lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <0d301c66-0702-d87b-a815-f526f5971036@gmail.com>
Date:   Wed, 18 Aug 2021 14:43:58 -0600
From:   David Ahern <dsahern@...il.com>
To:     Jonas Bechtel <post@...chtel.de>
Cc:     Jakub Kicinski <kuba@...nel.org>, netdev@...r.kernel.org
Subject: Re: ss command not showing raw sockets? (regression)

On 8/18/21 1:57 PM, Jonas Bechtel wrote:
> 
> 
> 
> On Tue, 17 Aug 2021 18:47:06 -0600
> David Ahern <dsahern@...il.com> wrote with subject
> "Re: ss command not showing raw sockets? (regression)":
> 
>> On 8/17/21 3:37 PM, Jakub Kicinski wrote:
>>>
>>> Ah, good point, strace will show it. 
>>>
>>> /me goes off to look at the strace Jonas sent off list.
>>>
>>> Well this is unexpected:
>>>
>>> sendmsg(3, {msg_name={sa_family=AF_NETLINK, nl_pid=0,
>>> nl_groups=00000000}, msg_namelen=12, msg_iov=[{iov_base={{len=76,
>>> type=DCCPDIAG_GETSOCK, ... --->8----------------  
>>>
>>> From: Jakub Kicinski <kuba@...nel.org>
>>> Subject: ss: fix fallback to procfs for raw and sctp sockets
>>>
>>> sockdiag_send() diverts to tcpdiag_send() to try the older
>>> netlink interface. tcpdiag_send() works for TCP and DCCP
>>> but not other protocols. Instead of rejecting unsupported
>>> protocols (and missing RAW and SCTP) match on supported ones.
>>>
>>> Fixes: 41fe6c34de50 ("ss: Add inet raw sockets information
>>> gathering via netlink diag interface") Signed-off-by: Jakub
>>> Kicinski <kuba@...nel.org> ---
>>>  misc/ss.c | 8 ++++----
>>>  1 file changed, 4 insertions(+), 4 deletions(-)
>>>
>>> diff --git a/misc/ss.c b/misc/ss.c
>>> index 894ad40574f1..b39f63fe3b17 100644
>>> --- a/misc/ss.c
>>> +++ b/misc/ss.c
>>> @@ -3404,13 +3404,13 @@ static int tcpdiag_send(int fd, int
>>> protocol, struct filter *f) struct iovec iov[3];
>>>  	int iovlen = 1;
>>>  
>>> -	if (protocol == IPPROTO_UDP || protocol == IPPROTO_MPTCP)
>>> -		return -1;
>>> -
>>>  	if (protocol == IPPROTO_TCP)
>>>  		req.nlh.nlmsg_type = TCPDIAG_GETSOCK;
>>> -	else
>>> +	else if (protocol == IPPROTO_DCCP)
>>>  		req.nlh.nlmsg_type = DCCPDIAG_GETSOCK;
>>> +	else
>>> +		return -1;
>>> +
>>>  	if (show_mem) {
>>>  		req.r.idiag_ext |= (1<<(INET_DIAG_MEMINFO-1));
>>>  		req.r.idiag_ext |= (1<<(INET_DIAG_SKMEMINFO-1));
>>>   
>>
>> That looks correct to me.
>>
>> Jonas: can you build iproute2 and test?
> 
> I've cloned branch main as instructed in https://wiki.linuxfoundation.org/networking/iproute2. Most recent commit is 9b7ea92b9e3f. After building, no socket was listed in table.
> 
> Then I [manually] applied the patch and rebuilt. The patched version works well, I do see the two sockets right now.
> 
> Command was in both cases misc/ss -awp
> 

Awesome, thanks for doing that. Jakub: want to send a formal patch with
his Tested-by?

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