What is the analogue of an NDIS filter in linux? - linux

I am working on an as close to real-time system as possible in linux and need to send about 600-800 bytes in a TCP packet as soon as I receive a specific packet.
For best possible latencies I want this packet to be sent directly from the kernel instead of it the received packet going all the way up to the userspace and the applicaiton and then making its way back.
If I were on windows I'd have written an NDIS filter which I would cache the packet to be sent with and the matching parameters so that it would check the received packet and on a match fire the pre-cached packet onto the network without passing the received packet up to the higher layers.
So my question is what is the closest analogue of an NDIS filter on linux?
I have read about netfilter and perhaps that is what I would use, but I do not know if it is the best way possible.
What else could I do to achieve lowest-possible latencies?
My current purely userspace code gives me about 80-100 micro seconds on an Intel Xeon 3.7 GHz processor running Ubuntu 10.04 on 2.6.3x kernel.


You can use the iptables target NFLOG to copy packets out to userspace or NFQUEUE to allow userspace to mangle them. This interaction happens over netlink, but you can use libraries such as libnetfilter_log and libnetfilter_queue which wrap around it.


There is similar mechanism in Linux kernel called BPF ( Berkeley packet filter).
Register a BPF filter into kernel from your application. The packets matching the filter would be captured and forwarded to registered hook function.
Below is an exmpale code I found on internet. ( https://gist.github.com/939154 )
Basically you had to create an open, binding it with an BPF filter and then select to this FD for receiving packets:
;
set_filter(int fd)
{
struct bpf_program fcode = {0};
/* dump ssh packets only */
struct bpf_insn insns[] = {
BPF_STMT(BPF_LD+BPF_H+BPF_ABS, 12),
BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, ETHERTYPE_IP, 0, 10),
BPF_STMT(BPF_LD+BPF_B+BPF_ABS, 23),
BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, IPPROTO_TCP, 0, 8),
BPF_STMT(BPF_LD+BPF_H+BPF_ABS, 20),
BPF_JUMP(BPF_JMP+BPF_JSET+BPF_K, 0x1fff, 6, 0),
BPF_STMT(BPF_LDX+BPF_B+BPF_MSH, 14),
BPF_STMT(BPF_LD+BPF_H+BPF_IND, 14),
BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, 22, 2, 0),
BPF_STMT(BPF_LD+BPF_H+BPF_IND, 16),
BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, 22, 0, 1),
BPF_STMT(BPF_RET+BPF_K, (u_int)-1),
BPF_STMT(BPF_RET+BPF_K, 0),
};
/* Set the filter */
fcode.bf_len = sizeof(insns) / sizeof(struct bpf_insn);
fcode.bf_insns = &insns[0];
if(ioctl(fd, BIOCSETF, &fcode) < 0)
return -1;
return 0;
}
The bpf_inst looks terrbiel. However, it is not needed to write it manually.
You can use tcp-dump to auto generated these scripts.
for example:
sudo tcpdump 'tcp[13]=18' -i eth0 -dd
{ 0x28, 0, 0, 0x0000000c },
{ 0x15, 0, 8, 0x00000800 },
{ 0x30, 0, 0, 0x00000017 },
{ 0x15, 0, 6, 0x00000006 },
{ 0x28, 0, 0, 0x00000014 },
{ 0x45, 4, 0, 0x00001fff },
{ 0xb1, 0, 0, 0x0000000e },
{ 0x50, 0, 0, 0x0000001b },
{ 0x15, 0, 1, 0x00000012 },
{ 0x6, 0, 0, 0x00000060 },
{ 0x6, 0, 0, 0x00000000 },

Related

Using golang to create a new child process with syscall.CLONE_NEWUSER but why at the new usernamespace the uid is nobody?

exe := exec.Command("/proc/self/exe","init")
exe.SysProcAttr = &syscall.SysProcAttr{
Cloneflags: syscall.CLONE_NEWUTS|syscall.CLONE_NEWNS|syscall.CLONE_NEWUSER|syscall.CLONE_NEWPID|syscall.CLONE_NEWIPC|syscall.CLONE_NEWNET,
//mapping the uid and gid I can figure out the mapping rules????
UidMappings: []syscall.SysProcIDMap{
{
ContainerID: 0,
HostID: 1000000,
Size: 65536,
},
},
GidMappings: []syscall.SysProcIDMap{
{
ContainerID: 0,
HostID: 100000,
Size: 65536,
},
},
}
when I run with exe.Start() get the result at terminal is "nobody#xx:/home/xx$" .
I read the code of runc ,likewise,runc use the same way to implement usernamespace's isolation,but set correctly uid with 'root'. what's wrong with me?
There is system info of my new process,getting from another bash.
root#xx:/home/xx# cat /proc/159624/uid_map
0 1000000 65536
root#xx:/home/xx# cat /etc/subuid
xx:100000:65536
os: ubuntu20.04
go version:1.18.3 linux/amd64

