aboutsummaryrefslogtreecommitdiffstats
path: root/net/sctp
diff options
context:
space:
mode:
authorStephen Hemminger <shemminger@linux-foundation.org>2007-10-10 20:30:46 -0400
committerDavid S. Miller <davem@davemloft.net>2007-10-10 20:30:46 -0400
commit227b60f5102cda4e4ab792b526a59c8cb20cd9f8 (patch)
tree2c9e372601ba794894833b0618bc531a9f5d57c4 /net/sctp
parent06393009000779b00a558fd2f280882cc7dc2008 (diff)
[INET]: local port range robustness
Expansion of original idea from Denis V. Lunev <den@openvz.org> Add robustness and locking to the local_port_range sysctl. 1. Enforce that low < high when setting. 2. Use seqlock to ensure atomic update. The locking might seem like overkill, but there are cases where sysadmin might want to change value in the middle of a DoS attack. Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/sctp')
-rw-r--r--net/sctp/socket.c11
1 files changed, 6 insertions, 5 deletions
diff --git a/net/sctp/socket.c b/net/sctp/socket.c
index 7cd58ef84eda..9c6a4b5f6264 100644
--- a/net/sctp/socket.c
+++ b/net/sctp/socket.c
@@ -5315,11 +5315,12 @@ static long sctp_get_port_local(struct sock *sk, union sctp_addr *addr)
5315 5315
5316 if (snum == 0) { 5316 if (snum == 0) {
5317 /* Search for an available port. */ 5317 /* Search for an available port. */
5318 unsigned int low = sysctl_local_port_range[0]; 5318 int low, high, remaining, index;
5319 unsigned int high = sysctl_local_port_range[1]; 5319 unsigned int rover;
5320 unsigned int remaining = (high - low) + 1; 5320
5321 unsigned int rover = net_random() % remaining + low; 5321 inet_get_local_port_range(&low, &high);
5322 int index; 5322 remaining = (high - low) + 1;
5323 rover = net_random() % remaining + low;
5323 5324
5324 do { 5325 do {
5325 rover++; 5326 rover++;