Netlink header decoding
Fabien Siron
fabien.siron at epita.fr
Fri May 6 22:08:55 UTC 2016
Quoting Dmitry V. Levin (2016-05-06 01:20:27)
> Hi,
>
> On Thu, May 05, 2016 at 10:04:51PM +0000, Fabien Siron wrote:
> > Hi list,
> >
> > I did a quick netlink header parser for sendmsg/recvmsg which does the
> > following:
> >
> > $ strace -qq -erecvmsg tests/netlink_inet_diag > /dev/null
> > recvmsg(1, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=00000000}, \
> > msg_iov(1)={len=96, type=20, flags=2, seq=0, pid=26615}, \
> > msg_controllen=0, msg_flags=0}, 0) = 672
> >
> > Of course, this is just a draft to get an idea on how the futur parser will
> > work (so forget about the flags for the moment).
> > Logically, the next step would be to handle the different protocols, but
> > how can I obtain the protocol of a netlink socket fd?
> >
> > I have two ideas:
> > * keep all the pairs fd/protocol in a table when running the socket
> > syscall.
>
> sockets could be closed, cloned, and passed via SCM_RIGHTS messages.
> Can you track it in a reliable way?
>
> > * obtain the socket inode and then parse /proc/net/netlink to obtain the
> > protocol.
>
> As a modern alternative to /proc/net/netlink, you can use
> NETLINK_SOCK_DIAG with AF_NETLINK sockets, too
> (available in linux >= 3.10-rc1).
Nice, that's perfect. But do we have to handle the case where
linux < 3.10-rc1?
Cheers,
--
Fabien Siron
More information about the Strace-devel
mailing list