How to configure ACPI *.asl for a virtual mdio-gpio device connected to a I2C gpio expander

I'm working with a Q7 Module (x86) and try to configure our peripherals with ACPI SSDT Overlay on Linux. But I strugle with it. I think I missunderstand some of the core concept of ACPI.
Problem
CPU -> I2C -> PCA9575 GPIO Expander -> virtual,mdio-gpio -> Ethernet Phy
What works
DefinitionBlock ("abc.asl", "SSDT", 2, "test", "HAL", 2)
{
External (\_SB_.PCI0.D01D, DeviceObj)
Scope (\_SB.PCI0.D01D)
{
Device (ABC0)
{
Name (_HID, "PRP0001") // must be PRP0001 that linux searches for compatible driver
Name (_CRS, ResourceTemplate () {
I2cSerialBusV2 (
0x20, // SlaveAddress : I2C Address
ControllerInitiated, // SlaveMode : ControllerInitiated
100000, // ConnectionSpeed : max Bus Speed for this device
AddressingMode7Bit, // AddressingMode : Adress Mode
"\\_SB.PCI0.D01D", // ResourceSource : I2C host controller
0x00, // ResourceSourceIndex : must be 0
ResourceConsumer, // ResourceUsage : must be ResourceConsumer
, // DescriptorName : optional name for integer value which is an offset to a buffer field...
Exclusive // Shared : Shared or Exclusive
,) // VendorData : optional field
})
Name (_DSD, Package() {
ToUUID("daffd814-6eba-4d8c-8a91-bc9bbf4aa301"),
Package () {
Package (2) { "compatible", "nxp,pca9575" },
Package () { "gpio-line-names", Package ()
{ "LED_Red",
"",
"MDC",
"MDIO",
}
},
},
ToUUID("dbb8e3e6-5886-4ba6-8795-1319f52a966b"),
Package () {
Package () { "led-red", "LED0" },
Package () { "mdc-gpios", "MDC0" },
Package () { "mdio-gpios", "MDIO" },
}
})
Name (LED0, Package () {
ToUUID("daffd814-6eba-4d8c-8a91-bc9bbf4aa301"),
Package () {
Package () {"gpio-hog", 1},
Package () {"gpios", Package () {0, 1}},
Package () {"output-low", 1},
}
})
... <placeholder for virtual,mdio-gpiocode here> ...
}
}
}
It recognises the PCA9575 GPIO expander and registering it as gpiochip in Linux. The LED is fixed to low and "hogged". It seems that this part is not totally wrong.
What not works
I inserted this code into the placeholder
Device (MD00)
{
Name (_HID, "PRP0001") // must be PRP0001 that linux searches for compatible driver
Name (_DSD, Package() {
ToUUID("daffd814-6eba-4d8c-8a91-bc9bbf4aa301"),
Package () {
Package (2) { "compatible", "virtual,mdio-gpio" },
Package () {"gpios", Package () {^MDC0, 2, 0,
^MDIO, 3, 0,}},
}
})
}
But when I try to load this file via configfs I can see an error message in dmesg that the compatible field for the defined resource in _CRS field is missing. But I don't even defined a _CRS field.
I'm also not sure if my GPIO's are defined correctly. I'm not able to set the Pull-Modes with the Package () {"gpios", Package () {0, 1}}, command.
I question myself, shall the GPIO Expander Ports again defined as GgioIo Structures in the MDO Device?
Name (_CRS, ResourceTemplate () {
GpioIo (Exclusive, PullNone, 0, 0, IoRestrictionNone,
"\\_SB.PCI0.D01D.ABC0", 0, ResourceConsumer) {2}
GpioIo (Exclusive, PullNone, 0, 0, IoRestrictionNone,
"\\_SB.PCI0.D01D.ABC0", 0, ResourceConsumer) {3}
})
It doesn't seem to work either and I'm confused. I'm not sure if I use the GPIO PCA9575 driver correctly. Where could I configure the pull bias in ACPI? The driver load the config from of_ but I don't know where to define it in ACPI. I hope somebody here got an idea.

