7 files changed, 110 insertions, 30 deletions
diff --git a/net/ipv4/inet_connection_sock.c b/net/ipv4/inet_connection_sock.c
index fbe7714f21d0..3cef12835c4b 100644
--- a/net/ipv4/inet_connection_sock.c
+++ b/net/ipv4/inet_connection_sock.c
@@ -33,6 +33,19 @@ EXPORT_SYMBOL(inet_csk_timer_bug_msg);
 * This array holds the first and last local port number.
 */
 int sysctl_local_port_range[2] = { 32768, 61000 };
+DEFINE_SEQLOCK(sysctl_port_range_lock);
+void inet_get_local_port_range(int *low, int *high)
+{
+        unsigned seq;
+        do {
+                seq = read_seqbegin(&sysctl_port_range_lock);
+                *low = sysctl_local_port_range[0];
+                *high = sysctl_local_port_range[1];
+        } while (read_seqretry(&sysctl_port_range_lock, seq));
+}
+EXPORT_SYMBOL(inet_get_local_port_range);
 int inet_csk_bind_conflict(const struct sock *sk,
                           const struct inet_bind_bucket *tb)
@@ -77,10 +90,11 @@ int inet_csk_get_port(struct inet_hashinfo *hashinfo,
        local_bh_disable();
        if (!snum) {
-                int low = sysctl_local_port_range[0];
+                int remaining, rover, low, high;
-                int high = sysctl_local_port_range[1];
-                int remaining = (high - low) + 1;
+                inet_get_local_port_range(&low, &high);
-                int rover = net_random() % (high - low) + low;
+                remaining = high - low;
+                rover = net_random() % remaining + low;
                do {
                        head = &hashinfo->bhash[inet_bhashfn(rover, hashinfo->bhash_size)];
diff --git a/net/ipv4/inet_hashtables.c b/net/ipv4/inet_hashtables.c
index fb662621c54e..fac6398e4367 100644
--- a/net/ipv4/inet_hashtables.c
+++ b/net/ipv4/inet_hashtables.c
@@ -279,19 +279,18 @@ int inet_hash_connect(struct inet_timewait_death_row *death_row,
        int ret;
        if (!snum) {
-                int low = sysctl_local_port_range[0];
+                int i, remaining, low, high, port;
-                int high = sysctl_local_port_range[1];
-                int range = high - low;
-                int i;
-                int port;
                static u32 hint;
                u32 offset = hint + inet_sk_port_offset(sk);
                struct hlist_node *node;
                struct inet_timewait_sock *tw = NULL;
+                inet_get_local_port_range(&low, &high);
+                remaining = high - low;
                local_bh_disable();
-                for (i = 1; i <= range; i++) {
+                for (i = 1; i <= remaining; i++) {
-                        port = low + (i + offset) % range;
+                        port = low + (i + offset) % remaining;
                        head = &hinfo->bhash[inet_bhashfn(port, hinfo->bhash_size)];
                        spin_lock(&head->lock);
diff --git a/net/ipv4/sysctl_net_ipv4.c b/net/ipv4/sysctl_net_ipv4.c
index 53ef0f4bbdaa..eb286abcf5dc 100644
--- a/net/ipv4/sysctl_net_ipv4.c
+++ b/net/ipv4/sysctl_net_ipv4.c
@@ -12,6 +12,7 @@
 #include <linux/sysctl.h>
 #include <linux/igmp.h>
 #include <linux/inetdevice.h>
+#include <linux/seqlock.h>
 #include <net/snmp.h>
 #include <net/icmp.h>
 #include <net/ip.h>
@@ -89,6 +90,74 @@ static int ipv4_sysctl_forward_strategy(ctl_table *table,
        return 1;
 }
+extern seqlock_t sysctl_port_range_lock;
