From nobody Fri Dec 3 20:38:26 2021 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 7D8A718AAEA5; Fri, 3 Dec 2021 20:38:27 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4J5PmM0cP9z4mC8; Fri, 3 Dec 2021 20:38:27 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id E1B74178E3; Fri, 3 Dec 2021 20:38:26 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 1B3KcQG5038700; Fri, 3 Dec 2021 20:38:26 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 1B3KcQ4v038699; Fri, 3 Dec 2021 20:38:26 GMT (envelope-from git) Date: Fri, 3 Dec 2021 20:38:26 GMT Message-Id: <202112032038.1B3KcQ4v038699@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Gleb Smirnoff Subject: git: 4c018b5aed41 - main - in_pcb: limit the effect of wraparound in TCP random port allocation check List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-all@freebsd.org X-BeenThere: dev-commits-src-all@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: glebius X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 4c018b5aed41d96831c4a76848c0671b3d56fd7b Auto-Submitted: auto-generated ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1638563907; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=EGB1HrM8x6euTzXzErwyPcZhU0mlsDMWfxhIgyXrUTs=; b=yjijSWV5M1NxiBW5eXlrQisZf/6MA0CUGqRkNDVOkbDIQGl55OXRaMR1TUbDyvQD4aejf0 vHO2o2uquUILVtadrr0aJr67Yh1HkySU8vflZgk0cDGfIPuUxR1U9QnHls6PBY1I1hhR6D DsMq6FCslfAReN0ocRVZzEtPQMuG/AEhKYqzJlIoXA/VcSrowe1fc4QZKCxMajWcYh0dmA PsUFNyNfEOxouEFFktAI1MPHE8kU+joRZwM5giCj9lcqO4KueJ7NHh/1NzPQ5DuMNCgVmI w3CXdd9SEO7y2DZ2DTdO7ozQ7AGjnhSZWJbhyrtEnVxKfh6varQdwlewprBSfg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1638563907; a=rsa-sha256; cv=none; b=SurVsiowHG6K9xsdAOKPWlrv6JQCowjyhHDwyXXf4/n2oWDDrD2LmEMEcYakbkHxjTKz4d BIBNi3gryGP9jWa0HGnmEHbhN9Ybj3aULYHaJfED2bGrI4CDeqJM1lovWdIzPH+/Plz0wv 4CLm8E7sD7b6tM4V0YhcNglRToj0ZCRbQKEOPnseslDPBTjdgjeZtXCEQFZh6wnYhiTF8J cAvTXwjzJVz4qJI92mrdkxXoH/0K/rYIczjCYZo2MyVRycCNIO0lzrHvDKtpNjGorUTMMe dy0U5CQLPMN3vtrr3hix8jZD0ttbS3KWFmMI33FDC+y+iKVs/rjFF15QDg1JBQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N The branch main has been updated by glebius: URL: https://cgit.FreeBSD.org/src/commit/?id=4c018b5aed41d96831c4a76848c0671b3d56fd7b commit 4c018b5aed41d96831c4a76848c0671b3d56fd7b Author: Peter Lei AuthorDate: 2021-12-03 20:38:12 +0000 Commit: Gleb Smirnoff CommitDate: 2021-12-03 20:38:12 +0000 in_pcb: limit the effect of wraparound in TCP random port allocation check The check to see if TCP port allocation should change from random to sequential port allocation mode may incorrectly cause a false positive due to negative wraparound. Example: V_ipport_tcpallocs = 2147483585 (0x7fffffc1) V_ipport_tcplastcount = 2147483553 (0x7fffffa1) V_ipport_randomcps = 100 The original code would compare (2147483585 <= -2147483643) and thus incorrectly move to sequential allocation mode. Compute the delta first before comparing against the desired limit to limit the wraparound effect (since tcplastcount is always a snapshot of a previous tcpallocs). --- sys/netinet/in_pcb.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/sys/netinet/in_pcb.c b/sys/netinet/in_pcb.c index a894163ed5a6..0a44eae0d908 100644 --- a/sys/netinet/in_pcb.c +++ b/sys/netinet/in_pcb.c @@ -2577,8 +2577,8 @@ ipport_tick(void *xtp) VNET_LIST_RLOCK_NOSLEEP(); VNET_FOREACH(vnet_iter) { CURVNET_SET(vnet_iter); /* XXX appease INVARIANTS here */ - if (V_ipport_tcpallocs <= - V_ipport_tcplastcount + V_ipport_randomcps) { + if (V_ipport_tcpallocs - V_ipport_tcplastcount <= + V_ipport_randomcps) { if (V_ipport_stoprandom > 0) V_ipport_stoprandom--; } else