summaryrefslogtreecommitdiffstats
path: root/drivers/net/vsockmon.c
blob: e8563acf98e8d8fef019f89d814e28e979b8ba2c (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138

// SPDX-License-Identifier: GPL-2.0-only
#include <linux/module.h>
#include <linux/kernel.h>
#include <linux/if_arp.h>
#include <net/rtnetlink.h>
#include <net/sock.h>
#include <net/af_vsock.h>
#include <uapi/linux/vsockmon.h>
#include <linux/virtio_vsock.h>

/* Virtio transport max packet size plus header */
#define DEFAULT_MTU (VIRTIO_VSOCK_MAX_PKT_BUF_SIZE + \
		     sizeof(struct af_vsockmon_hdr))

static int vsockmon_dev_init(struct net_device *dev)
{
	dev->lstats = netdev_alloc_pcpu_stats(struct pcpu_lstats);
	if (!dev->lstats)
		return -ENOMEM;
	return 0;
}

static void vsockmon_dev_uninit(struct net_device *dev)
{
	free_percpu(dev->lstats);
}

struct vsockmon {
	struct vsock_tap vt;
};

static int vsockmon_open(struct net_device *dev)
{
	struct vsockmon *vsockmon = netdev_priv(dev);

	vsockmon->vt.dev = dev;
	vsockmon->vt.module = THIS_MODULE;
	return vsock_add_tap(&vsockmon->vt);
}

static int vsockmon_close(struct net_device *dev)
{
	struct vsockmon *vsockmon = netdev_priv(dev);

	return vsock_remove_tap(&vsockmon->vt);
}

static netdev_tx_t vsockmon_xmit(struct sk_buff *skb, struct net_device *dev)
{
	dev_lstats_add(dev, skb->len);

	dev_kfree_skb(skb);

	return NETDEV_TX_OK;
}

static void
vsockmon_get_stats64(struct net_device *dev, struct rtnl_link_stats64 *stats)
{
	dev_lstats_read(dev, &stats->rx_packets, &stats->rx_bytes);

	stats->tx_packets = 0;
	stats->tx_bytes = 0;
}

static int vsockmon_is_valid_mtu(int new_mtu)
{
	return new_mtu >= (int)sizeof(struct af_vsockmon_hdr);
}

static int vsockmon_change_mtu(struct net_device *dev, int new_mtu)
{
	if (!vsockmon_is_valid_mtu(new_mtu))
		return -EINVAL;

	dev->mtu = new_mtu;
	return 0;
}

static const struct net_device_ops vsockmon_ops = {
	.ndo_init = vsockmon_dev_init,
	.ndo_uninit = vsockmon_dev_uninit,
	.ndo_open = vsockmon_open,
	.ndo_stop = vsockmon_close,
	.ndo_start_xmit = vsockmon_xmit,
	.ndo_get_stats64 = vsockmon_get_stats64,
	.ndo_change_mtu = vsockmon_change_mtu,
};

static u32 always_on(struct net_device *dev)
{
	return 1;
}

static const struct ethtool_ops vsockmon_ethtool_ops = {
	.get_link = always_on,
};

static void vsockmon_setup(struct net_device *dev)
{
	dev->type = ARPHRD_VSOCKMON;
	dev->priv_flags |= IFF_NO_QUEUE;

	dev->netdev_ops	= &vsockmon_ops;
	dev->ethtool_ops = &vsockmon_ethtool_ops;
	dev->needs_free_netdev = true;

	dev->features = NETIF_F_SG | NETIF_F_FRAGLIST |
			NETIF_F_HIGHDMA | NETIF_F_LLTX;

	dev->flags = IFF_NOARP;

	dev->mtu = DEFAULT_MTU;
}

static struct rtnl_link_ops vsockmon_link_ops __read_mostly = {
	.kind			= "vsockmon",
	.priv_size		= sizeof(struct vsockmon),
	.setup			= vsockmon_setup,
};

static __init int vsockmon_register(void)
{
	return rtnl_link_register(&vsockmon_link_ops);
}

static __exit void vsockmon_unregister(void)
{
	rtnl_link_unregister(&vsockmon_link_ops);
}

module_init(vsockmon_register);
module_exit(vsockmon_unregister);