+extern int sysctl_local_port_range[2];
+/* Update system visible IP port range */
+static void set_local_port_range(int range[2])
+{
+        write_seqlock(&sysctl_port_range_lock);
+        sysctl_local_port_range[0] = range[0];
+        sysctl_local_port_range[1] = range[1];
+        write_sequnlock(&sysctl_port_range_lock);
+}
+/* Validate changes from /proc interface. */
+static int ipv4_local_port_range(ctl_table *table, int write, struct file *filp,
+                                 void __user *buffer,
+                                 size_t *lenp, loff_t *ppos)
+{
+        int ret;
+        int range[2] = { sysctl_local_port_range[0],
+                         sysctl_local_port_range[1] };
+        ctl_table tmp = {
+                .data = &range,
+                .maxlen = sizeof(range),
+                .mode = table->mode,
+                .extra1 = &ip_local_port_range_min,
+                .extra2 = &ip_local_port_range_max,
+        };
+        ret = proc_dointvec_minmax(&tmp, write, filp, buffer, lenp, ppos);
+        if (write && ret == 0) {
+                if (range[1] <= range[0])
+                        ret = -EINVAL;
+                else
+                        set_local_port_range(range);
+        }
+        return ret;
+}
+/* Validate changes from sysctl interface. */
+static int ipv4_sysctl_local_port_range(ctl_table *table, int __user *name,
+                                         int nlen, void __user *oldval,
+                                         size_t __user *oldlenp,
+                                        void __user *newval, size_t newlen)
+{
+        int ret;
+        int range[2] = { sysctl_local_port_range[0],
+                         sysctl_local_port_range[1] };
+        ctl_table tmp = {
+                .data = &range,
+                .maxlen = sizeof(range),
+                .mode = table->mode,
+                .extra1 = &ip_local_port_range_min,
+                .extra2 = &ip_local_port_range_max,
+        };
+        ret = sysctl_intvec(&tmp, name, nlen, oldval, oldlenp, newval, newlen);
+        if (ret == 0 && newval && newlen) {
+                if (range[1] <= range[0])
+                        ret = -EINVAL;
+                else
+                        set_local_port_range(range);
+        }
+        return ret;
+}
 static int proc_tcp_congestion_control(ctl_table *ctl, int write, struct file * filp,
                                       void __user *buffer, size_t *lenp, loff_t *ppos)
 {
@@ -427,10 +496,8 @@ ctl_table ipv4_table[] = {
                .data           = &sysctl_local_port_range,
                .maxlen         = sizeof(sysctl_local_port_range),
                .mode           = 0644,
-                .proc_handler   = &proc_dointvec_minmax,
+                .proc_handler   = &ipv4_local_port_range,
-                .strategy       = &sysctl_intvec,
+                .strategy       = &ipv4_sysctl_local_port_range,
-                .extra1         = ip_local_port_range_min,
-                .extra2         = ip_local_port_range_max
        },
        {
                .ctl_name       = NET_IPV4_ICMP_ECHO_IGNORE_ALL,
diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c
index 8855e640e958..38cf73a56731 100644
--- a/net/ipv4/tcp_ipv4.c
+++ b/net/ipv4/tcp_ipv4.c
@@ -2470,6 +2470,5 @@ EXPORT_SYMBOL(tcp_v4_syn_recv_sock);
