Netlink overview and its strace parsers

What is netlink, how an strace parser is written

This project is part of the Google Summer of Code 2016. I strongly advise you to take a look at this program. Background This API appared in Linux 2.0 (1996) as an IOCTL but was rewritten for Linux 2.2 (1998) as a socket address family. So, Netlink is almost 20 years old. The original API was made by Alexey Kuznetsov. But what is Netlink? Netlink socket family is a Linux kernel interface used for inter-process communication (IPC) between both the kernel and userspace processes, and between different userspace processes, in a way similar to the Unix domain sockets. [Read More]

How does a debugger work?

Let's show the internals of a debugger...

In this post, the main goal is to understand how a debugger (like gdb) works. In that purpose, the exemples will be based on my personnal toy debugger Edb (Easy DeBugger). Because of few bugs in the x86_64 version, the article is based on the i386 (32 bits) version. How to handle i386 and x86_64 I wanted my debugger to be able to debug 32 and 64 bits x86 programs. [Read More]