Re: [PATCH] ss: prepare rth when killing inet sock

[Stephen Hemminger]

On Wed, 14 Feb 2018 22:50:04 +0900
Masatake YAMATO  wrote:

> kill_inet_sock() expects rhn_handle instance is passed
> via inet_diag_arg argument. However on the following calling path:
> 
> generic_show_sock
> => show_one_inet_sock
>=> kill_inet_sock  
> 
> rth field of inet_diag_arg is not filled with the address of
> rhn_handle instance. As the result ss crashes.
> 
> This commit fills the field with newly created rhn_handle
> instance.
> 
> Signed-off-by: Masatake YAMATO 

Won't this slow down ss because it does open/close of netlink socket
for each socket being displayed.  It is not uncommon to run this with
millions of sockets open.

[PATCH] ss: prepare rth when killing inet sock

[Masatake YAMATO]

kill_inet_sock() expects rhn_handle instance is passed
via inet_diag_arg argument. However on the following calling path:

generic_show_sock
=> show_one_inet_sock
   => kill_inet_sock

rth field of inet_diag_arg is not filled with the address of
rhn_handle instance. As the result ss crashes.

This commit fills the field with newly created rhn_handle
instance.

Signed-off-by: Masatake YAMATO 
---
 misc/ss.c | 9 -
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/misc/ss.c b/misc/ss.c
index 29a25070..a59fa2c1 100644
--- a/misc/ss.c
+++ b/misc/ss.c
@@ -4258,11 +4258,18 @@ static int generic_show_sock(const struct sockaddr_nl 
*addr,
 {
struct sock_diag_msg *r = NLMSG_DATA(nlh);
struct inet_diag_arg inet_arg = { .f = arg, .protocol = IPPROTO_MAX };
+   struct rtnl_handle rth_inet;
+   int result_inet;
 
switch (r->sdiag_family) {
case AF_INET:
case AF_INET6:
-   return show_one_inet_sock(addr, nlh, &inet_arg);
+   if (rtnl_open_byproto(&rth_inet, 0, NETLINK_SOCK_DIAG))
+   return -1;
+   inet_arg.rth = &rth_inet;
+   result_inet = show_one_inet_sock(addr, nlh, &inet_arg);
+   rtnl_close(&rth_inet);
+   return result_inet;
case AF_UNIX:
return unix_show_sock(addr, nlh, arg);
case AF_PACKET:
-- 
2.14.3