Restrict loopback addr (#345)

netdata · Aug 11, 2023 · 93fb552 · 93fb552
1 parent 48750cc
commit 93fb552
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 6 deletions.
diff --git a/includes/netdata_common.h b/includes/netdata_common.h
@@ -171,10 +171,11 @@ static __always_inline __u32 netdata_get_pid(void *ctrl_tbl)
             return netdata_get_parent_pid();
         else if (*level == NETDATA_APPS_LEVEL_ALL)
             return netdata_get_current_pid();
+        else if (*level == NETDATA_APPS_LEVEL_IGNORE) // Ignore PID
+            return 0;
     }
 
-    // I do not care for PID, so group them
-    return 0;
+    return netdata_get_real_parent_pid();
 }
 
 static __always_inline void *netdata_get_pid_structure(__u32 *store_pid, void *ctrl_tbl, void *pid_tbl)

diff --git a/kernel/socket_kern.c b/kernel/socket_kern.c
@@ -116,8 +116,8 @@ static __always_inline __u16 set_idx_value(netdata_socket_idx_t *nsi, struct ine
         bpf_probe_read(&nsi->saddr.addr32[0], sizeof(u32), &is->inet_rcv_saddr);
         bpf_probe_read(&nsi->daddr.addr32[0], sizeof(u32), &is->inet_daddr);
 
-        if (nsi->saddr.addr32[0] == 0 || nsi->daddr.addr32[0] == 0 || // Zero addr
-           nsi->saddr.addr64[0] == 16777343) // Loopback
+        if ((nsi->saddr.addr32[0] == 16777343 || nsi->daddr.addr32[0] == 16777343) || // Loopback
+            (nsi->saddr.addr32[0] == 0 || nsi->daddr.addr32[0] == 0)) // Zero
             return AF_UNSPEC;
     }
     // Check necessary according https://elixir.bootlin.com/linux/v5.6.14/source/include/net/sock.h#L199
@@ -129,8 +129,12 @@ static __always_inline __u16 set_idx_value(netdata_socket_idx_t *nsi, struct ine
         addr6 = &is->sk.sk_v6_daddr;
         bpf_probe_read(&nsi->daddr.addr8,  sizeof(__u8)*16, &addr6->s6_addr);
 
-        if ( ((nsi->saddr.addr64[0] == 0) && (nsi->saddr.addr64[1] == 0)) || ((nsi->daddr.addr64[0] == 0) && (nsi->daddr.addr64[1] == 0)) || // Zero addr
-             ((nsi->saddr.addr64[0] == 0) && (nsi->saddr.addr64[1] == 72057594037927936))) // Loopback
+        if (((nsi->saddr.addr64[0] == 0) && (nsi->saddr.addr64[1] == 72057594037927936)) ||  // Loopback
+            ((nsi->daddr.addr64[0] == 0) && (nsi->daddr.addr64[1] == 72057594037927936)))
+            return AF_UNSPEC;
+
+        if (((nsi->saddr.addr64[0] == 0) && (nsi->saddr.addr64[1] == 0)) ||
+            ((nsi->daddr.addr64[0] == 0) && (nsi->daddr.addr64[1] == 0))) // Zero addr
             return AF_UNSPEC;
     }
 #endif
@@ -147,6 +151,7 @@ static __always_inline __u16 set_idx_value(netdata_socket_idx_t *nsi, struct ine
     if (nsi->sport == 0 || nsi->dport == 0)
         return AF_UNSPEC;
 
+
     nsi->pid = netdata_get_pid(&socket_ctrl);
 
     return family;