[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[hurd] 40/43: pfinet: select UDP/TCP ports randomly
From: |
Samuel Thibault |
Subject: |
[hurd] 40/43: pfinet: select UDP/TCP ports randomly |
Date: |
Mon, 11 Sep 2017 07:10:12 +0000 |
This is an automated email from the git hooks/post-receive script.
sthibault pushed a commit to branch upstream
in repository hurd.
commit 7d906d22cf1953641303966a756f3c44535001ae
Author: Samuel Thibault <address@hidden>
Date: Sun Sep 10 16:02:05 2017 +0200
pfinet: select UDP/TCP ports randomly
* pfinet/linux-src/include/net/tcp.h (tcp_port_rover): Remove
declaration
* pfinet/linux-src/include/net/udp.h (udp_port_rover): Likewise.
* pfinet/linux-src/net/ipv4/tcp_ipv4.c (tcp_port_rover): Remove
variable.
(tcp_v4_get_port): Take port hint from net_random() instead of
tcp_port_rover.
* pfinet/linux-src/net/ipv4/udp.c (udp_port_rover, udp_v4_get_port):
Likewise.
* pfinet/linux-src/net/ipv6/tcp_ipv6.c (tcp_v6_get_port): Likewise.
* pfinet/linux-src/net/ipv6/udp_ipv6.c (udp_v6_get_port): Likewise.
---
pfinet/linux-src/include/net/tcp.h | 1 -
pfinet/linux-src/include/net/udp.h | 2 --
pfinet/linux-src/net/ipv4/tcp_ipv4.c | 4 +---
pfinet/linux-src/net/ipv4/udp.c | 12 ++++--------
pfinet/linux-src/net/ipv6/tcp_ipv6.c | 3 +--
pfinet/linux-src/net/ipv6/udp_ipv6.c | 9 ++++-----
6 files changed, 10 insertions(+), 21 deletions(-)
diff --git a/pfinet/linux-src/include/net/tcp.h
b/pfinet/linux-src/include/net/tcp.h
index 96b8071..d6797ea 100644
--- a/pfinet/linux-src/include/net/tcp.h
+++ b/pfinet/linux-src/include/net/tcp.h
@@ -82,7 +82,6 @@ extern struct tcp_bind_bucket **tcp_bhash;
extern kmem_cache_t *tcp_bucket_cachep;
extern struct tcp_bind_bucket *tcp_bucket_create(unsigned short snum);
extern void tcp_bucket_unlock(struct sock *sk);
-extern int tcp_port_rover;
/* Level-1 socket-demux cache. */
#define TCP_NUM_REGS 32
diff --git a/pfinet/linux-src/include/net/udp.h
b/pfinet/linux-src/include/net/udp.h
index f3ceadb..daf6702 100644
--- a/pfinet/linux-src/include/net/udp.h
+++ b/pfinet/linux-src/include/net/udp.h
@@ -35,8 +35,6 @@ extern struct sock *udp_hash[UDP_HTABLE_SIZE];
#define UDP_NO_CHECK 0
-extern int udp_port_rover;
-
static inline int udp_lport_inuse(u16 num)
{
struct sock *sk = udp_hash[num & (UDP_HTABLE_SIZE - 1)];
diff --git a/pfinet/linux-src/net/ipv4/tcp_ipv4.c
b/pfinet/linux-src/net/ipv4/tcp_ipv4.c
index df2c8b7..8a5f717 100644
--- a/pfinet/linux-src/net/ipv4/tcp_ipv4.c
+++ b/pfinet/linux-src/net/ipv4/tcp_ipv4.c
@@ -123,7 +123,6 @@ int sysctl_local_port_range[2] = { 1024, 4999 };
#else
int sysctl_local_port_range[2] = { 32768, 61000 };
#endif
-int tcp_port_rover = (1024 - 1);
static __inline__ int tcp_hashfn(__u32 laddr, __u16 lport,
__u32 faddr, __u16 fport)
@@ -223,9 +222,9 @@ static int tcp_v4_get_port(struct sock *sk, unsigned short
snum)
SOCKHASH_LOCK();
if (snum == 0) {
- int rover = tcp_port_rover;
int low = sysctl_local_port_range[0];
int high = sysctl_local_port_range[1];
+ int rover = net_random() % (high - low) + low;
int remaining = (high - low) + 1;
do { rover++;
@@ -239,7 +238,6 @@ static int tcp_v4_get_port(struct sock *sk, unsigned short
snum)
next:
; /* Do nothing. */
} while (--remaining > 0);
- tcp_port_rover = rover;
/* Exhausted local port range during search? */
if (remaining <= 0)
diff --git a/pfinet/linux-src/net/ipv4/udp.c b/pfinet/linux-src/net/ipv4/udp.c
index f9be2e0..ff5812a 100644
--- a/pfinet/linux-src/net/ipv4/udp.c
+++ b/pfinet/linux-src/net/ipv4/udp.c
@@ -127,20 +127,16 @@ struct udp_mib udp_statistics;
struct sock *udp_hash[UDP_HTABLE_SIZE];
-/* Shared by v4/v6 udp. */
-int udp_port_rover = 0;
-
static int udp_v4_get_port(struct sock *sk, unsigned short snum)
