This patch fixes the following error:
arpd.c:442:17: error: initialization of 'int' from 'void *' makes integer from pointer without a cast [-Wint-conversion]
442 | NULL, 0,
raised by Buildroot autobuilder [1].
In the case in question, the analysis of socket.h [2] containing the
msghdr structure shows that it has been modified with the addition of
padding fields, which cause the compilation error. The use of designated
initializers allows the issue to be fixed.
struct msghdr {
void *msg_name;
socklen_t msg_namelen;
struct iovec *msg_iov;
int __pad1;
int msg_iovlen;
int __pad1;
void *msg_control;
int __pad2;
socklen_t msg_controllen;
int __pad2;
int msg_flags;
};
[1] http://autobuild.buildroot.org/results/e4cdfa38ae9578992f1c0ff5c4edae3cc0836e3c/
[2] iproute2/host/mips64-buildroot-linux-musl/sysroot/usr/include/sys/socket.h
Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
This patch fixes a problem with the libbpf version comparison to decide
if ENABLE_BPF_SKSTORAGE_SUPPORT could be enabled.
- The code enabled by ENABLE_BPF_SKSTORAGE_SUPPORT uses the function
btf_dump__new with an API that was introduced in libbpf 0.6.0. So
check now against libbpf version to be >= 0.6.x instead of 0.5.x.
- This code still depends on the necessity to have LIBBPF_MAJOR_VERSION
and LIBBPF_MINOR_VERSION defined, even if libbpf_version.h is not
present in the library development package. This was ensured with
the previous patch for the configure script.
Fixes: e3ecf048 ("ss: pretty-print BPF socket-local storage")
Signed-off-by: Stefan Mätje <stefan.maetje@esd.eu>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Clang complains that format string is not a string literal
unless the functions are annotated.
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Use the COLUMNS environment variable [1] when determining the screen width,
if using TIOCGWINSZ isn't possible or if it fails. This allows better use
of the available horizontal screen space in certain scenarios, and makes
the produced outputs more readable, as described further below.
All major shells can maintain the COLUMNS variable according to the current
screen size, [2][3][4] but this shell variable isn't actually an environment
variable, i.e. it doesn't get exported to the shell subprocesses by default.
For example, no COLUMNS environment variable reaches ss(8) when it's executed
as part of a shell pipeline or inside a shell script.
Though, users can opt to export the COLUMNS variable by hand, or they can
rely on some other utilities to do that for them. A good example of such
utilities is watch(1) that exports COLUMNS as an environment variable to
the processes it executes. [5] Using ss(8) together with watch(1) is rather
useful, and honoring the exported COLUMNS variable makes the outputs produced
by ss(8) in this scenario more readable.
The behavior of shells, which don't export the COLUMNS variable by default,
makes this change safe in the sense of not affecting the usual shell pipeline
workflows or various shell scripts that use ss(8).
[1] https://pubs.opengroup.org/onlinepubs/9699919799.2016edition/basedefs/V1_chap08.html
[2] https://man.archlinux.org/man/bash.1.en#COLUMNS
[3] https://man.archlinux.org/man/tcsh.1.en#Terminal_management_(+)
[4] https://man.archlinux.org/man/zshall.1.en#Configuration
[5] https://gitlab.com/procps-ng/procps/-/blob/master/NEWS?ref_type=heads#L623
Signed-off-by: Dragan Simic <dsimic@manjaro.org>
Signed-off-by: David Ahern <dsahern@kernel.org>
Three new "last time" counters have been added to "struct mptcp_info":
last_data_sent, last_data_recv and last_ack_recv. They have been added
in commit 18d82cde7432 ("mptcp: add last time fields in mptcp_info") in
net-next recently.
This patch prints out these new counters into mptcp_stats output in ss.
Signed-off-by: Geliang Tang <geliang@kernel.org>
Acked-by: Matthieu Baerts (NGI0) <matttbe@kernel.org>
Signed-off-by: Matthieu Baerts (NGI0) <matttbe@kernel.org>
Signed-off-by: David Ahern <dsahern@kernel.org>
The motivation is to build distributions packages without /var to go
towards stateless systems, see link below (TL;DR: provisionning anything
outside of /usr on boot).
We only try do create the database directory when it's in the default
location, and assume its parent (/var/lib in the usual case) exists.