 EXPORT_SYMBOL(tcp_proc_register);
 EXPORT_SYMBOL(tcp_proc_unregister);
 #endif
-EXPORT_SYMBOL(sysctl_local_port_range);
 EXPORT_SYMBOL(sysctl_tcp_low_latency);
diff --git a/net/ipv4/udp.c b/net/ipv4/udp.c
index ef4d901ee9ad..cb9fc58efb2f 100644
--- a/net/ipv4/udp.c
+++ b/net/ipv4/udp.c
@@ -147,11 +147,11 @@ int __udp_lib_get_port(struct sock *sk, unsigned short snum,
        write_lock_bh(&udp_hash_lock);
        if (!snum) {
-                int i;
+                int i, low, high;
-                int low = sysctl_local_port_range[0];
-                int high = sysctl_local_port_range[1];
                unsigned rover, best, best_size_so_far;
+                inet_get_local_port_range(&low, &high);
                best_size_so_far = UINT_MAX;
                best = rover = net_random() % (high - low) + low;
diff --git a/net/ipv6/inet6_hashtables.c b/net/ipv6/inet6_hashtables.c
index ae6b0e7eb488..1c2c27655435 100644
--- a/net/ipv6/inet6_hashtables.c
+++ b/net/ipv6/inet6_hashtables.c
@@ -254,18 +254,18 @@ int inet6_hash_connect(struct inet_timewait_death_row *death_row,
        int ret;
        if (snum == 0) {
-                const int low = sysctl_local_port_range[0];
+                int i, port, low, high, remaining;
-                const int high = sysctl_local_port_range[1];
-                const int range = high - low;
-                int i, port;
                static u32 hint;
                const u32 offset = hint + inet6_sk_port_offset(sk);
                struct hlist_node *node;
                struct inet_timewait_sock *tw = NULL;
+                inet_get_local_port_range(&low, &high);
+                remaining = high - low;
                local_bh_disable();
-                for (i = 1; i <= range; i++) {
+                for (i = 1; i <= remaining; i++) {
-                        port = low + (i + offset) % range;
+                        port = low + (i + offset) % remaining;
                        head = &hinfo->bhash[inet_bhashfn(port, hinfo->bhash_size)];
                        spin_lock(&head->lock);
diff --git a/net/sctp/socket.c b/net/sctp/socket.c
index 7cd58ef84eda..9c6a4b5f6264 100644
--- a/net/sctp/socket.c
+++ b/net/sctp/socket.c
@@ -5315,11 +5315,12 @@ static long sctp_get_port_local(struct sock *sk, union sctp_addr *addr)
        if (snum == 0) {
                /* Search for an available port. */
-                unsigned int low = sysctl_local_port_range[0];
+                int low, high, remaining, index;
-                unsigned int high = sysctl_local_port_range[1];
+                unsigned int rover;
-                unsigned int remaining = (high - low) + 1;
-                unsigned int rover = net_random() % remaining + low;
+                inet_get_local_port_range(&low, &high);
-                int index;
+                remaining = (high - low) + 1;
+                rover = net_random() % remaining + low;
                do {
                        rover++;

diff --git a/net/ipv4/inet_connection_sock.c b/net/ipv4/inet_connection_sock.c index fbe7714f21d0..3cef12835c4b 100644 --- a/net/ipv4/inet_connection_sock.c +++ b/net/ipv4/inet_connection_sock.c
@@ -33,6 +33,19 @@ EXPORT_SYMBOL(inet_csk_timer_bug_msg);
33	* This array holds the first and last local port number.	33	* This array holds the first and last local port number.
