Where is the structure for payload of netlink message defined for NETLINK_XFRM socket

Question

I am running strongswan daemon to perform IKEv2 messaging.

I wrote some python code to be notified everytime any xfrm change happens.

The socket is created like so:

my_socket = socket.socket(socketAF_NETLINK, socket.SOCK_RAW, socket.NETLINK_XFRM)

I receive and decode the nlmsghdr structure defined in ./uapi/linux/netlink.h like so:

while True:
  data = my_socket.recv(65535)
  msg_len, msg_type, flags, seq, pid = struct.unpack("=LHHLL", data[:16])
  print msg_type

This works fine, I get the message type every time an new SA is made or updated or deleted.

Now, I attempt to decode the payload of this message, but I cannot locate the structure in linux to decode it with.

There is a file called uapi/linux/xfrm.h but I am not sure if this file contains the payload structure.

Can someone share where the payload structure is defined for xfrm netlink messages?

netlink is not well documented. Look at how the `iproute2` (`ip` program) does it. Or look at the kernel code that sends the messages. — user253751, Mar 19 '21 at 10:40

score 0 · Answer 1 · answered Jul 03 '21 at 10:56

0

uapi/linux/xfrm.h is indeed the file you needed. struct xfrm_usersa_info is the struct you're looking for

answered Jul 03 '21 at 10:56

Fractal

1 Answers1