Introduction

Chen Jingpiao chenjingpiao at gmail.com
Wed Dec 27 09:57:11 UTC 2017 

On 12/26 10:53, Harsha Sharma wrote:
> On Tue, Dec 26, 2017 at 9:49 AM, Chen Jingpiao <chenjingpiao at gmail.com>
wrote:
> > On 12/25 10:26, Harsha Sharma wrote:
> >> On Mon, Dec 25, 2017 at 6:51 PM, JingPiao Chen <chenjingpiao at gmail.com>
wrote:
> >> > On 12/25 06:12, Harsha Sharma wrote:
> >> >> Hello everyone,
> >> >
> >> > Hi.
> >> >
> >> >> I'm Harsha Sharma, a sophomore student at Indian Institute of
> >> >> Technology,  Roorkee, India.
> >> >> I have knowledge of C, git, shell programming, kernel programming,
gdb
> >> >> and parsers and currently working as outreachy intern in
Linux-kernel
> >> >> (project nftables - Network filtration tool).
> >> >> Strace is one of my favorite tools in linux and want to contribute
to
> >> >> the community.
> >> >>  I have looked into the mail archives about getting started and
> >> >> submitted two small patches. I have tried to understand the test
> >> >> infrastructure and will like to add some tests or fix some of the
> >> >> existing tests.
> >> >> It'll be great if someone can suggest either some tests or any other
> >> >> small bug-fix that I can work upon.
> >> >> Thanks :)
> >> >
> >> > I think write netlink socket parser is suited for you. This is a
GSoC 2016
> >> > and 2017 project. The part of netfilter has not implemented yet.
> >> > I working on it, but recent I am busy. If you are interested in it,
please
> >> > tell me.
> >> >
> >> Yes, definitely. I'm interested.
> >> How should I start with the project ? (Any guidance will be
> >> appreciated, meanwhile I'll try to go through your code in strace.)
> >> Can you assign me a small task in the project ?
> >> Thanks for your time. :')
> >
> > 300d9f1f: Further decode some attributes.
> > 37dfe8c7: Implement a small protocol.
> >
> > You can read these commits to get some idea.
>
> I'm unable to find the header file for kobject_uevent_types (like
> rtnetlink.h and selinux_netlink.h in case of route and selinux ).
> I'm approaching in the way similar to netlink_route and
> netlink_selinux, is this correct ?

NETLINK_KOBJECT_UEVENT netlink messages without a netlink message header.
You can search source code to see how to handle this.

$ git grep "NETLINK_KOBJECT_UEVENT"
netlink.c:      if (family == NETLINK_KOBJECT_UEVENT) {

If family == NETLINK_KOBJECT_UEVENT, we deocde NETLINK_KOBJECT_UEVENT
directly.

>
> > I recommend you to decode libudev
> > netlink header (struct udev_monitor_netlink_header).
> >
> > systemd/src/libudev/libudev-monitor.c: 76
> > struct udev_monitor_netlink_header {
> >         /* "libudev" prefix to distinguish libudev and kernel messages
*/
> >         char prefix[8];
> >         /*
> >          * magic to protect against daemon <-> library message format
mismatch
> >          * used in the kernel from socket filter rules; needs to be
stored in network order
> >          */
> >         unsigned int magic;
> >         /* total length of header structure known to the sender */
> >         unsigned int header_size;
> >         /* properties string buffer */
> >         unsigned int properties_off;
> >         unsigned int properties_len;
> >         /*
> >          * hashes of primary device properties strings, to let libudev
subscribers
> >          * use in-kernel socket filters; values need to be stored in
network order
> >          */
> >         unsigned int filter_subsystem_hash;
> >         unsigned int filter_devtype_hash;
> >         unsigned int filter_tag_bloom_hi;
> >         unsigned int filter_tag_bloom_lo;
> > };
>
> ./tests/netlink_kobject_uevent
> sendto(3,
"\0\1\2\3\4\5\6\7\10\t\n\v\f\r\16\17\20\21\22\23\24\25\26\27\30\31\32\33\34\35\36\37",
> 32, MSG_DONTWAIT, NULL, 0) = -1 ECONNREFUSED (Connection refused)
> sendto(3,
"=\0\1\2\3\4\5\6\7\10\t\n\v\f\r\16\17\20\21\22\23\24\25\26\27\30\31\32\33\34\35\36"...,
> 33, MSG_DONTWAIT, NULL, 0) = -1 ECONNREFUSED (Connection refused)
> +++ exited with 0 +++
>
> This string
"\0\1\2\3\4\5\6\7\10\t\n\v\f\r\16\17\20\21\22\23\24\25\26\27\30\31\32\33\34\35\36\37"
>  needs to be parsed as prefix, magic, header_size, properties_off,
> properties_len, and more ( from struct udev_monitor_netlink_header).
> Is this correct, just want to make sure that I'm approaching in right
> direction ?
> Thanks for your time.

If the prefix is "libudev", it contain struct udev_monitor_netlink_header.

You can read current strace output to get some idea.

$ strace -e%network udevadm monitor > /dev/null # Remove your mouse
$ strace -e%network udevadm monitor -u > /dev/null # Remove your mouse
$ strace -e%network udevadm monitor -k > /dev/null # Remove your mouse

>
> Regards,
> Harsha Sharma
>
> > Netlink overview and its strace parsers:
> > http://blog.saruta.eu/netlink_strace.html
> >
> >>
> >> > More information:
> >> >
> >> > strace GSoC 2017 netlink socket parsers:
> >> >
https://ppiao.github.io/2017/08/22/strace-gsoc-2017-netlink-socket-parser.html
> >> >
> >> > My current work of netfilter parser:
> >> > (Need to fix.)
> >> > https://github.com/ppiao/strace
> >> >
> >

--
Chen Jingpiao
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strace.io/pipermail/strace-devel/attachments/20171227/ce22224c/attachment.html>

More information about the Strace-devel mailing list