, roopa@...ulusnetworks.com, nikolay@...ulusnetworks.com, andy@...yhouse.net, pablo@...filter.org, jakub.kicinski@...ronome.com, pieter.jansenvanvuuren@...ronome.com, andrew@...n.ch, f.fainelli@...il.com, Ido Schimmel <idosch@...lanox.com> Subject: [RFC PATCH iproute2-next 5/5] devlink: Add devlink trap monitor support From: Ido Schimmel <idosch@...lanox.com> According to the reporting state of individual traps, a notification is sent to user space about each trapped packet. Allow the user to monitor such events by having iproute2 subscribe to the 'DEVLINK_GENL_MCGRP_TRAP_NAME' group. An error is not returned in case subscription failed in order not to cause regression with old kernels and new iproute2. When '-v' is specified trap metadata (e.g., input port) is also shown. Example: # devlink -jvp mon trap-report [trap-report,report] "netdevsim/netdevsim10": { "name": "blackhole_route_drop", "type": "drop", "group": "l3_drops", "length": 146, "timestamp": "Tue May 28 13:03:09 2019 801360651 nsec", "input_port": { "netdevsim/netdevsim10/0": { "type": "eth", "netdev": "eth0" } } } Signed-off-by: Ido Schimmel <idosch@...lanox.com> --- devlink/devlink.c | 78 +++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 76 insertions(+), 2 deletions(-) diff --git a/devlink/devlink.c b/devlink/devlink.c index 57b87536ccad..79f6f5c25cae 100644 --- a/devlink/devlink.c +++ b/devlink/devlink.c @@ -3849,6 +3849,7 @@ static const char *cmd_name(uint8_t cmd) case DEVLINK_CMD_TRAP_GROUP_SET: return "set"; case DEVLINK_CMD_TRAP_GROUP_NEW: return "new"; case DEVLINK_CMD_TRAP_GROUP_DEL: return "del"; + case DEVLINK_CMD_TRAP_REPORT: return "report"; default: return "<unknown cmd>"; } } @@ -3887,6 +3888,8 @@ static const char *cmd_obj(uint8_t cmd) case DEVLINK_CMD_TRAP_GROUP_NEW: case DEVLINK_CMD_TRAP_GROUP_DEL: return "trap-group"; + case DEVLINK_CMD_TRAP_REPORT: + return "trap-report"; default: return "<unknown obj>"; } } @@ -3914,6 +3917,7 @@ static bool cmd_filter_check(struct dl *dl, uint8_t cmd) static void pr_out_region(struct dl *dl, struct nlattr **tb); static void pr_out_trap(struct dl *dl, struct nlattr **tb, bool array); static void pr_out_trap_group(struct dl *dl, struct nlattr **tb, bool array); +static void pr_out_trap_report(struct dl *dl, struct nlattr **tb); static int cmd_mon_show_cb(const struct nlmsghdr *nlh, void *data) { @@ -3998,6 +4002,18 @@ static int cmd_mon_show_cb(const struct nlmsghdr *nlh, void *data) pr_out_mon_header(genl->cmd); pr_out_trap_group(dl, tb, false); break; + case DEVLINK_CMD_TRAP_REPORT: + mnl_attr_parse(nlh, sizeof(*genl), attr_cb, tb); + if (!tb[DEVLINK_ATTR_BUS_NAME] || !tb[DEVLINK_ATTR_DEV_NAME] || + !tb[DEVLINK_ATTR_TRAP_NAME] || + !tb[DEVLINK_ATTR_TRAP_TYPE] || + !tb[DEVLINK_ATTR_TRAP_GROUP_NAME] || + !tb[DEVLINK_ATTR_TRAP_PAYLOAD] || + !tb[DEVLINK_ATTR_TRAP_TIMESTAMP]) + return