struct sockaddr_nl {

sa_family_t nl_family; /* AF_NETLINK */ unsigned short nl_pad; /* zero */ _u32 nl_pid; /* port ID */

To distinguish between different netlink channels used by different parts of the kernel, nl_family is employed. Several different families are specified in <netlink.h>, and the list has especially grown during the development of 2.6. Currently 20 families are defined, and some examples are:

□ NETLINK_ROUTE represents the initial purpose of netlink sockets, namely, changing routing information.

□ NETLINK_INET_DIAG allows for monitoring IP sockets; see net/ipv4/inet_diag.c for more details.

□ netlink_xfrm is used to send and receive messages related to IPSec (or, more generally, to any XFRM transformations).

□ netlink_kobject_uevent specifies the protocol for kernel to userland messages that originate from the generic object model (the reverse direction, userland to kernel, is not possible for this type of message). The channel provides the basis of the hotplugging mechanism as discussed in Section 7.4.2.

A unique identifier for the socket is provided in nl_pid. While this is always zero for the kernel itself, userspace applications conventionally use their thread group ID. Note that nl_pid explicitly does not represent a process ID, but can be any unique value — the thread group ID is just one particularly convenient choice.35 nl_pid is a unicast address. Each address family can also specify different multicast groups, and nl_groups is a bitmap that denotes to which multicast addresses the socket belongs. If multicast is not supposed to be used, the field is 0. To simplify matters, I consider only unicast transmissions in the following.

Netlink Protocol Family

Recall from Section 12.10.4 that each protocol family needs to register an instance of net_proto_family within the kernel. The structure contains a function pointer that is called when a new socket is created for

35See the manual page netlink(7) on how to proceed if a userspace process wants to hold more than one netlink socket and thus requires more than one unique identifier.

the protocol family. Netlink uses netlink_create for this purpose.36 The function allocates an instance of struct sock that is connected with the socket via socket->sk. However, space is not only reserved for struct sock but for a larger structure that is (simplified) defined as follows:

Continue reading here: Netnetlinkafnetlinkc

Was this article helpful?

0 0