sendmsg - send a message to another socket
sendmsg() system call is used to send a message to another socket on the system. It is used when the message needs to be sent with a socket address, or if you need to specify control information headers. There are a few different control information headers that can be used, such as the SCM_RIGHTS and SCM_CREDENTIALS which are used to supply permissions and credentials. One of the benefits of using
sendmsg() is that it can be used to send data between processes without relying on shared memory. Some of the drawbacks are that it requires additional overhead when encoding the control information and it can be quite difficult to debug.
int- file descriptor of the target socket
struct msghdr*- pointer to a
struct msghdrcontaining information on the message buffer, destination address and optional control headers
int[OPT] - a bitmask of flags to control the interpretation of the data
- K - Originated from kernel-space.
- U - Originated from user space (for example, pointer to user space memory used to get it)
- TOCTOU - Vulnerable to TOCTOU (time of check, time of use)
- OPT - Optional argument - might not always be available (passed with null value)
Measure time taken to perform the
sendmsg() system call
Example Use Case¶
One example of the use of the
sendmsg() event is in applications that need to send data to multiple sockets simultaneously. By sending messages via
sendmsg() instead of individual writes to each socket, the overhead of setting up and tearing down connected sockets can be greatly reduced.
One of the common issues with
sendmsg() is related to copying buffers to/from userspace. If these operations are done quickly enough, an attacker could exploit time-of-check-time-of-use (TOCTOU) vulnerabilities on the source machine.
This document was automatically generated by OpenAI and needs review. It might not be accurate and might contain errors. The authors of Tracee recommend that the user reads the "events.go" source file to understand the events and their arguments better.