34	*/	34	*/
35	int sysctl_local_port_range[2] = { 32768, 61000 };	35	int sysctl_local_port_range[2] = { 32768, 61000 };
		36	DEFINE_SEQLOCK(sysctl_port_range_lock);
		37
		38	void inet_get_local_port_range(int low, int high)
		39	{
		40	unsigned seq;
		41	do {
		42	seq = read_seqbegin(&sysctl_port_range_lock);
		43
		44	*low = sysctl_local_port_range[0];
		45	*high = sysctl_local_port_range[1];
		46	} while (read_seqretry(&sysctl_port_range_lock, seq));
		47	}
		48	EXPORT_SYMBOL(inet_get_local_port_range);
36		49
37	int inet_csk_bind_conflict(const struct sock *sk,	50	int inet_csk_bind_conflict(const struct sock *sk,
38	const struct inet_bind_bucket *tb)	51	const struct inet_bind_bucket *tb)
@@ -77,10 +90,11 @@ int inet_csk_get_port(struct inet_hashinfo *hashinfo,
77		90
78	local_bh_disable();	91	local_bh_disable();
79	if (!snum) {	92	if (!snum) {
80	int low = sysctl_local_port_range[0];	93	int remaining, rover, low, high;
81	int high = sysctl_local_port_range[1];	94
82	int remaining = (high - low) + 1;	95	inet_get_local_port_range(&low, &high);
83	int rover = net_random() % (high - low) + low;	96	remaining = high - low;
		97	rover = net_random() % remaining + low;
84		98
85	do {	99	do {
86	head = &hashinfo->bhash[inet_bhashfn(rover, hashinfo->bhash_size)];	100	head = &hashinfo->bhash[inet_bhashfn(rover, hashinfo->bhash_size)];


diff --git a/net/ipv4/inet_hashtables.c b/net/ipv4/inet_hashtables.c index fb662621c54e..fac6398e4367 100644 --- a/net/ipv4/inet_hashtables.c +++ b/net/ipv4/inet_hashtables.c
@@ -279,19 +279,18 @@ int inet_hash_connect(struct inet_timewait_death_row *death_row,
279	int ret;	279	int ret;
280		280
281	if (!snum) {	281	if (!snum) {
282	int low = sysctl_local_port_range[0];	282	int i, remaining, low, high, port;
283	int high = sysctl_local_port_range[1];
284	int range = high - low;
285	int i;
286	int port;
287	static u32 hint;	283	static u32 hint;
288	u32 offset = hint + inet_sk_port_offset(sk);	284	u32 offset = hint + inet_sk_port_offset(sk);
289	struct hlist_node *node;	285	struct hlist_node *node;
290	struct inet_timewait_sock *tw = NULL;	286	struct inet_timewait_sock *tw = NULL;
291		287
		288	inet_get_local_port_range(&low, &high);
		289	remaining = high - low;
		290
292	local_bh_disable();	291	local_bh_disable();
293	for (i = 1; i <= range; i++) {	292	for (i = 1; i <= remaining; i++) {
294	port = low + (i + offset) % range;	293	port = low + (i + offset) % remaining;
295	head = &hinfo->bhash[inet_bhashfn(port, hinfo->bhash_size)];	294	head = &hinfo->bhash[inet_bhashfn(port, hinfo->bhash_size)];
296	spin_lock(&head->lock);	295	spin_lock(&head->lock);
297		296


diff --git a/net/ipv4/sysctl_net_ipv4.c b/net/ipv4/sysctl_net_ipv4.c index 53ef0f4bbdaa..eb286abcf5dc 100644 --- a/net/ipv4/sysctl_net_ipv4.c +++ b/net/ipv4/sysctl_net_ipv4.c
@@ -12,6 +12,7 @@
12	#include <linux/sysctl.h>	12	#include <linux/sysctl.h>
13	#include <linux/igmp.h>	13	#include <linux/igmp.h>
14	#include <linux/inetdevice.h>	14	#include <linux/inetdevice.h>
		15	#include <linux/seqlock.h>
15	#include <net/snmp.h>	16	#include <net/snmp.h>
16	#include <net/icmp.h>	17	#include <net/icmp.h>
17	#include <net/ip.h>	18	#include <net/ip.h>
@@ -89,6 +90,74 @@ static int ipv4_sysctl_forward_strategy(ctl_table *table,
