Page MenuHomeFreeBSD

Fix implicit automatic local port selection during connect calls
ClosedPublic

Authored by jtl on Nov 10 2020, 6:29 PM.
Tags
None
Referenced Files
Unknown Object (File)
Mon, Dec 9, 10:54 PM
Unknown Object (File)
Thu, Dec 5, 12:25 AM
Unknown Object (File)
Nov 18 2024, 6:04 PM
Unknown Object (File)
Oct 3 2024, 12:30 PM
Unknown Object (File)
Oct 2 2024, 11:44 PM
Unknown Object (File)
Sep 24 2024, 3:49 AM
Unknown Object (File)
Sep 23 2024, 10:53 PM
Unknown Object (File)
Sep 11 2024, 9:25 AM
Subscribers

Details

Summary

When a user creates a TCP socket and tries to connect to the socket without explicitly binding the socket to a local address, the connect call implicitly chooses an appropriate local port. When evaluating candidate local ports, the algorithm checks for conflicts with existing ports by doing a lookup in the connection hash table.

In this circumstance, both the IPv4 and IPv6 code look for exact matches in the hash table. However, the IPv4 code goes a step further and checks whether the proposed 4-tuple will match wildcard (e.g. TCP "listen") entries. The IPv6 code has no such check.

The missing wildcard check can cause problems when connecting to a local server. It is possible that the algorithm will choose the same value for the local port as the foreign port uses. This results in a connection with identical source and destination addresses and ports. Needless to say, this does not work well.

Test Plan
  1. Ensure the sys/netinet/so_reuseport_lb_test:basic_ipv6 test no longer has sporadic failures.
  2. Ensure no other regression tests fail.
  3. Open a listening socket in the auto port range. Disable random port selection. Try opening 64K connections (on an otherwise idle machine) and ensure the listening socket's port is skipped.

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Not Applicable
Unit
Tests Not Applicable