lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 18 Aug 2020 16:17:19 -0700 From: Wei Wang <weiwan@...gle.com> To: netdev@...r.kernel.org, Stephen Hemminger <stephen@...workplumber.org> Cc: Wei Wang <weiwan@...gle.com>, Mahesh Bandewar <maheshb@...gle.com> Subject: [PATCH iproute2-next] iproute2: ss: add support to expose various inet sockopts This commit adds support to expose the following inet socket options: -- recverr -- is_icsk -- freebind -- hdrincl -- mc_loop -- transparent -- mc_all -- nodefrag -- bind_address_no_port -- recverr_rfc4884 -- defer_connect with the option --inet-sockopt. Signed-off-by: Wei Wang <weiwan@...gle.com> Signed-off-by: Mahesh Bandewar <maheshb@...gle.com> --- include/uapi/linux/inet_diag.h | 18 ++++++++++++++++++ misc/ss.c | 32 ++++++++++++++++++++++++++++++++ 2 files changed, 50 insertions(+) diff --git a/include/uapi/linux/inet_diag.h b/include/uapi/linux/inet_diag.h index cd83b4f8..ed1c3153 100644 --- a/include/uapi/linux/inet_diag.h +++ b/include/uapi/linux/inet_diag.h @@ -160,6 +160,7 @@ enum { INET_DIAG_ULP_INFO, INET_DIAG_SK_BPF_STORAGES, INET_DIAG_CGROUP_ID, + INET_DIAG_SOCKOPT, __INET_DIAG_MAX, }; @@ -183,6 +184,23 @@ struct inet_diag_meminfo { __u32 idiag_tmem; }; +/* INET_DIAG_SOCKOPT */ + +struct inet_diag_sockopt { + __u8 recverr:1, + is_icsk:1, + freebind:1, + hdrincl:1, + mc_loop:1, + transparent:1, + mc_all:1, + nodefrag:1; + __u8 bind_address_no_port:1, + recverr_rfc4884:1, + defer_connect:1, + unused:5; +}; + /* INET_DIAG_VEGASINFO */ struct tcpvegas_info { diff --git a/misc/ss.c b/misc/ss.c index e5565725..52d8a730 100644 --- a/misc/ss.c +++ b/misc/ss.c @@ -114,6 +114,7 @@ static int sctp_ino; static int show_tipcinfo; static int show_tos; static int show_cgroup; +static int show_inet_sockopt; int oneline; enum col_id { @@ -3333,6 +3334,30 @@ static int inet_show_sock(struct nlmsghdr *nlh, out(" cgroup:%s", cg_id_to_path(rta_getattr_u64(tb[INET_DIAG_CGROUP_ID]))); } + if (show_inet_sockopt) { + if (tb[INET_DIAG_SOCKOPT] && RTA_PAYLOAD(tb[INET_DIAG_SOCKOPT]) >= + sizeof(struct inet_diag_sockopt)) { + const struct inet_diag_sockopt *sockopt = + RTA_DATA(tb[INET_DIAG_SOCKOPT]); + if (!oneline) + out("\n\tinet-sockopt: ("); + else + out(" inet-sockopt: ("); + out("recverr: %d, ", sockopt->recverr); + out("is_icsk: %d, ", sockopt->is_icsk); + out("freebind: %d, ", sockopt->freebind); + out("hdrincl: %d, ", sockopt->hdrincl); + out("mc_loop: %d, ", sockopt->mc_loop); + out("transparent: %d, ", sockopt->transparent); + out("mc_all: %d, ", sockopt->mc_all); + out("nodefrag: %d, ", sockopt->nodefrag); + out("bind_addr_no_port: %d, ", sockopt->bind_address_no_port); + out("recverr_rfc4884: %d, ", sockopt->recverr_rfc4884); + out("defer_connect: %d", sockopt->defer_connect); + out(")"); + } + } + if (show_mem || (show_tcpinfo && s->type != IPPROTO_UDP)) { if (!oneline) out("\n\t"); @@ -5210,6 +5235,7 @@ static void _usage(FILE *dest) " -K, --kill forcibly close sockets, display what was closed\n" " -H, --no-header Suppress header line\n" " -O, --oneline socket's data printed on a single line\n" +" --inet-sockopt show various inet socket options\n" "\n" " -A, --query=QUERY, --socket=QUERY\n" " QUERY := {all|inet|tcp|mptcp|udp|raw|unix|unix_dgram|unix_stream|unix_seqpacket|packet|netlink|vsock_stream|vsock_dgram|tipc}[,QUERY]\n" @@ -5299,6 +5325,8 @@ static int scan_state(const char *state) #define OPT_CGROUP 261 +#define OPT_INET_SOCKOPT 262 + static const struct option long_opts[] = { { "numeric", 0, 0, 'n' }, { "resolve", 0, 0, 'r' }, @@ -5341,6 +5369,7 @@ static const struct option long_opts[] = { { "xdp", 0, 0, OPT_XDPSOCK}, { "mptcp", 0, 0, 'M' }, { "oneline", 0, 0, 'O' }, + { "inet-sockopt", 0, 0, OPT_INET_SOCKOPT }, { 0 } }; @@ -5539,6 +5568,9 @@ int main(int argc, char *argv[]) case 'O': oneline = 1; break; + case OPT_INET_SOCKOPT: + show_inet_sockopt = 1; + break; case 'h': help(); case '?': -- 2.28.0.297.g1956fa8f8d-goog
Powered by blists - more mailing lists