d/freebsd-nq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

in_pcb: limit the effect of wraparound in TCP random port allocation check

Browse Source 
The check to see if TCP port allocation should change from random to
sequential port allocation mode may incorrectly cause a false positive
due to negative wraparound.
Example:
    V_ipport_tcpallocs = 2147483585 (0x7fffffc1)
    V_ipport_tcplastcount = 2147483553 (0x7fffffa1)
    V_ipport_randomcps = 100
The original code would compare (2147483585 <= -2147483643) and thus
incorrectly move to sequential allocation mode.

Compute the delta first before comparing against the desired limit to
limit the wraparound effect (since tcplastcount is always a snapshot
of a previous tcpallocs).
This commit is contained in:
Peter Lei 2021-12-03 12:38:12 -08:00 committed by Gleb Smirnoff
parent f32357be53
commit 4c018b5aed
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
sys/netinet/in_pcb.c
View File

@ -2577,8 +2577,8 @@ ipport_tick(void *xtp)
VNET_LIST_RLOCK_NOSLEEP();
VNET_FOREACH(vnet_iter) {
CURVNET_SET(vnet_iter); /* XXX appease INVARIANTS here */
if (V_ipport_tcpallocs <=
V_ipport_tcplastcount + V_ipport_randomcps) {
if (V_ipport_tcpallocs - V_ipport_tcplastcount <=
V_ipport_randomcps) {
if (V_ipport_stoprandom > 0)
V_ipport_stoprandom--;
} else