From: Jonas Bechtel <post@jbechtel.de>
To: Jakub Kicinski <kuba@kernel.org>
Cc: netdev@vger.kernel.org, David Ahern <dsahern@gmail.com>
Subject: Re: ss command not showing raw sockets? (regression)
Date: Tue, 17 Aug 2021 20:21:35 +0200 [thread overview]
Message-ID: <20210817202135.6b42031f@mmluhan> (raw)
In-Reply-To: <20210817080451.34286807@kicinski-fedora-pc1c0hjn.dhcp.thefacebook.com>
[-- Attachment #1: Type: text/plain, Size: 2866 bytes --]
On Tue, 17 Aug 2021 08:04:51 -0700
Jakub Kicinski <kuba@kernel.org> wrote with subject
"Re: ss command not showing raw sockets? (regression)":
> On Mon, 16 Aug 2021 15:08:00 -0700 Jakub Kicinski wrote:
> > On Sun, 15 Aug 2021 23:17:38 +0200 Jonas Bechtel wrote:
> > > I've got following installation:
> > > * ping 32 bit version
> > > * Linux 4.4.0 x86_64 (yes, somewhat ancient)
> > > * iproute2 4.9.0 or 4.20.0 or 5.10.0
> > >
> > > With one ping command active, there are two raw sockets on my
> > > system: one for IPv4 and one for IPv6 (just one of those is used).
> > >
> > > My problem is that
> > >
> > > ss -awp
> > >
> > > shows
> > > * two raw sockets (4.9.0)
> > > * any raw socket = bug (4.20.0)
> > > * any raw socket = bug (5.10.0)
> >
> > Could you clarify how the bug manifests itself? Does ss crash?
> >
> > > So is this a bug or is this wont-fix (then, if it is related to
> > > kernel version, package maintainers may be interested)?
>
> I had a look, I don't see anything out of the ordinary. I checked with
> v4.6, I don't have a 4.4 box handy. It seems ss got support for
> dumping over netlink in the 4.9. On a 4.4 kernel it should fall back
> to using procfs tho, raw_show() calls inet_show_netlink() which
> should fails and therefore the code should fall through to the old
> procfs stuff.
>
> No idea why that doesn't happen for you. Is this vanilla 4.4 or does
> it have backports? Is there a /sys/module/raw_diag/ directory on your
> system after you run those commands?
It's was Knoppix distributed package. I don't know about the exact contents, there's also no hint in package description. I just know that it works without initrd, as it directly mounts the root disk.
No, there's /sys/module but no /sys/module/raw_diag/ neither before nor after running those commands.
>
> Does setting PROC_NET_RAW make the newer iproute version work for you?
>
> $ PROC_NET_RAW=/proc/net/raw ss -awp
Yes, this did the trick. (And again I was thinking programs were doing something "magical", but in the end it's just a file they access)
Furthermore I checked with Linux 4.19.0 amd64 RT (Debian package; from package description: "This kernel includes the PREEMPT_RT realtime patch set."). With this kernel there was no need for PROC_NET_RAW. All iproute versions worked out of the box and showed even command name, pid and fd number (that's why ss traverses all /proc/[pids]/fd/ directories?).
See attached log file, with kernel versions and iproute2 versions printed.
@kuba With PROC_NET_RAW I consider the problem is found, isn't it? So I will not download/bisect<->build or otherwise investigate the problem until one of you explicitely asks me to do so.
I have now redirected invocation of command with set PROC_NET_RAW on my system, and may (try to) update to Linux 4.19.
Thank you!
