O slideshow foi denunciado.
Utilizamos seu perfil e dados de atividades no LinkedIn para personalizar e exibir anúncios mais relevantes. Altere suas preferências de anúncios quando desejar.

Sockets and Socket-Buffer

This presentation includes basic information related to sockets ,socket-buffer,cliet-server programs and relationship between them

The files included in the ppt for the variables are taken from linux-2.6.10.
In case of any queriers.
contact souravpunoriyar@gmail.com

  • Seja o primeiro a comentar

Sockets and Socket-Buffer

  1. 1. Creating a socket from user space is done by the socket() system call: int socket (int family, int type, int protocol); On success, a file descriptor for the new socket is returned. For open() system call (for files), we also get a file descriptor as the return value. Socket Essentially, a socket is an abstraction for network communication, just as a file is an abstraction for file system communication. Let’s consider the basic network I/O functions for a Linux system. In general, an application that performs net- work input and output needs to perform the five basic functions described in open, close, read, write, and control.
  2. 2. A family is a suite of protocols Each family is a subdirectory of linux/net E.g., linux/net/ipv4, linux/net/decnet, linux/net/packet IPv4: PF_INET IPv6: PF_INET6. Packet sockets: PF_PACKET Operate at the device driver layer. pcap library for Linux uses PF_PACKET sockets pcap library is in use by sniffers such as tcpdump. Protocol Family == Address Family PF_INET == AF_INET (in /include/linux/socket.h) Socket(): Family
  3. 3.  SOCK_STREAM and SOCK_DGRAM are the mostly used types.  SOCK_STREAM for TCP, SCTP  SOCK_DGRAM for UDP.  SOCK_RAW for RAW sockets.  There are cases where protocol can be either SOCK_STREAM or SOCK_DGRAM; for example, Unix domain socket (AF_UNIX). Socket(): Type
  4. 4. Protocol is protocol number within a family. Internet protocols are assigned by IANA (Internet Assigned Number Authority) http://www.iana.org/assignments/protocol-numbers/ For IPPROTO_TCP, it’s usually 0. IPPROTO_TCP is 0, see: include/linux/in.h. For SCTP: protocol is IPPROTO_SCTP (132) sockfd = socket(AF_INET, SOCK_STREAM, IPPROTO_SCTP); For UDP-Lite: protocol is IPPROTO_UDPLITE (136) Socket(): Protocol
  5. 5. /* Supported address families. */ #define AF_UNSPEC 0 #define AF_UNIX 1 /* Unix domain sockets */ #define AF_LOCAL 1 /* POSIX name for AF_UNIX */ #define AF_INET 2 /* Internet IP Protocol */ #define AF_AX25 3 /* Amateur Radio AX.25 */ #define AF_IPX 4 /* Novell IPX */ #define AF_APPLETALK 5 /* AppleTalk DDP */ #define AF_NETROM 6 /* Amateur Radio NET/ROM */ #define AF_BRIDGE 7 /* Multiprotocol bridge */ #define AF_ATMPVC 8 /* ATM PVCs */ #define AF_X25 9 /* Reserved for X.25 project */ #define AF_INET6 10 /* IP version 6 */ #define AF_ROSE 11 /* Amateur Radio X.25 PLP */ #define AF_DECnet 12 /* Reserved for DECnet project */ #define AF_NETBEUI 13 /* Reserved for 802.2LLC project*/ #define AF_SECURITY 14 /* Security callback pseudo AF */ #define AF_KEY 15 /* PF_KEY key management API */ .. #define AF_ISDN 34 /* mISDN sockets */ #define AF_PHONET 35 /* Phonet sockets */ #define AF_IEEE802154 36 /* IEEE802154 sockets */ #define AF_MAX 37 /* For now.. */ Address/Protocol Families
  6. 6. For every socket which is created by a user space application, there is a corresponding struct socket and struct sock in the kernel. struct socket: include/linux/net.h Data common to the socket layer Has only 8 members Any variable “sock” always refers to a struct socket struct sock : include/net/sock.h Data common to the Network Protocol layer (i.e., AF_INET) has more than 30 members, and is one of the biggest structures in the networking stack. Any variable “sk” always refers to a struct sock. Socket Data Structures