Links: https://0pointer.net/blog/projects/stateless.html
Signed-off-by: Max Gautier <mg@max.gautier.name>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
the strdup man page states that the errno value
set by the function so there is not need to set it.
Signed-off-by: Denis Kirjanov <dkirjanov@suse.de>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
get_nlmsg_extended is missing the check as
it's done in get_nlmsg
v2: don't set the errno value explicitly
Signed-off-by: Denis Kirjanov <dkirjanov@suse.de>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
the function has the same definition in ifstat and ss
v2: fix the typo in the chagelog
v3: rebase on master
Signed-off-by: Denis Kirjanov <dkirjanov@suse.de>
Signed-off-by: David Ahern <dsahern@kernel.org>
The 32 bit statistics are problematic since 32 bit value can
easily wraparound at high speed. Use 64 bit stats if available.
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Signed-off-by: David Ahern <dsahern@kernel.org>
da9cc6ab introduced printing of MD5 signature keys when found.
But when changing printf() to out() calls with 90351722,
the implicit printf call in print_escape_buf() was overlooked.
That results in a funny output in the first line:
"<all-your-tcp-signature-keys-concatenated>State"
and ambiguity as to which of those bytes belong to which socket.
Add a static void out_escape_buf() immediately before we use it.
da9cc6ab (ss: print MD5 signature keys configured on TCP sockets, 2017-10-06)
90351722 (ss: Replace printf() calls for "main" output by calls to helper, 2017-12-12)
Signed-off-by: Lars Ellenberg <lars.ellenberg@linbit.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Print an error message if we can't remove the history file
v2: exit if unlink failed
v3: restore the changelog
Signed-off-by: Denis Kirjanov <dkirjanov@suse.de>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Use snprintf to print only valid data.
That's the similar change done for ifstat.
Signed-off-by: Denis Kirjanov <dkirjanov@suse.de>
Signed-off-by: David Ahern <dsahern@kernel.org>
as the name doesn't require a lot of storage put
it on the stack. Moreover the memory allocated via
malloc wasn't returned.
Signed-off-by: Denis Kirjanov <dkirjanov@suse.de>
Signed-off-by: David Ahern <dsahern@kernel.org>
the argument passed to the function
is always a constant value
Signed-off-by: Denis Kirjanov <dkirjanov@suse.de>
Signed-off-by: David Ahern <dsahern@kernel.org>
ss is able to print the map ID(s) for which a given socket has BPF
socket-local storage defined (using --bpf-maps or --bpf-map-id=). However,
the actual content of the map remains hidden.
This change aims to pretty-print the socket-local storage content following
the socket details, similar to what `bpftool map dump` would do. The exact
output format is inspired by drgn, while the BTF data processing is similar
to bpftool's.
ss will use libbpf's btf_dump__dump_type_data() to ease pretty-printing
of binary data. This requires out_bpf_sk_storage_print_fn() as a print
callback function used by btf_dump__dump_type_data(). vout() is also
introduced, which is similar to out() but accepts a va_list as
parameter.
ss' output remains unchanged unless --bpf-maps or --bpf-map-id= is used,
in which case each socket containing BPF local storage will be followed by
the content of the storage before the next socket's info is displayed.
Signed-off-by: Quentin Deslandes <qde@naccy.de>
Acked-by: Martin KaFai Lau <martin.lau@kernel.org>
Signed-off-by: David Ahern <dsahern@kernel.org>
While sock_diag is able to return BPF socket-local storage in response
to INET_DIAG_REQ_SK_BPF_STORAGES requests, ss doesn't request it.
This change introduces the --bpf-maps and --bpf-map-id= options to request
BPF socket-local storage for all SK_STORAGE maps, or only specific ones.
The bigger part of this change will check the requested map IDs and
ensure they are valid. The column COL_EXT is used to print the
socket-local data into.
When --bpf-maps is used, ss will send an empty
INET_DIAG_REQ_SK_BPF_STORAGES request, in return the kernel will send
all the BPF socket-local storage entries for a given socket. The BTF
data for each map is loaded on demand, as ss can't predict which map ID
are used.
When --bpf-map-id=ID is used, a file descriptor to the requested maps is
open to 1) ensure the map doesn't disappear before the data is printed,
and 2) ensure the map type is BPF_MAP_TYPE_SK_STORAGE. The BTF data for
each requested map is loaded before the request is sent to the kernel.
