Netlink header decoding
Fabien Siron
fabien.siron at epita.fr
Thu May 5 22:04:51 UTC 2016
Hi list,
I did a quick netlink header parser for sendmsg/recvmsg which does the
following:
$ strace -qq -erecvmsg tests/netlink_inet_diag > /dev/null
recvmsg(1, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=00000000}, \
msg_iov(1)={len=96, type=20, flags=2, seq=0, pid=26615}, \
msg_controllen=0, msg_flags=0}, 0) = 672
Of course, this is just a draft to get an idea on how the futur parser will
work (so forget about the flags for the moment).
Logically, the next step would be to handle the different protocols, but
how can I obtain the protocol of a netlink socket fd?
I have two ideas:
* keep all the pairs fd/protocol in a table when running the socket
syscall.
* obtain the socket inode and then parse /proc/net/netlink to obtain the
protocol.
Of course these two ideas can be used together.
Has anyone got a better idea?
Cheers,
--
Fabien Siron
More information about the Strace-devel
mailing list