| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 17 Aug 2021 08:04:51 -0700 From: Jakub Kicinski <kuba@...nel.org> To: Jonas Bechtel <post@...chtel.de> Cc: netdev@...r.kernel.org Subject: Re: ss command not showing raw sockets? (regression) On Mon, 16 Aug 2021 15:08:00 -0700 Jakub Kicinski wrote: > On Sun, 15 Aug 2021 23:17:38 +0200 Jonas Bechtel wrote: > > I've got following installation: > > * ping 32 bit version > > * Linux 4.4.0 x86_64 (yes, somewhat ancient) > > * iproute2 4.9.0 or 4.20.0 or 5.10.0 > > > > With one ping command active, there are two raw sockets on my system: > > one for IPv4 and one for IPv6 (just one of those is used). > > > > My problem is that > > > > ss -awp > > > > shows > > * two raw sockets (4.9.0) > > * any raw socket = bug (4.20.0) > > * any raw socket = bug (5.10.0) > > Could you clarify how the bug manifests itself? Does ss crash? > > > So is this a bug or is this wont-fix (then, if it is related to > > kernel version, package maintainers may be interested)? I had a look, I don't see anything out of the ordinary. I checked with v4.6, I don't have a 4.4 box handy. It seems ss got support for dumping over netlink in the 4.9. On a 4.4 kernel it should fall back to using procfs tho, raw_show() calls inet_show_netlink() which should fails and therefore the code should fall through to the old procfs stuff. No idea why that doesn't happen for you. Is this vanilla 4.4 or does it have backports? Is there a /sys/module/raw_diag/ directory on your system after you run those commands? Does setting PROC_NET_RAW make the newer iproute version work for you? $ PROC_NET_RAW=/proc/net/raw ss -awp
Powered by blists - more mailing lists