  7. 7. socket() bind() listen() accept() read() write() close() socket() bind() connect() write() read() close() The ‘server’ application 3-way handshake data flow to server data flow to client 4-way handshake Diagram CLIENT application
  8. 8. Socket Layer User Kernel UDP Hardware Application Ethernet PF_INET TCP Network Device Layer IPV4 SOCK_ STREAM SOCK_ DGRAM SOCK _RAW PF_PACKET SOCK _RAW SOCK_ DGRAM PF_UNIX PF_IPX …. …. Socket Interface Protocol Layers Token Ring PPP SLIP FDDI Device Layer Socket Layer Architecture
  9. 9. In Linux, the three different data structures each have the letters "sock" in them. The first is the socket buffer defined in linux/include/linux/sk_buff.h. Socket buffers are structures to hold packet data. struct sk_buff *skb;: In the Linux source code, socket buffers are often referred to by the variable skb. struct socket *sock; : The socket structure is the general structure that holds control and states information for the socket layer. struct sock *sk; : It is a more complex structure used to keep state information about open connections. It is accessed throughout the TCP/IP protocol but mostly within the TCP protocol. It is usually referenced through a variable called sk. SK_BUFFSK_BUFF
  10. 10. The Socket Buffer: sk_buff Structure Most important data structure in the Linux networking code, representing the headers for data that has been received or is about to be transmit- ted. Defined in the <include/linux/skbuff.h> include file. struct sk_buff { /* These two members must be first. */ struct sk_buff *next; //next buffer in list struct sk_buff *prev; //previous buffer in list struct sk_buff_head *list; //list we are on struct sock *sk; //socket we belong to struct timeval stamp; //timeval we arrived at struct net_device *dev; //device we are leaving by struct net_device *input_dev; //device we arrived at struct net_device *real_dev; skbuffs are the buffers in which the linux kernel handles network packets. The packet is received by the network card, put into a skbuff and then passed to the network stack, which uses the skbuff all the time.
  11. 11. union { struct tcphdr *th; struct udphdr *uh; struct icmphdr *icmph; struct igmphdr *igmph; struct iphdr *ipiph; struct ipv6hdr*ipv6h; unsigned char *raw; } h; //transport layer header (tcp,udp,icmp,igmp,spx,raw) union { struct iphdr *iph; struct ipv6hdr*ipv6h; struct arphdr *arph; unsigned char *raw; } nh; //network layer header (ip,ipv6,arp,ipx,raw) union { unsigned char *raw; } mac; //link layer header struct dst_entry *dst; struct sec_path *sp; //FIXME:
  12. 12. char cb[40]; unsigned int len, data_len, mac_len, csum; unsigned char local_df, cloned, pkt_type, ip_summed; __u32 priority; unsigned short protocol, security; void (*destructor)(struct sk_buff *skb); #ifdef CONFIG_NETFILTER unsigned long nfmark; __u32 nfcache; __u32 nfctinfo; struct nf_conntrack *nfct; //control buffer, used internally // Length of actual data //checksum //head may be cloned //packet class //driver fed us ip checksum //packet queuing priority //packet protocol from driver // security level of packet //destructor function
  13. 13. #ifdef CONFIG_NETFILTER_DEBUG unsigned int nf_debug; #endif #ifdef CONFIG_BRIDGE_NETFILTER struct nf_bridge_info *nf_bridge; #endif #endif /* CONFIG_NETFILTER */ #if defined(CONFIG_HIPPI) union { __u32 ifield; } private; #endif #ifdef CONFIG_NET_SCHED __u32 tc_index; /* traffic control index */ #ifdef CONFIG_NET_CLS_ACT __u32 tc_verd; /* traffic control verdict */ __u32 tc_classid; /* traffic control classid */ #endif
  14. 14. #endif /* These elements must be at the end, see alloc_skb() for details. */ unsigned int truesize; //real size of the buffer atomic_t users; //user count unsigned char *head, // pointer to head of buffer *data, //data head pointer *tail, //tail pointer *end; //end pointer }; End of sk_buff structure
