From patchwork Fri Oct 6 15:48:39 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Stefan Hajnoczi X-Patchwork-Id: 822494 X-Patchwork-Delegate: shemminger@vyatta.com Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=netdev-owner@vger.kernel.org; receiver=) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 3y7vFN0dJkz9t3m for ; Sat, 7 Oct 2017 02:48:56 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751987AbdJFPsx (ORCPT ); Fri, 6 Oct 2017 11:48:53 -0400 Received: from mx1.redhat.com ([209.132.183.28]:55924 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751423AbdJFPsv (ORCPT ); Fri, 6 Oct 2017 11:48:51 -0400 Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id D713E7E38F; Fri, 6 Oct 2017 15:48:50 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com D713E7E38F Authentication-Results: ext-mx04.extmail.prod.ext.phx2.redhat.com; dmarc=none (p=none dis=none) header.from=redhat.com Authentication-Results: ext-mx04.extmail.prod.ext.phx2.redhat.com; spf=fail smtp.mailfrom=stefanha@redhat.com Received: from localhost (ovpn-116-204.ams2.redhat.com [10.36.116.204]) by smtp.corp.redhat.com (Postfix) with ESMTP id BEEE66E739; Fri, 6 Oct 2017 15:48:49 +0000 (UTC) From: Stefan Hajnoczi To: netdev@vger.kernel.org Cc: Stephen Hemminger , Jorgen Hansen , Dexuan Cui , Stefan Hajnoczi Subject: [PATCH iproute2 v2 1/3] ss: allow AF_FAMILY constants >32 Date: Fri, 6 Oct 2017 11:48:39 -0400 Message-Id: <20171006154841.10495-2-stefanha@redhat.com> In-Reply-To: <20171006154841.10495-1-stefanha@redhat.com> References: <20171006154841.10495-1-stefanha@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.28]); Fri, 06 Oct 2017 15:48:51 +0000 (UTC) Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org Linux has more than 32 address families defined in . Use a 64-bit type so all of them can be represented in the filter->families bitmask. It's easy to introduce bugs when using (1 << AF_FAMILY) because the value is 32-bit. This can produce incorrect results from bitmask operations so introduce the FAMILY_MASK() macro to eliminate these bugs. Signed-off-by: Stefan Hajnoczi --- misc/ss.c | 54 ++++++++++++++++++++++++++++-------------------------- 1 file changed, 28 insertions(+), 26 deletions(-) diff --git a/misc/ss.c b/misc/ss.c index dd8dfaa4..005e781d 100644 --- a/misc/ss.c +++ b/misc/ss.c @@ -170,55 +170,57 @@ enum { struct filter { int dbs; int states; - int families; + uint64_t families; struct ssfilter *f; bool kill; }; +#define FAMILY_MASK(family) ((uint64_t)1 << (family)) + static const struct filter default_dbs[MAX_DB] = { [TCP_DB] = { .states = SS_CONN, - .families = (1 << AF_INET) | (1 << AF_INET6), + .families = FAMILY_MASK(AF_INET) | FAMILY_MASK(AF_INET6), }, [DCCP_DB] = { .states = SS_CONN, - .families = (1 << AF_INET) | (1 << AF_INET6), + .families = FAMILY_MASK(AF_INET) | FAMILY_MASK(AF_INET6), }, [UDP_DB] = { .states = (1 << SS_ESTABLISHED), - .families = (1 << AF_INET) | (1 << AF_INET6), + .families = FAMILY_MASK(AF_INET) | FAMILY_MASK(AF_INET6), }, [RAW_DB] = { .states = (1 << SS_ESTABLISHED), - .families = (1 << AF_INET) | (1 << AF_INET6), + .families = FAMILY_MASK(AF_INET) | FAMILY_MASK(AF_INET6), }, [UNIX_DG_DB] = { .states = (1 << SS_CLOSE), - .families = (1 << AF_UNIX), + .families = FAMILY_MASK(AF_UNIX), }, [UNIX_ST_DB] = { .states = SS_CONN, - .families = (1 << AF_UNIX), + .families = FAMILY_MASK(AF_UNIX), }, [UNIX_SQ_DB] = { .states = SS_CONN, - .families = (1 << AF_UNIX), + .families = FAMILY_MASK(AF_UNIX), }, [PACKET_DG_DB] = { .states = (1 << SS_CLOSE), - .families = (1 << AF_PACKET), + .families = FAMILY_MASK(AF_PACKET), }, [PACKET_R_DB] = { .states = (1 << SS_CLOSE), - .families = (1 << AF_PACKET), + .families = FAMILY_MASK(AF_PACKET), }, [NETLINK_DB] = { .states = (1 << SS_CLOSE), - .families = (1 << AF_NETLINK), + .families = FAMILY_MASK(AF_NETLINK), }, [SCTP_DB] = { .states = SS_CONN, - .families = (1 << AF_INET) | (1 << AF_INET6), + .families = FAMILY_MASK(AF_INET) | FAMILY_MASK(AF_INET6), }, }; @@ -258,14 +260,14 @@ static void filter_db_set(struct filter *f, int db) static void filter_af_set(struct filter *f, int af) { f->states |= default_afs[af].states; - f->families |= 1 << af; + f->families |= FAMILY_MASK(af); do_default = 0; preferred_family = af; } static int filter_af_get(struct filter *f, int af) { - return f->families & (1 << af); + return !!(f->families & FAMILY_MASK(af)); } static void filter_default_dbs(struct filter *f) @@ -302,7 +304,7 @@ static void filter_merge_defaults(struct filter *f) f->families |= default_dbs[db].families; } for (af = 0; af < AF_MAX; af++) { - if (!(f->families & (1 << af))) + if (!(f->families & FAMILY_MASK(af))) continue; if (!(default_afs[af].dbs & f->dbs)) @@ -2608,7 +2610,7 @@ static int show_one_inet_sock(const struct sockaddr_nl *addr, struct inet_diag_msg *r = NLMSG_DATA(h); struct sockstat s = {}; - if (!(diag_arg->f->families & (1 << r->idiag_family))) + if (!(diag_arg->f->families & FAMILY_MASK(r->idiag_family))) return 0; parse_diag_msg(h, &s); @@ -2802,7 +2804,7 @@ static int tcp_show(struct filter *f) return -1; } - if (f->families & (1<families & FAMILY_MASK(AF_INET)) { if ((fp = net_tcp_open()) == NULL) goto outerr; @@ -2812,7 +2814,7 @@ static int tcp_show(struct filter *f) fclose(fp); } - if ((f->families & (1<families & FAMILY_MASK(AF_INET6)) && (fp = net_tcp6_open()) != NULL) { setbuffer(fp, buf, bufsize); if (generic_record_read(fp, tcp_show_line, f, AF_INET6)) @@ -2911,7 +2913,7 @@ static int udp_show(struct filter *f) && inet_show_netlink(f, NULL, IPPROTO_UDP) == 0) return 0; - if (f->families&(1<families&FAMILY_MASK(AF_INET)) { if ((fp = net_udp_open()) == NULL) goto outerr; if (generic_record_read(fp, dgram_show_line, f, AF_INET)) @@ -2919,7 +2921,7 @@ static int udp_show(struct filter *f) fclose(fp); } - if ((f->families&(1<families&FAMILY_MASK(AF_INET6)) && (fp = net_udp6_open()) != NULL) { if (generic_record_read(fp, dgram_show_line, f, AF_INET6)) goto outerr; @@ -2951,7 +2953,7 @@ static int raw_show(struct filter *f) inet_show_netlink(f, NULL, IPPROTO_RAW) == 0) return 0; - if (f->families&(1<families&FAMILY_MASK(AF_INET)) { if ((fp = net_raw_open()) == NULL) goto outerr; if (generic_record_read(fp, dgram_show_line, f, AF_INET)) @@ -2959,7 +2961,7 @@ static int raw_show(struct filter *f) fclose(fp); } - if ((f->families&(1<families&FAMILY_MASK(AF_INET6)) && (fp = net_raw6_open()) != NULL) { if (generic_record_read(fp, dgram_show_line, f, AF_INET6)) goto outerr; @@ -3703,13 +3705,13 @@ static int handle_follow_request(struct filter *f) int groups = 0; struct rtnl_handle rth; - if (f->families & (1 << AF_INET) && f->dbs & (1 << TCP_DB)) + if (f->families & FAMILY_MASK(AF_INET) && f->dbs & (1 << TCP_DB)) groups |= 1 << (SKNLGRP_INET_TCP_DESTROY - 1); - if (f->families & (1 << AF_INET) && f->dbs & (1 << UDP_DB)) + if (f->families & FAMILY_MASK(AF_INET) && f->dbs & (1 << UDP_DB)) groups |= 1 << (SKNLGRP_INET_UDP_DESTROY - 1); - if (f->families & (1 << AF_INET6) && f->dbs & (1 << TCP_DB)) + if (f->families & FAMILY_MASK(AF_INET6) && f->dbs & (1 << TCP_DB)) groups |= 1 << (SKNLGRP_INET6_TCP_DESTROY - 1); - if (f->families & (1 << AF_INET6) && f->dbs & (1 << UDP_DB)) + if (f->families & FAMILY_MASK(AF_INET6) && f->dbs & (1 << UDP_DB)) groups |= 1 << (SKNLGRP_INET6_UDP_DESTROY - 1); if (groups == 0) From patchwork Fri Oct 6 15:48:40 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Stefan Hajnoczi X-Patchwork-Id: 822495 X-Patchwork-Delegate: shemminger@vyatta.com Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=netdev-owner@vger.kernel.org; receiver=) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 3y7vFW6c3Sz9t3m for ; Sat, 7 Oct 2017 02:49:03 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752270AbdJFPtA (ORCPT ); Fri, 6 Oct 2017 11:49:00 -0400 Received: from mx1.redhat.com ([209.132.183.28]:56930 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752014AbdJFPs5 (ORCPT ); Fri, 6 Oct 2017 11:48:57 -0400 Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 7551A550B0; Fri, 6 Oct 2017 15:48:57 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com 7551A550B0 Authentication-Results: ext-mx05.extmail.prod.ext.phx2.redhat.com; dmarc=none (p=none dis=none) header.from=redhat.com Authentication-Results: ext-mx05.extmail.prod.ext.phx2.redhat.com; spf=fail smtp.mailfrom=stefanha@redhat.com Received: from localhost (ovpn-116-204.ams2.redhat.com [10.36.116.204]) by smtp.corp.redhat.com (Postfix) with ESMTP id D4DAC5D9C1; Fri, 6 Oct 2017 15:48:53 +0000 (UTC) From: Stefan Hajnoczi To: netdev@vger.kernel.org Cc: Stephen Hemminger , Jorgen Hansen , Dexuan Cui , Stefan Hajnoczi Subject: [PATCH iproute2 v2 2/3] include: add Date: Fri, 6 Oct 2017 11:48:40 -0400 Message-Id: <20171006154841.10495-3-stefanha@redhat.com> In-Reply-To: <20171006154841.10495-1-stefanha@redhat.com> References: <20171006154841.10495-1-stefanha@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.29]); Fri, 06 Oct 2017 15:48:57 +0000 (UTC) Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org This new Linux header file defines the sock_diag interface used by AF_VSOCK. This new header file was merged in net-next in commit 413a4317aca7d6367d57a5971b0c461f03851207 ("VSOCK: add sock_diag interface"). Signed-off-by: Stefan Hajnoczi --- include/linux/vm_sockets_diag.h | 33 +++++++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 include/linux/vm_sockets_diag.h diff --git a/include/linux/vm_sockets_diag.h b/include/linux/vm_sockets_diag.h new file mode 100644 index 00000000..14cd7dc5 --- /dev/null +++ b/include/linux/vm_sockets_diag.h @@ -0,0 +1,33 @@ +/* AF_VSOCK sock_diag(7) interface for querying open sockets */ + +#ifndef _UAPI__VM_SOCKETS_DIAG_H__ +#define _UAPI__VM_SOCKETS_DIAG_H__ + +#include + +/* Request */ +struct vsock_diag_req { + __u8 sdiag_family; /* must be AF_VSOCK */ + __u8 sdiag_protocol; /* must be 0 */ + __u16 pad; /* must be 0 */ + __u32 vdiag_states; /* query bitmap (e.g. 1 << TCP_LISTEN) */ + __u32 vdiag_ino; /* must be 0 (reserved) */ + __u32 vdiag_show; /* must be 0 (reserved) */ + __u32 vdiag_cookie[2]; +}; + +/* Response */ +struct vsock_diag_msg { + __u8 vdiag_family; /* AF_VSOCK */ + __u8 vdiag_type; /* SOCK_STREAM or SOCK_DGRAM */ + __u8 vdiag_state; /* sk_state (e.g. TCP_LISTEN) */ + __u8 vdiag_shutdown; /* local RCV_SHUTDOWN | SEND_SHUTDOWN */ + __u32 vdiag_src_cid; + __u32 vdiag_src_port; + __u32 vdiag_dst_cid; + __u32 vdiag_dst_port; + __u32 vdiag_ino; + __u32 vdiag_cookie[2]; +}; + +#endif /* _UAPI__VM_SOCKETS_DIAG_H__ */ From patchwork Fri Oct 6 15:48:41 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Stefan Hajnoczi X-Patchwork-Id: 822496 X-Patchwork-Delegate: shemminger@vyatta.com Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=netdev-owner@vger.kernel.org; receiver=) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 3y7vFf5PP2z9t3t for ; Sat, 7 Oct 2017 02:49:10 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752353AbdJFPtH (ORCPT ); Fri, 6 Oct 2017 11:49:07 -0400 Received: from mx1.redhat.com ([209.132.183.28]:39098 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752312AbdJFPtE (ORCPT ); Fri, 6 Oct 2017 11:49:04 -0400 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 220534E028; Fri, 6 Oct 2017 15:49:04 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com 220534E028 Authentication-Results: ext-mx09.extmail.prod.ext.phx2.redhat.com; dmarc=none (p=none dis=none) header.from=redhat.com Authentication-Results: ext-mx09.extmail.prod.ext.phx2.redhat.com; spf=fail smtp.mailfrom=stefanha@redhat.com Received: from localhost (ovpn-116-204.ams2.redhat.com [10.36.116.204]) by smtp.corp.redhat.com (Postfix) with ESMTP id 80E196684A; Fri, 6 Oct 2017 15:48:59 +0000 (UTC) From: Stefan Hajnoczi To: netdev@vger.kernel.org Cc: Stephen Hemminger , Jorgen Hansen , Dexuan Cui , Stefan Hajnoczi Subject: [PATCH iproute2 v2 3/3] ss: add AF_VSOCK support Date: Fri, 6 Oct 2017 11:48:41 -0400 Message-Id: <20171006154841.10495-4-stefanha@redhat.com> In-Reply-To: <20171006154841.10495-1-stefanha@redhat.com> References: <20171006154841.10495-1-stefanha@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.38]); Fri, 06 Oct 2017 15:49:04 +0000 (UTC) Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org The AF_VSOCK address family is a host<->guest communications channel supported by VMware, KVM, and Hyper-V. Initial VMware support was released in Linux 3.9 in 2013 and transports for other hypervisors were added later. AF_VSOCK addresses are tuples. The 32-bit cid integer is comparable to an IP address. AF_VSOCK ports work like TCP/UDP ports. Both SOCK_STREAM and SOCK_DGRAM socket types are available. This patch adds AF_VSOCK support to ss(8) so that sockets can be observed. Signed-off-by: Stefan Hajnoczi --- misc/ss.c | 184 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++- man/man8/ss.8 | 8 ++- 2 files changed, 188 insertions(+), 4 deletions(-) diff --git a/misc/ss.c b/misc/ss.c index 005e781d..8b563bd4 100644 --- a/misc/ss.c +++ b/misc/ss.c @@ -44,6 +44,7 @@ #include #include #include +#include #define MAGIC_SEQ 123456 @@ -126,6 +127,8 @@ enum { PACKET_R_DB, NETLINK_DB, SCTP_DB, + VSOCK_ST_DB, + VSOCK_DG_DB, MAX_DB }; @@ -134,6 +137,7 @@ enum { #define ALL_DB ((1<type); + break; default: sock_name = "unknown"; } @@ -1149,6 +1182,8 @@ static int run_ssfilter(struct ssfilter *f, struct sockstat *s) return s->lport == 0 && s->local.data[0] == 0; if (s->local.family == AF_NETLINK) return s->lport < 0; + if (s->local.family == AF_VSOCK) + return s->lport > 1023; return is_ephemeral(s->lport); } @@ -1524,6 +1559,15 @@ void *parse_devcond(char *name) return res; } +static void vsock_set_inet_prefix(inet_prefix *a, __u32 cid) +{ + *a = (inet_prefix){ + .bytelen = sizeof(cid), + .family = AF_VSOCK, + }; + memcpy(a->data, &cid, sizeof(cid)); +} + void *parse_hostcond(char *addr, bool is_port) { char *port = NULL; @@ -1598,6 +1642,37 @@ void *parse_hostcond(char *addr, bool is_port) goto out; } + if (fam == AF_VSOCK || strncmp(addr, "vsock:", 6) == 0) { + __u32 cid = ~(__u32)0; + + a.addr.family = AF_VSOCK; + if (strncmp(addr, "vsock:", 6) == 0) + addr += 6; + + if (is_port) + port = addr; + else { + port = strchr(addr, ':'); + if (port) { + *port = '\0'; + port++; + } + } + + if (port && strcmp(port, "*") && + get_u32((__u32 *)&a.port, port, 0)) + return NULL; + + if (addr[0] && strcmp(addr, "*")) { + a.addr.bitlen = 32; + if (get_u32(&cid, addr, 0)) + return NULL; + } + vsock_set_inet_prefix(&a.addr, cid); + fam = AF_VSOCK; + goto out; + } + if (fam == AF_INET || !strncmp(addr, "inet:", 5)) { fam = AF_INET; if (!strncmp(addr, "inet:", 5)) @@ -3674,6 +3749,88 @@ static int netlink_show(struct filter *f) return 0; } +static bool vsock_type_skip(struct sockstat *s, struct filter *f) +{ + if (s->type == SOCK_STREAM && !(f->dbs & (1 << VSOCK_ST_DB))) + return true; + if (s->type == SOCK_DGRAM && !(f->dbs & (1 << VSOCK_DG_DB))) + return true; + return false; +} + +static void vsock_addr_print(inet_prefix *a, __u32 port) +{ + char cid_str[sizeof("4294967295")]; + char port_str[sizeof("4294967295")]; + __u32 cid; + + memcpy(&cid, a->data, sizeof(cid)); + + if (cid == ~(__u32)0) + snprintf(cid_str, sizeof(cid_str), "*"); + else + snprintf(cid_str, sizeof(cid_str), "%u", cid); + + if (port == ~(__u32)0) + snprintf(port_str, sizeof(port_str), "*"); + else + snprintf(port_str, sizeof(port_str), "%u", port); + + sock_addr_print(cid_str, ":", port_str, NULL); +} + +static void vsock_stats_print(struct sockstat *s, struct filter *f) +{ + sock_state_print(s); + + vsock_addr_print(&s->local, s->lport); + vsock_addr_print(&s->remote, s->rport); + + proc_ctx_print(s); + + printf("\n"); +} + +static int vsock_show_sock(const struct sockaddr_nl *addr, + struct nlmsghdr *nlh, void *arg) +{ + struct filter *f = (struct filter *)arg; + struct vsock_diag_msg *r = NLMSG_DATA(nlh); + struct sockstat stat = { + .type = r->vdiag_type, + .lport = r->vdiag_src_port, + .rport = r->vdiag_dst_port, + .state = r->vdiag_state, + .ino = r->vdiag_ino, + }; + + vsock_set_inet_prefix(&stat.local, r->vdiag_src_cid); + vsock_set_inet_prefix(&stat.remote, r->vdiag_dst_cid); + + if (vsock_type_skip(&stat, f)) + return 0; + + if (f->f && run_ssfilter(f->f, &stat) == 0) + return 0; + + vsock_stats_print(&stat, f); + + return 