mq_timedreceive - receive messages on a message queue with absolute timeout
The mq_timedreceive() system call receives the oldest of the highest priority messages on the message queue,
mqdes. It does this with using an absolute timeout,
abs_timeout. If the operation is successful, the read message is copied in value-result argument
msg_ptr and if
msg_prio is not
NULL, the priority of the message is stored at
msg_len should be set to the maximum size of the buffer in
msg_ptr. The timeout is given in an
struct timespec pointed by
abs_timeout, which consists of an absolute time measured in seconds and nanoseconds since the Epoch (00:00:00 UTC, January 1, 1970).
This syscall is useful if the order of message reception is important and if the thread needs to wait with a predefined timeout. The negative side of the syscall is that it requires knowledge of the time epoch and the calling application needs to handle timespecs correctly.
mqd_t[K] - A message queue descriptor.
char*[U] - Pointer to a buffer that will hold the retrieved message.
size_t- Length in bytes of the buffer
msg_ptr, which should not be less than the attribute
mq_msgsizefor the message queue.
unsigned int*[U] - If not
NULL, the priority of the retrieved message will be stored in the integer pointed to by
const struct timespec*[U] - Pointer to an absolute timeout in a structure of type
- K - Originated from kernel-space.
- U - Originated from user space (for example, pointer to user space memory used to get it)
- TOCTOU - Vulnerable to TOCTOU (time of check, time of use)
- OPT - Optional argument - might not always be available (passed with null value)
Kprobes + Uprobes
Hooking sys_mq_timedreceive allows us to measure the elapsed time for the syscall and add log information, like process and thread information as well as argument values.
Hooking mq_timedreceive allows us to measure latency, return values, and other performance metrics of the syscall.
Example Use Case¶
One example use case for mq_timedreceive is for when applications need to get messages from a queue within a defined timeout to ensure responsiveness and reliable throughput.
If the message queue is empty, mq_timedreceive will timeout and return
-ETIMEDOUT which needs to be handled by the calling application.
This document was automatically generated by OpenAI and needs review. It might not be accurate and might contain errors. The authors of Tracee recommend that the user reads the "events.go" source file to understand the events and their arguments better.