From 227b60f5102cda4e4ab792b526a59c8cb20cd9f8 Mon Sep 17 00:00:00 2001
From: Stephen Hemminger <shemminger@linux-foundation.org>
Date: Wed, 10 Oct 2007 17:30:46 -0700
Subject: [INET]: local port range robustness

Expansion of original idea from Denis V. Lunev <den@openvz.org>

Add robustness and locking to the local_port_range sysctl.
1. Enforce that low < high when setting.
2. Use seqlock to ensure atomic update.

The locking might seem like overkill, but there are
cases where sysadmin might want to change value in the
middle of a DoS attack.

Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
---
 net/sctp/socket.c | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

(limited to 'net/sctp/socket.c')

diff --git a/net/sctp/socket.c b/net/sctp/socket.c
index 7cd58ef84ed..9c6a4b5f626 100644
--- a/net/sctp/socket.c
+++ b/net/sctp/socket.c
@@ -5315,11 +5315,12 @@ static long sctp_get_port_local(struct sock *sk, union sctp_addr *addr)
 
 	if (snum == 0) {
 		/* Search for an available port. */
-		unsigned int low = sysctl_local_port_range[0];
-		unsigned int high = sysctl_local_port_range[1];
-		unsigned int remaining = (high - low) + 1;
-		unsigned int rover = net_random() % remaining + low;
-		int index;
+		int low, high, remaining, index;
+		unsigned int rover;
+
+		inet_get_local_port_range(&low, &high);
+		remaining = (high - low) + 1;
+		rover = net_random() % remaining + low;
 
 		do {
 			rover++;
-- 
cgit v1.2.3