| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 22 Dec 2015 17:31:32 +0900 From: Lorenzo Colitti <lorenzo@...gle.com> To: netdev@...r.kernel.org Cc: stephen@...workplumber.org, eric.dumazet@...il.com, zenczykowski@...il.com Subject: Re: [iproute PATCH v2 2/2] ss: support closing inet sockets via SOCK_DESTROY. I've just uploaded a new version. The changes from v2 are as follows: - Removed the superfluous inline keyword. - The code now ignores ENOENT from kill_inet_sock. This can happen if something else closed the socket during the scan, or if the user requests killing a socket that is not in the hash tables and thus cannot be found by inet_diag_find_one_icsk. - The semantics of rtnl_send_check_ack are clearer. If the caller passes in ack=1, the function blocks until a response is received (unlike v2 which passed in MSG_PEEK). Also, an NLMSG_ERROR with an err of 0 is not treated as a failure. - kill_inet_sock always requests an ACK when closing a socket. This version is also tested on real hardware. The following work: - Passing in -K as non-root immediately stops with EPERM. - Running "ss -a -K dport = :22" closes SSH. - Running ss -a -K dport = :5222 closes my XMPP connections, interrupts my chat client, and sends RSTs to the server. - The above command silently skips TIME_WAIT sockets, which cannot be destroyed, without interrupting the dump. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists