lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed, 03 Feb 2010 13:15:45 +0800 From: Cong Wang <amwang@...hat.com> To: Eric Dumazet <eric.dumazet@...il.com> CC: linux-kernel@...r.kernel.org, linux-rdma@...r.kernel.org, netdev@...r.kernel.org, Neil Horman <nhorman@...driver.com>, linux-sctp@...r.kernel.org, David Miller <davem@...emloft.net> Subject: Re: [RFC Patch] net: reserve ports for applications using fixed port numbers Eric Dumazet wrote: > Le mardi 02 février 2010 à 23:30 -0500, Amerigo Wang a écrit : >> This patch introduces /proc/sys/net/ipv4/ip_local_reserved_ports, >> it can be used like ip_local_port_range, but this is used to >> reserve ports for third-party applications which use fixed >> port numbers within ip_local_port_range. >> >> This only affects the applications which call socket functions >> like bind(2) with port number 0, to prevent the kernel getting the ports >> within the specified range for them. For applications which use fixed >> port number, it will have no effects. >> >> Any comments are welcome. >> >> Signed-off-by: WANG Cong <amwang@...hat.com> >> Cc: David Miller <davem@...emloft.net> >> Cc: Neil Horman <nhorman@...driver.com> >> Cc: Eric Dumazet <eric.dumazet@...il.com> > >> .procname = "igmp_max_memberships", >> diff --git a/net/ipv4/udp.c b/net/ipv4/udp.c >> index f0126fd..83045ca 100644 >> --- a/net/ipv4/udp.c >> +++ b/net/ipv4/udp.c >> @@ -210,8 +210,11 @@ int udp_lib_get_port(struct sock *sk, unsigned short snum, >> inet_get_local_port_range(&low, &high); >> remaining = (high - low) + 1; >> >> +again: >> rand = net_random(); >> first = (((u64)rand * remaining) >> 32) + low; >> + if (inet_is_reserved_local_port(first)) >> + goto again; >> /* >> * force rand to be an odd multiple of UDP_HTABLE_SIZE >> */ > > Unless I misread the patch, you are checking only the 'first' port that > udp_lib_get_port() chose. > > I would use inet_get_local_reserved_ports(&min_res, &max_res); > and check every port that we chose in the loop to avoid it if necessary. > Hmm, right, 'first' is used to do iteration, but I did missed 'last'. Thanks! I will fix this in the next update. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists