| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 14 Dec 2016 16:54:14 -0800
From: Tom Herbert <tom@...bertland.com>
To: <davem@...emloft.net>, <netdev@...r.kernel.org>
CC: <kernel-team@...com>, <jbacik@...com>, <eric.dumazet@...il.com>,
<raigatgoog@...il.com>
Subject: [PATCH net-next 0/2] inet: Fixes for inet_csk_get_port and soreusport
This patch set fixes a couple of issues I noticed while debugging our
softlockup issue in inet_csk_get_port.
- Don't allow jump into port scan in inet_csk_get_port if function
was called with non-zero port number (looking up explicit port
number).
- When inet_csk_get_port is called with zero port number (ie. perform
scan) an reuseport is set on the socket, don't match sockets that
also have reuseport set. The intent from the user should be
to get a new port number and then explictly bind other
sockets to that number using soreuseport.
Tested:
Ran first patch on production workload with no ill effect.
For second patch, ran a little listener application and first
demonstrated that unbound sockets with soreuseport can indeed
be bound to unrelated soreuseport sockets.
Tom Herbert (2):
inet: Don't go into port scan when looking for specific bind port
inet: Fix get port to handle zero port number with soreuseport set
include/net/inet6_connection_sock.h | 3 ++-
include/net/inet_connection_sock.h | 6 ++++--
net/ipv4/inet_connection_sock.c | 16 ++++++++++------
net/ipv6/inet6_connection_sock.c | 7 ++++---
4 files changed, 20 insertions(+), 12 deletions(-)
--
2.9.3
Powered by blists - more mailing lists