70 Commits

Author SHA1 Message Date
Mike Karels
64acb29b7d sockstat: change check for wildcard sockets to avoid historical classes
sockstat was checking whether a bound address was "host 0", the lowest
host on a network, using inet_lnaof().  This only works for class A/B/C.
However, it isn't useful to bind such an address unless it is really
the unspecified address INADDR_ANY.  Change the check to to use that.

MFC after:	1 month
Reviewd by:	tuexen
Differential Revision: https://reviews.freebsd.org/D32715
2021-11-09 09:34:44 -06:00
Gleb Smirnoff
1fec1fa814 sockstat: don't query jail vnet if system is running without VIMAGE.
Fixes:  f1cd4902bf17
2021-10-19 09:49:35 -07:00
Gleb Smirnoff
32723a3ba9 sockstat: make err(3) on jail errors more verbose. 2021-10-19 09:49:35 -07:00
Mariusz Zaborski
7ad30f58dd sockstat: use cap_pwd
The sockstat is using password database operations to obtain
the username. Such operations are disallowed in capability mode.
For such operations Casper is required.

Reported by:	olivier@
Tested by:	olivier@
2021-06-18 18:08:30 +02:00
Mariusz Zaborski
bfb5947bb1 sockstat: fix core dump
The get_proto_type function is used before creating the Casper function.
This is why we have to distinguish when the Casper service is allocated or not.

Reported by:	olivier@
Tested by:	olivier@
2021-06-18 18:05:14 +02:00
Ryan Moeller
c5a2d8c5f5 sockstat: Use libcasper to capsicumize
Drop rights we do not need. This has to be done after jail_attach.

Reviewed by:	oshogbo
Relnotes:	yes
Differential Revision:	https://reviews.freebsd.org/D26958
2021-06-05 08:36:55 -04:00
Michael Tuexen
9e644c2300 tcp: add support for TCP over UDP
Adding support for TCP over UDP allows communication with
TCP stacks which can be implemented in userspace without
requiring special priviledges or specific support by the OS.
This is joint work with rrs.

Reviewed by:		rrs
Sponsored by:		Netflix, Inc.
MFC after:		1 week
Differential Revision:	https://reviews.freebsd.org/D29469
2021-04-18 16:16:42 +02:00
Alexander Motin
ccdd2b2b3c Add "-n" flag to sockstat.
sockstat can "hang" on getpwuid() calls in situations when FreeBSD
is joined to a directory service (AD/LDAP etc) and the directory
service fail to answer in a timely manner when trying to resolve
numeric UIDs to user names.

Submitted by:	Caleb St. John <caleb@ixsystems.com>
MFC after:	1 week
2020-12-30 13:45:53 -05:00
Ryan Moeller
ae37905b93 sockstat: Fix error message when jail_attach fails
jail_errmsg is for libjail, jail_attach() is a system call.
2020-10-24 22:36:20 +00:00
Michael Tuexen
2ac089d0e6 Add a -C option to sockstat to display the congestion control for TCP
connections.

Reviewed by:		rscheff
MFC after:		1 week
Sponsored by:		Netflix, Inc.
Differential Revision:	https://reviews.freebsd.org/D26413
2020-09-13 09:12:25 +00:00
Ryan Moeller
f1cd4902bf sockstat: Attach to jail if in new vnet
Attach sockstat -j to the specified jail if the jail is in a new vnet.
Otherwise we do not see all sockets belonging to the jail.

Reviewed by:	jamie
Approved by:	mmacy (mentor)
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D24413
2020-04-26 20:55:11 +00:00
Brooks Davis
f38b68ae8a Make struct xinpcb and friends word-size independent.
Replace size_t members with ksize_t (uint64_t) and pointer members
(never used as pointers in userspace, but instead as unique
idenitifiers) with kvaddr_t (uint64_t). This makes the structs
identical between 32-bit and 64-bit ABIs.

On 64-bit bit systems, the ABI is maintained. On 32-bit systems,
this is an ABI breaking change. The ABI of most of these structs
was previously broken in r315662.  This also imposes a small API
change on userspace consumers who must handle kernel pointers
becoming virtual addresses.

PR:		228301 (exp-run by antoine)
Reviewed by:	jtl, kib, rwatson (various versions)
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D15386
2018-07-05 13:13:48 +00:00
Jamie Gritton
de68a3200a Allow jail names (not just IDs) to be specified for: cpuset(1), ipfw(8),
sockstat(1), ugidfw(8)
These are the last of the jail-aware userland utilities that didn't work
 with names.

PR:		229266
MFC after:	3 days
Differential Revision:	D16047
2018-07-03 23:47:20 +00:00
Emmanuel Vadot
62de70375f sockstat: add break that was forgot in 328279
Reported by:	garga@
MFC after:	1 week
X-MFC With:	328279
Sponsored by:	Gandi.net
2018-01-23 14:33:19 +00:00
Emmanuel Vadot
ee0afaa9d7 sockstat: Add -q option to suppress the header line
MFC after:	1 week
Sponsored by:	Gandi.net
2018-01-23 13:03:47 +00:00
Pedro F. Giffuni
1de7b4b805 various: general adoption of SPDX licensing ID tags.
Mainly focus on files that use BSD 2-Clause license, however the tool I
was using misidentified many licenses so this was mostly a manual - error
prone - task.

The Software Package Data Exchange (SPDX) group provides a specification
to make it easier for automated tools to detect and summarize well known
opensource licenses. We are gradually adopting the specification, noting
that the tags are considered only advisory and do not, in any way,
superceed or replace the license texts.

No functional change intended.
2017-11-27 15:37:16 +00:00
Gleb Smirnoff
0e229f343f Hide struct socket and struct unpcb from the userland.
Violators may define _WANT_SOCKET and _WANT_UNPCB respectively and
are not guaranteed for stability of the structures.  The violators
list is the the usual one: libprocstat(3) and netstat(1) internally
and lsof in ports.

In struct xunpcb remove the inclusion of kernel structure and add
a bunch of spare fields.  The xsocket already has socket not included,
but add there spares as well.  Embed xsockbuf into xsocket.

Sort declarations in sys/socketvar.h to separate kernel only from
userland available ones.

PR:		221820 (exp-run)
2017-10-02 23:29:56 +00:00
Michael Tuexen
05d70babff Remove tailing whitespace. 2017-09-15 20:46:51 +00:00
Michael Tuexen
83f60cb202 Add a command line option for using a wider field for displaying
addresses. This allows the table to be consistent when IPv6
addresses have to be printed.
While there, document the -v option in the man page.

Sponsored by:	Netflix, Inc.
2017-09-13 06:57:52 +00:00
Michael Tuexen
e389705ed3 Add support for printing the path state for SCTP association. 2017-09-12 21:36:13 +00:00
Michael Tuexen
49b836f2ea Add printing of the remote encapsulation port for SCTP associations.
Sponsored by:	Netflix, Inc.
2017-09-12 21:07:48 +00:00
Michael Tuexen
e5cccc35c3 Add support to print the TCP stack being used.
Sponsored by:	Netflix, Inc.
2017-09-12 13:34:43 +00:00
Gleb Smirnoff
bf40d2ca68 Shut up gcc. 2017-03-21 08:57:20 +00:00
Gleb Smirnoff
cc65eb4e79 Hide struct inpcb, struct tcpcb from the userland.
This is a painful change, but it is needed.  On the one hand, we avoid
modifying them, and this slows down some ideas, on the other hand we still
eventually modify them and tools like netstat(1) never work on next version of
FreeBSD.  We maintain a ton of spares in them, and we already got some ifdef
hell at the end of tcpcb.

Details:
- Hide struct inpcb, struct tcpcb under _KERNEL || _WANT_FOO.
- Make struct xinpcb, struct xtcpcb pure API structures, not including
  kernel structures inpcb and tcpcb inside.  Export into these structures
  the fields from inpcb and tcpcb that are known to be used, and put there
  a ton of spare space.
- Make kernel and userland utilities compilable after these changes.
- Bump __FreeBSD_version.

