Communication between user-space and kernel space using Netlink sockets

As mentioned in Linux kernel souce code net/netlink/af_netlink.c, netlink is a Kernel-user communication protocol which allows user to send and receive data to Linux kernel using sockets as we do for other socket communication.

Netlink is used to transfer information between the kernel and userspace processes. It consists of a standard sockets-based interface for user space processes and an internal kernel API for kernel modules.

The userspace declaration of netlink sockets looks something like below,

#include <asm/types.h>
#include <sys/socket.h>
#include <linux/netlink.h>
  
netlink_socket = socket(AF_NETLINK, socket_type, netlink_family);

Netlink is a datagram-oriented service. Both SOCK_RAW and SOCK_DGRAM are valid values for socket_type. However, the netlink protocol does not distinguish between datagram and raw sockets.

netlink_family selects the kernel module or netlink group to communicate with. i.e. using custom netlink_family, you can communicate the application to your written netlink driver.

Now, lets write a netlink custom driver which we will try to send and receive data from user.

 $ vim netlink_module.c 
#include <linux/init.h>
#include <linux/module.h>
#include <linux/kernel.h>
# include <linux/sched.h>
# include <linux/netlink.h>
# include <net/sock.h>
# include <net/net_namespace.h>
# define NETLINK_TEST 17
 
MODULE_LICENSE("GPL");
 
static struct sock *socketptr = NULL;
 
static void nl_recv_msg (struct sk_buff *skb) {
    struct nlmsghdr *nlh = NULL;
    if(skb == NULL) {
        printk("skb is NULL \n");
        return ;
    }
    nlh = (struct nlmsghdr *)skb->data;
    printk(KERN_INFO "%s: received netlink message payload: %s\n", __FUNCTION__, NLMSG_DATA(nlh));
}
 
struct netlink_kernel_cfg cfg = {
    .input = nl_recv_msg,
};
 
static int __init my_module_init(void) {
    printk(KERN_INFO "Initializing Netlink Socket");
    socketptr = netlink_kernel_create(&init_net,NETLINK_TEST, &cfg);
    return 0;
}
 
static void __exit my_module_exit(void) {
    printk(KERN_INFO "Goodbye");
    sock_release(socketptr->sk_socket);
}
 
module_init(my_module_init);
module_exit(my_module_exit);
 $ vim Makefile 
obj-m += netlink.o

all:
        make -C /lib/modules/$(shell uname -r)/build M=$(PWD) modules

clean:
        make -C /lib/modules/$(shell uname -r)/build M=$(PWD) clean

Now, compile and load the driver as,

 $ make 
 $ sudo insmod ./netlink.ko 

Now, we will write a simple user application which will communicate with this kernel driver as,

 $ vim netlink_user_application.c 
//Credit- https://stackoverflow.com/questions/15215865/netlink-sockets-in-c-using-the-3-x-linux-kernel?lq=1
 
#include <sys/socket.h>
#include <linux/netlink.h>
#include <stdlib.h>
#include <string.h>
#include <stdio.h>
 
#define NETLINK_USER 17
 
#define MAX_PAYLOAD 1024 /* maximum payload size*/
struct sockaddr_nl src_addr, dest_addr;
struct nlmsghdr *nlh = NULL;
struct iovec iov;
int sock_fd;
struct msghdr msg;
 
int main(int argc, char **argv) {
    sock_fd=socket(PF_NETLINK, SOCK_RAW, NETLINK_USER);
    if(sock_fd<0)
        return -1;
 
    memset(&src_addr, 0, sizeof(src_addr));
    src_addr.nl_family = AF_NETLINK;
    src_addr.nl_pid = getpid(); /* self pid */
 
    bind(sock_fd, (struct sockaddr*)&src_addr, sizeof(src_addr));
 
    memset(&dest_addr, 0, sizeof(dest_addr));
    memset(&dest_addr, 0, sizeof(dest_addr));
    dest_addr.nl_family = AF_NETLINK;
    dest_addr.nl_pid = 0; /* For Linux Kernel */
    dest_addr.nl_groups = 0; /* unicast */
 
    nlh = (struct nlmsghdr *)malloc(NLMSG_SPACE(MAX_PAYLOAD));
    memset(nlh, 0, NLMSG_SPACE(MAX_PAYLOAD));
    nlh->nlmsg_len = NLMSG_SPACE(MAX_PAYLOAD);
    nlh->nlmsg_pid = getpid();
    nlh->nlmsg_flags = 0;
 
    strcpy(NLMSG_DATA(nlh), "Hello");
 
    iov.iov_base = (void *)nlh;
    iov.iov_len = nlh->nlmsg_len;
    msg.msg_name = (void *)&dest_addr;
    msg.msg_namelen = sizeof(dest_addr);
    msg.msg_iov = &iov;
    msg.msg_iovlen = 1;
 
    printf("Sending message to kernel\n");
    sendmsg(sock_fd,&msg,0);
 
    //printf("Waiting for message from kernel\n");
 
    /* Read message from kernel */
    // recvmsg(sock_fd, &msg, 0);
    // printf("Received message payload: %s\n", (char *)NLMSG_DATA(nlh));
    close(sock_fd);
    return 0;
}
 $ gcc -o netlink_user_application netlink_user_application.c 

Now, run the user application and verify in dmesg that our kernel driver received the message as,

$ ./netlink_user_application
$ dmesg
[ 5409.839828] Initializing Netlink Socket
[ 5628.475567] nl_recv_msg: received netlink message payload: Hello

Reference – http://man7.org/linux/man-pages/man7/netlink.7.html

Leave a Comment