Netlink header decoding
Masatake YAMATO
yamato at redhat.com
Fri May 6 03:22:44 UTC 2016
On Thu, May 05, 2016 at 10:04:51PM +0000, Fabien Siron wrote:
> Hi list,
>
> I did a quick netlink header parser for sendmsg/recvmsg which does the
> following:
>
> $ strace -qq -erecvmsg tests/netlink_inet_diag > /dev/null
> recvmsg(1, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=00000000}, \
> msg_iov(1)={len=96, type=20, flags=2, seq=0, pid=26615}, \
> msg_controllen=0, msg_flags=0}, 0) = 672
>
Nice!
On Fri, 6 May 2016 04:20:27 +0300, "Dmitry V. Levin" <ldv at altlinux.org> wrote:
>> * obtain the socket inode and then parse /proc/net/netlink to obtain the
>> protocol.
>
> As a modern alternative to /proc/net/netlink, you can use
> NETLINK_SOCK_DIAG with AF_NETLINK sockets, too
> (available in linux >= 3.10-rc1).
Fabien, look at socketutils.c. Functions in the file uses NETLINK_SOCK_DIAG
for getting the end point addresses for TCP, UDP, TCPv6, UDPv6, and UNIX.
I hope you can reuse the code for NETLINK.
In addition a data structure named cache_entry is defined the file.
With extending the data structure I guess you can use the data structure
to store the protocol information for a given fd.
See also the discussion about socket cache feature:
https://www.mail-archive.com/strace-devel%40lists.sourceforge.net/msg04698.html
As Dmitry wrote, you may have to invalidate/update the cache entry.
When I worked on stacktrace feature, I met the same issue.
To print stacktrace, mmap and other system calls, which change the
the memory mapping of a process, must be tracked to know when
strace should invalidates the mmap cache.
For the purpose I introduced
#define STACKTRACE_INVALIDATE_CACHE 0400 /* Trigger proc/maps cache updating */
in defs.h. This marker is put on system calls.
See ChangeLog entry of "2014-05-31 Masatake YAMATO <yamato at redhat.com>".
Masatake YAMATO
More information about the Strace-devel
mailing list