lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20200818231719.1813482-1-weiwan@google.com>
Date:   Tue, 18 Aug 2020 16:17:19 -0700
From:   Wei Wang <weiwan@...gle.com>
To:     netdev@...r.kernel.org,
        Stephen Hemminger <stephen@...workplumber.org>
Cc:     Wei Wang <weiwan@...gle.com>, Mahesh Bandewar <maheshb@...gle.com>
Subject: [PATCH iproute2-next] iproute2: ss: add support to expose various
 inet sockopts

This commit adds support to expose the following inet socket options:
-- recverr
-- is_icsk
-- freebind
-- hdrincl
-- mc_loop
-- transparent
-- mc_all
-- nodefrag
-- bind_address_no_port
-- recverr_rfc4884
-- defer_connect
with the option --inet-sockopt.

Signed-off-by: Wei Wang <weiwan@...gle.com>
Signed-off-by: Mahesh Bandewar <maheshb@...gle.com>
---
 include/uapi/linux/inet_diag.h | 18 ++++++++++++++++++
 misc/ss.c                      | 32 ++++++++++++++++++++++++++++++++
 2 files changed, 50 insertions(+)

diff --git a/include/uapi/linux/inet_diag.h b/include/uapi/linux/inet_diag.h
index cd83b4f8..ed1c3153 100644
--- a/include/uapi/linux/inet_diag.h
+++ b/include/uapi/linux/inet_diag.h
@@ -160,6 +160,7 @@ enum {
 	INET_DIAG_ULP_INFO,
 	INET_DIAG_SK_BPF_STORAGES,
 	INET_DIAG_CGROUP_ID,
+	INET_DIAG_SOCKOPT,
 	__INET_DIAG_MAX,
 };
 
@@ -183,6 +184,23 @@ struct inet_diag_meminfo {
 	__u32	idiag_tmem;
 };
 
+/* INET_DIAG_SOCKOPT */
+
+struct inet_diag_sockopt {
+	__u8	recverr:1,
+		is_icsk:1,
+		freebind:1,
+		hdrincl:1,
+		mc_loop:1,
+		transparent:1,
+		mc_all:1,
+		nodefrag:1;
+	__u8	bind_address_no_port:1,
+		recverr_rfc4884:1,
+		defer_connect:1,
+		unused:5;
+};
+
 /* INET_DIAG_VEGASINFO */
 
 struct tcpvegas_info {
diff --git a/misc/ss.c b/misc/ss.c
index e5565725..52d8a730 100644
--- a/misc/ss.c
+++ b/misc/ss.c
@@ -114,6 +114,7 @@ static int sctp_ino;
 static int show_tipcinfo;
 static int show_tos;
 static int show_cgroup;
+static int show_inet_sockopt;
 int oneline;
 
 enum col_id {
@@ -3333,6 +3334,30 @@ static int inet_show_sock(struct nlmsghdr *nlh,
 			out(" cgroup:%s", cg_id_to_path(rta_getattr_u64(tb[INET_DIAG_CGROUP_ID])));
 	}
 
+	if (show_inet_sockopt) {
+		if (tb[INET_DIAG_SOCKOPT] && RTA_PAYLOAD(tb[INET_DIAG_SOCKOPT]) >=
+		    sizeof(struct inet_diag_sockopt)) {
+			const struct inet_diag_sockopt *sockopt =
+					RTA_DATA(tb[INET_DIAG_SOCKOPT]);
+			if (!oneline)
+				out("\n\tinet-sockopt: (");
+			else
+				out(" inet-sockopt: (");
+			out("recverr: %d, ", sockopt->recverr);
+			out("is_icsk: %d, ", sockopt->is_icsk);
+			out("freebind: %d, ", sockopt->freebind);
+			out("hdrincl: %d, ", sockopt->hdrincl);
+			out("mc_loop: %d, ", sockopt->mc_loop);
+			out("transparent: %d, ", sockopt->transparent);
+			out("mc_all: %d, ", sockopt->mc_all);
+			out("nodefrag: %d, ", sockopt->nodefrag);
+			out("bind_addr_no_port: %d, ", sockopt->bind_address_no_port);
+			out("recverr_rfc4884: %d, ", sockopt->recverr_rfc4884);
+			out("defer_connect: %d", sockopt->defer_connect);
+			out(")");
+		}
+	}
+
 	if (show_mem || (show_tcpinfo && s->type != IPPROTO_UDP)) {
 		if (!oneline)
 			out("\n\t");
@@ -5210,6 +5235,7 @@ static void _usage(FILE *dest)
 "   -K, --kill          forcibly close sockets, display what was closed\n"
 "   -H, --no-header     Suppress header line\n"
 "   -O, --oneline       socket's data printed on a single line\n"
+"       --inet-sockopt  show various inet socket options\n"
 "\n"
 "   -A, --query=QUERY, --socket=QUERY\n"
 "       QUERY := {all|inet|tcp|mptcp|udp|raw|unix|unix_dgram|unix_stream|unix_seqpacket|packet|netlink|vsock_stream|vsock_dgram|tipc}[,QUERY]\n"
@@ -5299,6 +5325,8 @@ static int scan_state(const char *state)
 
 #define OPT_CGROUP 261
 
+#define OPT_INET_SOCKOPT 262
+
 static const struct option long_opts[] = {
 	{ "numeric", 0, 0, 'n' },
 	{ "resolve", 0, 0, 'r' },
@@ -5341,6 +5369,7 @@ static const struct option long_opts[] = {
 	{ "xdp", 0, 0, OPT_XDPSOCK},
 	{ "mptcp", 0, 0, 'M' },
 	{ "oneline", 0, 0, 'O' },
+	{ "inet-sockopt", 0, 0, OPT_INET_SOCKOPT },
 	{ 0 }
 
 };
@@ -5539,6 +5568,9 @@ int main(int argc, char *argv[])
 		case 'O':
 			oneline = 1;
 			break;
+		case OPT_INET_SOCKOPT:
+			show_inet_sockopt = 1;
+			break;
 		case 'h':
 			help();
 		case '?':
-- 
2.28.0.297.g1956fa8f8d-goog

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