lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20210817080451.34286807@kicinski-fedora-pc1c0hjn.dhcp.thefacebook.com>
Date:   Tue, 17 Aug 2021 08:04:51 -0700
From:   Jakub Kicinski <kuba@...nel.org>
To:     Jonas Bechtel <post@...chtel.de>
Cc:     netdev@...r.kernel.org
Subject: Re: ss command not showing raw sockets? (regression)

On Mon, 16 Aug 2021 15:08:00 -0700 Jakub Kicinski wrote:
> On Sun, 15 Aug 2021 23:17:38 +0200 Jonas Bechtel wrote:
> > I've got following installation:
> > * ping 32 bit version
> > * Linux 4.4.0 x86_64 (yes, somewhat ancient)
> > * iproute2  4.9.0 or 4.20.0 or 5.10.0
> > 
> > With one ping command active, there are two raw sockets on my system:
> > one for IPv4 and one for IPv6 (just one of those is used).
> > 
> > My problem is that
> > 
> > ss -awp
> > 
> > shows 
> > * two raw sockets (4.9.0)
> > * any raw socket = bug (4.20.0)
> > * any raw socket = bug (5.10.0)  
> 
> Could you clarify how the bug manifests itself? Does ss crash?
> 
> > So is this a bug or is this wont-fix (then, if it is related to
> > kernel version, package maintainers may be interested)?  

I had a look, I don't see anything out of the ordinary. I checked with
v4.6, I don't have a 4.4 box handy. It seems ss got support for dumping
over netlink in the 4.9. On a 4.4 kernel it should fall back to using
procfs tho, raw_show() calls inet_show_netlink() which should fails and
therefore the code should fall through to the old procfs stuff.

No idea why that doesn't happen for you. Is this vanilla 4.4 or does it
have backports? Is there a /sys/module/raw_diag/ directory on your
system after you run those commands?

Does setting PROC_NET_RAW make the newer iproute version work for you?

$ PROC_NET_RAW=/proc/net/raw ss -awp

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