MODULE_LICENSE("GPL v2");
MODULE_AUTHOR("Gerard Garcia <ggarcia@deic.uab.cat>");
MODULE_DESCRIPTION("Vsock monitoring device. Based on nlmon device.");
MODULE_ALIAS_RTNL_LINK("vsockmon");
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-23 14:27:03 +0000
span class="w"> = 0; u_char cookie[KEX_COOKIE_LEN]; u_int32_t rand = 0; int i; Buffer *ki = xmalloc(sizeof(*ki)); for (i = 0; i < KEX_COOKIE_LEN; i++) { if (i % 4 == 0) rand = arc4random(); cookie[i] = rand & 0xff; rand >>= 8; } buffer_init(ki); buffer_append(ki, (char *)cookie, sizeof cookie); for (i = 0; i < PROPOSAL_MAX; i++) buffer_put_cstring(ki, myproposal[i]); buffer_put_char(ki, first_kex_packet_follows); buffer_put_int(ki, 0); /* uint32 reserved */ return ki; } /* send kexinit, parse and save reply */ void kex_exchange_kexinit( Buffer *my_kexinit, Buffer *peer_kexint, char *peer_proposal[PROPOSAL_MAX]) { int i; char *ptr; int plen; debug("send KEXINIT"); packet_start(SSH2_MSG_KEXINIT); packet_put_raw(buffer_ptr(my_kexinit), buffer_len(my_kexinit)); packet_send(); packet_write_wait(); debug("done"); /* * read and save raw KEXINIT payload in buffer. this is used during * computation of the session_id and the session keys. */ debug("wait KEXINIT"); packet_read_expect(&plen, SSH2_MSG_KEXINIT); ptr = packet_get_raw(&plen); buffer_append(peer_kexint, ptr, plen); /* parse packet and save algorithm proposal */ /* skip cookie */ for (i = 0; i < KEX_COOKIE_LEN; i++) packet_get_char(); /* extract kex init proposal strings */ for (i = 0; i < PROPOSAL_MAX; i++) { peer_proposal[i] = packet_get_string(NULL); debug("got kexinit: %s", peer_proposal[i]); } /* first kex follow / reserved */ i = packet_get_char(); debug("first kex follow: %d ", i); i = packet_get_int(); debug("reserved: %d ", i); packet_done(); debug("done"); } /* diffie-hellman-group1-sha1 */ int dh_pub_is_valid(DH *dh, BIGNUM *dh_pub) { int i; int n = BN_num_bits(dh_pub); int bits_set = 0; if (dh_pub->neg) { log("invalid public DH value: negativ"); return 0; } for (i = 0; i <= n; i++) if (BN_is_bit_set(dh_pub, i)) bits_set++; debug("bits set: %d/%d", bits_set, BN_num_bits(dh->p)); /* if g==2 and bits_set==1 then computing log_g(dh_pub) is trivial */ if (bits_set > 1 && (BN_cmp(dh_pub, dh->p) == -1)) return 1; log("invalid public DH value (%d/%d)", bits_set, BN_num_bits(dh->p)); return 0; } void dh_gen_key(DH *dh) { int tries = 0; do { if (DH_generate_key(dh) == 0) fatal("DH_generate_key"); if (tries++ > 10) fatal("dh_new_group1: too many bad keys: giving up"); } while (!dh_pub_is_valid(dh, dh->pub_key)); } DH * dh_new_group_asc(const char *gen, const char *modulus) { DH *dh; int ret; dh = DH_new(); if (dh == NULL) fatal("DH_new"); if ((ret = BN_hex2bn(&dh->p, modulus)) < 0) fatal("BN_hex2bn p"); if ((ret = BN_hex2bn(&dh->g, gen)) < 0) fatal("BN_hex2bn g"); return (dh); } /* * This just returns the group, we still need to generate the exchange * value. */ DH * dh_new_group(BIGNUM *gen, BIGNUM *modulus) { DH *dh; dh = DH_new(); if (dh == NULL) fatal("DH_new"); dh->p = modulus; dh->g = gen; return (dh); } DH * dh_new_group1(void) { static char *gen = "2", *group1 = "FFFFFFFF" "FFFFFFFF" "C90FDAA2" "2168C234" "C4C6628B" "80DC1CD1" "29024E08" "8A67CC74" "020BBEA6" "3B139B22" "514A0879" "8E3404DD" "EF9519B3" "CD3A431B" "302B0A6D" "F25F1437" "4FE1356D" "6D51C245" "E485B576" "625E7EC6" "F44C42E9" "A637ED6B" "0BFF5CB6" "F406B7ED" "EE386BFB" "5A899FA5" "AE9F2411" "7C4B1FE6" "49286651" "ECE65381" "FFFFFFFF" "FFFFFFFF"; return (dh_new_group_asc(gen, group1)); } void dump_digest(u_char *digest, int len) { int i; for (i = 0; i< len; i++){ fprintf(stderr, "%02x", digest[i]); if(i%2!=0) fprintf(stderr, " "); } fprintf(stderr, "\n"); } u_char * kex_hash( char *client_version_string, char *server_version_string, char *ckexinit, int ckexinitlen, char *skexinit, int skexinitlen, char *serverhostkeyblob, int sbloblen, BIGNUM *client_dh_pub, BIGNUM *server_dh_pub, BIGNUM *shared_secret) { Buffer b; static u_char digest[EVP_MAX_MD_SIZE]; EVP_MD *evp_md = EVP_sha1(); EVP_MD_CTX md; buffer_init(&b); buffer_put_string(&b, client_version_string, strlen(client_version_string)); buffer_put_string(&b, server_version_string, strlen(server_version_string)); /* kexinit messages: fake header: len+SSH2_MSG_KEXINIT */ buffer_put_int(&b, ckexinitlen+1); buffer_put_char(&b, SSH2_MSG_KEXINIT); buffer_append(&