{
SOCKHASH_LOCK();
if (snum == 0) {
+ int low = sysctl_local_port_range[0];
+ int high = sysctl_local_port_range[1];
int best_size_so_far, best, result, i;
- if (udp_port_rover > sysctl_local_port_range[1] ||
- udp_port_rover < sysctl_local_port_range[0])
- udp_port_rover = sysctl_local_port_range[0];
best_size_so_far = 32767;
- best = result = udp_port_rover;
+ best = result = net_random() % (high - low) + low;
for (i = 0; i < UDP_HTABLE_SIZE; i++, result++) {
struct sock *sk;
int size;
@@ -173,7 +169,7 @@ static int udp_v4_get_port(struct sock *sk, unsigned short
snum)
break;
}
gotit:
- udp_port_rover = snum = result;
+ snum = result;
} else {
struct sock *sk2;
diff --git a/pfinet/linux-src/net/ipv6/tcp_ipv6.c
b/pfinet/linux-src/net/ipv6/tcp_ipv6.c
index 3fba9af..cca5abf 100644
--- a/pfinet/linux-src/net/ipv6/tcp_ipv6.c
+++ b/pfinet/linux-src/net/ipv6/tcp_ipv6.c
@@ -130,9 +130,9 @@ static int tcp_v6_get_port(struct sock *sk, unsigned short
snum)
SOCKHASH_LOCK();
if (snum == 0) {
- int rover = tcp_port_rover;
int low = sysctl_local_port_range[0];
int high = sysctl_local_port_range[1];
+ int rover = net_random() % (high - low) + low;
int remaining = (high - low) + 1;
do { rover++;
@@ -148,7 +148,6 @@ static int tcp_v6_get_port(struct sock *sk, unsigned short
snum)
(void) 0;
} while (--remaining > 0);
- tcp_port_rover = rover;
/* Exhausted local port range during search? */
if (remaining <= 0)
diff --git a/pfinet/linux-src/net/ipv6/udp_ipv6.c
b/pfinet/linux-src/net/ipv6/udp_ipv6.c
index bbc4f02..f838d25 100644
--- a/pfinet/linux-src/net/ipv6/udp_ipv6.c
+++ b/pfinet/linux-src/net/ipv6/udp_ipv6.c
@@ -92,13 +92,12 @@ static int udp_v6_get_port(struct sock *sk, unsigned short
snum)
{
SOCKHASH_LOCK();
if (snum == 0) {
+ int low = sysctl_local_port_range[0];
+ int high = sysctl_local_port_range[1];
int best_size_so_far, best, result, i;
- if (udp_port_rover > sysctl_local_port_range[1] ||
- udp_port_rover < sysctl_local_port_range[0])
- udp_port_rover = sysctl_local_port_range[0];
best_size_so_far = 32767;
- best = result = udp_port_rover;
+ best = result = net_random() % (high - low) + low;
for (i = 0; i < UDP_HTABLE_SIZE; i++, result++) {
struct sock *sk;
int size;
@@ -132,7 +131,7 @@ static int udp_v6_get_port(struct sock *sk, unsigned short
snum)
break;
}
gotit:
- udp_port_rover = snum = result;
+ snum = result;
} else {
struct sock *sk2;
int addr_type =
ipv6_addr_type(&sk->net_pinfo.af_inet6.rcv_saddr);
--
Alioth's /usr/local/bin/git-commit-notice on
/srv/git.debian.org/git/pkg-hurd/hurd.git
- [hurd] 29/43: eth-multiplexer: Respect interfaces up flags., (continued)
- [hurd] 29/43: eth-multiplexer: Respect interfaces up flags., Samuel Thibault, 2017/09/11
- [hurd] 36/43: startup: Don't spin on host_reboot failures., Samuel Thibault, 2017/09/11
- [hurd] 30/43: Drop the register qualifier., Samuel Thibault, 2017/09/11
- [hurd] 02/43: trans: New random translator., Samuel Thibault, 2017/09/11
- [hurd] 43/43: storeio: Avoid calling mmap with zero size, Samuel Thibault, 2017/09/11
- [hurd] 03/43: trans: Conditionally build the random translator., Samuel Thibault, 2017/09/11
- [hurd] 17/43: Replace bcopy with memcpy or memmove as appropriate., Samuel Thibault, 2017/09/11
- [hurd] 42/43: Fix build with glibc-2.26, Samuel Thibault, 2017/09/11
- [hurd] 39/43: Remove unused parameter from the 'get_source' machinery., Samuel Thibault, 2017/09/11
- [hurd] 37/43: trans/symlink: Use default server stubs., Samuel Thibault, 2017/09/11
- [hurd] 40/43: pfinet: select UDP/TCP ports randomly,
Samuel Thibault <=
- [hurd] 15/43: Use our own variant of 'assert' and 'assert_perror'., Samuel Thibault, 2017/09/11