  15. 15. This one is tied together by next and prev fields in each sk_buff structure, the next field pointing forward and the prev field pointing back-ward. But this list has another requirement: each sk_buff structure must be able tofind the head of the whole list quickly. To implement this requirement, an extrastructure of type sk_buff_head is inserted at the beginning of the list, as a kind of dummy element. The sk_buff_head structure is: struct sk_buff_head { /* These two members must be first. */ struct sk_buff * next; struct sk_buff * prev; _ _u32 qlen; spinlock_t lock; }; NOTE: Data and tail point to the beginning and end of the actual data. NOTE: The layer can then fill in the gap between head and data with a protocol header, or the gap between tail and end with new data.
  16. 16. When a packet is received, the device driver updates this field with the pointer to the data structure representing the receiving interface static int vortex_rx(struct net_device *dev) { skb->dev = dev; ... ... ... skb->protocol = eth_type_trans(skb, dev); netif_rx(skb); /* Pass the packet to the higher layer */ ... ... ... } When receiving a data packet, the function responsible for processing the layer n header receives a buffer from layer n-1 with skb->data pointing to the beginning of the layer n header. before passing the packet to the layer n+1 handler, updates skb->data to make it point to the end of the layer n header, which is the beginning of the layer n+1 header.
  17. 17. skb support functions examples 1.struct sk_buff *alloc_skb(unsigned int size, int gfp_mask) This function allocates a new skb. This is provided by the skb layer to initialize some privat data and do memory statistics. The returned buffer has no headroom and a tailroom of /size/ bytes. 2.void kfree_skb(struct sk_buff *skb) Decrement the skb's usage count by one and free the skb if no references left. 3.unsigned char *skb_put(struct sk_buff *sbk, int len) extends the data area of the skb. if the total size exceeds the size of the skb, the kernel will panic. A pointer to the first byte of new data is returned. 4.unsigned char *skb_push(struct sk_buff *skb, int len) extends the data area of the skb. if the total size exceeds the size of the skb, the kernel will panic. A pointer to the first byte of new data is returned. 5.unsigned char *skb_pull(struct sk_buff *skb, int len) remove data from the start of a buffer, returning the bytes to headroom. A pointr to the next data in the buffer is returned.
  18. 18. THE FLOW 1. When TCP is asked to transmit some data, it allocates a buffer following certain criteria (TCP Maximum Segment Size (mss), support for scatter gather I/O, etc.). 2. TCP reserves (with skb_reserve) enough space at the head of the buffer to hold all the headers of all layers (TCP, IP, link layer). The parameter MAX_TCP_HEADER is the sum of all headers of all levels and is calculated taking into account the worst-case scenarios: because the TCP layer does not know what type of inter- face will be used for the transmission, it reserves the biggest possible header for each layer. It even accounts for the possibility of multiple IP headers (because you can have multiple IP headers when the kernel is compiled with support for IP over IP). 3. The TCP payload is copied into the buffer. Note that Figure 2-8 is just an exam- ple. The TCP payload could be organized differently; for example, it could be stored as fragments. In Chapter 21, we will see what a fragmented buffer (also commonly called a paged buffer) looks like. 4. The TCP layer adds its header. 5. The TCP layer hands the buffer to the IP layer, which adds its header as well. 6. The IP layer hands the IP packet to the neighboring layer, which adds the link layer header.
  19. 19. SOCKETS
  21. 21. THANK YOU By: Sourav Punoriyar Contact: souravpunoriyar@gmail.com