Reviewed by:	rrs, gnn
Differential Revision:	D10018
2017-03-21 06:39:49 +00:00
Renato Botelho
27569d019d Fix style(9)
Reviewed by:	ngie, tuexen, vangyzen, allanjude
Approved by:	allanjude
MFC after:	1 week
Sponsored by:	Rubicon Communications (Netgate)
Differential Revision:	https://reviews.freebsd.org/D9588
2017-02-21 12:37:59 +00:00
Michael Tuexen
edc9c7fc7c This patch fixes two bugs:
* sctp46, tcp46, and udp46 sockets are displayed as such and not as
  sctp4 6, tcp4 6, udp4 6. This bug was introduced in
  http://svnweb.freebsd.org/base?view=revision&revision=187915
* For SCTP sockets, the the -4 and -6 flags are honoured as much as
  possible. This means IPv4 sockets are handled correctly,  IPv6
  sockets are displayed as sctp46, since it is currently not possible
  to distinguish between sctp6 and sctp46.

Approved by:	re (gjb)
MFC after:	1 week
2016-06-25 12:46:18 +00:00
Michael Tuexen
55a87f85cf Fix two types which resulted in setting the address long wrong
for IPv6 addresses.

Reported by:	pfg@
CID:		1347086
MFC after:	1 week
2016-06-02 17:31:37 +00:00
Eitan Adler
463a577b27 Fix a ton of speelling errors
arc lint is helpful

Reviewed By: allanjude, wblock, #manpages, chris@bsdjunk.com
Differential Revision: https://reviews.freebsd.org/D3337
2015-10-21 05:37:09 +00:00
Michael Tuexen
c1eb13c74c Report CLOSED as state for bound sockets for consistency with
netstat and the way TCP is handled.

PR:		201585
MFC after:	3 weeks
2015-08-29 09:10:52 +00:00
Michael Tuexen
6414db1bc4 Add SCTP support.
PR:		201585
MFC after:	3 weeks
2015-08-26 23:45:06 +00:00
Michael Tuexen
6eb1d5ba64 Remove a variable which is set but never used.
PR:		201585
MFC after:	3 weeks
2015-08-26 22:52:18 +00:00
Michael Tuexen
4e13a5b043 Print the status on the first line of a socket description, not at
the last one. This doesn't matter for TCP, but it does for the upcoming
SCTP support.

PR:		201585
MFC after:	3 weeks
2015-08-26 22:50:53 +00:00
Dag-Erling Smørgrav
cf24373c3b Move assignments around to avoid a false-positive uninitialized variable
warning which broke the sparc64 build.

PR:		201585
MFC after:	3 weeks
2015-07-17 08:37:13 +00:00
Dag-Erling Smørgrav
7a5642b3a1 Add a -s option which adds a column listing the connection state if
applicable (currently only for TCP).

PR:		201585
MFC after:	3 weeks
2015-07-16 13:09:21 +00:00
Hiroki Sato
b8e20e2dfd - Add SOCK_SEQPACKET support in UNIX-domain socket.
- Display zoneid using % notation in an IPv6 address.
- Use nitems().
- Use sstos{in,in6,un} macros to simplify casts.
- style(9).
2015-06-20 08:59:50 +00:00
Michael Tuexen
bedcf91d5c Don't leak sockets.
Reported by:	Coverity
CID:		1306785

MFC after:	3 days
2015-06-19 19:36:29 +00:00
Michael Tuexen
8109120283 Fix a bug reported by coverity. Since AF_UNIX sockets don't
have multiple addresses, the problem didn't show up during testing.

Reported by:	Coverity
CID:		1306787
2015-06-18 13:45:07 +00:00
Michael Tuexen
d5b4aa9075 Add support for SCTP.
MFC after: 3 days
2015-06-13 20:11:02 +00:00
Michael Tuexen
e6f718c750 Allow more than one local or remote address per socket. This is needed to
support SCTP (and MPTCP in the future). No functional change for existing
protocols.

MFC after: 3 days
2015-06-13 20:05:20 +00:00
Michael Tuexen
7e80c6b0e2 Allow more than one socket entry for a file descriptor. This is needed
for supporting 1-to-many style SCTP sockets. For other sochets, there
is no functional change.