MNL_CB_ERROR; + pr_out_mon_header(genl->cmd); + pr_out_trap_report(dl, tb); + break; } return MNL_CB_OK; } @@ -4013,7 +4029,8 @@ static int cmd_mon_show(struct dl *dl) strcmp(cur_obj, "dev") != 0 && strcmp(cur_obj, "port") != 0 && strcmp(cur_obj, "trap") != 0 && - strcmp(cur_obj, "trap-group") != 0) { + strcmp(cur_obj, "trap-group") != 0 && + strcmp(cur_obj, "trap-report") != 0) { pr_err("Unknown object \"%s\"\n", cur_obj); return -EINVAL; } @@ -4021,6 +4038,10 @@ static int cmd_mon_show(struct dl *dl) err = _mnlg_socket_group_add(dl->nlg, DEVLINK_GENL_MCGRP_CONFIG_NAME); if (err) return err; + /* Do not bail in order to be compatible with old kernels that do not + * support this multicast group. + */ + mnlg_socket_group_add(dl->nlg, DEVLINK_GENL_MCGRP_TRAP_NAME); err = _mnlg_socket_recv_run(dl->nlg, cmd_mon_show_cb, dl); if (err) return err; @@ -4030,7 +4051,7 @@ static int cmd_mon_show(struct dl *dl) static void cmd_mon_help(void) { pr_err("Usage: devlink monitor [ all | OBJECT-LIST ]\n" - "where OBJECT-LIST := { dev | port | trap | trap-group }\n"); + "where OBJECT-LIST := { dev | port | trap | trap-group | trap-report }\n"); } static int cmd_mon(struct dl *dl) @@ -6486,6 +6507,59 @@ static const char *trap_metadata_name(const struct nlattr *attr) return "<unknown metadata type>"; } } + +static void pr_out_trap_report_timestamp(struct dl *dl, + const struct nlattr *attr) +{ + struct timespec *ts; + struct tm *tm; + char buf[80]; + char *tstr; + + ts = mnl_attr_get_payload(attr); + tm = localtime(&ts->tv_sec); + + tstr = asctime(tm); + tstr[strlen(tstr) - 1] = 0; + snprintf(buf, sizeof(buf), "%s %09ld nsec", tstr, ts->tv_nsec); + + pr_out_str(dl, "timestamp", buf); +} + +static void pr_out_trap_report_port(struct dl *dl, struct nlattr *attr, + const char *name, struct nlattr **tb) +{ + int err; + + if (!dl->verbose) + return; + + err = mnl_attr_parse_nested(attr, attr_cb, tb); + if (err != MNL_CB_OK) + return; + + pr_out_object_start(dl, name); + pr_out_port(dl, tb); + pr_out_object_end(dl); +} + +static void pr_out_trap_report(struct dl *dl, struct nlattr **tb) +{ + uint8_t type = mnl_attr_get_u8(tb[DEVLINK_ATTR_TRAP_TYPE]); + + __pr_out_handle_start(dl, tb, true, false); + pr_out_str(dl, "name", mnl_attr_get_str(tb[DEVLINK_ATTR_TRAP_NAME])); + pr_out_str(dl, "type", trap_type_name(type)); + pr_out_str(dl, "group", + mnl_attr_get_str(tb[DEVLINK_ATTR_TRAP_GROUP_NAME])); + pr_out_uint(dl, "length", tb[DEVLINK_ATTR_TRAP_PAYLOAD]->nla_len); + pr_out_trap_report_timestamp(dl, tb[DEVLINK_ATTR_TRAP_TIMESTAMP]); + if (tb[DEVLINK_ATTR_TRAP_IN_PORT]) + pr_out_trap_report_port(dl, tb[DEVLINK_ATTR_TRAP_IN_PORT], + "input_port", tb); + pr_out_handle_end(dl); +} + static void pr_out_trap_metadata(struct dl *dl, struct nlattr *attr) { struct nlattr *attr_metadata; -- 2.20.1
Powered by blists - more mailing lists