Co-developed-by: Martin KaFai Lau <martin.lau@kernel.org>
Signed-off-by: Martin KaFai Lau <martin.lau@kernel.org>
Signed-off-by: Quentin Deslandes <qde@naccy.de>
Signed-off-by: David Ahern <dsahern@kernel.org>
Use snprintf to print only valid data
v2: adjust formatting
v3: fix the issue with a buffer length
Signed-off-by: Denis Kirjanov <dkirjanov@suse.de>
Signed-off-by: David Ahern <dsahern@kernel.org>
Throughout ifstat.c, ifstat_ent.val is accessed as a long long unsigned
type, however it is defined as __u64. This works by coincidence on many
systems, however on ppc64le, __u64 is a long unsigned.
This patch makes the type definition consistent with all of the places
where it is accessed.
Fixes: 5a52102b7c ("ifstat: Add extended statistics to ifstat")
Reviewed-by: Andrea Claudi <aclaudi@redhat.com>
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
convert frprintf calls to perror() so the caller
can see the reason of an error
Signed-off-by: Denis Kirjanov <dkirjanov@suse.de>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Add a new option `-Q/--no-queues` to ss(8) to suppress the two standard
columns Send-Q and Recv-Q. This helps to keep the output steady for
monitoring purposes (like listening sockets).
Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
Signed-off-by: David Ahern <dsahern@kernel.org>
A recent modification broke "extra" options for all protocols showing
info about the processes when '-p' / '--processes' option was not used
as well. In other words, all the additional bits displayed at the end or
at the next line were no longer printed if the user didn't ask to show
info about processes as well.
The reason is that, the "current_field" pointer never switched to the
"Ext" column. If the user didn't ask to display the processes, nothing
happened when trying to print extra bits using the "out()" function,
because the current field was still pointing to the "Process" one, now
marked as disabled.
Before the commit mentioned below, it was not an issue not to switch to
the "Ext" or "Process" columns because they were never marked as
"disabled".
Here is a quick list of options that were no longer displayed if '-p' /
'--processes' was not set:
- AF_INET(6):
-o, --options
-e, --extended
--tos
--cgroup
--inet-sockopt
-m, --memory
-i, --info
- AF_PACKET:
-e, --extended
- AF_XDP:
-e, --extended
- AF_UNIX:
-m, --memory
-e, --extended
- TIPC:
--tipcinfo
That was just by quickly reading the code, I probably missed some. But
this shows that the impact can be quite important for all scripts using
'ss' to monitor connections or to report info.
Fixes: 1607bf53 ("ss: prevent "Process" column from being printed unless requested")
Signed-off-by: Matthieu Baerts (NGI0) <matttbe@kernel.org>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Now pointer `jw` is being checked for NULL before using
in function `jsonw_start_object`.
Added exit from function when `jw==NULL`.
Found by RASU JSC
Signed-off-by: Maks Mishin <maks.mishinFZ@gmail.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Make ss aware of the new "bound-inactive" pseudo-state for TCP (see
Linux commit 91051f003948 ("tcp: Dump bound-only sockets in inet_diag.")).
These are TCP sockets that have been bound, but are neither listening nor
connecting.
With this patch, these sockets can now be dumped with:
* the existing -a (--all) option, to dump all sockets, including
bound-inactive ones,
* the new -B (--bound-inactive) option, to dump them exclusively,
* the new "bound-inactive" state, to be used in a STATE-FILTER.
Note that the SS_BOUND_INACTIVE state is a pseudo-state used for queries
only. The kernel returns them as SS_CLOSE.
The SS_NEW_SYN_RECV pseudo-state is added in this patch only because we
have to set its entry in the sstate_namel array (in scan_state()). Care
is taken not to make it visible by users.
Signed-off-by: Guillaume Nault <gnault@redhat.com>
Signed-off-by: David Ahern <dsahern@kernel.org>
Commit 5883c6eba5 ("ss: show header for --processes/-p") added
"Process" to the list of columns printed by ss. However, the "Process"
header is now printed even if --processes/-p is not used.
This change aims to fix this by moving the COL_PROC column ID to the same
index as the corresponding column structure in the columns array, and
enabling it if --processes/-p is used.