0; +} + +static int vsock_show(struct filter *f) +{ + DIAG_REQUEST(req, struct vsock_diag_req r); + + if (!filter_af_get(f, AF_VSOCK)) + return 0; + + req.r.sdiag_family = AF_VSOCK; + req.r.vdiag_states = f->states; + + return handle_netlink_request(f, &req.nlh, sizeof(req), vsock_show_sock); +} + struct sock_diag_msg { __u8 sdiag_family; }; @@ -3694,6 +3851,8 @@ static int generic_show_sock(const struct sockaddr_nl *addr, return packet_show_sock(addr, nlh, arg); case AF_NETLINK: return netlink_show_sock(addr, nlh, arg); + case AF_VSOCK: + return vsock_show_sock(addr, nlh, arg); default: return -1; } @@ -3921,14 +4080,15 @@ static void _usage(FILE *dest) " -d, --dccp display only DCCP sockets\n" " -w, --raw display only RAW sockets\n" " -x, --unix display only Unix domain sockets\n" +" --vsock display only vsock sockets\n" " -f, --family=FAMILY display sockets of type FAMILY\n" -" FAMILY := {inet|inet6|link|unix|netlink|help}\n" +" FAMILY := {inet|inet6|link|unix|netlink|vsock|help}\n" "\n" " -K, --kill forcibly close sockets, display what was closed\n" " -H, --no-header Suppress header line\n" "\n" " -A, --query=QUERY, --socket=QUERY\n" -" QUERY := {all|inet|tcp|udp|raw|unix|unix_dgram|unix_stream|unix_seqpacket|packet|netlink}[,QUERY]\n" +" QUERY := {all|inet|tcp|udp|raw|unix|unix_dgram|unix_stream|unix_seqpacket|packet|netlink|vsock_stream|vsock_dgram}[,QUERY]\n" "\n" " -D, --diag=FILE Dump raw information about TCP sockets to FILE\n" " -F, --filter=FILE read filter information from FILE\n" @@ -4001,6 +4161,9 @@ static int scan_state(const char *state) exit(-1); } +/* Values 'v' and 'V' are already used so a non-character is used */ +#define OPT_VSOCK 256 + static const struct option long_opts[] = { { "numeric", 0, 0, 'n' }, { "resolve", 0, 0, 'r' }, @@ -4017,6 +4180,7 @@ static const struct option long_opts[] = { { "udp", 0, 0, 'u' }, { "raw", 0, 0, 'w' }, { "unix", 0, 0, 'x' }, + { "vsock", 0, 0, OPT_VSOCK }, { "all", 0, 0, 'a' }, { "listening", 0, 0, 'l' }, { "ipv4", 0, 0, '4' }, @@ -4102,6 +4266,9 @@ int main(int argc, char *argv[]) case 'x': filter_af_set(¤t_filter, AF_UNIX); break; + case OPT_VSOCK: + filter_af_set(¤t_filter, AF_VSOCK); + break; case 'a': state_filter = SS_ALL; break; @@ -4128,6 +4295,8 @@ int main(int argc, char *argv[]) filter_af_set(¤t_filter, AF_UNIX); else if (strcmp(optarg, "netlink") == 0) filter_af_set(¤t_filter, AF_NETLINK); + else if (strcmp(optarg, "vsock") == 0) + filter_af_set(¤t_filter, AF_VSOCK); else if (strcmp(optarg, "help") == 0) help(); else { @@ -4193,6 +4362,15 @@ int main(int argc, char *argv[]) filter_db_set(¤t_filter, PACKET_DG_DB); } else if (strcmp(p, "netlink") == 0) { filter_db_set(¤t_filter, NETLINK_DB); + } else if (strcmp(p, "vsock") == 0) { + filter_db_set(¤t_filter, VSOCK_ST_DB); + filter_db_set(¤t_filter, VSOCK_DG_DB); + } else if (strcmp(p, "vsock_stream") == 0 || + strcmp(p, "v_str") == 0) { + filter_db_set(¤t_filter, VSOCK_ST_DB); + } else if (strcmp(p, "vsock_dgram") == 0 || + strcmp(p, "v_dgr") == 0) { + filter_db_set(¤t_filter, VSOCK_DG_DB); } else { fprintf(stderr, "ss: \"%s\" is illegal socket table id\n", p); usage(); @@ -4408,6 +4586,8 @@ int main(int argc, char *argv[]) dccp_show(¤t_filter); if (current_filter.dbs & (1<