Netlink

The Netlink socket family is a Linux kernel interface used for inter-process communication (IPC) between both the kernel and userspace processes, and between different userspace processes, in a way similar to the Unix domain sockets. Similarly to the Unix domain sockets, and unlike INET sockets, Netlink communication cannot traverse host boundaries. However, while the Unix domain sockets use the file system namespace, Netlink processes are usually addressed by process identifiers (PIDs).[3]

Netlink
Stable release5.8.1[1] (11 August 2020 (2020-08-11)) [±]
Preview release5.8-rc7[2] (26 July 2020 (2020-07-26)) [±]
Operating systemLinux
PlatformLinux kernel
TypeApplication programming interface
LicenseGNU General Public License
Websitewiki.linuxfoundation.org/networking/generic_netlink_howto

Netlink is designed and used for transferring miscellaneous networking information between the kernel space and userspace processes. Networking utilities, such as the iproute2 family and the utilities used for configuring mac80211-based wireless drivers, use Netlink to communicate with the Linux kernel from userspace. Netlink provides a standard socket-based interface for userspace processes, and a kernel-side API for internal use by kernel modules. Originally, Netlink used the AF_NETLINKsocket family.

Netlink is designed to be a more flexible successor to ioctl; RFC 3549 describes the protocol in detail.

History

Netlink was created by Alexey Kuznetsov[4] as a more flexible alternative to the sophisticated but awkward ioctl communication method used for setting and getting external socket options. The Linux kernel continues to support ioctl for backward compatibility.

Netlink was first provided in the 2.0 series of the Linux kernel, implemented as a character device. By 2013, this interface is obsolete, but still forms an ioctl communication method; compare the use of rtnetlink.[5] The Netlink socket interface appeared in 2.2 series of the Linux kernel.

Packet structure

Bit offset 0–15 16–31
0 Message length
32 Type Flags
64 Sequence number
96 PID
128+  
Data
 

Unlike BSD sockets using Internet protocols such as TCP, where the message headers are autogenerated, the Netlink message header (available as struct nlmsghdr) must be prepared by the caller. The Netlink socket generally works in a SOCK_RAW-like mode, even if SOCK_DGRAM was used to create it.

The data portion then contains a subsystem-specific message that may be further nested.

The AF_NETLINK family offers multiple protocol subsets. Each interfaces to a different kernel component and has a different messaging subset. The subset is referenced by the protocol field in the socket call:

int socket(AF_NETLINK, SOCK_DGRAM or SOCK_RAW, protocol)

Lacking a standard, SOCK_DGRAM and SOCK_RAW are not guaranteed to be implemented in a given Linux (or other OS) release. Some sources state that both options are legitimate, and the reference below from Red Hat states that SOCK_RAW is always the parameter. However, iproute2 uses both interchangeably.

A non-exhaustive list of the supported protocol entries follows:

NETLINK_ROUTE

NETLINK_ROUTE provides routing and link information. This information is used primarily for user-space routing daemons. Linux implements a large subset of messages:

  • Link layer: RTM_NEWLINK, RTM_DELLINK, RTM_GETLINK, RTM_SETLINK
  • Address settings: RTM_NEWADDR, RTM_DELADDR, RTM_GETADDR
  • Routing tables: RTM_NEWROUTE, RTM_DELROUTE, RTM_GETROUTE
  • Neighbor cache: RTM_NEWNEIGH, RTM_DELNEIGH, RTM_GETNEIGH
  • Routing rules: RTM_NEWRULE, RTM_DELRULE, RTM_GETRULE
  • Queuing discipline settings: RTM_NEWQDISC, RTM_DELQDISC, RTM_GETQDISC
  • Traffic classes used with queues: RTM_NEWTCLASS, RTM_DELTCLASS, RTM_GETTCLASS
  • Traffic filters: RTM_NEWTFILTER, RTM_DELTFILTER, RTM_GETTFILTER
  • Others: RTM_NEWACTION, RTM_DELACTION, RTM_GETACTION, RTM_NEWPREFIX, RTM_GETPREFIX, RTM_GETMULTICAST, RTM_GETANYCAST, RTM_NEWNEIGHTBL, RTM_GETNEIGHTBL, RTM_SETNEIGHTBL
NETLINK_FIREWALL

NETLINK_FIREWALL provides an interface for a user-space app to receive packets from the firewall.

NETLINK_NFLOG

NETLINK_NFLOG provides an interface used to communicate between Netfilter and iptables.

NETLINK_ARPD

NETLINK_ARPD provides an interface to manage the ARP table from user-space.

NETLINK_AUDIT

NETLINK_AUDIT provides an interface to the audit subsystem found in Linux kernel versions 2.6.6 and later.

NETLINK_IP6_FW

NETLINK_IP6_FW provides an interface to transport packets from netfilter to user-space.

NETLINK_ROUTE6
NETLINK_TAPBASE
NETLINK_NETFILTER
NETLINK_TCPDIAG
NETLINK_XFRM

NETLINK_XFRM provides an interface to manage the IPsec security association and security policy databases - mostly used by key-manager daemons using the Internet Key Exchange protocol.

NETLINK_KOBJECT_UEVENT

NETLINK_KOBJECT_UEVENT provides the interface in which the kernel broadcasts uevents, typically consumed by udev.

NETLINK_GENERIC

One of the drawbacks of the Netlink protocol is that the number of protocol families is limited to 32 (MAX_LINKS).This is one of the main reasons that the generic Netlink family was created—to provide support for adding a higher number of families. It acts as a Netlink multiplexer and works with a single Netlink family NETLINK_GENERIC. The generic Netlink protocol is based on the Netlink protocol and uses its API.

Users can add a Netlink handler in their own kernel routines. This allows the development of additional Netlink protocols to address new kernel modules.[6]

gollark: Well, it's derived from my initials.
gollark: Exactly.
gollark: It isn't about making it impossible to use good encryption stuff, since that is basically impossible, but about making it hard/unusual/suspicious.
gollark: The UK has a similarly ææææ (but in different ways) "online safety bill" in progress, which I have written about at https://osmarks.net/osbill/.
gollark: Exactly.

See also

References

  1. Kroah-Hartman, Greg (11 August 2020). "Linux 5.8.1". LKML (Mailing list). Retrieved 12 August 2020.
  2. Torvalds, Linus (26 July 2020). "Linux 5.8-rc7". LKML (Mailing list). Retrieved 26 July 2020.
  3. "NETLINK(7) - Linux Programmer's Manual".
  4. "kernel/git/torvalds/linux.git: root/net/core/rtnetlink.c". Linux kernel source tree. kernel.org. Retrieved 2014-05-27.
  5. Crowcroft, Jon; Phillips, Iain, eds. (2002). TCP/IP and Linux protocol implementation: systems code for the Linux Internet. Wiley Networking Council series. Wiley. p. 624. ISBN 9780471408826. Retrieved 2013-05-21. All rtnetlink messages consist of a netlink message header and appended attributes.
  6. Why and How to Use Netlink Sockets
This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.