89	return 1;	90	return 1;
90	}	91	}
91		92
		93	extern seqlock_t sysctl_port_range_lock;
		94	extern int sysctl_local_port_range[2];
		95
		96	/* Update system visible IP port range */
		97	static void set_local_port_range(int range[2])
		98	{
		99	write_seqlock(&sysctl_port_range_lock);
		100	sysctl_local_port_range[0] = range[0];
		101	sysctl_local_port_range[1] = range[1];
		102	write_sequnlock(&sysctl_port_range_lock);
		103	}
		104
		105	/* Validate changes from /proc interface. */
		106	static int ipv4_local_port_range(ctl_table table, int write, struct file filp,
		107	void __user *buffer,
		108	size_t lenp, loff_t ppos)
		109	{
		110	int ret;
		111	int range[2] = { sysctl_local_port_range[0],
		112	sysctl_local_port_range[1] };
		113	ctl_table tmp = {
		114	.data = &range,
		115	.maxlen = sizeof(range),
		116	.mode = table->mode,
		117	.extra1 = &ip_local_port_range_min,
		118	.extra2 = &ip_local_port_range_max,
		119	};
		120
		121	ret = proc_dointvec_minmax(&tmp, write, filp, buffer, lenp, ppos);
		122
		123	if (write && ret == 0) {
		124	if (range[1] <= range[0])
		125	ret = -EINVAL;
		126	else
		127	set_local_port_range(range);
		128	}
		129
		130	return ret;
		131	}
		132
		133	/* Validate changes from sysctl interface. */
		134	static int ipv4_sysctl_local_port_range(ctl_table table, int __user name,
		135	int nlen, void __user *oldval,
		136	size_t __user *oldlenp,
		137	void __user *newval, size_t newlen)
		138	{
		139	int ret;
		140	int range[2] = { sysctl_local_port_range[0],
		141	sysctl_local_port_range[1] };
		142	ctl_table tmp = {
		143	.data = &range,
		144	.maxlen = sizeof(range),
		145	.mode = table->mode,
		146	.extra1 = &ip_local_port_range_min,
		147	.extra2 = &ip_local_port_range_max,
		148	};
		149
		150	ret = sysctl_intvec(&tmp, name, nlen, oldval, oldlenp, newval, newlen);
		151	if (ret == 0 && newval && newlen) {
		152	if (range[1] <= range[0])
		153	ret = -EINVAL;
		154	else
		155	set_local_port_range(range);
		156	}
		157	return ret;
		158	}
		159
		160
92	static int proc_tcp_congestion_control(ctl_table ctl, int write, struct file filp,	161	static int proc_tcp_congestion_control(ctl_table ctl, int write, struct file filp,
93	void __user buffer, size_t lenp, loff_t *ppos)	162	void __user buffer, size_t lenp, loff_t *ppos)
94	{	163	{
@@ -427,10 +496,8 @@ ctl_table ipv4_table[] = {
427	.data = &sysctl_local_port_range,	496	.data = &sysctl_local_port_range,
428	.maxlen = sizeof(sysctl_local_port_range),	497	.maxlen = sizeof(sysctl_local_port_range),
429	.mode = 0644,	498	.mode = 0644,
430	.proc_handler = &proc_dointvec_minmax,	499	.proc_handler = &ipv4_local_port_range,
431	.strategy = &sysctl_intvec,	500	.strategy = &ipv4_sysctl_local_port_range,
432	.extra1 = ip_local_port_range_min,
433	.extra2 = ip_local_port_range_max
434	},	501	},
435	{	502	{
436	.ctl_name = NET_IPV4_ICMP_ECHO_IGNORE_ALL,	503	.ctl_name = NET_IPV4_ICMP_ECHO_IGNORE_ALL,


diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c index 8855e640e958..38cf73a56731 100644 --- a/net/ipv4/tcp_ipv4.c +++ b/net/ipv4/tcp_ipv4.c
@@ -2470,6 +2470,5 @@ EXPORT_SYMBOL(tcp_v4_syn_recv_sock);
2470	EXPORT_SYMBOL(tcp_proc_register);	2470	EXPORT_SYMBOL(tcp_proc_register);
