1 /*
2 * tcpprobe - Observe the TCP flow with kprobes.
3 *
4 * The idea for this came from Werner Almesberger's umlsim
5 * Copyright (C) 2004, Stephen Hemminger <shemminger@osdl.org>
6 *
7 * This program is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation; either version 2 of the License.
10 *
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, write to the Free Software
18 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
19 */
20
21 #include <linux/kernel.h>
22 #include <linux/kprobes.h>
23 #include <linux/socket.h>
24 #include <linux/tcp.h>
25 #include <linux/slab.h>
26 #include <linux/proc_fs.h>
27 #include <linux/module.h>
28 #include <linux/ktime.h>
29 #include <linux/time.h>
30 #include <net/net_namespace.h>
31
32 #include <net/tcp.h>
33
34 MODULE_AUTHOR("Stephen Hemminger <shemminger@linux-foundation.org>");
35 MODULE_DESCRIPTION("TCP cwnd snooper");
36 MODULE_LICENSE("GPL");
37 MODULE_VERSION("1.1");
38
39 static int port __read_mostly = 0;
40 MODULE_PARM_DESC(port, "Port to match (0=all)");
41 module_param(port, int, 0);
42
43 static unsigned int bufsize __read_mostly = 4096;
44 MODULE_PARM_DESC(bufsize, "Log buffer size in packets (4096)");
45 module_param(bufsize, uint, 0);
46
47 static int full __read_mostly;
48 MODULE_PARM_DESC(full, "Full log (1=every ack packet received, 0=only cwnd changes)");
49 module_param(full, int, 0);
50
51 static const char procname[] = "tcpprobe";
52
53 struct tcp_log {
54 ktime_t tstamp;
55 __be32 saddr, daddr;
56 __be16 sport, dport;
57 u16 length;
58 u32 snd_nxt;
59 u32 snd_una;
60 u32 snd_wnd;
61 u32 snd_cwnd;
62 u32 ssthresh;
63 u32 srtt;
64 };
65
66 static struct {
67 spinlock_t lock;
68 wait_queue_head_t wait;
69 ktime_t start;
70 u32 lastcwnd;
71
72 unsigned long head, tail;
73 struct tcp_log *log;
74 } tcp_probe;
75
76
tcp_probe_used(void)77 static inline int tcp_probe_used(void)
78 {
79 return (tcp_probe.head - tcp_probe.tail) & (bufsize - 1);
80 }
81
tcp_probe_avail(void)82 static inline int tcp_probe_avail(void)
83 {
84 return bufsize - tcp_probe_used() - 1;
85 }
86
87 /*
88 * Hook inserted to be called before each receive packet.
89 * Note: arguments must match tcp_rcv_established()!
90 */
jtcp_rcv_established(struct sock * sk,struct sk_buff * skb,struct tcphdr * th,unsigned len)91 static int jtcp_rcv_established(struct sock *sk, struct sk_buff *skb,
92 struct tcphdr *th, unsigned len)
93 {
94 const struct tcp_sock *tp = tcp_sk(sk);
95 const struct inet_sock *inet = inet_sk(sk);
96
97 /* Only update if port matches */
98 if ((port == 0 || ntohs(inet->inet_dport) == port ||
99 ntohs(inet->inet_sport) == port) &&
100 (full || tp->snd_cwnd != tcp_probe.lastcwnd)) {
101
102 spin_lock(&tcp_probe.lock);
103 /* If log fills, just silently drop */
104 if (tcp_probe_avail() > 1) {
105 struct tcp_log *p = tcp_probe.log + tcp_probe.head;
106
107 p->tstamp = ktime_get();
108 p->saddr = inet->inet_saddr;
109 p->sport = inet->inet_sport;
110 p->daddr = inet->inet_daddr;
111 p->dport = inet->inet_dport;
112 p->length = skb->len;
113 p->snd_nxt = tp->snd_nxt;
114 p->snd_una = tp->snd_una;
115 p->snd_cwnd = tp->snd_cwnd;
116 p->snd_wnd = tp->snd_wnd;
117 p->ssthresh = tcp_current_ssthresh(sk);
118 p->srtt = tp->srtt >> 3;
119
120 tcp_probe.head = (tcp_probe.head + 1) & (bufsize - 1);
121 }
122 tcp_probe.lastcwnd = tp->snd_cwnd;
123 spin_unlock(&tcp_probe.lock);
124