First of all let's see the main architecture of the design:
+-------------------+
| HOST | +------+
| MDIO <------>+ MDIO |
| Intf | | Phy |
| | +--^---+
| +------+ | | +-----+
| | I²C | | | | LED |
| | host | | | +--^--+
| +--^---+ | | |
| | | +--+---+ |
+-------------------+ | I²C | |
+----------------------> GPIO +------+
+------+
From this schematic we see how devices are related to each other. Now let's move to ACPI representation. At the beginning we need to define I²C GPIO expander. From the examples in meta-acpi project we can find how PCA9535 can be described. Assuming we found the I²C host controller device (\_SB_.PCI0.D01D as per your post) and the fact that you have expander without latching IRQ events, the following is the mix between original ASL excerpt and how to match it with proper configuration in the driver:
Device (ABC0)
{
Name (_HID, "PRP0001")
Name (_DDN, "NXP PCA9575 GPIO expander")
Name (RBUF, ResourceTemplate()
{
I2cSerialBusV2(0x0020, ControllerInitiated, 400000,
AddressingMode7Bit, "\\_SB.PCI0.D01D",
0x00, ResourceConsumer, , Exclusive, )
})
Name (_DSD, Package () {
ToUUID("daffd814-6eba-4d8c-8a91-bc9bbf4aa301"),
Package () {
Package () {"compatible", "nxp,pca9575"},
Package () {"gpio-line-names", Package () {
"LED_Red",
"",
"MDC",
"MDIO",
}},
}
})
Method (_CRS, 0, NotSerialized)
{
Return (RBUF)
}
Method (_STA, 0, NotSerialized)
{
Return (0x0F)
}
}
This excerpt provides us a new GPIO chip in the system, resources of which can be consumed by others.
For example, in your Virtual MDIO Phy case (see _DSD Device Properties Related to GPIO as well)
Device (MD00)
{
Name (_HID, "PRP0001")
Name (_CRS, ResourceTemplate () {
GpioIo (Exclusive, PullDown, 0, 0, IoRestrictionOutputOnly,
"\\_SB.PCI0.D01D.ABC0", 0, ResourceConsumer) {2} // pin 2
GpioIo (Exclusive, PullDown, 0, 0, IoRestrictionOutputOnly,
"\\_SB.PCI0.D01D.ABC0", 0, ResourceConsumer) {3} // pin 3
})
Name (_DSD, Package() {
ToUUID("daffd814-6eba-4d8c-8a91-bc9bbf4aa301"),
Package () {
Package () { "compatible", "virtual,mdio-gpio" },
Package () {
"gpios", Package () {
^MD00, 0, 0, 0, // index 0 in _CRS -> pin 2
^MD00, 1, 0, 0, // index 1 in _CRS -> pin 3
}
},
}
})
}
Now it is a time to look at the LED binding code. For the sake of clarification hogging is when you want a GPIO provider to consume a resource itself. And it is quite likely not your case. Better is to connect this with the LED GPIO driver:
Device (LEDS)
{
Name (_HID, "PRP0001")
Name (_DDN, "GPIO LEDs device")
Name (_CRS, ResourceTemplate () {
GpioIo (
Exclusive, // Not shared
PullUp, // Default off
0, // Debounce timeout
0, // Drive strength
IoRestrictionOutputOnly, // Only used as output
"\\_SB.PCI0.D01D.ABC0", // GPIO controller
0) // Must be 0
{
0, // LED_Red
}
})
Name (_DSD, Package () {
ToUUID("daffd814-6eba-4d8c-8a91-bc9bbf4aa301"),
Package () {
Package () { "compatible", Package() { "gpio-leds" } },
},
ToUUID("dbb8e3e6-5886-4ba6-8795-1319f52a966b"),
Package () {
Package () { "led-0", "LED0" },
}
})
/*
* For more information about these bindings see:
* Documentation/devicetree/bindings/leds/common.yaml,
* Documentation/devicetree/bindings/leds/leds-gpio.yaml and
* Documentation/firmware-guide/acpi/gpio-properties.rst.
*/
Name (LED0, Package () {
ToUUID("daffd814-6eba-4d8c-8a91-bc9bbf4aa301"),
Package () {
Package () { "label", "red" },
Package () { "default-state", "on" },
Package () { "gpios", Package () { ^LEDS, 0, 0, 1 } }, // active low
}
})
}
Also you may look into similar questions (starting from the given link and there are references to the rest) on StackOverflow site.

Get the MAC address of an XBee using Node.js

My Node.js app is using xbee-api to allow an XBee connected via a serial port to communicate wirelessly with other XBees. The local XBee is in API Coordinator mode.
How can I query the XBee (physically connected via serial port) to get its 64 bit MAC address SH and SL?
I tried writing the following frame to serial,
var frame_obj = {
type: xbee_api.constants.FRAME_TYPE.AT_COMMAND,
command: 'SH',
commandParameter: []
};
but I receive four bytes [ 0, 19, 162, 0 ] which makes no sense...
frame: { type: 136,
id: 2,
command: 'SH',
commandStatus: 0,
commandData: [ 0, 19, 162, 0 ] }

If you look at the bytes in hex (0x00, 0x13, 0xA2, 0x00), it does make sense.

How can I write to TTY from a kernel module?

First post to SO, so I'll try to make the question right.
I'm making a simple Linux kernel module with the goal of echoing data back to the TTY shell from where the kernel module was loaded. The problem I having is the kernel "Ooops"-ing with the following message (caught with " watch 'dmesg | tail -50' "). The kernel module's name is Seraphim:
[ 184.222748] SELinux: initialized (dev proc, type proc), uses genfs_contexts
[ 1877.456607] seraphim: module verification failed: signature and/or required key missing - tainting kernel
[ 1877.457321] ------------------
[ 1877.457324] Seraphim started.
[ 1877.457348] BUG: unable to handle kernel NULL pointer dereference at 0000000000000218
[ 1877.457411] IP: [<ffffffffa0012030>] seraphim_entry+0x30/0x1000 [seraphim]
[ 1877.457462] PGD 115a2e067 PUD 10aca8067 PMD 0
[ 1877.457498] Oops: 0000 [#1] SMP
[ 1877.457524] Modules linked in: seraphim(OF+) rfcomm bnep nf_conntrack_netbios_ns nf_conn track_broadcast ipt_MASQUERADE ip6t_REJECT xt_conntrack ebtable_nat ebtable_broute bridge stp llce btable_filter ebtables ip6table_nat nf_conntrack_ipv6 nf_defrag_ipv6 nf_nat_ipv6 ip6table_ma etc.
The code used for writing data to the TTY terminal follows:
#include <linux/module.h>
#include <linux/kernel.h>
#include <linux/sched.h>
#include <linux/tty.h>
static void printString(char *string) {
struct tty_struct *tty;
tty = current->signal->tty;
if(tty != NULL) {
(tty->driver->ops->write) (tty, string, strlen(string));
}
else
printk("tty equals to zero");
}
What am I doing wrong?
I was following the tutorial at http://www.tldp.org/LDP/lkmpg/2.6/lkmpg.pdf but it was out of date (the kernel I am using is 3.11.10-200 on Fedora 19), so I had to rummage through 3.11.10-200 source files to find the adequate structures.

use tty = get_current_tty(); instead of tty = current->signal->tty;
that's it
you need to lock the tty before accessing it and get_current_tty does it internally
NOTE: get_current_tty is under EXPORT_SYMBOL_GPL, hence your module or code

Linux kernel cannot receive multicast

I built a Linux kernel with CONFIG_IP_MULTICAST=y,however no UDP multicast package received in this kernel while UDP unicast works well.
ethtool -S eth0 | grep multicast
txmulticastframes_g: 0
txmulticastframes_gb: 0
rxmulticastframes_g: 0
Any hints how can I solve this problem?
Thx. Forrest G
=================================================================================
Additional:
tcpdump can get the packet
root#JHI # ./tcpdump port 3702
device eth0 entered promiscuous mode
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
-7:-48:-19.4151 IP 192.168.42.212.3702 > 239.255.255.250.3702: UDP, length 787
-7:-48:-19.4661 IP 192.168.42.212.3702 > 239.255.255.250.3702: UDP, length 803
^C
2 packets captured
2 padevice eth0 left promiscuous mode
ckets received by filter
0 packets dropped by kernel
I write this WS-devicediscovery function with gSOAP. It works on X86 machine. When running on ARM device, it can send out igmp packet but not receive anything.
void wsdd()
{
struct soap *soap_udp;
struct ip_mreq mreq;
soap_udp=soap_new();
soap_init1(soap_udp, SOAP_IO_UDP|SOAP_IO_FLUSH);
if (!soap_valid_socket(soap_bind(soap_udp, NULL, 3702, 100)))
{
soap_print_fault(soap_udp, stderr);
}
mreq.imr_multiaddr.s_addr = inet_addr("239.255.255.250");
mreq.imr_interface.s_addr = htonl(INADDR_ANY);
if(setsockopt(soap_ud->master,IPPROTO_IP,IP_ADD_MEMBERSHIP,&mreq,sizeof(mreq))==-1) {
perror("membership error\n");
}
int loop = 1;
int sock_opt = 1;
if ((setsockopt(soap_udp->master, SOL_SOCKET, SO_REUSEADDR, (void *) &sock_opt,
sizeof (sock_opt))) == -1) {
printf("setsockopt\n");
}
if ((setsockopt(soap_udp->master, IPPROTO_IP, IP_MULTICAST_LOOP,
&loop, sizeof (loop))) == -1) {
printf("setsockopt\n");
}
while(1){
soap_accept(soap_udp);
soap_serve(soap_udp);
soap_end(soap_udp);
}
}
Then I have tried these things but still not work
route add -net 224.0.0.0 netmask 240.0.0.0 eth0
echo 0 > /proc/sys/net/ipv4/conf/all/rp_filter

Problem solved by changing..
ifconfig eth0 promisc
Can anyone explain the principle?

Resources