Page MenuHomeFreeBSD

Fix implicit automatic local port selection during connect calls

Authored by jtl on Nov 10 2020, 6:29 PM.
Referenced Files
Unknown Object (File)
Thu, Sep 14, 9:31 AM
Unknown Object (File)
Aug 8 2023, 1:09 PM
Unknown Object (File)
Aug 8 2023, 1:08 PM
Unknown Object (File)
Aug 5 2023, 2:26 PM
Unknown Object (File)
Aug 5 2023, 2:13 PM
Unknown Object (File)
Jul 18 2023, 9:11 AM
Unknown Object (File)
Jul 12 2023, 4:00 PM
Unknown Object (File)
Apr 20 2023, 2:00 AM



When a user creates a TCP socket and tries to connect to the socket without explicitly binding the socket to a local address, the connect call implicitly chooses an appropriate local port. When evaluating candidate local ports, the algorithm checks for conflicts with existing ports by doing a lookup in the connection hash table.

In this circumstance, both the IPv4 and IPv6 code look for exact matches in the hash table. However, the IPv4 code goes a step further and checks whether the proposed 4-tuple will match wildcard (e.g. TCP "listen") entries. The IPv6 code has no such check.

The missing wildcard check can cause problems when connecting to a local server. It is possible that the algorithm will choose the same value for the local port as the foreign port uses. This results in a connection with identical source and destination addresses and ports. Needless to say, this does not work well.

Test Plan
  1. Ensure the sys/netinet/so_reuseport_lb_test:basic_ipv6 test no longer has sporadic failures.
  2. Ensure no other regression tests fail.
  3. Open a listening socket in the auto port range. Disable random port selection. Try opening 64K connections (on an otherwise idle machine) and ensure the listening socket's port is skipped.

Diff Detail

rS FreeBSD src repository - subversion
Lint Not Applicable
Tests Not Applicable