125 wake_up(&tcp_probe.wait);
126 }
127
128 jprobe_return();
129 return 0;
130 }
131
132 static struct jprobe tcp_jprobe = {
133 .kp = {
134 .symbol_name = "tcp_rcv_established",
135 },
136 .entry = jtcp_rcv_established,
137 };
138
tcpprobe_open(struct inode * inode,struct file * file)139 static int tcpprobe_open(struct inode * inode, struct file * file)
140 {
141 /* Reset (empty) log */
142 spin_lock_bh(&tcp_probe.lock);
143 tcp_probe.head = tcp_probe.tail = 0;
144 tcp_probe.start = ktime_get();
145 spin_unlock_bh(&tcp_probe.lock);
146
147 return 0;
148 }
149
tcpprobe_sprint(char * tbuf,int n)150 static int tcpprobe_sprint(char *tbuf, int n)
151 {
152 const struct tcp_log *p
153 = tcp_probe.log + tcp_probe.tail;
154 struct timespec tv
155 = ktime_to_timespec(ktime_sub(p->tstamp, tcp_probe.start));
156
157 return scnprintf(tbuf, n,
158 "%lu.%09lu %pI4:%u %pI4:%u %d %#x %#x %u %u %u %u\n",
159 (unsigned long) tv.tv_sec,
160 (unsigned long) tv.tv_nsec,
161 &p->saddr, ntohs(p->sport),
162 &p->daddr, ntohs(p->dport),
163 p->length, p->snd_nxt, p->snd_una,
164 p->snd_cwnd, p->ssthresh, p->snd_wnd, p->srtt);
165 }
166
tcpprobe_read(struct file * file,char __user * buf,size_t len,loff_t * ppos)167 static ssize_t tcpprobe_read(struct file *file, char __user *buf,
168 size_t len, loff_t *ppos)
169 {
170 int error = 0;
171 size_t cnt = 0;
172
173 if (!buf)
174 return -EINVAL;
175
176 while (cnt < len) {
177 char tbuf[164];
178 int width;
179
180 /* Wait for data in buffer */
181 error = wait_event_interruptible(tcp_probe.wait,
182 tcp_probe_used() > 0);
183 if (error)
184 break;
185
186 spin_lock_bh(&tcp_probe.lock);
187 if (tcp_probe.head == tcp_probe.tail) {
188 /* multiple readers race? */
189 spin_unlock_bh(&tcp_probe.lock);
190 continue;
191 }
192
193 width = tcpprobe_sprint(tbuf, sizeof(tbuf));
194
195 if (cnt + width < len)
196 tcp_probe.tail = (tcp_probe.tail + 1) & (bufsize - 1);
197
198 spin_unlock_bh(&tcp_probe.lock);
199
200 /* if record greater than space available
201 return partial buffer (so far) */
202 if (cnt + width >= len)
203 break;
204
205 if (copy_to_user(buf + cnt, tbuf, width))
206 return -EFAULT;
207 cnt += width;
208 }
209
210 return cnt == 0 ? error : cnt;
211 }
212
213 static const struct file_operations tcpprobe_fops = {
214 .owner = THIS_MODULE,
215 .open = tcpprobe_open,
216 .read = tcpprobe_read,
217 .llseek = noop_llseek,
218 };
219
tcpprobe_init(void)220 static __init int tcpprobe_init(void)
221 {
222 int ret = -ENOMEM;
223
224 init_waitqueue_head(&tcp_probe.wait);
225 spin_lock_init(&tcp_probe.lock);
226
227 if (bufsize == 0)
228 return -EINVAL;
229
230 bufsize = roundup_pow_of_two(bufsize);
231 tcp_probe.log = kcalloc(bufsize, sizeof(struct tcp_log), GFP_KERNEL);
232 if (!tcp_probe.log)
233 goto err0;
234
235 if (!proc_net_fops_create(&init_net, procname, S_IRUSR, &tcpprobe_fops))
236 goto err0;
237
238 ret = register_jprobe(&tcp_jprobe);
239 if (ret)
240 goto err1;
241
242 pr_info("TCP probe registered (port=%d) bufsize=%u\n", port, bufsize);
243 return 0;
244 err1:
245 proc_net_remove(&init_net, procname);
246 err0:
247 kfree(tcp_probe.log);
248 return ret;
249 }
250 module_init(tcpprobe_init);
251
tcpprobe_exit(void)252 static __exit void tcpprobe_exit(void)
253 {
254 proc_net_remove(&init_net, procname);
255 unregister_jprobe(&tcp_jprobe);
256 kfree(tcp_probe.log);
257 }
258 module_exit(tcpprobe_exit);
259