Best Regards
jbechtel
[-- Attachment #2: ss_debug-logs.txt --]
[-- Type: text/plain, Size: 3900 bytes --]
user@machine:~$ uname -a; for file in ./ss_{4.9.0,4.20.0,5.10.0}; do echo $file; $file -awp; PROC_NET_RAW=/proc/net/raw $file -awp; done
Linux machine 4.4.0-64 #2 SMP PREEMPT Mon Jan 25 01:54:18 CET 2016 x86_64 GNU/Linux
./ss_4.9.0
State Recv-Q Send-Q Local Address:Port Peer Address:Port
UNCONN 0 0 *:icmp *:*
UNCONN 0 0 :::ipv6-icmp :::*
State Recv-Q Send-Q Local Address:Port Peer Address:Port
UNCONN 0 0 *:icmp *:*
UNCONN 0 0 :::ipv6-icmp :::*
./ss_4.20.0
State Recv-Q Send-Q Local Address:Port Peer Address:Port
State Recv-Q Send-Q Local Address:Port Peer Address:Port
UNCONN 0 0 0.0.0.0:icmp 0.0.0.0:*
UNCONN 0 0 *:ipv6-icmp *:*
./ss_5.10.0
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
UNCONN 0 0 0.0.0.0:icmp 0.0.0.0:*
UNCONN 0 0 *:ipv6-icmp *:*
user@machine:~$ # [kernel change, reboot, etc.]
user@machine:~$ uname -a; for file in ./ss_{4.9.0,4.20.0,5.10.0}; do echo $file; $file -awp; PROC_NET_RAW=/proc/net/raw $file -awp; done
Linux (none) 4.19.0-16-rt-amd64 #1 SMP PREEMPT RT Debian 4.19.181-1 (2021-03-19) x86_64 GNU/Linux
./ss_4.9.0
State Recv-Q Send-Q Local Address:Port Peer Address:Port
UNCONN 0 0 *:icmp *:* users:(("ping",pid=272,fd=3))
UNCONN 0 0 :::ipv6-icmp :::* users:(("ping",pid=272,fd=4))
State Recv-Q Send-Q Local Address:Port Peer Address:Port
UNCONN 0 0 *:icmp *:* users:(("ping",pid=272,fd=3))
UNCONN 0 0 :::ipv6-icmp :::* users:(("ping",pid=272,fd=4))
./ss_4.20.0
State Recv-Q Send-Q Local Address:Port Peer Address:Port
UNCONN 0 0 0.0.0.0:icmp 0.0.0.0:* users:(("ping",pid=272,fd=3))
UNCONN 0 0 *:ipv6-icmp *:* users:(("ping",pid=272,fd=4))
State Recv-Q Send-Q Local Address:Port Peer Address:Port
UNCONN 0 0 0.0.0.0:icmp 0.0.0.0:* users:(("ping",pid=272,fd=3))
UNCONN 0 0 *:ipv6-icmp *:* users:(("ping",pid=272,fd=4))
./ss_5.10.0
State Recv-Q Send-Q Local Address:Port Peer Address:PortProcess
UNCONN 0 0 0.0.0.0:icmp 0.0.0.0:* users:(("ping",pid=272,fd=3))
UNCONN 0 0 *:ipv6-icmp *:* users:(("ping",pid=272,fd=4))
State Recv-Q Send-Q Local Address:Port Peer Address:PortProcess
UNCONN 0 0 0.0.0.0:icmp 0.0.0.0:* users:(("ping",pid=272,fd=3))
UNCONN 0 0 *:ipv6-icmp *:* users:(("ping",pid=272,fd=4))
user@machine:~$
next prev parent reply other threads:[~2021-08-17 18:30 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-08-15 21:17 ss command not showing raw sockets? (regression) Jonas Bechtel
2021-08-16 22:08 ` Jakub Kicinski
2021-08-17 14:57 ` David Ahern
2021-08-17 15:04 ` Jakub Kicinski
2021-08-17 18:21 ` Jonas Bechtel [this message]
2021-08-17 18:44 ` Jakub Kicinski
2021-08-17 19:54 ` David Ahern
2021-08-17 21:37 ` Jakub Kicinski
2021-08-18 0:47 ` David Ahern
2021-08-18 19:57 ` Jonas Bechtel
2021-08-18 20:43 ` David Ahern
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210817202135.6b42031f@mmluhan \
--to=post@jbechtel.de \
--cc=dsahern@gmail.com \
--cc=kuba@kernel.org \
--cc=netdev@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).