Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Snoop interprocess communications

Tags:

interprocess

Has anyone tried to create a log file of interprocess communications? Could someone give me a little advice on the best way to achieve this?

like image 314
Patrick Avatar asked Nov 06 '10 12:11

Patrick

People also ask

What is IPC$ used for?

The IPC$ share is also known as a null session connection. By using this session, Windows lets anonymous users perform certain activities, such as enumerating the names of domain accounts and network shares. The IPC$ share is created by the Windows Server service.

What is meant by interprocess communication?

Interprocess communication (IPC) is a set of programming interfaces that allow a programmer to coordinate activities among different program processes that can run concurrently in an operating system.

What is an IPC client?

IPC is a client/server system. A server process offers service to others by opening a socket and exposing one or more Java interfaces that remote callers can invoke. User server code must indicate the port number and an instance of an object that will receive remote calls. (

What are the four types of mechanisms involved inter process communication explain?

Different ways of IPC are pipe, message passing, message queue, shared memory, direct communication, indirect communication and FIFO.

3 Answers

The question is not quite clear, and comments make it less clear, but anyway...

The two things to try first are ipcs and strace -e trace=ipc.

like image 110
horsh Avatar answered Oct 19 '22 17:10

horsh

If you want to log all IPC(seems very intensive), you should consider instrumentation.

Their are a lot of good tools for this, check out PIN in perticular, this section of the manual;

In this example, we show how to do more selective instrumentation by examining the instructions. This tool generates a trace of all memory addresses referenced by a program. This is also useful for debugging and for simulating a data cache in a processor.

If your doing some heavy weight tuning and analysis, check out TAU (Tuning and analysis utilitiy).

like image 27
RandomNickName42 Avatar answered Oct 19 '22 16:10

RandomNickName42

Communication to a kernel driver can take many forms. There is usually a special device file for communication, or there can be a special socket type, like NETLINK. If you are lucky, there's a character device to which read() and write() are the sole means of interaction - if that's the case then those calls are easy to intercept with a variety of methods. If you are unlucky, many things are done with ioctls or something even more difficult.

However, running 'strace' on the program using the kernel driver to communicate can reveal just about all it does - though 'ltrace' might be more readable if there happens to be libraries the program uses for communication. By tuning the arguments to 'strace', you can probably get a dump which contains just the information you need:

  • First, just eyeball the calls and try to figure out the means of kernel communication
  • Then, add filters to strace call to log only the kernel communication calls
  • Finally, make sure strace logs the full strings of all calls, so you don't have to deal with truncated data

The answers which point to IPC debugging probably are not relevant, as communicating with the kernel almost never has anything to do with IPC (atleast not the different UNIX IPC facilities).

like image 20
Nakedible Avatar answered Oct 19 '22 17:10

Nakedible
Sign in to Comment

Related questions

How can I load the AIR runtime as a in-process shared library from a C program
What interprocess locking calls should I monitor?
How do I send code ( a class in this case) to a server/program and receive output
What available message solutions are there for inter-process communication in ruby?
Interprocess Communication using Named Pipes in C# + PHP
c++ boost::interprocess simple application
Boost, Shared Memory and Vectors
How to Use C# to Call a Function Within a Seperate Running Native Process?
How to implement a writer-preferring read/write lock for *nix processes
Android Remote methods (AIDL) vs Intents - performance & battery usage
Using C++ Boost memory mapped files to create disk-back data structures
Should I use CORBA, MessagePack RPC or Thrift, or something else entirely?
How can I marshal an out-of-process COM reference across process boundaries?
What is the best way to do application data exchange in Delphi without sockets?
C++ application: Is it possible to pass accepted TCP connection from one process to another?
Passing data from a C process to a C++ process
boost::interprocess memory allocator on anonymous segment

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!