A kernel module + userspace driver to explore the Linux kernel's netlink API.
Based on: https://stackoverflow.com/a/3334782/1666488
For fun and profit.
- Clone the repo.
git clone https://github.com/l4cr0ss/nlpground.git
- Export location of kernel source tree as
KSRC.
export KSRC="/opt/ubuntu-build/ubuntu-focal"
- Run
make.
l4@l4-5580:~/research/netlink$ make
make -C "/opt/ubuntu-build/ubuntu-focal" M=/home/l4/research/netlink modules
make[1]: Entering directory '/opt/ubuntu-build/ubuntu-focal'
CC [M] /home/l4/research/netlink/nlpground.o
Building modules, stage 2.
MODPOST 1 modules
CC [M] /home/l4/research/netlink/nlpground.mod.o
LD [M] /home/l4/research/netlink/nlpground.ko
make[1]: Leaving directory '/opt/ubuntu-build/ubuntu-focal'
gcc -g -o userlink userlink.c
-
Copy kernel module (
.ko) anduserlinkprogram to your test env -
Insert kernel module
root@syzkaller:~# insmod nlpground.ko
[ 26.707903] nlpground: loading out-of-tree module taints kernel.
[ 26.709125] nlpground: module verification failed: signature and/or required key missing - tainting kernel
[ 26.717010] Entering: nlpground_init
- Run userspace driver
root@syzkaller:~# ./userlink
Sending message to kernel
[ 28.822159] Entering: nlpground_nl_recv_msg
[ 28.822654] Netlink received msg payload:Hello
Waiting for message from kernel
Received message payload: Hello from kernel