MFC after: 3 days
2015-06-13 20:01:54 +00:00
Michael Tuexen
baa7f281a3 Simplify printaddr(). No functional change.
MFC after: 3 days
2015-06-13 19:56:04 +00:00
Andrew Thompson
c7bec96b05 Update the usage with the new jail option.
Spotted by:	Jason Hellenthal
MFC after:	3 days
2012-06-27 23:26:32 +00:00
Navdeep Parhar
09fe63205c - Updated TOE support in the kernel.
- Stateful TCP offload drivers for Terminator 3 and 4 (T3 and T4) ASICs.
  These are available as t3_tom and t4_tom modules that augment cxgb(4)
  and cxgbe(4) respectively.  The cxgb/cxgbe drivers continue to work as
  usual with or without these extra features.

- iWARP driver for Terminator 3 ASIC (kernel verbs).  T4 iWARP in the
  works and will follow soon.

Build-tested with make universe.

30s overview
============
What interfaces support TCP offload?  Look for TOE4 and/or TOE6 in the
capabilities of an interface:
# ifconfig -m | grep TOE

Enable/disable TCP offload on an interface (just like any other ifnet
capability):
# ifconfig cxgbe0 toe
# ifconfig cxgbe0 -toe

Which connections are offloaded?  Look for toe4 and/or toe6 in the
output of netstat and sockstat:
# netstat -np tcp | grep toe
# sockstat -46c | grep toe

Reviewed by:	bz, gnn
Sponsored by:	Chelsio communications.
MFC after:	~3 months (after 9.1, and after ensuring MFC is feasible)
2012-06-19 07:34:13 +00:00
Andrew Thompson
00feaafdf8 Allow the socket list to be limited to a specific jail id.
No objections:	current@
2012-05-24 01:31:10 +00:00
Mikolaj Golub
003e7e4928 Try to avoid ambiguity when sysctl returns ENOMEM additionally
checking the returned oldlen: when ENOMEM is due to the supplied
buffer being too short the return oldlen is equal to buffer size.

Without this additional check sockstat gets stuck in loop leaking the
memory if the returned ENOMEM was due the exceeded memorylocked
limit. This is easily can be observed running `limits -l 1k sockstat'.

Submitted by:	Andrey Zonov <andrey zonov org>
MFC after:	1 week
2012-02-01 18:03:21 +00:00
Jilles Tjoelker
61149f8d7c sockstat: Also show sockets not associated with a file descriptor.
Sockets not associated with a file descriptor include TCP TIME_WAIT states
and sockets created via the socket(9) API such as from rpc.lockd and the NFS
client.

PR:		bin/164081
MFC after:	2 weeks
No objection:	des
2012-01-24 21:33:34 +00:00
Ulrich Spörlein
fb2ad9d3a4 Reencode files from latin1 to UTF-8.
This makes a tiny percentage of entries in calendars ugly for latin1
users, but fixes them for UTF-8 users.

This badly needs a solution involving locale-dependent re-encoding.
2011-12-30 10:59:15 +00:00
Maxim Konovalov
09bbda2122 o Make sockstat -6 output more readable for long ipv6
addresses (most of them apart from ::1): put a whitespace
between local and remote address:port pairs.

PR:		bin/145194
Submitted by:	Fedor Dikarev
MFC after:	2 weeks
2010-03-30 09:58:21 +00:00
Ed Schouten
01cc221b4c Mute some warnings on uninitialized variables.
The code does the right thing, but the compiler is unable to figure it
out. All paths that use that variable use the same invariant.
2010-01-02 10:14:35 +00:00
Robert Watson
4cf172fd65 Remove unused v6 macro aliases for inpcb fields:
in6p_ip6_nxt
        in6p_vflag
        in6p_flags
        in6p_socket
        in6p_lport
        in6p_fport
        in6p_ppcb

Remove unused v6 macro aliases for inpcb flags:

        IN6P_HIGHPORT
        IN6P_LOWPORT
        IN6P_ANONPORT
        IN6P_RECVIF
        IN6P_MTUDISC
        IN6P_FAITH
        IN6P_CONTROLOPTS

References to in6p_lport and in6_fport in sockstat are also replaced with
normal inp_lport and inp_fport references.

MFC after:	3 days
Reviewed by:	bz
2009-03-10 17:57:41 +00:00