2471	EXPORT_SYMBOL(tcp_proc_unregister);	2471	EXPORT_SYMBOL(tcp_proc_unregister);
2472	#endif	2472	#endif
2473	EXPORT_SYMBOL(sysctl_local_port_range);
2474	EXPORT_SYMBOL(sysctl_tcp_low_latency);	2473	EXPORT_SYMBOL(sysctl_tcp_low_latency);
2475		2474


diff --git a/net/ipv4/udp.c b/net/ipv4/udp.c index ef4d901ee9ad..cb9fc58efb2f 100644 --- a/net/ipv4/udp.c +++ b/net/ipv4/udp.c
@@ -147,11 +147,11 @@ int __udp_lib_get_port(struct sock *sk, unsigned short snum,
147	write_lock_bh(&udp_hash_lock);	147	write_lock_bh(&udp_hash_lock);
148		148
149	if (!snum) {	149	if (!snum) {
150	int i;	150	int i, low, high;
151	int low = sysctl_local_port_range[0];
152	int high = sysctl_local_port_range[1];
153	unsigned rover, best, best_size_so_far;	151	unsigned rover, best, best_size_so_far;
154		152
		153	inet_get_local_port_range(&low, &high);
		154
155	best_size_so_far = UINT_MAX;	155	best_size_so_far = UINT_MAX;
156	best = rover = net_random() % (high - low) + low;	156	best = rover = net_random() % (high - low) + low;
157		157


diff --git a/net/ipv6/inet6_hashtables.c b/net/ipv6/inet6_hashtables.c index ae6b0e7eb488..1c2c27655435 100644 --- a/net/ipv6/inet6_hashtables.c +++ b/net/ipv6/inet6_hashtables.c
@@ -254,18 +254,18 @@ int inet6_hash_connect(struct inet_timewait_death_row *death_row,
254	int ret;	254	int ret;
255		255
256	if (snum == 0) {	256	if (snum == 0) {
257	const int low = sysctl_local_port_range[0];	257	int i, port, low, high, remaining;
258	const int high = sysctl_local_port_range[1];
259	const int range = high - low;
260	int i, port;
261	static u32 hint;	258	static u32 hint;
262	const u32 offset = hint + inet6_sk_port_offset(sk);	259	const u32 offset = hint + inet6_sk_port_offset(sk);
263	struct hlist_node *node;	260	struct hlist_node *node;
264	struct inet_timewait_sock *tw = NULL;	261	struct inet_timewait_sock *tw = NULL;
265		262
		263	inet_get_local_port_range(&low, &high);
		264	remaining = high - low;
		265
266	local_bh_disable();	266	local_bh_disable();
267	for (i = 1; i <= range; i++) {	267	for (i = 1; i <= remaining; i++) {
268	port = low + (i + offset) % range;	268	port = low + (i + offset) % remaining;
269	head = &hinfo->bhash[inet_bhashfn(port, hinfo->bhash_size)];	269	head = &hinfo->bhash[inet_bhashfn(port, hinfo->bhash_size)];
270	spin_lock(&head->lock);	270	spin_lock(&head->lock);
271		271


diff --git a/net/sctp/socket.c b/net/sctp/socket.c index 7cd58ef84eda..9c6a4b5f6264 100644 --- a/net/sctp/socket.c +++ b/net/sctp/socket.c
@@ -5315,11 +5315,12 @@ static long sctp_get_port_local(struct sock sk, union sctp_addr addr)
5315		5315
5316	if (snum == 0) {	5316	if (snum == 0) {
5317	/* Search for an available port. */	5317	/* Search for an available port. */
5318	unsigned int low = sysctl_local_port_range[0];	5318	int low, high, remaining, index;
5319	unsigned int high = sysctl_local_port_range[1];	5319	unsigned int rover;
5320	unsigned int remaining = (high - low) + 1;	5320
5321	unsigned int rover = net_random() % remaining + low;	5321	inet_get_local_port_range(&low, &high);
5322	int index;	5322	remaining = (high - low) + 1;
		5323	rover = net_random() % remaining + low;
5323		5324
5324	do {	5325	do {
5325	rover++;	5326	rover++;