lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Mon, 16 May 2016 20:24:03 -0600
From:	David Ahern <>
To:	Lorenzo Colitti <>,
	Stephen Hemminger <>
Cc:	"" <>
Subject: Re: [PATCH iproute2] ss: Tell user about -EOPNOTSUPP for SOCK_DESTROY

On 5/16/16 8:04 PM, Lorenzo Colitti wrote:
> Given that the filter can specify a number of sockets, some of which
> can and some of which can't be closed, and that whether a given socket
> can be closed is only known at the time we attempt to close it, there
> is a choice between two bad outcomes:
> 1. Users try to use "ss -K" with a kernel that doesn't support it, and
> get confused about why it does nothing and doesn't print an error
> message.
> 2. Users use "ss -K" with a kernel that does support it, and get
> irritated by seeing one error message per TCP_TIME_WAIT socket, UDP
> socket, etc.

As I mentioned we can print the unsupported once or per socket matched 
and with the socket params. e.g.,

+               } else if (errno == EOPNOTSUPP) {
+                       printf("Operation not supported for:\n");
+                       inet_show_sock(h, diag_arg->f, diag_arg->protocol);

Actively suppressing all error messages is just wrong. I get the 
flooding issue so I'm fine with just printing it once.

Powered by blists - more mailing lists