Fixes: 5883c6eba5 ("ss: show header for --processes/-p")
Signed-off-by: Quentin Deslandes <qde@naccy.de>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
A new counter mptcpi_subflows_total has been added in mptcpi_flags
to count the total amount of subflows from mptcp_info including the
initial one into kernel in this commit:
6ebf6f90ab4a ("mptcp: add mptcpi_subflows_total counter")
This patch prints out this counter into mptcp_stats output.
Acked-by: Matthieu Baerts <matttbe@kernel.org>
Signed-off-by: Geliang Tang <geliang.tang@linux.dev>
Signed-off-by: David Ahern <dsahern@kernel.org>
linux-6.7 supports usec resolution in TCP TS values.
ss -ie can show if a flow is using this new resolution.
$ ss -tie
...
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
ESTAB 0 12869632 [2002:a05:6608:295::]:37054 [2002:a05:6608:297::]:35721
ts usec_ts sack bbr2s wscale:12,12 ...
Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David Ahern <dsahern@kernel.org>
Clang warns:
ssfilter_check.c💯13: warning: implicit truncation from 'int' to a one-bit wide bit-field changes value from 1 to -1 [-Wsingle-bit-bitfield-constant-conversion]
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
tcpi_rcv_wnd and tcpi_rehash were added in linux-6.2.
$ ss -ti
...
cubic wscale:7,7 ... minrtt:0.01 snd_wnd:65536 rcv_wnd:458496
Signed-off-by: Eric Dumazet <edumazet@google.com>
Acked-by: Neal Cardwell <ncardwell@google.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
To get information about threads used in a process, the /proc/$PID/task
directory content is analyzed by ss code. However, the opened 'dirent'
object is not closed after use, leading to memory leaks. Add missing
closedir call in 'user_ent_hash_build' to avoid it.
Detected by valgrind: "valgrind ./misc/ss -T"
Fixes: e2267e68b9 ("ss: Introduce -T, --threads option")
Signed-off-by: Maxim Petrov <mmrmaximuzz@gmail.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
ss provides some selinux stub functions, useful when iproute2 is
compiled without selinux support.
Move them to lib/ so we can use them in other iproute2 tools.
Signed-off-by: Andrea Claudi <aclaudi@redhat.com>
Signed-off-by: David Ahern <dsahern@kernel.org>
getfilecon() and security_get_initial_context() use the const qualifier
for their first paramater in SELinux APIs.
This commit adds the const qualifier to these functions, making them
conformant to API definitions.
Signed-off-by: Andrea Claudi <aclaudi@redhat.com>
Signed-off-by: David Ahern <dsahern@kernel.org>
From the is_selinux_enabled() manpage:
is_selinux_enabled() returns 1 if SELinux is running or 0 if it is not.
This makes the is_selinux_enabled() stub functions works exactly like
the SELinux function it is supposed to replace.
Signed-off-by: Andrea Claudi <aclaudi@redhat.com>
Signed-off-by: David Ahern <dsahern@kernel.org>
This is aligned with what is printed for TCP sockets.
The main difference here is that these counters can be larger (u32 vs
u64) but WireShark and TCPDump are also printing these MPTCP counters as
decimal and they look fine.
So it sounds better to do the same here with ss for those who want to
easily count how many bytes have been exchanged between two runs without
having to think in hexa.
Acked-by: Paolo Abeni <pabeni@redhat.com>
Acked-by: Andrea Claudi <aclaudi@redhat.com>
Signed-off-by: Matthieu Baerts <matthieu.baerts@tessares.net>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Some counters from mptcp_info structure were stored as an unsigned
number (u8) but displayed as a signed one.
Even if it is unlikely these u8 counters -- number of subflows and
ADD_ADDR -- have a value bigger than 2^7, it still sounds better to
display them as unsigned.
Fixes: 9c3be2c0 ("ss: mptcp: add msk diag interface support")
Acked-by: Paolo Abeni <pabeni@redhat.com>
Acked-by: Andrea Claudi <aclaudi@redhat.com>
Signed-off-by: Matthieu Baerts <matthieu.baerts@tessares.net>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
The field is accessed before being assigned a meaningful value,
effectively disabling the checks.
Fixes: 4a0053b606 ("ss: Unify packet stats output from netlink and proc")
Signed-off-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
