| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 06 Jun 2015 23:57:33 -0700 (PDT) From: David Miller <davem@...emloft.net> To: eric.dumazet@...il.com Cc: ncardwell@...gle.com, netdev@...r.kernel.org, mtk.manpages@...il.com, maze@...gle.com Subject: Re: [PATCH v2 net-next] inet: add IP_BIND_ADDRESS_NO_PORT to overcome bind(0) limitations From: Eric Dumazet <eric.dumazet@...il.com> Date: Sat, 06 Jun 2015 21:17:57 -0700 > From: Eric Dumazet <edumazet@...gle.com> > > When an application needs to force a source IP on an active TCP socket > it has to use bind(IP, port=x). > > As most applications do not want to deal with already used ports, x is > often set to 0, meaning the kernel is in charge to find an available > port. > But kernel does not know yet if this socket is going to be a listener or > be connected. > It has very limited choices (no full knowledge of final 4-tuple for a > connect()) > > With limited ephemeral port range (about 32K ports), it is very easy to > fill the space. > > This patch adds a new SOL_IP socket option, asking kernel to ignore > the 0 port provided by application in bind(IP, port=0) and only > remember the given IP address. > > The port will be automatically chosen at connect() time, in a way > that allows sharing a source port as long as the 4-tuples are unique. > > This new feature is available for both IPv4 and IPv6 (Thanks Neal) > > Tested: ... > Signed-off-by: Eric Dumazet <edumazet@...gle.com> Looks good, applied, thanks Eric. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists