lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 15 Sep 2016 14:54:57 -0600
From:   David Ahern <dsa@...ulusnetworks.com>
To:     Cyrill Gorcunov <gorcunov@...il.com>
Cc:     netdev@...r.kernel.org, linux-kernel@...r.kernel.org,
        David Miller <davem@...emloft.net>, eric.dumazet@...il.com,
        kuznet@....inr.ac.ru, jmorris@...ei.org, yoshfuji@...ux-ipv6.org,
        kaber@...sh.net, avagin@...nvz.org, stephen@...workplumber.org
Subject: Re: [PATCH v3] net: ip, diag -- Add diag interface for raw sockets

On 9/15/16 2:22 PM, Cyrill Gorcunov wrote:
>> ss -K is not working. Socket lookup fails to find a match due to a protocol mismatch.
>>
>> haven't had time to track down why there is a mismatch since the kill uses the socket returned
>> from the dump. Won't have time to come back to this until early next week.
> 
> Have you ran iproute2 patched? I just ran ss -K and all sockets get closed
> (including raw ones), which actually kicked me off the testing machine sshd :/
> 


This is the patch I applied to iproute2; the change in your goo.gl link plus a debug to confirm the kill action is initiated by ss:

diff --git a/misc/ss.c b/misc/ss.c
index 3b268d999426..4d98411738ea 100644
--- a/misc/ss.c
+++ b/misc/ss.c
@@ -2334,6 +2334,10 @@ static int show_one_inet_sock(const struct sockaddr_nl *addr,
        if (diag_arg->f->f && run_ssfilter(diag_arg->f->f, &s) == 0)
                return 0;

+       if (diag_arg->f->kill) {
+printf("want to kill:\n");
+       err = inet_show_sock(h, &s, diag_arg->protocol);
+       }
        if (diag_arg->f->kill && kill_inet_sock(h, arg) != 0) {
                if (errno == EOPNOTSUPP || errno == ENOENT) {
                        /* Socket can't be closed, or is already closed. */
@@ -2631,6 +2635,10 @@ static int raw_show(struct filter *f)

        dg_proto = RAW_PROTO;

+if (!getenv("PROC_NET_RAW") && !getenv("PROC_ROOT") &&
+inet_show_netlink(f, NULL, IPPROTO_RAW) == 0)
+return 0;
+
        if (f->families&(1<<AF_INET)) {
                if ((fp = net_raw_open()) == NULL)
                        goto outerr;

Powered by blists - more mailing lists