Linux network stack: adding protocols with LKM and dev_add_pack

Question

Linux network stack: adding protocols with LKM and dev_add_pack

Recently, I tried to familiarize myself with the Linux Networking drivers and device drivers (both with similar O'Reilly book titles) and the ultimate goal of UDP offloading. I have already implemented UDP on NIC, but now the hard part ...

Instead of asking for help for this larger purpose, I was hoping that someone could clarify for me the specific fragment that I found, which is part of LKM, which registers the new protocol (OTP), which acts as a filter between the device driver and network stack.

http://www.phrack.org/archives/55/p55_0x0c_Building%20Into%20The%20Linux%20Network%20Layer_by_lifeline%20&%20kossak.txt

(Note: this Phrack article contains three different modules, the code for OTP is at the bottom of the page)

In the init function of his example, he has:

otp_proto.type = htons(ETH_P_ALL); otp_proto.func = otp_func; dev_add_pack(&otp_proto);

which (if I understand correctly) should register otp_proto as a packet sniffer and put it in the ptype_all data structure. My question is about dev_add_pack.

In this case, the protocol registered as a filter will always be located at this level between L2 and the device driver? Or, for example, can I do this filtering between the application and transport layers (analyze socket parameters) using the same process?

I apologize if this is confusing - I have some problems wrapping my head around the bigger picture when it comes to modules that change the functionality of the kernel stack.

thanks

+7

module linux-kernel networking protocols

Andrew G May 12, '10 at 20:07

source share

2 answers

Cong Wang · Answer 1 · 2011-12-02T15:22:41+0000

In this case, the protocol registered as a filter will always be located at this level between L2 and the device driver? Or, for example, can I do this filtering between applications and transport layers (analyze socket parameters) using the same process?

Yes..func () of the registered package type is called in __netif_receive_skb () before the device's rx handler processes it.

Jay medina · Answer 2 · 2016-04-22T15:42:07+0000

When you register a protocol handler with dev_add_pack, the handler callback function will be called when a packet arrives. This is how the IP protocol handler works. From inet_init:

 static int __init inet_init(void) { ... rc = proto_register(&tcp_prot, 1); ... rc = proto_register(&udp_prot, 1); ... dev_add_pack(&ip_packet_type); ....

When an interrupt is raised by the NIC for the packet that arrives, the NIC interrupt handler will be executed, which will eventually call netif_rx (or __napi_schedule), which will increase the softirq net_rx_action. This will result in a call to deliver_skb for each registered protocol handler. From __netif_receive_skb_core

 static int __netif_receive_skb_core(struct sk_buff *skb, bool pfmemalloc) { ... list_for_each_entry_rcu(ptype, &ptype_all, list) { if (pt_prev) ret = deliver_skb(skb, pt_prev, orig_dev); pt_prev = ptype; }

So yes, the protocol handler callback function will be called on L2 along with ip_rcv for the IP protocol handler.

You can register a protocol handler on L3 with 'proto_register' if you want to be called at this level.

Linux network stack: adding protocols with LKM and dev_add_pack

More articles: